All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
json/get_value: Fixed cases when the key is*.somethingcore: Fixed support for YAML files through JSON provider
terraform_plan: Fixed cases when using*as the resource_type and the attribute is not found, the provider outputsnullinsetad ofProviderError
evaluators/contains: Fixed message when the evaluator is failing when input and data are both strings
terraform_plan: Addedexclude_typesparameter to filter specific resource types when using wildcard (*) resource typeterraform_plan: Support for excluding resource types inattribute,action, andcountoperations
terraform_plan/attribute: Fixed bug where the attribute was not being properly evaluated when using the*in the middle of the attribute namecore/evaluators: Enhance result message to use JSON encoded string instead of Python string
terraform_plan/attribute: Support "*" resource type
- New condition type:
NotContains - New feature to use variables within Tirith policies
terraform_plan/referenced_by: Fixed bug wherereferenced_bywas not accounting references in another modulesterraform_plan/referenced_by: Now outputs the result per resource instead of a single boolean
terraform_plan/provider_config: Properly handle the case where the region is not defined in the provider configjson/get_value: Properly handle the case where the keypath is not found
- Bump pydash from 5.1.0 to 6.0.0
terraform_plan: Addterraform_versionoperation type to get the terraform version from the plan fileterraform_plan: Addprovider_configoperation type to get the provider config from the plan file, like checking for theregionin theawsprovider, and the version of the provider
evaluator/RegexMatch: Change the method to check regex match tore.searchinstead ofre.matchto make sure the regex is matched anywhere in the string
terraform_plan/direct_references: Fixed bug wherereferences_toandreferenced_bywere not accounting the no-op resourcesjson/get_value: Fixed bug whereget_valuealways return list of values even if the value is not a list
terraform_plan: Fixed bug where values are not typecasted for regex comparisons.
terraform_plan/direct_dependencies: Fixed bug wherereferences_toandreferenced_bywere still accounting the destroyed resources
- terraform_plan provider - bugfixes
terraform_plan/direct_dependencies: Added optionreferences_toandreferenced_byto make sure whether the resource is referenced by or references to the given resource (e.g.references_to: "aws_security_group")
- Hard set PyYAML requirement to 6.0.1 due to Cython incompatibilities, see https://stackoverflow.com/q/76708329/6156700
- Kubernetes provider
terraform_planprovider:direct_referencesanddirect_dependenciesoperators (891d9b7)
- NotEquals and NotContainedIn evaluators (a7c3a)
- Improve
terraform_planprovider for operatoraction: return error=1 when the resource isn't found (a7c3a3) - Improve
terraform_planprovider: skip if noafterkey is found - Improve error messages in
terraform_planprovider
1.0.0-alpha.1 - 2022-10-04
- Initial realease of Tirith (StackGuardian Policy Framework)
- Adopted Covenant Code of Conduct
- cli wrapper for calling tirith
Added: for new features.
Changed: for changes in existing functionality.
Deprecated: for soon-to-be removed features.
Removed: for now removed features.
Fixed: for any bug fixes.
Security: in case of vulnerabilities.