Leverage

Changes

🚀 Features

- [36] Automatically enter code when aws sso login Franr (188)
- The SSO login code no longer needs to be copied over to the browser, now Leverage does it for the user, simplifying the authentication process.
- [196] SSO login: fallback link Franr (203)
- In case the browser launch were to fail during the SSO authentication process, Leverage prints the login URL so the user can have a backup option.
- [196] SSO login: feedback Franr (204)
- Small clarification over the message printed for the backup SSO login URL.
- 191 Feature | Leverage created files ownership Franr (195)
- Previously all files generated within the Leverage container retained the `root` ownership. This created issues when users wanted to use plain Terraform or other tools that made use of these files. From now on, all files are made to be owned by the user, giving more flexibility to work with them.
- [205] Push pre-releases builds to the official pypi Franr (206)
- Pre-release verions are no longer pushed to the Test PyPI index but rather PyPI's, making them more easily available.
- [192] Code format \& style w/ Black Franr (194)
- Black is adopted as code formatter and style is enforced across the codebase.
- renaming github workflows files and the actions names in order to be … exequielrafaela (198)
- Github workflows renaming for clarity.

🐛 Bug Fixes

- fix super-class initialization Franr (201)
- Fix initialization for ExitError class

Changes

🚀 Features

- Add SSO layer to provision the landing zone with that by default diego-ojeda-binbash (184)
- When creating a new project, instead of rendering identities layers to use IAM as default authentication, now SSO layer is rendered as default.
- Terraform provider cache support Franr (181)
- Now Leverage can make use of Terraform caching capabilities. Ideal for less than ideal internet connections.
- `kubectl` command wrapper Franr (172)
- kube configs automatically generated (`leverage kubectl configure`)
- `kubectl`commands can now be executed natively via Leverage. Great for working with EKS clusters.
- **doc:** https://leverage.binbash.com.ar/user-guide/leverage-cli/reference/kubectl/
- ISSUE-168-167 Improving messages juanmatias (169)
- More explicit messages for Terraform related errors.

🐛 Bug Fixes

- Fix/build workflow tag sort fixed juanmatias (186)
- Packaging workflow fixes.
- Fixed order to get last tag juanmatias (185)
- Packaging workflow fixes.
- [126] kubectl: remove unnecessary shenanigans for MFA Franr (183)
- MFA credentials for kubectl commands are now handled correctly
- The package is missing the containers module Franr (180)
- Packaging fix.
- ISSUE-173 Changed way to add `.ssh` dir to get rid of bad owner permissions juanmatias (174)
- Now ssh config files get the correct permissions in the container.

📝 Documentation

- Doc | Adding CODE-OF-CONDUCT.md and CONTRIBUTING.md exequielrafaela (170)

Changes

🚀 Features

- [Snyk] Security upgrade wheel from 0.37.1 to 0.38.0 binbashdevops (150)
- Recommended update by Snyk.
- ISSUE-153 added Dod-CCP reference to PR template juanmatias (154)
- This is a checklist to be filled during PRs, aimed to cover most of the change implications.

🐛 Bug Fixes

- ISSUE-163 Removed s3-key-by-parameter on init juanmatias (164)
- This is a fix for https://github.com/binbashar/leverage/issues/163
- When initializing multiple layers using `--layers` option, the given key is wrong.
- E.g. using `--layers layer1,layer2` will check both layers, but the S3 Key in memory will remain the last one, so layer1 will be initialized with the key for layer2.

Changes

🐛 Bug Fixes

- Set python version in setup-python action of release workflow juanmatias (155)

Changes

🚀 Features

- ISSUE-123 All Layers feature juanmatias (151)
- previously Leverage CLI supported Terraform commands like this `leverage terraform plan`
- this command has to be run from inside a layer, thus it has to be run once per layer
- now it supports running from an account directory or a directory containing layers specifying the layers to apply the command to
- e.g. `leverage terraform plan --layers us-east-1/terraform-backend,global/security-audit`
- this command will apply `plan` to the layers listed in the parameter value
- the command will be applied in order (i.e. the same order the layers were set in the value)
- `--layers` is a comma-separated list of layer's relative paths
- additional parameters and flags can still be passed, e.g. `leverage terraform plan --layers us-east-1/terraform-backend,global/security-audit -out=outputfile`
- ISSUE-141 S3 Terraform backend keys juanmatias (149)
- multi-region support
- The S3 Backend keys now support region.
- Previously they were like this: `account-name/layer-name/terraform.tfstate`
- Now they accept region: `account-name/[(region|"global")]/layer-name/terraform.tfstate`
- This allows deploying a feature (layer) to multiple regions, e.g. `shared/us-east-1/k8s-eks` and `shared/us-west-1/k8s-eks`
- autogenerateion
- for a layer, if there is an S3 backend block in `config.tf` but no key is set, then Leverage CLI will try to generate a key and store it in the file
- ISSUE-146 documented new build.env format juanmatias (147)
- With Leverage CLI >=1.8.0 the `build.env` format has changed, in this issue this change was documented.
- ISSUE-135 Added basic RefArch tests juanmatias (136)
- ISSUE-139 Set specific toolbox version instead of latest juanmatias (140)
- `build.env` stores the Toolbox version. This was changed from `<terraform-version>-latest` to `<terraform-version>-<image-version>`
- this is to avoid pulling changes incompatible with the current Leverage CLI.
- Leverage CLI TFautomv command added
- this tool was added in order to make it easy creating `move` Terraform blocks for migrations
- note for using this feature you have to use Leverage Toolbox version `binbash/leverage-toolbox:1.2.7-0.1.0` or `binbash/leverage-toolbox:1.3.5-0.0.1`
- e.g. `leverage tfautomv run --show-analysis --dry-run`
- ISSUE-130 Enhancement | Refactor CLI SSO workflow to favor the reuse of the access token (130)

Changes

🚀 Features

- Feature | Job to test Leverage CLI against Ref Arch (II) juanmatias (133)
- Leverage CLI is tested against the Refarch to ensure integration
- ISSUE-113 updated toolbox image name and version juanmatias (124)
- a new [image](https://hub.docker.com/r/binbash/leverage-toolbox) is used as the Toolbox backend for Leverage CLI

🐛 Bug Fixes

- HOTFIX sso expiration time calculation fixed juanmatias (132)
- Fixed the way to calculate the sso token expiration time
- ISSUE-111 added option for bootstrap credentials juanmatias (127)
- When bootstrapping the infra, Leverage uses bootstrap credentials, this fix adds this scenario to the internal checks
- ISSUE-128 Pulling image step wrapped in a try-except block juanmatias (129)
- Pulling toolbox-image step is wrapped in a try block to catch the error when the image is not found