Release notes

0.83.1

Bug fixes

  • FIXED: Apply and destroy commands could get permanently stuck at InProgress after an agent restart. Target update states (e.g. target creation completing successfully) were only held in the agent's in-memory cache and never written to the database. If the agent restarted before the command completed, the target state reverted to NotStarted, causing overallCommandState to return InProgress indefinitely.
  • FIXED: A single failed discovery sync read (e.g. an AWS resource that CloudControl cannot read) could cascade-fail all other reads in the same sync command. Discovery sync commands were incorrectly creating dependency edges between independent read operations, so one failure would propagate to unrelated resources.

0.83.0

New features and improvements

Plugins

  • Grafana plugin: New official plugin for managing Grafana resources — dashboards, data sources, folders, alerting rules, teams, and service accounts. Works with both self-hosted Grafana and Grafana Cloud. See the Grafana plugin documentation.
  • Docker Compose plugin: New official plugin for managing Docker Compose stacks as infrastructure. Exposes resolvable endpoints that other plugins can reference — for example, a Grafana target can resolve its connection URL from a compose stack. See the Docker Compose plugin documentation.

Targets

  • Target replace: When a target's configuration changes (e.g. switching AWS region), formae now replaces the target and all managed resources in the correct order — delete resources, delete target, create target, recreate resources. This is only allowed when all resources on the target are marked as portable in their schema, ensuring safe recreation. In reconcile mode, stacks not present in the forma are preserved; in patch mode, everything managed on the target is replaced.
  • Resolvable target configuration: Target configuration fields now support resolvable references to resource properties. This enables cross-provider workflows where one provider's output feeds another provider's configuration — for example, a Kubernetes target whose cluster endpoint is resolved from an EKS resource. Targets with resolvable config are automatically ordered in the execution DAG to wait for their dependencies. See Target resolvables for examples.
  • Cascade target deletes: When destroying resources that a target depends on (via resolvable references), formae detects the dependency and either aborts (default) or cascade-deletes the dependent target and its resources. Use --on-dependents=cascade to proceed. Plain targets (e.g., cloud region targets) without resolvable dependencies survive destroy.

Operations

  • Azure cloud installer: One-command deployment of the formae agent to Azure Container Instances with managed identity authentication. See Install on Azure.
  • GCP cloud installer: One-command deployment of the formae agent to Google Cloud Run with Workload Identity Federation. See Install on GCP.

Schema

  • Atomic field updates: Fields annotated with updateMethod = "Atomic" are now compared as opaque values and produce a single replace operation instead of recursive sub-field diffs. This is needed for cloud provider fields like IAM policy documents where the API expects the entire value as a single update. See Collection Semantics for details.

Bug fixes

  • FIXED: Synchronization and updates could silently fail for resources with complex schemas (e.g. Kubernetes Pod, Deployment, AWS ECS TaskDefinition). Large messages between the agent and plugins were being dropped due to an internal transport limit. All plugin messages are now compressed, eliminating this size restriction.
  • FIXED: Agent could fail to recover after a crash, leaving commands stuck in an incomplete state.
  • FIXED: Concurrent apply commands targeting the same resource could create duplicates.
  • FIXED: Commands could reach terminal state before resource properties were fully persisted, causing stale inventory data.
  • FIXED: Concurrent stack deletion could cause panics.
  • FIXED: Recreating a resource after deletion could produce stale internal references.
  • FIXED: A background sync could interfere with an in-progress apply, causing unexpected failures.
  • FIXED: An update on a resource with resolvable references could get stuck if resolving the reference failed.
  • FIXED: formae apply could generate unnecessary resource replacements when createOnly fields hadn't actually changed.
  • FIXED: formae apply could generate spurious patch operations from empty arrays and maps produced by the PKL schema, leading to unnecessary replacements or validation errors.
  • FIXED: Provider-populated default values inside nested sub-resources (e.g. container CPU defaults in ECS TaskDefinitions) were incorrectly flagged as drift.
  • FIXED: Provider-populated default values in key-based collections (e.g. AWS LoadBalancer attributes) could cause patches to exceed API limits.
  • FIXED: Resources with required fields inside array properties (e.g. ClusterRole rules) could be silently rejected during validation.
  • FIXED: References nested inside array elements were not resolved during patch generation.
  • FIXED: formae extract produced invalid PKL in some cases involving stack references.
  • FIXED: Discovery could skip resources between cycles.
  • FIXED: Plugin error messages were not included in failure responses, making debugging difficult from the CLI.

Breaking changes

!!! warning "Plugin SDK update required" This release changes the internal message format between the formae agent and plugins. All plugins must be recompiled against pkg/plugin v0.1.21 to remain compatible. Plugins built against older SDK versions will fail with message decoding errors during synchronization and resource operations.

0.82.3

New features and improvements

  • Pkl extraction: Shared types are now imported during formae extract resolving issues where extracted Pkl code referenced types that weren't in scope.

