2.13.0 (October 17, 2024). Tested on Artifactory 7.90.14 and Xray 3.104.18 with Terraform 1.9.8 and OpenTofu 1.8.3
IMPROVEMENTS:
- provider: Add
tfc_credential_tag_name
configuration attribute to support use of different/multiple Workload Identity Token in Terraform Cloud Platform. Issue: #68 PR: #257
2.12.0 (October 4, 2024). Tested on Artifactory 7.90.13 and Xray 3.104.15 with Terraform 1.9.7 and OpenTofu 1.8.2
BUG FIXES:
- resource/xray_license_policy: Fix case insensitive attribute validations for
actions.custom_severity
. - resource/xray_operational_risk_policy: Fix case insensitive attribute validations for
criteria.op_risk_min_risk
,criteria.op_risk_custom.risk
. - resource/xray_security_policy: Fix case insensitive attribute validations for
criteria.min_severity
,criteria.exposures.min_severity
, andcriteria.package_type
. - resource/xray_violations_report: Fix case insensitive attribute validations for
filter.type
.
2.11.2 (September 23, 2024). Tested on Artifactory 7.90.10 and Xray 3.104.11 with Terraform 1.9.6 and OpenTofu 1.8.2
BUG FIXES:
- resource/xray_*_policy: Fix "Provider produced inconsistent result after apply" error due to
build_failure_grace_period_in_days
attribute. PR: #248 Issue: #248
2.11.1 (September 16, 2024). Tested on Artifactory 7.90.10 and Xray 3.104.11 with Terraform 1.9.5 and OpenTofu 1.8.2
IMPROVEMENTS:
- resource/xray_license_policy, resource/xray_operational_risk_policy, resource/xray_security_policy: Migrate from SDKv2 to Plugin Framework. PR: #239
- resource/xray_licenses_report, resource/xray_operational_risks_report, resource/xray_violations_report, resource/xray_vulnerabilities_report: Migrate from SDKv2 to Plugin Framework. PR: #240
- resource/xray_ignore_rule: Fix date parsing issue with timezone for
expiration_date
attribute. PR: #238, #244
2.11.0 (August 27, 2024). Tested on Artifactory 7.90.8 and Xray 3.102.5 with Terraform 1.9.5 and OpenTofu 1.8.1
IMPROVEMENTS:
- resource/xray_repository_config: Migrate from SDKv2 to Plugin Framework. PR: #234
- resource/xray_repository_config: Updated schema and validation to work with Xray version 3.102.3. PR: #235
- resource/xray_workers_count: Updated schema to work with Xray version 3.102.3. PR: #235
BUG FIXES:
- resource/xray_*_policy: Fix incorrect value being set from API in
exposures
attributes. PR: #234
NOTES:
- provider:
check_license
attribute is deprecated and provider no longer checks Artifactory license during initialization. It will be removed in the next major version release.
