- Support for Terraform v1.6*
- Fixed an issue where some
tmp
files were not deleted properly. (#677)
- Added support for terraform 1.4.*
- Loosing the versioning requirement of some dependencies as it was creating some problems
- Fixed some dependencies that won't make terraform-compliance fail.
- Fixed some problems on testing
- Upgrade on other dependencies
- Upgrade on orjson package.
- Fixed some dependency inconsistency
- Preparation for the static-build release
- Support for terraform 1.3+
- Fixed a problem where
emoji
library was throwing some warning messages on some specific systems. (#611) - Added terraform support for 1.2+ with the change of new plan version.
- Added a new step:
When its {key} is "{value}" regex
(#608 #602 docs) - Added a new step:
When its {key} is not "{value}" regex
(#608 #602 docs) - Added a new step:
When its {key} metadata has "{value}" regex
(#608 #602 docs) - Added a new step:
When its {key} metadata has not "{value}" regex
(#608 #602 docs) - Fixed a problem that was throwing an exception
IndexError: list index out of range
#605
- Added support for terraform 1.1.x
- Fixed a problem where a resource with None values will throw an AttributeError exception during tags processing (#567)
- Added a new step:
Then it must not cover
(docs #562) - Added a new step:
Then it must not be in
(docs #562)
- Added more support for ambiguous resources without having any "values" (#554)
- Fixed a problem where outputs referred within a module coming from other module fails.
- Added support for ambiguous resources that is being generated by terraform provider bugs with no "values"
- Fixed a problem where a resource parameter passed as a variable to a module that is being used as a parameter for another resource was not triggering resource mounting. (#386)
- Fixed a problem where some of the resource mounting on iterated resources was failing if they were in iterated modules.
- Fixed a problem where some sources with
count
was not mounted properly (#514)
- Added module calls' source to metadata. (#456)
- Fixed a problem where some resources/modules was not properly processed due to null value.
- Fixed the docker image where terraform-compliance couldnt be installed with faster_parsing option.
- Added new format support for terraform 1.0.1+ versions.
- Fixed a problem where
terraform-compliance
fails to recognise some resources on a 2+ multi-layered module structure.
- Added support for terraform 1.0.x versions.
- Added an auto-detection mechanism for terraform version while converting the plan. (#365 #273 #381 MicrosoftDocs/azure-dev-docs#396 documentation)
- Updated the hashicorp public key. (#475)
- Fixed a problem where child_modules where not parsed in the plan file. (#478)
- Fixed an issue where exclude resources tag were breaking due to improper
step_obj
creation fromGiven
step. (#468) - Disabled ssh host key checking for private repositories (#474)
- Fixed an issue where some complicated
plan.out.json
files were creating problems while getting parsed. Also improved performance especially on large plan files. - Improved performance around 20x while parsing JSON entities. (#460)
- Upgraded python in Docker image from 3.7.3 (stretch) to 3.7.10 (buster)
- Enabled terraform 0.15 support.
- Fixed an issue where
metadata
were checked beforevalues
on When its property does not have something (#451) - Improve exclude tag to support basix regular expressions (#448)
- Fixed an issue where exclude tag did not trigger skip_step if it emptied the stash (#448)
- New step: When its property metadata has something (#447)
- New step: When its property metadata has not something (#447)
- Build pipeline fix, temporary release.
