feat(terraform)!: upgrade required_version floor from 1.9.8 to 1.12.0#487
Conversation
Bump the project-wide Terraform required_version constraint from ">= 1.9.8, < 2.0" to ">= 1.12.0, < 2.0" across all versions.tf files and test setup files. Normalize 6 previously inconsistent files using "< 2.0.0" to the canonical "< 2.0" suffix. Pin CI runners (GitHub Actions and Azure DevOps) to Terraform 1.12.2. Update manually-authored documentation, the copilot terraform bead, blueprint and component READMEs, scenario prerequisites, and developer guides to reflect the new floor. Regenerate terraform-docs across src/, blueprints/, ci/, and deploy/azdo/. BREAKING CHANGE: Operators must upgrade their local Terraform CLI to >= 1.12.0 before running any terraform command in this repository. Closes #484
📚 Documentation Health ReportGenerated on: 2026-05-07 12:06:01 UTC 📈 Documentation Statistics
🏗️ Three-Tree Architecture Status
🔍 Quality Metrics
This report is automatically generated by the Documentation Automation workflow. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #487 +/- ##
=======================================
Coverage 32.41% 32.41%
=======================================
Files 40 40
Lines 5902 5902
=======================================
Hits 1913 1913
Misses 3989 3989
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
…d requirements - standardize table formatting across multiple module README files - ensure Terraform version requirements are clearly stated - improve clarity in input and output sections 🔧 - Generated by Copilot
📚 Documentation Health ReportGenerated on: 2026-05-07 12:46:36 UTC 📈 Documentation Statistics
🏗️ Three-Tree Architecture Status
🔍 Quality Metrics
This report is automatically generated by the Documentation Automation workflow. |
📚 Documentation Health ReportGenerated on: 2026-05-07 13:56:23 UTC 📈 Documentation Statistics
🏗️ Three-Tree Architecture Status
🔍 Quality Metrics
This report is automatically generated by the Documentation Automation workflow. |
bindsi
left a comment
bindsi
left a comment
There was a problem hiding this comment.
✅ Approved
Clean, well-scoped breaking change. Audited all 307 files: 306 are pure mechanical 1.9.8 → 1.12.0 bumps (or column-width reflows in regenerated terraform-docs tables), and the lone structural diff in src/100-edge/100-cncf-cluster/ci/terraform/README.md is a beneficial normalization away from a JSON-encoded outlier into the standard markdown layout used by every sibling README. CI runner pins to 1.12.2 are consistent across all four workflow files. Title feat(terraform)!: will surface a proper BREAKING CHANGE in release-please. Devcontainer uses the unpinned ghcr.io/devcontainers/features/terraform:1 feature, so no follow-up pin to chase there.
The tests/setup/main.tf additions beyond issue #484's enumerated 163 files are correct — leaving those at 1.9.8 would have created an inconsistent floor.
NITs (non-blocking, future-PR material)
- nit (tooling): The author noted
npm run tf-docsdoesn't coverci/terraform/ordeploy/azdo/modules/and required manualterraform-docsinvocations. Worth a follow-up issue to widen the npm script glob (or add a doc-freshness CI check) so those paths can't drift again — the cncf-clusterci/terraform/README.mdoutlier in this PR is exactly the kind of thing the gap allows. - nit (PR description): Consider adding a single line to "Implementation Details" calling out the cncf-cluster
ci/terraform/README.mdstructural normalization (−152 / +46) so future archaeologists scanning this diff don't have to wonder why one file is much larger than the others. - nit (release notes): When this lands, a one-liner in the next release summary stating "minimum local Terraform CLI is now
>= 1.12.0" will help operators who don't read every commit subject.
Nothing here blocks merge — ship it once pr-validation is green on the new 1.12.2 pin.
