feat(installer): Allow installer to download any version (#2251)

enhance: add support for GHE setups that use a client certificate

enhance: isolate project config so single failure doesn't error all projects (#2268)

• enhance: isolate project config so single failure doesn't error all projects

• enhance: simplify error reporting when there is one error and one project

fix(azure): price lookup for API Management

refactor: ignore sensitive vars from warnings (#2271)

Removes sensitive variables from warnings output. Variables are omitted if they are:

• marked as sensitive
• contain a substring from a predetermined list of strings

enhance: retry tf variable loading (#2272)

• enhance: retry tf variable loading

• enhance: use a 30s timeout for tf var download

fix: don't query resources twice if past resources are the same as current resources

Feat: (AWS) Adds support for ARM architectures (#2269)

• Feat: (AWS) Adds support for ARM architectures

• Updated golden usage files

• Updated cmd golden files

• Update usage without AWS_PROFILE set

fix(azure): fix SQL server cost component lookup (#2275)

chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 (#2276)

Bumps github.com/aws/aws-sdk-go-v2/service/ec2 from 1.74.1 to 1.84.0.

• Release notes
• Changelog
• Commits

updated-dependencies:

• dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2 dependency-type: direct:production update-type: version-update:semver-minor ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 (#2264)

Bumps github.com/aws/aws-sdk-go-v2/service/s3 from 1.29.5 to 1.30.1.

• Release notes
• Changelog
• Commits

updated-dependencies:

• dependency-name: github.com/aws/aws-sdk-go-v2/service/s3 dependency-type: direct:production update-type: version-update:semver-minor ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

chore(deps): bump github.com/aws/aws-sdk-go-v2/service/eks (#2259)

Bumps github.com/aws/aws-sdk-go-v2/service/eks from 1.22.1 to 1.27.0.

• Release notes
• Changelog
• Commits

updated-dependencies:

• dependency-name: github.com/aws/aws-sdk-go-v2/service/eks dependency-type: direct:production update-type: version-update:semver-minor ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

chore(deps): bump golang.org/x/text from 0.4.0 to 0.6.0 (#2262)

Bumps golang.org/x/text from 0.4.0 to 0.6.0.

• Release notes
• Commits

updated-dependencies:

• dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

chore(deps): bump github.com/go-git/go-billy/v5 from 5.3.1 to 5.4.0 (#2200)

Bumps github.com/go-git/go-billy/v5 from 5.3.1 to 5.4.0.

• Release notes
• Commits

updated-dependencies:

• dependency-name: github.com/go-git/go-billy/v5 dependency-type: direct:production update-type: version-update:semver-minor ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

fix: propogate diff baseline errors (#2274)

• test: expand diff with error test cases

• fix: exclude projects from diff if baseline has errors

enhance: add backoff and retry to pricing API requests (#2248)

• enhance: use retryable http client for pricing API lookups

• fix: ensure retryable client doesn't log to stderr by default

fix(azure): fix Application Gateway v2 costs (#2278)

• Capacity units are priced hourly not monthly
• For v2 Capacity units shouldn't affect the fixed costs

chore: remove concurrent hcl runner when using terraform dir (#2211)

Removes logic concurrently running hcl provider when legacy terraform cli provider is selected.

feat: support absolute filepaths for terraform var files (#2279)

This change enables users to pass absolute paths to the --terraform-var-file flag. This allows for greater composability of projects, and helps users who have a top level global var file directory.

feat(aws): add support for ap-southeast-4 (#2280)

@abhinav do you know if this is how it works across the sdks? This code seems to indicate a provider safety switch: https://github.com/pulumi/pulumi/blob/master/sdk/nodejs/resource.ts#L342, this also doesn't seem to have custom qualifier: https://github.com/pulumi/pulumi/blob/master/sdk/go/pulumi/context.go#L838. I could be reading these wrong also. So let me know.

Fix: Moving yaml_decode, and using it in ConfigGroup as well (#2317)

• Fix: Moving yaml_decode, and using it in ConfigGroup as well, Fixes #2309

• Chore: Updating changelog

Merge branch 'master' into rshade/dependabot-updates

fix: updating gke version and tests

@lblackstone @squaremo Any ideas? Do I need to update those tests? I wouldn't think those libraries would cause these test failures.

make test_all throws this:

Diagnostics:
  pulumi:pulumi:Stack (crd-tests-p-it-laptop-8f1-step1-e0b22528):
    error: update failed

  kubernetes:apiextensions.k8s.io/v1beta1:CustomResourceDefinition (foobar):
    warning: apiVersion "apiextensions.k8s.io/v1beta1/CustomResourceDefinition" was removed in Kubernetes 1.22. Use "apiextensions.k8s.io/v1/CustomResourceDefinition" instead.
    error: resource foobars.stable.example.com was not successfully created by the Kubernetes API server : apiVersion "apiextensions.k8s.io/v1beta1/CustomResourceDefinition" was removed in Kubernetes 1.22. Use "apiextensions.k8s.io/v1/CustomResourceDefinition" instead.

  kubernetes:stable.example.com/v1:FooBar (my-new-foobar-object):
    error: creation of resource test-namespace-f5656273/my-new-foobar-object failed because the Kubernetes API server reported that the apiVersion for this resource does not exist. Verify that any required CRDs have been created: no matches for kind "FooBar" in version "stable.example.com/v1"```
                                

I am not sure why this would cause the following dotnet issue?

