Releases: appvia/terraform-azurerm-wayfinder
v2.6.4-tf.1
Release v2.6.4-tf.1
Upgradeable Versions: v2.5.1-tf.2, v2.5.1-tf.3
Full Wayfinder Changelog: https://docs.appvia.io/wayfinder/releases
Major New Features in v2.6
Private DNS support
This release introduces full support for Private DNS zones on AWS, Azure and GCP. This allows you to extend Wayfinder's auto-provisioning of DNS zones for your clusters and apps to fully-private DNS within your cloud environment.
With this change, a new version of the GlobalDNSZone and DNSZone resources has been introduced (v2beta2) and the existing version (v2beta1) is now deprecated and will be removed in v2.7. Please update any stored GlobalDNSZone or DNSZone resources in your repositories to the new API version after upgrading.
Improvements to wf apply & wf diff commands
The validation performed by Wayfinder has been improved to return warnings for missing dependencies, allowing wf apply and wf diff to intelligently reorder multiple resources as required so they apply successfully.
App environment variables
This release introduces variables on application environments. This allows container and cloud app components to use variables which vary across your environments.
Peering improvements
Validation and required fields have been improved on peering rules, and the error handling on the resulting peerings has been improved to better identify issues with peering set-up.
Changelog
Wayfinder changes:
- A full list of the Wayfinder changelog is available here: https://docs.appvia.io/wayfinder/releases
Terraform Infrastructure changes:
- Update AKS cluster version to v1.28
v2.5.1-tf.3
Release v2.5.1-tf.3
Upgradeable Versions: v2.5.1-tf.1, v2.5.1-tf.2
Full Wayfinder Changelog: https://docs.appvia.io/wayfinder/releases
Changelog
Wayfinder changes:
- 🐛 Correct the name of the CostsEstimates feature when setting up the relevant cloud access role for Wayfinder
Terraform Infrastructure changes:
- None
Required Actions
There are no required actions for this release when upgrading from one of the listed upgradeable versions.
v2.5.1-tf.2
Release v2.5.1-tf.2
Upgradeable Versions: v2.5.1-tf.1
Full Wayfinder Changelog: https://docs.appvia.io/wayfinder/releases
Changelog
Wayfinder changes:
- None
Terraform Infrastructure changes:
- Bump the Cluster Nodepool version to v1.27 to match the AKS version
Required Actions
There are no required actions for this release when upgrading from one of the listed upgradeable versions.
v2.5.1-tf.1
Release v2.5.1-tf.1
Upgradeable Versions: v2.4.6-tf.1
Full Wayfinder Changelog: https://docs.appvia.io/wayfinder/releases
Major New Features in v2.5
New UI navigation structure
This release introduces new, clearer navigation to the UI. Clusters can now be found in both workspace and administrative sections, allowing workspace members to see their own clusters.
Changelog
Wayfinder changes:
- [WF-3838] ✨ Support for 'user defined routing' outbound type on Azure AKS clusters
- [WF-3929] ✨ Add estimated cost for control plane cost for Azure 'paid' SKU clusters
- [WF-3855 / WF-3856] ✨ Provide a set of environment variables to deployed apps describing the runtime environment provided by Wayfinder
- [WF-3890] ✨ Allow AppEnvs to specify a reference to a CloudAccessConfig (needed where more than one cloud access configuration is provided to a workspace for a given stage)
- [WF-3540] ✨ Narrow the permissions required for GCP roles
- [WF-3947] ✨ Remove support for legacy auth proxy (this was replaced by our new kube proxy component in v2.4)
- [WF-3896] ✨ Add validation to Peering resources if directly applied
- [WF-3970] ✨ Improve validation of cloudaccessconfig types
- [WF-3943] 🐛 UI - Show dependency errors consistently on delete
- [WF-3945] 🐛 Ensure app components are successfully deleted if their owning app is deleted
- [WF-3949] 🐛 Ensure workspace owners can delete their own workspaces
Terraform Infrastructure changes:
- Bump the AKS Cluster version to v1.27
Required Actions
There are no required actions for this release when upgrading from one of the listed upgradeable versions.
v2.4.6-tf.1
Major New Features in v2.4
Cross-cloud Web Identity support
- With credential-free access to AWS, Azure and GCP, you can now use Wayfinder's web identity to authenticate Wayfinder into your entire cloud estate, regardless of the cloud in which Wayfinder is hosted (installed)
- Benefits of credential-free access:
- When hosted in AWS use an AWS IAM role for Service Account (IRSA) identity to give Wayfinder access to AWS accounts, Azure subscriptions and GCP projects.
- When hosted in Azure use Entra (formerly Azure AD) Workload Identity to give Wayfinder access to Azure subscriptions, AWS accounts and GCP projects
- When hosted in GCP use GCP Workload Identity to give Wayfinder access to GCP projects, AWS accounts and Azure subscriptions
- Complete overhaul of UI to guide and validate the configuration of cloud access and generate the YAML for your CI process
- New, simplified version of the CloudIdentity and CloudAccessConfig resources to make the configuration clearer and more readable
New Kubernetes API proxy for managed clusters
- Provides a consistent API to access clusters managed by Wayfinder without needing direct network connectivity
- Allows full access to API of managed clusters via UI, subject to your configured access policies:
- UI now uses same RBAC as wf access cluster - request access to clusters as you need them right from UI, subject to the same policies that govern all cluster access
- Much improved pod log support with dynamic filtering and following
- Shell support to exec into pods for debugging, provided user has an access policy permitting this
- Full TLS verification when accessing clusters via kubectl
- Removes need for an authentication load balancer for each cluster, reducing cluster costs
- Provides same IP address filtering as existing auth proxy
- As all access is made via Wayfinder's API, cluster access is audited as per all other Wayfinder operations
- Existing auth proxy deprecated and disabled by default in new installs, support for it for existing installs will be removed in an upcoming release
New troubleshooting section
- Provides access to Wayfinder's own controller, API, kube proxy and webhook logs from UI
- Tail and filter logs to debug isuses with your configuration
IMPORTANT: Required Actions
- The Wayfinder Instance ID is now a required variable which must be supplied to the module. This is provided to you by Appvia with the licence key. You can find out what your instance ID is by running
wf serverinfo, or alternatively contact Appvia Support. The Terraform variable to set iswayfinder_instance_id.
Full Wayfinder Changelog: https://docs.appvia.io/wayfinder/releases
v2.2.1-tf.1
What's Changed
- initial commit by @KashifSaadat in #1
New Contributors
- @KashifSaadat made their first contribution in #1
Full Changelog: https://github.com/appvia/terraform-azure-wayfinder/commits/v2.2.1-tf.1
