This minor release adds alpha drift detection and remediation APIs, new localization and automerge controls, notification improvements, and several provider and execution fixes.
Highlights
- Added alpha drift detection, status, remediation, remediation history, and drift webhook APIs. These APIs are alpha and their request/response behavior may change in future releases. (#6360)
- Added runtime localization support with built-in English and Spanish catalogs plus custom YAML overrides. (#6506)
- Added automerge controls for default merge method and disabling automerge labels. (#6573, #6593)
- Improved GitHub team allowlists to honor team hierarchy. (#6365)
Alpha: Drift detection and remediation APIs
- Added alpha drift detection APIs, drift status API, drift remediation API, and remediation history/result read endpoints. (#6360)
- Added drift webhook notifications, including Slack and HTTP webhook support. (#6360)
- Added
--enable-drift-detectionfor drift detection/status/history behavior. - Added
--enable-drift-remediationfor destructive remediation apply. - Drift APIs require API authentication with
X-Atlantis-Tokenand repository allowlist authorization. - Remediation
action:"apply"requires cached positive drift withhas_drift:truefor the same repo/ref/base branch/project/path/workspace. - Drift API inputs include ref, path, workspace, repository, and allowlist safety validation.
- Operators should test carefully before production use, especially with hooks, policy checks, allowlists, multi-project repos, and custom workflows.
Features
- Added
--languageand--language-config-fileto localize Atlantis pull request comments and override language catalog strings. (#6506) - Added
--automerge-methodto set a default merge method for automerging, currently implemented for GitHub. (#6573) - Added
--disable-automerge-labelto disable automerge label behavior. (#6593) - Extended
autodiscover.ignore_pathsto targeted-dcommands. (#6466) - Streamed project failure text to the job page. (#6414)
Fixes
- Scoped regex project plans correctly when
--restrict-file-listis enabled. (#6598) - Detected OpenTofu versions using the project distribution. (#6597)
- Re-downloaded Terraform/OpenTofu binaries when the existing binary appears invalid. (#6454)
- Unified Terraform/Terragrunt project directory detection, including
.tf,.tf.json, andterragrunt.hclindicators. (#6455) - Hardened path handling for CWE-22 path-expression issues. (#6254)
- Preserved Docker healthcheck port fallback behavior. (#6588)
- Clarified status-update logging when no URL is available. (#6595)
Provider fixes
- Bitbucket Cloud: validate pagination next URLs before following them. (#6260)
- GitHub: only apply GitHub App checkout behavior to GitHub repositories. (#6119)
- GitHub: support child-team inheritance for
GH_TEAM_ALLOWLIST. (#6365)
Notifications and webhooks
- Slack notifications now show the pull request head branch instead of the base branch. (#6316)
- Slack notifications can include the pull request description. (#6540)
- Documentation now clarifies Slack payload fields and GitHub team hierarchy behavior. (#6596)
New Contributors
- @hussein-mimi made their first contribution in #6365
- @JFryy made their first contribution in #6072
- @ronaldmiranda made their first contribution in #6573
- @emanuelbesliu made their first contribution in #6466
- @rym-dd made their first contribution in #6540
- @eamonryan made their first contribution in #6414
- @kiwibel made their first contribution in #6316
- @zonorti made their first contribution in #6119
Full Changelog: v0.44.1...v0.45.0