|
I filed issue #495 to track the feedback ... |
📚 Documentation Health ReportGenerated on: 2026-05-08 23:49:51 UTC 📈 Documentation Statistics
🏗️ Three-Tree Architecture Status
🔍 Quality Metrics
This report is automatically generated by the Documentation Automation workflow. |
📚 Documentation Health ReportGenerated on: 2026-05-11 18:32:06 UTC 📈 Documentation Statistics
🏗️ Three-Tree Architecture Status
🔍 Quality Metrics
This report is automatically generated by the Documentation Automation workflow. |
📚 Documentation Health ReportGenerated on: 2026-05-12 07:01:06 UTC 📈 Documentation Statistics
🏗️ Three-Tree Architecture Status
🔍 Quality Metrics
This report is automatically generated by the Documentation Automation workflow. |
📚 Documentation Health ReportGenerated on: 2026-05-12 07:12:45 UTC 📈 Documentation Statistics
🏗️ Three-Tree Architecture Status
🔍 Quality Metrics
This report is automatically generated by the Documentation Automation workflow. |
📚 Documentation Health ReportGenerated on: 2026-05-12 09:06:17 UTC 📈 Documentation Statistics
🏗️ Three-Tree Architecture Status
🔍 Quality Metrics
This report is automatically generated by the Documentation Automation workflow. |
4 participants
Description
This PR bumps the project-wide Terraform
required_versionconstraint from">= 1.9.8, < 2.0"to">= 1.12.0, < 2.0"across all components, blueprints, and deployment modules. Six files in the030-dataand031-fabricfamilies previously used the non-standard"< 2.0.0"suffix; these were normalized to the canonical"< 2.0"in the same pass. CI runners for GitHub Actions and Azure DevOps were pinned to Terraform1.12.2. All manually-authored documentation and terraform-docs-generated READMEs were updated to reflect the new floor.Terraform versions.tf
Updated the
required_versionconstraint in all versions.tf files undersrc/,blueprints/,deploy/azdo/, andci/terraform/paths:>= 1.9.8to>= 1.12.0across all 130+ versions.tf files030-dataand031-fabric/032-fabric-rticomponent families from< 2.0.0to the canonical< 2.0upper boundtests/setup/main.tffiles in045-notification,050-networking,051-vm-host,073-vm-host, and100-cncf-cluster— these test harness root modules carry their ownrequired_versionconstraintCI/CD pins
Pinned CI runners to Terraform
1.12.2:.github/workflows/pr-validation.yml:terraform-version: '1.9.8'→'1.12.2'.azdo/templates/terraform-lint-template.yml:TERRAFORM_VERSION="1.9.8"→"1.12.2"Documentation updates
Updated manually-authored prerequisite and developer-guide content:
blueprints/azure-local/README.mdandblueprints/fabric-rti/README.md: prose prerequisite blocks updated from1.9.8to1.12.0docs/contributing/development-environment.md: tightened the weak>= 1.0prerequisite to>= 1.12.0(required an inline fix — the bold-wrapped**Terraform**token was missed by the initial sed pass)docs/getting-started/feature-developer.md: illustrativerequired_versionsnippet updated from">= 1.0"to">= 1.12.0, < 2.0"docs/project-planning/scenarios/(operational-performance-monitoring,predictive-maintenance,yield-process-optimization):Version ≥1.9.8→Version ≥1.12.0src/500-application/505-akri-rest-http-connector/README.mdandsrc/500-application/510-onvif-connector/README.md: manually-authored prerequisite tables updatedcopilot/terraform/terraform.md: illustrativeversions.tfsnippet updated so AI assistant suggestions reflect the current floorterraform-docs regeneration
Regenerated all auto-generated README.md files to reflect the updated version constraint:
npm run tf-docsregenerated**/terraform/README.mdand**/terraform/modules/*/README.mdfiles acrosssrc/andblueprints/terraform-docsinvocations extended coverage toci/terraform/sub-paths anddeploy/azdo/modules/(excluded from the npm script defaults)Related Issue
Closes #484
Type of Change
Implementation Details
Version constraints were updated in two sed passes — one for the standard
">= 1.9.8, < 2.0"pattern (157 files) and one for the non-standard">= 1.9.8, < 2.0.0"pattern in the 6 fabric-related files. CI pin replacements used a targeted sed on the three workflow files. Documentation updates used a combination of sed on scenario prerequisites and direct file edits for the bold-wrapped token in development-environment.md that the initial sed missed.The breaking change is the
required_versionfloor: any operator runningterraform init,terraform plan, orterraform applymust have Terraform CLI>= 1.12.0installed.Testing Performed
npm run tf-validate-allpassed across all components and blueprints.npm run tflint-fix-allran cleanly with no lint issues. Post-implementation grep confirmed zero residual1.9.8references outside.copilot-tracking/and zero< 2.0.0"occurrences in any*.tffile.Validation Steps
Pull the branch and verify the Terraform CLI version with
terraform version— must be>= 1.12.0.Run
npm run tf-validate-all— all components and blueprints should pass.Run
npm run tflint-fix-all— no lint issues.Confirm no stale references remain:
Expected: zero results.
Confirm upper-bound normalization:
Expected: zero results.
Checklist
terraform fmton all Terraform codeterraform validateon all Terraform codeaz bicep formaton all Bicep codeaz bicep buildto validate all Bicep codeSecurity Review
No security-sensitive paths (
SECURITY.md,src/000-cloud/010-security-identity/,deploy/) were modified with functional changes — onlyrequired_versionstring replacements and regenerated documentation.Additional Notes
This is a breaking change for any operator running Terraform commands locally. Operators must upgrade their local Terraform CLI to
>= 1.12.0before runningterraform init,terraform plan, orterraform applyagainst any component or blueprint in this repository.Three deviations from the implementation plan are all intentional and benign:
tests/setup/main.tffiles updated beyond original plan scope — required for correctness.azdo/templates/terraform-lint-template.ymlupdated in addition to the originally enumerated AzDO filesci/terraform/anddeploy/azdo/paths not covered by the defaultnpm run tf-docsscriptScreenshots (if applicable)
N/A — version constraint string replacements only; no visual output changes.