Update kops, kubectl, and terraform. (#529)

Bumps awscli from 1.16.226 to 1.16.230.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

what

• Update multiple tools from https://github.com/cloudposse/packages/pull/233
• Update aws-cli 1.16.209 -> 1.16.226
• Update ansible 2.7.12 -> 2.8.4

why

Bring in bug and security fixes and new features

Security note

PyYAML is pinned to version 3.13 because that is the latest version that awsebcli supports. This version of PyYAML has a known vulnerability, CVE-2017-18342, summarized as "the yaml.load() API could execute arbitrary code if used with untrusted data."

At the moment, the only tools Geodesic ships with that use PyYAML (as far as we have been able to determine) are awscli and awsebcli. (The yq command included in Geodesic is a golang tool and not the python-yq that uses PyYAML.)

• awscli says their tool is not affected by the vulnerability: https://github.com/aws/aws-cli/issues/3828
• We can find no public statement about awsebcli and CVE-2017-18342

Users of awsebcli or who install their own Python packages should take appropriate precautions.

Special note about this release:

Due to operational errors, the 0.121.0 release was incorrectly published twice, once as 1.121.0 and once as 0.121.0 but pointing to the wrong commit. Users may want to avoid this release in favor of the prior 0.120.4 or next 0.122.0 release to avoid confusion. However, you can verify which version you have by examining these points:

• The correct commit for release 0.121.0 is 4f55f6a44cd56a8529c3ff0e4c2961c06bc4386d
• 0.121.0 has awscli==1.16.226 while the previous release has awscli==1.16.209
• 0.121.0 does not have rootfs/usr/local/bin/codefresh-pipeline while the next release does

A typo in grafana-db broke downloading Grafana dashboards from arbitrary URLs.

Fixed in #517

Fix TF_BUCKET_PREFIX for Atlantis #512

what

• Update "latest" tag upon release
• Multiple updates, including updating cloudposse/packages from 0.90.0 to 0.116.0

why

• Ensure "latest" tag tracks latest release
• Bring in current tools
• closes #496
• closes #502
• closes #504
• closes #506
• closes #507
• closes #509 Security issue

Revert git to v2.20.1 and other tweaks.
See #508 for details.

what

• Use an empty cache folder to initialize module

why

• Terraform 0.12 no longer allows initialization of folders with even dot files =(
• Example of how to use direnv with terraform 0.12

usage

export TF_MODULE_CACHE=.module
mkdir -p ${TF_MODULE_CACHE}

1. [aliases] Do not overwrite existing commands with our default aliases and functions
2. [codefresh] Add some helper functions to be used with Codefresh CI/CD pipeline
3. [tfenv] Set a default TFENV_BLACKLIST if the variable is not already one set
4. [docker] Tag docker images with short commit tags as well as long ones

For more, see PR #499