v3.2.1

fix: replace context with default var @goruha (#91)

## what - Replace context with default variable

why

• When using container within GitHub Actions, context value is incorrect. Default variable value remains correct.
• As github.action_path is used during step execution (within runner), it can be replaced by default variable.

references

• cloudposse/github-action-atmos-affected-stacks#52
• There are more reported issues showing this problem in various scenarios, for instance this one

🤖 Automatic Updates

Update .github/settings.yml @osterman (#88)

## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

v3.2.0

fix: assume IAM role before running `cloudposse/github-action-atmos-get-setting` @korenyoni (#86)

## what

• assume IAM role before running cloudposse/github-action-atmos-get-setting

why

As of atmos 1.86.2, when atmos.Component began actually retrieving the TF state, it broke cloudposse/github-action-atmos-affected-stacks which we resolved as part of this release of the aforementioned action. We just had the action assume the IAM role, and that was it. However in cases where this function is used, appropriate IAM credentials to also be a requirement for cloudposse/github-action-atmos-get-setting:

> Run cloudposse/github-action-atmos-get-setting@v1
template: all-atmos-sections:163:26: executing "all-atmos-sections" at <atmos.Component>: error calling Component: exit status 1

Error: error configuring S3 Backend: IAM Role (arn:aws:iam::xxxxxxxxxxxx:role/xxxx-core-gbl-root-tfstate) cannot be assumed.

There are a number of possible causes of this - the most common are:
  * The credentials used in order to assume the role are invalid
  * The credentials do not have appropriate permission to assume the role
  * The role ARN is not valid

Error: NoCredentialProviders: no valid providers in chain. Deprecated.
	For verbose messaging see aws.Config.CredentialsChainVerboseErrors

references

https://github.com/cloudposse/atmos/releases/tag/v1.86.2

v3.1.0

Caching .terraform @goruha (#83)

## what * Cache .terraform * Consolidate atmos get settings into one action run * Made action self-contained

why

• Improve performance
• Improve performance

references

v3.0.0

Bump `upload-artifact` to `v4` @milldr (#82)

## breaking changes!

Updating upload-artifact changes the structure of artifacts!

If you are using this action to create artifacts to be used by Atmos Terraform Drift Detection workflows with github-action-atmos-terraform-drift-detection, then you will need to upgrade both actions to use the following major versions:

cloudposse/github-action-atmos-terraform-drift-detection@v2
cloudposse/github-action-atmos-terraform-plan@3

For more details, please see: cloudposse/github-action-atmos-terraform-drift-detection#1682

what

• Update upload-artifact action to version 4

why

• The major versions of actions/artifact used to upload or download an artifact must match
• Wrong upload version with v3: https://github.com/actions/upload-artifact/blob/v3/package.json#L32
• Correct upload version with v4: https://github.com/actions/upload-artifact/blob/v4/package.json#L32
• Download version, matches v4: https://github.com/cloudposse/github-action-atmos-terraform-drift-detection/blob/main/package.json#L44
• This fixes the following error:

throw new Error(`Unable to find any artifacts for the associated workflow`);

references

• https://stackoverflow.com/questions/78238187/unable-to-find-any-artifacts-for-the-associated-workflow-github-actions
• closes #68
• https://github.com/actions/upload-artifact/blob/main/docs/MIGRATION.md

v2.2.0

Support OpenTofu @goruha (#80)

## what * Install opentofu

why

• Gitops support OpenTofu

references

• DEV-2269 Update infra-live and infra-test to use opentofu

v2.1.0

Warning admonition @goruha (#79)

## what * Warning admonition

why

• Improve UI

references

• DEV-283 Change Warning for Terraform Warnings to use admonition

v2.0.1

Fix checkout sha @goruha (#78)

## what * Use sha input for checkout

why

• Make pull_request_target pattern working

references

• DEV-372: Change all usage of pull_request to pull_request_target

🤖 Automatic Updates

Update release workflow to allow pull-requests: write @osterman (#77)

## what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR

why

• Add comment to PR when it is released

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#75)

## what - Update workflows (`.github/workflows/settings.yaml`) to use shared workflows from `.github` repo

why

• Reduce nested levels of reusable workflows

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#74)

