Gruntwork release 2023-01
Guides / Update Guides / Releases / 2023-01
This page is lists all the updates to the Gruntwork Infrastructure as Code
Library that were released in 2023-01. For instructions
on how to use these updates in your code, check out the updating
documentation.
Here are the repos that were updated:
Published: 1/2/2023 | Release notes
This release switches repo-copier to using your locally installed git instance rather than the embedded go-git library. This is because of memory consumption and stack overflow issues with go-git. Please ensure you have git installed locally and in your PATH whenever running repo-copier going forward!
Full Changelog: https://github.com/gruntwork-io/repo-copier/compare/v0.1.1...v0.2.0
Published: 1/9/2023 | Modules affected: kubernetes-circleci-helpers | Release notes
kubernetes-circleci-helpers [BACKWARD INCOMPATIBLE]
- Install cri-dockerd with Minikube
- This version requires k8s 1.24 or later
Published: 1/31/2023 | Modules affected: data-stores | Release notes
- Update tflint patch to latest docker and remove include root
- Plumb
maintenance_window variable from CIS RDS module through to base RDS module
Published: 1/18/2023 | Release notes
- Add
flow_logs_traffic_type var to the VPC module. - Remove tflint-ruleset-aws-cis to it's own repo.
- Update tflint patch: use tflint-ruleset-aws-cis own repo
- Remove Ina from CODEOWNERS
Published: 1/26/2023 | Modules affected: ecs-cluster | Release notes
- Upgrade to launch templates
Published: 1/27/2023 | Modules affected: eks-cluster-control-plane | Release notes
- Add conditional logic for writing ExecCredential api version to support backward compatibility with the latest release of this module and EKS clusters version <
1.24
Published: 1/18/2023 | Modules affected: eks-k8s-external-dns | Release notes
- Expose additional chart configurations for external-dns.
Published: 1/5/2023 | Modules affected: eks-cluster-control-plane, eks-k8s-cluster-autoscaler, eks-container-logs, eks-alb-ingress-controller | Release notes
eks-cluster-control-plane [BACKWARD INCOMPATIBLE]eks-k8s-cluster-autoscaler [BACKWARD INCOMPATIBLE]eks-container-logs [BACKWARD INCOMPATIBLE]eks-alb-ingress-controllereks-aws-auth-mergereks-fargate-container-logs eks-k8s-external-dnseks-k8s-role-mapping
The default version of Kubernetes installed by the module has been updated to 1.24. As a result of this, the default version of addons were updated to support installation into 1.24. Specifically:
cluster-autoscaler: The default app version has been updated to 1.24.0.eks-alb-ingress-controller: The default app version and chart version have been updated to 2.4.5 and 1.4.6.eks-k8s-external-dns: The default chart version has been updated to 6.12.2.eks-container-logs: As EKS ended support for Dockershim, a new cri parser was added to Fluent Bit configuration in eks-container-logs.kubernetes provider constraints needed to be updated as Kubernetes no longer creates a default Secret for ServiceAccount.kubernetes client.authentication.k8s.io/v1alpha1 API version was removed in 1.24, so all examples were updated to v1.
If you wish to maintain backward compatibility with your existing setup without upgrading the Kubernetes version, you will want to configure the kubernetes_version parameter to the version of Kubernetes you are currently using. Note that 1.24 requires kubergrunt version 0.10.0 and above.
If you wish to maintain backward compatibility with your existing setup of the cluster autoscaler, you will want to configure the cluster_autoscaler_version input variable to what you are currently using. This should match semantic version of your EKS cluster Kubernetes version. Refer to the gcr repository and look for the latest version for your kubernetes version.
If you wish to maintain backward compatibility with your existing setup of the EKS container logs, you will want to set the use_cri_parser_conf input variable to false.
Published: 1/24/2023 | Modules affected: api-gateway-account-settings, lambda | Release notes
- Adds
var.managed_policy_waiting_time to modules api-gateway-account-settings and lambda. The purpose is mitigating racing conditions that occasionally cause these modules to fail to deploy when using managed IAM policies due to eventual consistency of policy permissions showing for the IAM role.
Published: 1/18/2023 | Modules affected: api-gateway-account-settings | Release notes
- Fixes occasional deploy errors on module
api-gateway-account-settings by enforcing the correct order of attaching permissions.
Published: 1/13/2023 | Modules affected: sns-to-slack | Release notes
- Added prevention of perpetual diff issues on
sns-to-slack module when using terragrunt.
Published: 1/26/2023 | Modules affected: openvpn-server | Release notes
- Upgrade to launch templates
Published: 1/23/2023 | Modules affected: openvpn-admin, openvpn-server | Release notes
- Use new upgrade test code.
- Updated default branch references (backward compatible)
- Bumped docker image from patches to v0.0.6
- Added permissions for SQS for revoking certs
Published: 1/23/2023 | Modules affected: private-s3-bucket, kms-master-key | Release notes
- Fixed private-s3-bucket ACL
- Added kms grant permissions for
cmk_user_iam_arns supplied with conditions.
Published: 1/30/2023 | Modules affected: base, data-stores, landingzone, mgmt | Release notes
- Updated version of terraform-aws-security from v0.66.0 to v0.67.2. See release notes here for details
Published: 1/10/2023 | Modules affected: data-stores, services/eks-cluster, services/eks-workers, services/eks-core-services | Release notes
- Adding variables to manage rds
- Updated Kubernetes to 1.24