- Fixed an issue where ambigious references were breaking during parsing. (#446)
- Fixed an issue where incorrect
ref_type
format were breaking during parsing. (#444) - Fixed an issue where \x08 character was breaking JUnit XML conversion during provider version_constraint checks. (#432)
- Fixed an issue where the omission of
after_unknown
values were breaking the Given stepresource that supports
. (#445) - Fixed an issue where parsing the terraform file threw list out of range error. (#428)
- New tag to exclude resources from tagged scenario. (#414)
- Addressed the problem defined in (#417) and (#410) by changing how we refer the resources
- Added terraform 0.14.x support. (#421)
- Fixed When it has something steps for
provider
s. (#371) - Fixed Then it must contain something steps for
provider
s. (#371)
- Fixed an issue where some found values were not recorded on Then it must contain something. (#400)
- Fixed a problem where When its property has something ignored
None
values. (#401) - Improved silent mode (
-S
) with better output and formatting (#398)
- Fixed a problem where using terraform-compliance with hashicorp/setup-terraform github action was causing problems due to the terraform wrapper. (#334 #336)
- Improved Then it must condition have proto protocol and port port for cidr where now it supports "any" (tcp, udp, icmp) and "icmp" protocols. (#360)
- Improved Then it must condition have proto protocol and port port for cidr where now it supports "any" port definition (0-65535). (#360)
- Fixed resource_raw not getting read from the cache. (#356)
- Fixed an issue where the null character in step definition break --junit-xml dump. (#347)
- New Terraform 0.13 support (#351)
- Fixed Then it must contain something where found but empty properties were not passed to the stash. (#352)
- Improved Then it must contain something and Then it must not contain something by removing legacy code. (#352)
- Improved Then it condition be be null to have a dedicated function with better classification of what is considered to be null. (#352)
- Improved mounting references to accomodate large plan files. (#346)
- Added cache capability and optimised the resource mounting a bit since it might trigger OOM kernel signalling and can be killed unexpectedly.
- New cumulative stash and in step variables functionality for steps to directly access stash content (#329)
- New step: Then it must be in haystack (#329)
- New step: Then it must cover haystack (#329)
- Fixed an issue where When it has something formats the search value incorrectly. (#330)
- Fixed
Then it must contain
to properly drill down and split into multiple resources if need be. (#327) - Fixed When it contains to accomodate singular values in a list. (#327)
- Improved the code quality of live debugging. Used
world.config.user_data
instead of global variables. (#320) - Fixed a problem where some nested resource structures were not able to be get parsed properly and causing a crash. (#316)
- Fixed a problem where
curses
library was not found and causing a crash. (#323)
- Improved (centralized) matching and seeking functions. (#304)
- Improved case-sensitivity tag. Generalized case-sensitivity to work on all steps, using matching changes implemented on this patch. (#304)
- Fixed jsonification. Now jsonifies the stash on creation to prevent bugs related to jsonification. (#308)
- New python version check for invalid Python versions. Minimum python version is set to 3.6.0 (#312)
- New
--debug/-d
option (#315)
- Fixed faulty over restriction in Then its singular value condition match the "search_regex" regex. (#299)
- New scenario tag: noskip tags (#301)
- Improved
its key condition be value
that now abides the two rules: drills down to found values and fails if any resource fails. This could introduce slight backwards incompatibility, but in essence this is a bugfix and not a change. (#300)
- Fixed a bug where failures would break --junit-xml dump. (#271)
- Fixed a bug where searching some haystacks would raise an error in seek_value_in_dict. (#285)
- New step: Then all of its values condition match the "search_regex" regex. (#285, #293)
- New step: Then any of its values condition match the "search_regex" regex. (#285, #293)
- New step: Then its singular value condition match the "search_regex" regex. (#285, #293)
- Fixed a bug where some empty found values would be treated as not found. (#249)
- Improved some error messages that might create some confusion about the failure results. (#284)
- Fixed a problem where using
@warning
tag was causing a problem where error messages was hidden on-q
usage. - Fixed
@warning
tag where further steps were also executed on a failure condition unintentionally. (#279)
- Add ability to reference a git repo by branch name and directory via
<repo>.git//<directory>?ref=<branch-name
. (#218)
- Fixed a crash where some module outputs could not be processed. (#275)
- Improved resource mounting where some terraform providers were creating inconsistent plan output and omitted some parameters that are referenced to a dynamic resource. (#260)
- Fixed an issue where regular expression usage on CIDR steps was causing a problem. (#265)
- Fixed a problem where properties having a space character were not recognised.
- Optimised key/value (property) definitions on all steps, where all keys or values can also have space characters encapsulated within "". (#270)
- Introduced case insensitive matching for the regex steps. (#268)
- Major code refactoring on the steps for the readability.