2.10.0 (August 8, 2024). Tested on Artifactory 7.90.6 and Xray 3.101.5 with Terraform 1.9.4 and OpenTofu 1.8.1
IMPROVEMENTS:
- resource/xray_binary_manager_release_bundles_v2: Add
indexed_release_bundle_v2
attribute validation to prevent the use of Ant-style pattern. PR: #227 Issue: #226 - resource/xray_binary_manager_build: Add
indexed_builds
attribute validation to prevent the use of Ant-style pattern. PR: #227 Issue: #226 - resource/xray_*_policy: Add
block_release_bundle_promotion
attribut to support Release Bundle promotion blocking for policy. PR: #231
2.9.0 (July 30, 2024). Tested on Artifactory 7.90.5 and Xray 3.101.5 with Terraform 1.9.3 and OpenTofu 1.8.0
FEATURES:
- New Resource: resource/xray_binary_manager_release_bundles_v2 - New resources to support Release Bundles V2 for binary manager indexing configuration. PR: #222 Issue: #220
IMPROVEMENTS:
- resource/xray_security_policy: Add
applicable_cves_only
attribute to support JFrog Advanced Security feature. PR: #223 Issue: #221
BUG FIXES:
- resource/xray_ignore_rule: Fix error when creating project specific ignore rule with build filter. PR: #224 Issue: #213
2.8.2 (June 21, 2024). Tested on Artifactory 7.84.15 and Xray 3.96.1 with Terraform 1.8.5 and OpenTofu 1.7.2
IMPROVEMENTS:
- resource/xray_custom_issue: Migrate from SDKv2 to Plugin Framework. PR: #207
- resource/xray_ignore_rule: Migrate from SDKv2 to Plugin Framework. PR: #209
- resource/xray_watch: Migrate from SDKv2 to Plugin Framework. PR: #210
2.8.1 (June 14, 2024). Tested on Artifactory 7.84.14 and Xray 3.96.1 with Terraform 1.8.5 and OpenTofu 1.7.2
BUG FIXES:
- resource/xray_*_policy: Fix incorrect error handling when deleting a policy that is still attached to a watch. This leads to the resource being deleted even though the policy can't be deleted. PR: #205
IMPROVEMENTS:
- resource/xray_security_policy: Add
package_name
,package_type
, andpackage_versions
attributes to support package security policy. PR: #189
IMPROVEMENTS:
- resource/xray_binary_manager_repos and resource/xray_binary_manager_builds: Add missing usage and import examples to documentation. PR: #196 Issue: #129
FEATURES:
- resource/xray_binary_manager_repos and resource/xray_binary_manager_builds: Add new resources to support adding repositories or builds to binary manager indexing configuration. PR: #194 Issue: #129
FEATURES:
- provider: Add support for Terraform Cloud Workload Identity Token. PR: #183
- resource/xray_settings: Migrate from SDKv2 to Plugin Framework. PR: #174
- resource/xray_workers_count: Migrate from SDKv2 to Plugin Framework. PR: #175
- resource/xray_webhook: Migrate from SDKv2 to Plugin Framework. PR: #176
FEATURES:
- data/xray_artifacts_scan: Add a new data source to retrieve a list of artifacts scanned by Xray.
IMPROVEMENTS:
- resource/xray_settings: Add attributes to support Xray Basic settings. PR: #169 Issue: #78
IMPROVEMENTS:
- resource/xray_violations_report: add
published
attribute forsecurity_filters
to supportstart
andend
dates. PR: #164 Issue: #161
IMPROVEMENTS:
- resource/xray_ignore_rule: ensure when all nested attributes (e.g.
name
,version
, etc.) change, they will trigger a re-creation of the resource. PR: #162 Issue: #156 - resource/xray_repository_config: add new attribute
jas_enabled
to allow users to specify if their JFrog Platform has Advanced Security enabled or not. This affects how the provider interacts with Xray API. PR: #163 Issue: #159
IMPROVEMENTS:
- resource/xray_*_report: remove "Import" section from report documentation as these resources do not support importing. PR: #160 Issue: #157
IMPROVEMENTS:
- resource/xray_watch: add support for watch type
releaseBundle
,all-releaseBundles
,releaseBundleV2
, andall-releaseBundlesV2
. PR: #153 Issue: #150
BUG FIXES:
- resource/xray_security_policy: Fix ordering of multiple
rule
attributes causes state drift. PR: #152 Issue: #149
BUG FIXES:
- resource/xray_ignore_rule: Remove validation against setting attributes
vulnerabilities
andcves
at the same time. RemovedComputed
attribute forcves
to avoid state drift and forced replacement. PR: #151 Issue: #148
BUG FIXES:
- resource/xray_ignore_rule: remove validation against setting attributes
build
andcomponent
at the same time. PR: #147 Issue: #146
BUG FIXES:
- resource/xray_repository_config: fix provider crash after upgrading from 1.12.0 to >=1.15.0.
