v2.1.0

Allow pinning vm's machine image, instead of always using latest …stable/cos_cloud @dennislapchenko (#112)

what

• Machine image is now pinnable
• Check the difference between two commits. If we keep only the first commit then full image name needs to be passed everytime. After the second commit you can just provide the short name and it will be verified. One drawback is that this it's not possible to move away from cos images, which probably is not desired anyway.

why

• Not always you would want to stay on the latest cos image. Not always you want to update it if you're performing other changes.
• It also seems that not all latest cos images work well with atlantis/secure vm configurations.. Just today i was making tweaks to the module and latest image got deployed too. As a result backend never could be reached.. could not find any logs as to why this happened, but reverting the image instantly fixed the issue.

v2.0.0

Breaking changes (OS Login, Secure Boot & Labels) @bschaatsbergen (#109)

what

• Introduces several breaking changes
• Feature: OS Login
• Feature: Secure Boot
• Feature: Labels

why

• These features were requested by the community

v1.3.1

Delete IAP example @bschaatsbergen (#108)

what

• Removed the IAP example

why

• IAP is extensively documented in the root README
• The IAP example created an IAP client that was missing a callback url, this is not possible to define in Terraform.

v1.3.0

🐛 Bug Fixes

examples: remove project from google_iap_client @tpolekhin (#106)

╷
│ Error: Unsupported argument
│
│   on modules/atlantis/iap.tf line 16, in resource "google_iap_client" "atlantis":
│   16:   project      = var.project_id
│
│ An argument named "project" is not expected here.
╵

what

A small change to IAP example I found during my deployment

why

To make it work

references

• Use Closes #123, if this PR closes a GitHub issue #123
• If possible, link to the relevant documentation to add some context.

v1.2.14

🚀 Enhancements

Set `privileged` to `false` @bschaatsbergen (#104)

what

• When a container is given privileged mode it receives all permissions the host has, it's currently set to true but we should set it to false as it doesn't affect the atlantis installation.

why

• Doesn't affect the atlantis installation.

references

• Closes #102

v1.2.13

fix: ignore lock file for terraform-docs @nitrocode (#103)

what

• ignore lock file for terraform-docs

why

• This maintains the > x.y.z qualifier in the readme docs for providers instead of reading resolved provider versions a.b.c directly from the lock file

references

• https://terraform-docs.io/

v1.2.12

🚀 Enhancements

Adding IAP example and output for IAP backend service @cblkwell (#96)

what

This PR adds an additional output for the name of the IAP backend service, which is used as an input for the permissions binding used to gate access to the IAP-protected Atlantis deployment.

It also adds an additional example showing how to use IAP to protect Atlantis.

why

The output eliminates the need to pull the name of the service via a data source (which would require the name to get the data source, so...) which also helps Terraform determine order of operations.

IAP has enough extra configuration I thought it worthy of describing in more detail, especially since I suspect most people will not want to have their UI just hanging out there on the internet.

references

v1.2.11

🚀 Enhancements

Add redirect to domain for unmatched requests @kpocius (#95)

what

• Add default_url_redirect to google_compute_url_map when IAP is enabled

why

• Even with IAP enabled, if you go to load balancer IP, you're taken straight to Atlantis UI, bypassing any authentication. This is because by default unmatched requests are handled by the default service

references

• google_compute_url_map#default_url_redirect

v1.2.10

Set sample rate to 1 @bschaatsbergen (#94)

what

• Fix idempotency issue with IAP backend log config

why

• Causes state diff on refresh

v1.2.9

🚀 Enhancements

Document `google_netblock_ip_ranges` data source @kpocius (#91)

what

• Document google_netblock_ip_ranges data source added in #88
• Trim whitespace & remove trailing punctuation

why

• Trailing punctuation in headers might be a matter of preference, but generally it is suggested not to use it
• Removing it also makes all headings consistent