## what - Update workflows (`.github/workflows/settings.yaml`)

why

• Support new readme generation workflow.
• Generate banners

v2.0.0

Move `atmos-gitops-config.yaml` to `atmos.yaml` @goruha (#63)

what

• Move atmos-gitops-config.yaml to atmos.yaml

why

• Reduce configs files

references

• https://cloudposse.atlassian.net/browse/DEV-1589

  Migrating from v1 to v2

  The notable changes in v2 are:

  • v2 works only with atmos >= 1.63.0
  • v2 drops install-terraform input because terraform is not required for affected stacks call
  • v2 drops atmos-gitops-config-path input and the ./.github/config/atmos-gitops.yaml config file. Now you have to use GitHub Actions environment variables to specify the location of the atmos.yaml.

  The following configuration fields now moved to GitHub action inputs with the same names

  name
  atmos-version
  atmos-config-path

  The following configuration fields moved to the atmos.yaml configuration file.

  name	YAML path in atmos.yaml
  aws-region	integrations.github.gitops.artifact-storage.region
  terraform-state-bucket	integrations.github.gitops.artifact-storage.bucket
  terraform-state-table	integrations.github.gitops.artifact-storage.table
  terraform-state-role	integrations.github.gitops.artifact-storage.role
  terraform-plan-role	integrations.github.gitops.role.plan
  terraform-apply-role	integrations.github.gitops.role.apply
  terraform-version	integrations.github.gitops.terraform-version
  enable-infracost	integrations.github.gitops.infracost-enabled
  sort-by	integrations.github.gitops.matrix.sort-by
  group-by	integrations.github.gitops.matrix.group-by

  For example, to migrate from v1 to v2, you should have something similar to the following in your atmos.yaml:

  ./.github/config/atmos.yaml

  # ... your existing configuration
  
  integrations:
    github:
      gitops:
        terraform-version: 1.5.2
        infracost-enabled: false
        artifact-storage:
          region: us-east-2
          bucket: cptest-core-ue2-auto-gitops
          table: cptest-core-ue2-auto-gitops-plan-storage
          role: arn:aws:iam::xxxxxxxxxxxx:role/cptest-core-ue2-auto-gitops-gha
        role:
          plan: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops
          apply: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops
        matrix:
          sort-by: .stack_slug
          group-by: .stack_slug | split("-") | [.[0], .[2]] | join("-")

  .github/workflows/main.yaml

    - name: Plan Atmos Component
      uses: cloudposse/github-action-atmos-terraform-plan@v2
      with:
        component: "foobar"
        stack: "plat-ue2-sandbox"
        atmos-config-path: ./rootfs/usr/local/etc/atmos/
        atmos-version: 1.63.0

  This corresponds to the v1 configuration (deprecated) below.

  The v1 configuration file ./.github/config/atmos-gitops.yaml looked like this:

  atmos-version: 1.45.3
  atmos-config-path: ./rootfs/usr/local/etc/atmos/
  terraform-state-bucket: cptest-core-ue2-auto-gitops
  terraform-state-table: cptest-core-ue2-auto-gitops
  terraform-state-role: arn:aws:iam::xxxxxxxxxxxx:role/cptest-core-ue2-auto-gitops-gha
  terraform-plan-role: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops
  terraform-apply-role: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops
  terraform-version: 1.5.2
  aws-region: us-east-2
  enable-infracost: false
  sort-by: .stack_slug
  group-by: .stack_slug | split("-") | [.[0], .[2]] | join("-")  

  And the v1 GitHub Action Workflow looked like this.

  .github/workflows/main.yaml

    - name: Plan Atmos Component
      uses: cloudposse/github-action-atmos-terraform-plan@v1
      with:
        component: "foobar"
        stack: "plat-ue2-sandbox"
        atmos-gitops-config-path: ./.github/config/atmos-gitops.yaml

v1.5.0

Update infracost/actions action to v3 @renovate (#69)

This PR contains the following updates:

Package	Type	Update	Change
infracost/actions	action	major	v2 -> v3

---

Release Notes

infracost/actions (infracost/actions)

v3

Compare Source

---

v1.4.0

Artifact upload rollback v3 @goruha (#67)

what

• Artifact upload rollback v3

why

broke in #65