Summary
This release brings configurable AWS Web Application Firewall (WAF) support,
redirects HTTP to HTTPS when HTTPS support is enabled in services, begins of
better support for services running multiple containers/sidecars, and notifies
of deploy failures (if the system notification setup has been configured).
| Layer | Has changes | Needs migration |
|---|---|---|
| Account | ||
| Network | ✅ | |
| Build repository | ||
| Database | ||
| Service | ✅ | |
| CI/CD | ✅ |
Migration notes
If you wish to use the WAF work in this release on your services, note the WAF
needs to first be created at the network layer before applying any changes at
the service layer, otherwise the service layer will not be able to find the WAF
to apply. To do this, apply the network changes by running:
make infra-update-network NETWORK_NAME=<NETWORK_NAME>You can then set enable_waf to true in app-config/main.tf and update its
infrastructure.
CI / CD
- Add deploy failure system notification by @lorenyu in #917
- Separate E2E format and typecheck jobs by @rylew1 in #914
- Add emojies to stale environment summaries for easier visual scanning by @lorenyu in 144b543
Network
- AWS Web Application Firewall (WAF) config by @lorenyu and @devin-ai-integration in #924, #926, #928, #933
- Default policy using some AWS managed rule sets for common threats
- See
docs/infra/web-application-firewall.mdfor more details
Service
- Support sidecars in run command by @coilysiren in #918
- Redirect HTTP traffic to HTTPS by @lorenyu in #925
- AWS Web Application Firewall (WAF) support by @lorenyu
- Disabled by default
Tech debt and maintenance
- Doc updates by @coilysiren and @lorenyu in #919 and a4d7eac
- Dependency updates for infrastructure tests by @dependabot and @doshitan in #922
- Add default issue template by @lorenyu in 6282c65
Full Changelog: v0.15.5...v0.15.6
Contributors
lorenyu, doshitan, and 4 other contributors