- Handled related radish-bdd exceptions and giving out
terraform-compliance
related error information. - BREAKING CHANGE : Changed
When it has <something>
step sentence where it now works as a true filtering function, unlikeWhen it contains <something
. When it contains <something>
step still works same with a Warning. This step will be deprecated (and converted toWhen it has <something>
) in future versions.- New step: When it must not have something. (#202)
- New step: Then it must not have something. (#202)
- Fixed a problem where resources/providers starting with
data
was misinterpreted. (#257)
- Enabled resource mounting/referencing for resources within modules. (#227)
- Fixed a problem where
its value must/must not be null
step was not processed properly. (#247) - Fixed a problem where filtering steps was failed with SKIPPING due to different types (or due to type conversions) are compared. (#248)
- Enabled Security Group related step for Security Group Rules also, it was only supporting Security Group before.
- Improved Security group processing where a regular expression can also be used while defining CIDRs. (#216)
- Improved
resource that support tags
in functionality inGIVEN
steps wheretags
can be any property. (#252)
- Improved
resource that support tags
resource type where Auto-Scaling Group style tags are enabled to be processed. (#243) - Improved
When its <key> is <value>
steps for testing a dictionary property key and value likeWhen its tags includes an entry where "some key" is "some value"
. (#228) - Improved
When its <key> is not <value>
steps for for testing a dictionary property key and value likeWhen its tags does not include an entry where "some key" is "some value"
. (#228)
- Fixed a problem where
count
step was counting incorrectly and counting characters of strings, integers and bools. ((#242)
- Fixed a problem where
integer
andboolean
values where causing comparison problems onWhen its <key> contains <value
>. (#231) - Fixed a problem where
boolean
values where causing a problem onThen its <key> <condition> be <value>
. (#232) - Improved
When its <key> is <value>
steps forreference
usage where you can provide akey/value
check likeWhen its security_group_id reference is something
. (#234) - Improved
When its <key> is not <value>
steps forreference
usage where you can provide akey/value
check likeWhen its security_group_id reference is not something
. (#234)
- Fixed a problem where
Then its <key> is <value>
step was not searching for "exact" matches. (#225)
- Fixed a problem where int, bool and float types was not properly filtered and matched.
- Fixed a problem where filtering functions does not work properly.
- Fixed a problem where a property within the terraform plan fails to get parsed if it is list of lists. (#221)
- Fixed a problem where tags are not recognised on Auto-Scaling Groups due to different key/pair structure within the terraform. (#208)
- Fixed a case where resource referencing fails when the output is coming from a module and does not registered in terraform plan.
- Fixed a case sensitivity problem where some of the steps were running unexpectedly. (#203)
- Added tags support on BDD feature files. As the first use case you can use @warning tag on top of a scenario for making it not failing. (docs) (#191)
- Added a new environment variable
TFC_ERROR
to change the name of the defaultFailure
error message. (docs) (#191)
- Cosmetic and some dependency fixes.
- Fixed an internal problem where a security group step will fail if there is no
cidr_blocks
definition within the plan. (#198)
-
New step: Then it must have "something" referenced. (#195)
-
New step: Then I flatten all values found. (#193)
-
New step: Then its {key} must/must not be {value}.
-
Security group revamp, which also addresses the problem defined in (docs) (#181)
- Security Group related code is rewritten, it is more flexible and extendable right now.
- Security Group related tests now also have
must
condition where you may want to enforce if some subset of rules are defined in Security Groups. - Fixed a problem where
must only
andmust not
was not working properly when Security Groups have multiple rules attached. (#181)
-
Now you can enforce rules for
output
variables. #185) -
New parameter:
-S/--silent
where test execution output will be suppressed. (docs) -
New parameter:
-n/--no-failure
where exit code will always be0
/successful even there is a failure. (docs) #191 -
New parameter:
-q/--quit-early
where the scenario executions will stop on the first failure. (docs) #170 -
CHANGE OF DEFAULT BEHAVIOUR :
terraform-compliance
will not STOP any test execution by default. -
New emoticons and a bit of cosmetic make-up is done. All emoticons will be disabled on non-interactive shells (CI/CD pipelines) or if
--no-ansi
is explicitly used. -
Fixed
-h
which was not reporting all parameter properly -
Fixed a problem where
it contains
step was converting list of properties to dict of properties which was causing a problem. (#194) -
Fixed a problem where module outputs referencing a resource were not used on resource mounting. (#190)
-
Fixed a problem where resources using
for_each
might cause some problems iffor_each
key includes.