SECURITY:
- provider: Bump golang.org/x/net from 0.11.0 to 0.17.0 PR: #142
BREAKING CHANGES:
- resource/xray_operational_risk_policy: remove default values for attributes
op_risk_custom.release_date_greater_than_months
,op_risk_custom.newer_versions_greater_than
,op_risk_custom.release_cadence_per_year_less_than
,op_risk_custom.commits_less_than
, andop_risk_custom.committers_less_than
. They are now require to be defined explicitly if you wish to set any values. There may be state drifts for this policy resource as the provide code can't distinguish between default values vs configuration values so it can't automatically upgrade the TF state.
FEATURES:
- resource/xray_webhook: add a new resource allowing webhook to be managed.
IMPROVEMENTS:
- resource/xray_watch: replace potentially unsafe string intepolation with struct marshalling.
PR: #137
FEATURES:
- resource/xray_custom_issue: add a new resource allowing custom issue event to be managed.
IMPROVEMENTS:
- resource/xray_repository_config: added validation to ensure either
config
orpath_config
attribute is defined.
BUG FIXES:
- resource/xray_repository_config: added
exposures
toconfig
to support JFrog Advanced Security scanning.
PR: #133
BUG FIXES:
- resource/xray_watch: added
path-regex
filter type for Xray watch.
BUG FIXES:
- resource/xray_ignore_rule: removed restriction, so the ignore rule can be created for both a policy and a watch.
IMPROVEMENTS:
- resource/xray_*_policy:
actions
is a required block now. Also, changed default behavior foractions
nested boolean attributes to match the Xray UI behavior. - resource/xray_license_policy: removed license name verification from
banned_licenses
andallowed_licenses
lists to allow users enter custom licenses, created in their Xray instance. Please note, Xray API doesn't verify if the license (custom or not) exists, so if the user enters a non-existing license name, this policy will be created but won't trigger a violation.
IMPROVEMENTS:
- resource/xray_security_policy: added new security policy rule criteria
exposures
, which allows to create a policy with criteria type Exposures and include specific exposures. Works only with JFrog Advanced Security license, otherwise the block will be ignored by API. PR: #118
IMPROVEMENTS:
- resource/xray_security_policy: added new security policy rule criteria
vulnerability_ids
, which allows to create a policy with criteria type Vulnerabilities and include a list of a specific CVEs. Issue: #112 PR: #116
IMPROVEMENTS:
project_key
attribute validation for all the resources has been changed to match Artifactory requirements since 7.56.2 - the length should be between 2-32 characters. PR: #113
IMPROVEMENTS:
- resource/xray_security_policy: added new attribute
malicious_package
. It allows to create a violation on any malicious package detected. Issue: #109 PR: #111
IMPROVEMENTS:
- resource/xray_watch: Added support for
mime-type
to text filter. Added new filter typekv_filter
to support "property" filter with key/value. Issue: #107 PR: #108
IMPROVEMENTS:
- resource/xray_ignore_rule, resource/xray_*_policy, resource/xray_watch, resource/xray_repository_config, resource/xray_settings: updated documentation to include importing resource which has been supported previously.
- resource/xray_*_policy, resource/xray_watch: added
project_key
parsing for importing - provider: Update golang.org/x/net module to latest version. Dependabot alerts: 3, 4
PR: #105
BUG FIXES:
IMPROVEMENTS:
BUG FIXES:
- resource/xray_violations_report: fixed an issue, when the provider crashed if the
security_filters
attribute wasn't set. Issue #95 PR #100
BUG FIXES:
- resource/xray_ignore_rule: fixed nil pointer exception, when "expiration_date" attribute wasn't set. Fixed documentation, added HCL examples. Issue #94 PR #99
BUG FIXES:
- resource/xray_operational_risk_policy: documentation updated to match Xray behavior, all policy types are lowercase now. Issue: #96 PR #98
BUG FIXES:
- resource/xray_ignore_rule, resource/xray_license_policy, resource/xray_licenses_report, resource/xray_operational_risk_policy, resource/xray_operational_risks_report, resource/xray_security_policy, resource/xray_violations_report, resource/xray_vulnerabilities_report, resource/xray_watch: Update
project_key
attribute validation to match Artifactory Project. PR: #93
BUG FIXES:
- resource/xray_watch: fix
watch_recipients
attribute not being set when reading from Xray. PR #91
BUG FIXES:
- resource/xray_security_policy: fix
min_severity
attribute state drift due to Xray API bug, which has been fixed. Issue #84 PR #90
BUG FIXES:
- resource/xray_watch: fix
name
attribute not being set when reading from Xray. PR #88
BUG FIXES:
- resource/xray_watch: removed constraints from 'ant_filter' and 'path_ant_filter' attribute include and exclude fields. It's not required to set both 'include' and 'exclude' filters anymore. The fix allows users to set only one of include/exclude filters, if needed.
