v7.0.0

fix: Scope plan storage AWS credentials to prevent Atmos auth interference Dan Miller (@milldr) (#93)

## What

Use output-credentials: true mode for plan storage credential configuration and pass credentials explicitly via step-level env: vars to the plan storage steps.

Why

When using Atmos auth for Terraform operations (instead of the terraform-apply-role setting), the AWS credentials configured for plan storage (S3/DynamoDB access) were persisting in environment variables and taking precedence over Atmos' authentication mechanism.

This caused authentication failures when:

1. terraform-apply-role was not configured in gitops settings
2. Atmos auth was expected to handle role assumption for the target account
3. Plan storage credentials remained in AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN

Changes

• Add output-credentials: true to plan storage credential configuration step
• Add step id plan-storage-credentials for referencing credential outputs
• Pass AWS credentials explicitly via env: to "Retrieve Plan" and "Retrieve Lockfile" steps
• Rename second credential configuration step to "Configure Apply AWS Credentials" for clarity

Update readme with plan-diff notes Igor Rodionov (@goruha) (#92)

## what * Update readme with plan-diff notes

why

• Document plan-diff mode behaviour and non-deterministic plan diff limitations

references

• https://linear.app/cloudposse/issue/DEV-3762/add-skip-plandiff-option-improve-plan-diff-reliability

Add conditional for Atmos installation step PePe Amengual (@jamengual) (#90)

This pull request makes a small update to the workflow configuration in `action.yml`. The change adds a conditional check to only install Atmos if the `atmos-version` input is provided.

🚀 Enhancements

fix: correct README.yaml indentation and test atmos configs Dan Miller (@milldr) (#96)

## What - Fix README.yaml blockquote indentation that caused YAML parsing errors - Fix test atmos.yaml base_path by removing `./` prefix

Why

• README.yaml had improperly indented blockquote continuation lines causing the release workflow to fail
• Test atmos configs had ./tests/... instead of tests/... which caused test failures

References

• Similar fix in plan action: cloudposse/github-action-atmos-terraform-plan#124
• Failed release: https://github.com/cloudposse/github-action-atmos-terraform-apply/actions/runs/20174357833

v6.0.0

Add skip-plandiff option and fix workspace variable usage PePe Amengual (@jamengual) (#89)

This pull request adds support for skipping plan diff validation in the `action.yml` workflow, allowing users to bypass plan preparation and diff validation steps if desired. It also refactors how plan files are selected and referenced throughout the workflow, and standardizes the use of `${GITHUB_WORKSPACE}` for file paths. These changes improve flexibility and maintainability of the workflow.

Plan Diff Skipping and Conditional Logic

• Added a new input skip-plandiff to action.yml to allow skipping plan diff validation, with corresponding conditional logic throughout the workflow to support this behavior. [1] [2]
• Introduced a new step Determine Plan File to select the appropriate plan file and filename based on whether plan diff is skipped or not, and updated downstream steps to use this output. [1] [2] [3]

File Path Standardization

• Replaced usages of ${{ github.workspace }} with ${GITHUB_WORKSPACE} for all file output and manipulation operations, ensuring consistency and reliability in file path references. [1] [2] [3] [4] [5]

Workflow Improvements

• Updated conditional logic for Infracost-related steps and Terraform apply to account for the new skip-plandiff input, ensuring correct execution flow when plan diff is skipped. [1] [2]
• Added logic to conditionally set the --skip-init flag for Terraform apply, depending on whether plan diff was run.

Minor Enhancements

• Added a conditional to the Atmos installation step so it only runs when a version is specified.

v5.3.0

feat: `identity` Input for Atmos Auth Dan Miller (@milldr) (#88)

## what - Add support for Atmos auth identity in Terraform command

why

• We want to specify an Atmos Auth identity to run terraform

references

• https://atmos.tools/cli/commands/auth/usage/
• cloudposse/github-action-atmos-terraform-plan#119

v5.2.0

Fix plan diff summary with `/` in the component name Igor Rodionov (@goruha) (#85)

## what * Fix plan diff summary with / in the component name

v5.1.0

Remove affected-components.json from .gitignore Igor Rodionov (@goruha) (#84)

## what * Add `.atmos` to `.gitignore`

why

• Fix readme generation that adds all new generated files to readme PR

Name of the renewed planfile is passed to plan command - based on (#80) Igor Rodionov (@goruha) (#83)

## what

The name of the planfile is passed to the Atmos Terraform plan to avoid errors in file naming.

why

If the component name contains a slash (e.g., eks/app), atmos terraform plan creates a file named plat-ue1-dev-eks-app.planfile (at least for me with atmos = 1.187.0).

This action attempts to copy the file plat-ue1-dev-eks_app.planfile. This happens because of https://github.com/cloudposse/github-action-atmos-terraform-apply/blob/99b9b1eda20d0d77be6e4f18e1c67d0790104278/action.yml#L238

This is probably what causes my error after updating to v5.

cp: cannot stat '/home/runner/_work/***/***/deploy/atmos/components/terraform/eks/app/plat-ue1-dev-eks_app.planfile': No such file or directory

To correct this error and avoid similar ones in the future, I would suggest specifying the expected name of the planfile directly.

references

--skip-planfile behaviour

Thanks Kiprin Sergei (@angst-storm)

v5.0.0

Support plan-diff Igor Rodionov (@goruha) (#77)

## what * Use [`atmos terraform plan-diff`](https://atmos.tools/cli/commands/terraform/plan-diff) to ensure stored plan is actual * Added tests for - Basic apply usage - Apply with storage disabled - Apply with atmos pro - Apply when plan-diff has changes - Apply when plan generation fail * Updated README with migration plan for new `v5` action * Added Github Action summaries for cases `plan-diff` found changes and `plan` generation failed * Updated terraform-docs to `v0.20.0`

why

• Guarantee that the plan we saw on GitOps plan stage would be the same one we apply.
• Improve test coverage to be confident in GHA behaviour
• Provide documentation to users about the changes
• Provide a nice feedback message in the GitHub UI for the action
• Get the latest bug fixes

v4.2.0

feat: Optionally Disable Plan Storage Dan Miller (@milldr) (#74)

## what - Add plan storage option for storing Terraform plan files

why

• We want to optionally disable plan storage. Without plan storage, Terraform will need to be planned on the apply step as well

references

• cloudposse/github-action-atmos-terraform-plan#107

🤖 Automatic Updates

Replace Makefile with atmos.yaml Erik Osterman (Cloud Posse) (@osterman) (#73)

## what - Remove `Makefile` - Add `atmos.yaml`

why

• Replace build-harness with atmos for readme genration

References

• DEV-3229 Migrate from build-harness to atmos

v4.1.0

feat: Atmos Pro Support Dan Miller (@milldr) (#72)

## what - Run actions on `pro.enabled`

why

• Support components for atmos pro

references

• cloudposse/github-action-atmos-terraform-plan#101

v4.0.0

Disable process functions Igor Rodionov (@goruha) (#70)

## Breaking Change! * Requires `atmos >= 1.158.0`. Will fail on older version

what

• Disable process functions for cloudposse/github-action-atmos-get-setting

why

• process-functions requires terraform. Which we install after fetching the version
• process-functions can cause an issue where cached terraform versions conflict with the version we want to install
• atmos < 1.158.0 not not support flag --process-functions

v3.3.0

Suppress warnings on terraform outputs Igor Rodionov (@goruha) (#69)

## what * Suppress warnings on terraform outputs

why

• Warnings from Terraform about deprecation raised on terraform outputs that break output json structure