Skip to main content

Engine Release 9.0

ยท 5 min read

Key Updates

Removal of bash based client

hamlet started life as a collection of bash scripts with the freemarker template engine handling creating files. Over the years we've evolved the bash scripts into a cli that does still call some of these bash scripts but the main interface has been the cli for a little while now. In this release we have removed the bash scripts that aren't being used by the cli as well as the shim engine in the CLI which allowed you to access the bash scripts directly while still being able to use the engines we have in hamlet.

This shouldn't have an impact on most users of hamlet as most people found the cli the way to go for understanding how to get things going.

Along with that some of the commands in the cli which directly mapped to cli calls have also been removed as they have been replaced by other processes, mostly with the introduction of runbooks.

The following command groups have been removed:

  • hamlet release - Has now been replaced with run books

    hamlet release upload-image

    is now available as a run book. For the aws provider

    hamlet task run-runbook -n management-image_push-runbook -- Tier=app Component=myservice Reference=abc123 DockerImage=myimage:latest

    Will now push a local docker image tag up to the hamlet registry and update the image reference based on the occurrence details provided

    hamlet release update-build-reference

    This is completed as part of the runbook above but if you need to manually change the reference when you don't have an image as well

    hamlet task run-book -n management-image_set_reference-runbook -- Tier=app Component=myservice Reference=def456

    hamlet release transfer-image

    The transfer process has now been removed. Instead we have added a pull image command which you can use to pull an image locally then push back to another registry

    hamlet task run-runbook -n management-image_pull-runbook -- Tier=app Component=myservice

    Will pull down the image and provide you with details of the image that you can use to perform a push

  • hamlet manage - Has now been replaced with runbooks and the hamlet deploy commands

    hamlet manage stack
hamlet manage deployment

    have been replaced with the hamlet deploy run-deployments command

    hamlet manage crypto
hamlet manage file-crypto
hamlet manage credential-crypto

    Have all been replaced with the encrypt and decrypt runbooks

    hamlet task run-runbook -n management-kms_encrypt-runbook -- Value=mysecret
hamlet task run-runbook -n management-kms_decrypt-runbook -- Value=bXlzZWNyZXQK

    The value section will support multiline strings so you can cat a file into the value section and it will look after that for you

Changes

  • remove legacy bash scripts (#370)
  • legacy bash approach removal

Datapipeline component removal

The datapipeline component has now been removed. This was added to support the AWS Data Pipeline service which isn't really used anymore in favour of services like Step Functions. This was only available for AWS

Changes

  • (datapipeline): remove support for AWS data pipeline
  • remove datapipeline script support (#324)
  • remove datapipeline support (#1984)

Overall Updates

Engine

New Features

  • (waf): add support for waf on userpools
  • (user): add user name control
  • (user): source IP filtering
  • (lb): client IP control (#2119)
  • (vpcendpoint): policy support (#2117)
  • (apigateway): private APIs (#2115)
  • (mta): add stop after match action

Fixes

  • missing waf userpool attrs (#2125)
  • (userpool): add waf section that was lost (#2124)
  • don't list disabled suboccurrences (#2118)

Refactorings

  • (backups): default priority (#2123)

AWS

New Features

  • (waf): enable waf and add challenges (#784)
  • (user): name format handling
  • (vpcendpoint): source vpc endpoint extension (#777)
  • (user): source IP filtering
  • SQS and SNS endpoint policies (#775)
  • (ec2): lb fixed target mapping (#774)
  • (lb): client IP control (#773)
  • (iam): extend use of the large policy setup
  • (vpcendpoint): policy support (#764)
  • (apigateway): private APIs (#762)
  • (mta): stop after match

Fixes

  • (firewall): add both log destinations for all
  • (datafeed): support subset passes (#782)
  • (ecs): round max memory when calculated
  • (gateway): route table collection
  • add note for migration
  • ec2 sec groups and ecs ids
  • (gateway): duplicate route table ids (#770)
  • (gateway): duplicate route table ids (#769)
  • (account): disable cloudtrail by default
  • (objectsql): permissions state details
  • docker image tag extension (#765)
  • (cdn): extraneous resources in lg pass (#761)

Refactorings

  • (datafeed): check for undeployed lambda (#781)
  • (datafeed): undeployed lambda functions (#778)
  • remove use of component ids

Azure

Fixes

  • (ci): update to latest shared workflows (#313)
  • (computecluster): bootstraps lookup from global
  • remove use of getRegistryPrefix and EndPoint (#310)

Refactorings

  • replace reference lookups with function
  • standardise github workflows (#309)

CLI

Fixes

  • path to the sh script for set_provider_credentails task