Diagnostics:
  pulumi:pulumi:Stack (basic_dotnet_kubernetes-p-it-fv-az412-3-basic-621902f1):
    error: update failed

  kubernetes:apiextensions.k8s.io/v1beta1:CustomResourceDefinition (crd):
    warning: apiextensions.k8s.io/v1beta1/CustomResourceDefinition is deprecated by apiextensions.k8s.io/v1/CustomResourceDefinition and not supported by Kubernetes v1.22+ clusters.
    error: resource crontabs.stable.example.com was not successfully created by the Kubernetes API server : customresourcedefinitions.apiextensions.k8s.io "crontabs.stable.example.com" already exists
    ```
                                

Proposed changes

Dependabot Updates combined into one testable PR.

Related issues (optional)

Chore: Merging dependabots

What happened?

Code:

rbac_yaml = files(".traefik").joinpath("traefik-rbac.yaml").read_text()
  crd_yaml = files(".traefik").joinpath("traefik-crd.yaml").read_text()

  self.traefik_k8s_setup = ConfigGroup(
      "traefik-config-files",
      yaml=[rbac_yaml, crd_yaml],
      opts=ResourceOptions.merge(parent_opts, ResourceOptions(depends_on=[self.namespace]))
  )

Error:

ConfigGroup(
      File "/Users/rshade//examples/standard-cluster/with-cni-custom-networking/venv/lib/python3.8/site-packages/pulumi_kubernetes/yaml/yaml.py", line 196, in __init__
        __ret__ = pulumi.runtime.invoke('kubernetes:yaml:decode', {'text': text}, invoke_opts).value['result']
    TypeError: 'NoneType' object is not subscriptable

Expected Behavior

Error not to be thrown.

Steps to reproduce

Working on an isolated repro

Output of pulumi about

pulumi_kubernetes 3.23.1

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

Fix: Moving yaml_decode, and using it in ConfigGroup as well (#2317)

• Fix: Moving yaml_decode, and using it in ConfigGroup as well, Fixes #2309

• Chore: Updating changelog

Proposed changes

This moves the fix from: #2156 into ConfigGroup as well. It moves invoke_yaml_decode out of ConfigFile and reuses it in both places.

Related issues (optional)

Fix https://github.com/pulumi/pulumi-kubernetes/issues/2309

Bump helm.sh/helm/v3 from 3.11.0 to 3.11.1 in /provider (#2306)

Bumps helm.sh/helm/v3 from 3.11.0 to 3.11.1.

• Release notes
• Commits

updated-dependencies:

• dependency-name: helm.sh/helm/v3 dependency-type: direct:production ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps helm.sh/helm/v3 from 3.11.0 to 3.11.1.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bump helm.sh/helm/v3 from 3.11.0 to 3.11.1 in /tests (#2307)

Bumps helm.sh/helm/v3 from 3.11.0 to 3.11.1.

• Release notes
• Commits

updated-dependencies:

• dependency-name: helm.sh/helm/v3 dependency-type: direct:production ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps helm.sh/helm/v3 from 3.11.0 to 3.11.1.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bump github.com/containerd/containerd from 1.6.15 to 1.6.18 in /provider (#2314)

Bumps github.com/containerd/containerd from 1.6.15 to 1.6.18.

• Release notes
• Changelog
• Commits

updated-dependencies:

• dependency-name: github.com/containerd/containerd dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps github.com/containerd/containerd from 1.6.15 to 1.6.18.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Chore: Updating changelog

Proposed changes

This moves the fix from: #2156 into ConfigGroup as well. It moves invoke_yaml_decode out of ConfigFile and reuses it in both places.

Related issues (optional)

Fix: Moving yaml_decode, and using it in ConfigGroup as well, Fixes #2309

What happened?

ConfigGroup( File "/Users/rshade//examples/standard-cluster/with-cni-custom-networking/venv/lib/python3.8/site-packages/pulumi_kubernetes/yaml/yaml.py", line 196, in init ret = pulumi.runtime.invoke('kubernetes:yaml:decode', {'text': text}, invoke_opts).value['result'] TypeError: 'NoneType' object is not subscriptable

Expected Behavior

Error not to be thrown.

Steps to reproduce

Working on an isolated repro

Output of pulumi about

pulumi_kubernetes 3.23.1

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

Apply suggestions from code review

Co-authored-by: Sara 100384099+SaraDPH@users.noreply.github.com