FEATURES:
- resource/xray_licenses_report: add a new resource allowing to create Xray Licenses report.
- resource/xray_operational_risks_report: add a new resource allowing to create Xray Operational Risks report.
- resource/xray_violations_report: add a new resource allowing to create Xray Violations report.
- resource/xray_vulnerabilities_report: add a new resource allowing to create Xray Vulnerabilities report.
IMPROVEMENTS:
- resource/xray_watch: add functionality to apply
path_ant_filter
forrepository
andall-repos
watch_resource.type
. PR #82
FEATURES:
- resource/xray_repository_config: add a new resource allowing to configure Xray report retention policies for the repositories. Issue #77 PR #81
- Add ability to disable license check. PR #80
FEATURES:
BUG FIXES:
- resource/xray_watch, resource/xray_security_policy, resource/xray_license_policy, and resource/xray_operational_risk_policy: Add support for hyphen character in
project_key
attribute. PR: #73.
FEATURES:
- resource/xray_watch, resource/xray_security_policy, resource/xray_license_policy, and resource/xray_operational_risk_policy: Add support for
project_key
attribute. PR: #72. Issue #69
FEATURES:
- resource/xray_operational_risk_policy: New resource to support 'operational_risk' policy. PR: #71. Issue: #50
FEATURES:
IMPROVEMENTS:
- resource/xray_watch: Update documentation for Ant pattern filter for
all-builds
andall-projects
watch resource type. PR: #66. Project provider issue: #39
IMPROVEMENTS:
- resource/xray_watch: Add support for Ant pattern filter for
all-builds
andall-projects
watch resource type. PR: #61. Issue: #48
BUG FIXES:
- provider: Fix hardcoded HTTP user-agent string. PR: #62
IMPROVEMENTS:
- Bump shared module version
BUG FIXES:
- resource/xray_watch: Fix error when creating watch with remote repository by adding new attribute
repo_type
to allow user to specify whether the repository is local or remote. GH-55
IMPROVEMENTS:
- Upgrade
gopkg.in/yaml.v3
to v3.0.0 for CVE-2022-28948 GH-54
BUG FIXES:
- add 'Commercial' licence to the list of allowed licenses. GH-52
- minor version bump to force release due to build failure
IMPROVEMENTS:
- fixed HCL example for Xray Watch. GH-47.
IMPROVEMENTS:
- documentation reorganized, added subcategories and templates. GH-44.
IMPROVEMENTS:
- added
fix_version_dependant
field toxray_security_policy
resource. The field introduced in Xray 3.44.1 GH-39
IMPROVEMENTS:
- added new resource
xray_settings
which will set Xray DB Sync Time. GH-35
BUG FIXES:
- resource/xray_watch: Add all-builds to schema validation. GH-31
Xray provider was separated from Artifactory provider. The most notable differences in the new Xray provider:
- Provider uses Xray API v2 for all the API calls.
- HCL was changed and now uses singular names instead of the plurals for the repeatable elements, like
rule
,watch_resource
,filter
andassigned_policy
. - Security policy and License policy now are separate Terraform provider resources.
- In Schemas, TypeList was replaced by TypeSet (where it makes sense) to avoid sorting problems, when Terraform detect the change in sorted elements.
- Added multiple validations for Schemas to verify the data on the Terraform level instead of getting errors in the API response.