v2.0.0

Google backends: gcs and firestore (#35) @goruha (#36)

## what

Use google services to store state (gcs) and metadata (firestore)

why

For those who use google cloud it is hard to adopt atmos as all the GH tooling is built around AWS. This PR and several other fixes that.

references

See also related PRs in:

• cloudposse/github-action-atmos-terraform-plan#93
• cloudposse/github-action-atmos-terraform-apply#64
• cloudposse/github-action-atmos-affected-stacks#55

Usage

To use the GCP implementation, specify planRepositoryType as gcs and metadataRepositoryType as firestore, then provide the following GCP-specific settings: googleProjectId to specify the project for both GCS bucket and Firestore, bucketName for GCS storage, and googleFirestoreDatabaseName/googleFirestoreCollectionName for Firestore metadata.

The component, stack, planPath, and action parameters work the same way as in AWS and Azure examples.

 - name: Store Plan
    uses: cloudposse/github-action-terraform-plan-storage@v2
    id: store-plan
    with:
      action: storePlan
      planPath: my-plan.tfplan
      component: mycomponent
      stack: core-mycomponent-use1
      planRepositoryType: gcs
      metadataRepositoryType: firestore
      bucketName: my-terraform-plans
      gcpProjectId: my-gcp-project
      gcpFirestoreDatabaseName: terraform-plan-metadata
      gcpFirestoreCollectionName: terraform-plan-storage

 - name: Get Plan
    uses: cloudposse/github-action-terraform-plan-storage@v2
    id: get-plan
    with:
      action: getPlan
      planPath: my-plan.tfplan
      component: mycomponent
      stack: core-mycomponent-use1
      planRepositoryType: gcs
      metadataRepositoryType: firestore
      bucketName: my-terraform-plans
      gcpProjectId: my-gcp-project
      gcpFirestoreDatabaseName: terraform-plan-metadata
      gcpFirestoreCollectionName: terraform-plan-storage

🤖 Automatic Updates

Update .github/settings.yml @osterman (#33)

## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

v1.15.0

Fix dynamodb scan paginator @goruha (#32)

what

• Support pagination for DynamoDB scan

why

• Because scan works by batch 1Mb of data.

If the total size of scanned items exceeds the maximum dataset size limit of 1 MB, the scan completes and results are returned to the user. The LastEvaluatedKey value is also returned and the requestor can use the LastEvaluatedKey to continue the scan in a subsequent operation.

• Fix false negatives get plan cases

references

• https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Scan.html
• https://github.com/cloudposse/infra-test/actions/runs/9454236869/job/26041352037
• https://github.com/cloudposse/github-action-terraform-plan-storage/actions/runs/9483172988

v1.14.0

Fix CVE-2023-26136 @goruha (#30)

what

• Update @azure/ms-rest-js@^2.6.6 to @azure/ms-rest-js@^2.7.0

why

• @azure/ms-rest-js@^2.7.0 drops dependency @tough-cookie that have vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-26136

references

• https://nvd.nist.gov/vuln/detail/CVE-2023-26136
• https://github.com/cloudposse/github-action-terraform-plan-storage/security/advisories/GHSA-gjjq-jj22-jggh

v1.13.0

Disable auto release publisihing @goruha (#28)

what

• Disable auto release publisihing

why

• Auto-release publish does not trigger release workflow

v1.12.0

Upgrade Node 20 @goruha (#26)

what

• Upgrade Node 20

chore(DEV-1563): README Updated @milldr (#25)

what

• Updated description and generated latest README

why

• QoL improvement for documentation
• Use the latest README template

references

• DEV-1563

Consolidate auto-release workflow @goruha (#24)

what

• Use cloudposse/github-action-auto-release in auto-release.yaml workflow

why

• Solve old nodejs warning
• Reduce duplication of code

v1.11.0

feature add azure support @mcalhoun (#23)

what

Add Azure support

why

• To allow users running in Azure to store their plans and metadata in Azure rather than AWS

v1.10.0

Respect commit SHA if provided @zdmytriv (#19)

what

• Respect commit SHA if provided

why

• Respect commit SHA if provided

references

v1.9.0

Added `input.commitSHA` @zdmytriv (#18)

what

• Added commitSHA optional overwrite input

why

• Added commitSHA optional overwrite input

references

v1.8.0

Support `workflow_dispatch` @milldr (#17)

what

• set alternate sha and branch

why

• support executing this action from workflow_dispatch

references

• DEV-1008

v1.7.0

QueryCommandInput for Latest from PR @milldr (#16)

what

• Use a QueryCommandInput instead of a ScanCommandInput to get the latest change from a PR
• Remove Limit from PR command

why

• QueryCommandInput should be used with QueryCommand to filter and pull the latest DynamoDB table entry
• Without this change, the action always fails to find the plan entry even if the entry is valid

{"message":"The plan for demo-new in the stack plat-use2-sandbox for pr 22 does not exist."}

• Limit will only return the most recent result before filtering. This means only the most recent planfile will be returned across all PRs, not our specific PR

A single Query operation will read up to the maximum number of items set (if using the Limit parameter) or a maximum of 1 MB of data and then apply any filtering to the results using FilterExpression.

references

• https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-dynamodb/classes/querycommand.html