within. (#197) -
Fixed by overriding/monkey patching a method within radish-bdd which enabled many other features.
- Fixed a problem where some Windows Operating Systems could not find terraform executable.
- Fixed a problem where "resource" and "data" definitions existing for the same resource type in the same module causing some problems on all "GIVEN" steps.
- Enhanced
count
step where it was only applicable for resource properties, now it also works right after aGIVEN
step. (#187)
- Fixed a problem about encoding where
terraform-compliance
crashes on HCL files with UTF-8 content. (#183)
- Removed
SKIPPED
lines ifdotter
formatter is used. (--formatter dotter
) (#180)
- Fixed a problem where filtering steps were failing on properly performing if the data is a list of dict of lists. E.g.
aws_iam_policy
with multiple heredoc policy statements. (#177) - Added integration tests into the build pipeline for allowing end-to-end tests.
- Fixed a problem on providers discovery where some providers have alias, some doesn't. (#173)
- Fixed a problem where resource names were reported wrong in some failures. (#171)
- Fixed a problem where in some cases
teraform-compliance
where givingAttributeError: 'NoneType' object has no attribute 'get'
exception. (#172) - Supporting multiple provider or providers aliases. (#173)
- Filtering steps are now performing case insensitive matching.
- Improved error messaged on steps doing math operations.
- Fixed a problem where resource mounting were causing a issues on
resources that support tags
. (#168)
- Fixed a problem where multiple resources were reported even some not failed. (#153)
- Fixed a recursion problem occurred due to pointer assignment in resource mounting. (#156)
- Added a capability where some of the resource & property information was not shown in some tests. (#153)
- Added a capability where we can define ALL resources in GIVEN directive. (#157)
- Fixed a problem where
must
in a step does not trigger a failure forprovider
s. (#158)
- Fixed a problem where resource mounting (via references) is done in both ways (A->B, B->A). This was causing a problem on
aws_instance
resource having aniam_role
attached on it. (#156)
- Fixed a problem where some resources can not be detected (or removed resources were still detected) due to plan changes. (#152)
- This release includes several optimisations on CI/CD pipeline and the general build structure of the project.
- Using new version of Colorful dependency.
- Fixed a problem where
gitphyton
was causing problems about installinggitdb
python dependency.
- Fixed intermittent
ImportError: cannot import name '__VERSION__' from 'radish'
problem.
- Fixed a problem where using "" or '' was causing a problem on property definitions within the steps.
- Fixed a problem where some of the filtering values were failing due to some characters.
- Fixed a problem on CI/CD pipeline
- Fixed a problem on CI/CD pipeline
- Fixed a problem on CI/CD pipeline
- Fix installing from source ([#143)
- Support for
its value {condition} contain {value}
- Support for
equal
operator inI expect the result is {operator} than/to {number}
- Support for
its value {condition} be {value}
- Support for
any
resource inI have {name} {type} configured
. - Fixed some internals where
its {key} is {value}
andits {key} is not {value}
might be mismatched unintentionally.
- Upgraded colorful package to official version of 0.5.1 which solves the problem described in
1.0.31
- Fixed naming conventions in the file. A new documentation with a website instead of just README is required though.
- Now terraform-compliance has a logo!
- Same like 1.0.32, but addressed another situation.
- Fixed a problem where filtering via
its {key} is {value}
was failing if the filtering object consists list or dict.
- Upgraded colourful that fixes unexpected colour coding in non-interactive terminals even when
--no-ansi
is used. (#359 #128 #78)
its {key} is {value}
filtering step now filters also properties defined within a resource.
