{ "id": "edge.24-10-15", "name": "edge.24-10-15", "summary": "Introduces the Panfactum provider to greatly simplify module development, upgrades to OpenTofu v1.8, adds CDN capabilities with CloudFront integration, and significantly improves DNS and ingress routing configuration.", "skip": false, "highlights": [ "New [Panfactum provider](https://registry.terraform.io/providers/Panfactum/pf/latest) eliminates boilerplate in first-party modules", "OpenTofu upgraded to v1.8 — variables now supported in module `source` fields", "New [`kube_aws_cdn`](/docs/edge/reference/infrastructure-modules/submodule/kubernetes/kube_aws_cdn) and [`aws_cdn`](/docs/edge/reference/infrastructure-modules/submodule/aws/aws_cdn) modules for CloudFront CDN", "[`kube_ingress`](/docs/edge/reference/infrastructure-modules/submodule/kubernetes/kube_ingress) `domains` moved to top-level and `rewrite_rules` replaced with `redirect_rules`" ], "changes": [ { "id": "cc402201-1176-4e2d-846c-38d676bad8fc", "type": "breaking_change", "summary": "This release integrates the new Panfactum provider and upgrades OpenTofu to v1.8. The templating system and `pf-update-iac` have been removed." }, { "id": "35fe0643-569f-4b2f-a008-64b321128a96", "type": "breaking_change", "summary": "[`kube_ingress`](/docs/edge/reference/infrastructure-modules/submodule/kubernetes/kube_ingress) no longer allows `rewrite_rules` on `ingress_configs`. The new top-level `redirect_rules` variable has enhanced capabilities including full URL pattern matching", "impacts": [ { "type": "iac-module", "component": "kube_ingress", "summary": "Replaced rewrite_rules with top-level redirect_rules variable" } ] }, { "id": "f4eea8f0-7f04-465e-8533-5a540bce980d", "type": "breaking_change", "summary": "[`kube_ingress`](/docs/edge/reference/infrastructure-modules/submodule/kubernetes/kube_ingress) `domains` is now a top-level variable rather than being specified on individual `ingress_configs`.", "impacts": [ { "type": "iac-module", "component": "kube_ingress", "summary": "Moved domains from ingress_configs to top-level variable" } ] }, { "id": "fecb2038-8ab8-40e0-9743-e449fa55c325", "type": "addition", "summary": "New module [`kube_aws_cdn`](/docs/edge/reference/infrastructure-modules/submodule/kubernetes/kube_aws_cdn) for setting up a CloudFront distribution in front of Ingress resources. [`kube_ingress`](/docs/edge/reference/infrastructure-modules/submodule/kubernetes/kube_ingress) updated to support CDN settings.", "impacts": [ { "type": "iac-module", "component": "kube_aws_cdn", "summary": "New module for CloudFront CDN in front of Ingress resources" }, { "type": "iac-module", "component": "kube_ingress", "summary": "Updated to support CDN configuration settings" } ] }, { "id": "128fa168-e095-405c-8edc-1165ca630c07", "type": "addition", "summary": "New module [`aws_cdn`](/docs/edge/reference/infrastructure-modules/submodule/aws/aws_cdn) for non-Kubernetes CDN use cases.", "impacts": [ { "type": "iac-module", "component": "aws_cdn", "summary": "New module for non-Kubernetes CloudFront CDN use cases" } ] }, { "id": "2dc29c8e-f4a4-46c9-a095-46d6afc8e897", "type": "addition", "summary": "New module [`aws_dns_zones`](/docs/edge/reference/infrastructure-modules/direct/aws/aws_dns_zones) for creating Route53 zones that have a non-AWS registrar.", "impacts": [ { "type": "iac-module", "component": "aws_dns_zones", "summary": "New module for Route53 zones with non-AWS registrars" } ] }, { "id": "c6fec36a-a4f9-42ad-95e0-f0c23267c968", "type": "addition", "summary": "Adds Cloudflare support in [`kube_external_dns`](/docs/edge/reference/infrastructure-modules/direct/kubernetes/kube_external_dns) and `kube_cert_issuers`.", "impacts": [ { "type": "iac-module", "component": "kube_external_dns", "summary": "Added Cloudflare DNS provider support" }, { "type": "iac-module", "component": "kube_cert_issuers", "summary": "Added Cloudflare DNS challenge support" } ] }, { "id": "e24d3554-6aca-4027-ac27-769f6413fb12", "type": "improvement", "summary": "`tls_1_2_enabled` now defaults to `true` in [`kube_ingress_nginx`](/docs/edge/reference/infrastructure-modules/direct/kubernetes/kube_ingress_nginx) to support CDNs like CloudFront that do not yet support TLSv1.3.", "impacts": [ { "type": "iac-module", "component": "kube_ingress_nginx", "summary": "Default tls_1_2_enabled changed to true for CDN compatibility" } ] }, { "id": "83fd4667-a430-4e3f-8177-dde75dfc5675", "type": "fix", "summary": "The internal logic of [`aws_dns_records`](/docs/edge/reference/infrastructure-modules/direct/aws/aws_dns_records) has been updated so that each record is managed independently, fixing an issue where adding", "impacts": [ { "type": "iac-module", "component": "aws_dns_records", "summary": "Records now managed independently to prevent unnecessary recreation" } ] }, { "id": "c6625e88-9146-4bbb-b8b9-bc6c02407884", "type": "fix", "summary": "`pf-wf-git-checkout` no longer automatically appends `.git` to repo URLs, which is incompatible with some git hosting providers (e.g., Azure DevOps).", "references": [ { "type": "issue-report", "summary": "pf-wf-git-checkout appends .git to repo URLs", "link": "https://github.com/Panfactum/stack/issues/160" } ], "impacts": [ { "type": "devshell", "component": "pf-wf-git-checkout", "summary": "Stopped auto-appending .git to repo URLs" } ] } ], "on_upgrade_path": true, "list_url": "/docs/changelog/edge.json", "llm_txt_url": "/docs/changelog/edge.24-10-15/llm.txt", "next": "/docs/changelog/edge.24-10-18.json", "prev": "/docs/changelog/edge.24-10-09.json" }