- Fixed a problem where some
Null/None
values can not be parsed by regex steps. (#132)
- Upgraded
terraform
executable within the docker file from0.12.3
to0.12.5
its value must not be null
step is also checking for stringnull
.- terraform version checks are more dynamic.
- Fixed some of the examples.
- Fixed some of the examples.
- Changed
encryption is enabled
step to{property} is enabled
where{property}
could be generic and templated. (#123)
- Fixed a failure message where it was misleading. (follow up on #127)
- Fixed a bug where a resource might have multiple values (with same key). (follow up on #126)
- Improved
its value must not be null
step that is also checking if the value is set to''
.
- Fixed a bug where terraform-compliance crashes while reading the terraform file on terraform resources that does not have
values
key (#124) - Fixed a bug where some resources with key/value pair property causes a problem as reported in (#127)
- Fixed a bug where 'it must contain ' fails because of a KeyError.
- Fixed a bug where a test might fail while changing a resource that already exists in the remote/local terraform state.
- Set static versions fo dependencies within the setup.py and disabled re-install function completely.
- Added filtering capability that will help to filter any resource type by a specific property. (#122)
- Fixed a problem where searched key exists with a different purpose in the root and some of the child elements. E.g.
tags
in aws_s3_bucket andtags
inlifecycle_rules
within that bucket.
- Fixed a problem where test are passing directly if one of the drilled down values is a list. (#121)
- Improved
I expect the result is {operator} than {number}/Its value must be {operator} than {number}
step where the values can also be read and compared mathematically. (#120)
- Fixed a problem where terraform values including []/None/False was failing due to being negative.
- Fixed a problem where some of the data resources defined in configuration section was not distinguished.
- Fixed a problem where 'its value must not be null' was not working properly
- Upgraded
radish-bdd
to0.13.1
which includes fix for using escaped PIPE (|
) characters within the features. (Example) (#110)
- Include the Terraform binary in the Docker container for use on non-Linux host operating systems (#102)
- Added a new step: its value must/must not be null (Example) (#106))
- Added support for
data
definitions. (#105)
- Improved
contains
steps where in some cases 'key' and 'value' dict keys exist, instead of value of key as a key.
- Fixed a problem where mounted resources creating problem on identifying resources that doesn't have
tags
capability. (#107)
- Tested and added support for
terraform
0.12.2 and 0.12.3
- Improved 'contains' and 'regex' matching steps.
- Added basic heredoc support for json strings. (#90)
- Added encryption property for (at rest) aws_emr_security_configuration
- Added exception handlings for terraform executable and converting plan. (#99)
- Added S3 Public Block Access example to examples (#71)
- Fixed an issue where terraform executable does not exist in PATH env variable. (#99)
- Added "-t" argument for passing terraform executable if one doesn't want to keep it in PATH env variable.
- Fixed an issue where
filetype
module could not be found. (#97) - Upgraded python in Docker image from 3.6.8 to 3.7.3
BREAKING BACKWARD COMPATIBILITY for terraform-compliance
since the parameters has changed. This is a MAJOR upgrade and a re-design of the tool.
- This version only supports
terraform
0.12.0 and 0.12.1. - Removed
-t
parameter. - Introduced
-p
parameter where-p
is either ;terraform plan -out=<file>.out
output file orterraform show -json <file.out> > file.json
output for checking the plan (changes)terraform show -json
output for checking the whole state
- Instead of parsing
HCL
,terraform-compliance
is now parsing/processing againstterraform show
output. - Conversion from
terraform
internal plan format to json. - Full support for
terraform
interpolations and modules. - Minor upgrades on dependencies
- Removed many methods/functions that was doing
terraform
's job - Revamped all steps and required helper functions/methods
- Instead of having
untaggable_resources
nowterraform-compliance
auto-detects if a resource hastag
property. - Removed
terraform-validate
usage. - Introduced internal
terraform-compliance
exceptions instead of generic ones. - Started to keep a CHANGELOG for better understanding about what happens in the tool :)