Bug fixes

  • FIXED: Container image did not include cloud provider plugin binaries due to a missing dependency in the build process. All resource plugins (AWS, Azure, GCP, OCI, OVH) are now correctly packaged.
  • FIXED: formae apply in certain cases incorrectly rejected changes when modifications were already absorbed in the forma (e.g. via extract).
  • FIXED: Empty arrays [] and maps {} were incorrectly treated as missing values during patch comparison. This caused commands that remove all remaining items from a collection to silently leave items behind, and prevented drift detection from catching out-of-band additions to fields not present in the user's Pkl.
  • FIXED: CommandStatus API endpoint was not reading the command ID from the path parameter.
  • FIXED: API returned incorrect HTTP status codes for no-op and simulate commands.
  • FIXED: Agent could fail to start after a forced termination (SIGKILL, crash, or system reboot) because the stale PID file was not cleaned up. The agent now verifies the recorded PID is a live process and removes stale or corrupt PID files automatically.
  • FIXED: Resolvables referencing nonexistent resources were silently skipped during translation, only surfacing at runtime. Simulate would show a clean plan while the actual apply would fail. These are now caught early and reported as a clear error.
  • FIXED: formae extract accepted a directory path as target, failing later with a confusing error. It now validates the target path upfront and returns a clear message.

0.82.2

Bug fixes

  • FIXED: Simulation output now shows the actual value being removed from arrays instead of displaying "(empty)".
  • FIXED: Several Pkl union types with nullable alternatives were incorrectly declared.

Documentation

  • Installation guide restructured: Installation documentation is now split into dedicated pages for local, Docker, and Helm deployments.
  • Collection handling: New section in Apply Modes explaining how reconcile and patch modes differ when updating collections.

Plugin release notes

Official plugin release notes have moved to dedicated pages under each plugin's documentation. See AWS, Azure, GCP, OCI, and OVH.

0.82.1

Bug fixes

  • FIXED: Running formae extract on discovered resources could crash when all results were unmanaged or when results included a mix of managed and unmanaged resources. The $unmanaged stack doesn't exist in the database, so it was silently dropped during serialization, leaving the PKL generator with missing stack data. Both cases are now handled correctly.
  • FIXED: Conformance tests could fail for resources that have Resolvable references nested inside SubResource maps. The test runner was comparing these maps as flat strings instead of recognizing the nested references. The framework now recursively walks maps and correctly compares Resolvable fields at any depth.

0.82.0

New features and improvements

  • Policies (Beta): formae now supports policies—configurable behaviors that you attach to stacks, that allow you to choose different automation strategies for different sets of resources and use cases. This release introduces TTL policies for automatic cleanup after a duration, and auto-reconcile policies for automatic reversal of out-of-band and incremental changes at regular intervals. Policies can be inline (owned by a stack) or reusable (shared across stacks via .res reference). See the Policy documentation for details.
  • AI assistant integration (Beta): formae now ships with an MCP server and 13 skills that teach AI coding assistants how to manage infrastructure and open the way to partly or fully agentic, safe, IaC-centric workflows. Deploy, query, detect drift in your own codebase, and build plugins — all through natural conversation. Available as a Claude Code plugin via the formae marketplace. See the AI assistants documentation for details.
  • New formae inventory policies command to list all reusable policies. See the CLI documentation for details.
  • The formae inventory stacks command now shows attached policies for each stack.
  • HasProviderDefault field hint: New hasProviderDefault annotation for fields where cloud providers assign default values. When a field with this hint exists in actual state but is not specified by the user, formae accepts the provider's default instead of generating a "remove" operation. This prevents oscillation during reconcile for fields like S3 bucket encryption or SQS visibility timeout. See the schema reference for details.
  • How-to guides: documentation now includes a growing number of concrete guides how to use formae in different situations and for various use cases.

0.81.0

New features and improvements

  • Stack improvements: Stack descriptions are now correctly stored and updated when reapplying. Stacks are automatically deleted when their last resource is removed.
  • New formae inventory stacks command to query and list all stacks managed by formae. See the CLI documentation for details.
  • Aurora Data API datastore: New datastore option for AWS deployments using AWS RDS Data API. See the configuration documentation for details.
  • Empty targets can now be deleted using formae destroy. See the target documentation for details.
  • Non-interactive plugin init: The formae plugin init command now supports non-interactive mode for automation, CI pipelines, and LLM-assisted workflows. Use the --no-input flag with CLI flags to provide all required values. See the plugin tutorial for details.
  • Plugin dashboard: A new Grafana dashboard for monitoring plugin metrics is available in the formae-grafana-dashboards repository.
  • Plugin log messages now show the plugin name instead of the namespace.

Bug fixes

  • FIXED: Resources with fields that are arrays of resolvables are now handled properly.
  • FIXED: Plugin shutdown no longer produces spurious error messages.
  • FIXED: Improved import declaration generation when using formae extract.

0.80.1

Bug fixes

  • FIXED: The extract command would fail for plugins where the plugin name differed from the namespace.

0.80.0

Breaking Changes

  • Plugin SDK: Complete overhaul of the ResourcePlugin interface, the formae Pkl schema and plugin distribution. See the plugin SDK documentation for details.
  • Formae Pkl schema: nonprovisionable and persist resource annotations have been removed. Tags are no longer a first-class citizen in formae and will be superseded by plugin-specific implementations. For AWS, formae.Tag will be supported for three more releases before being removed. Please update tag definitions in your AWS Pkl files to use aws.Tag instead of formae.Tag.

New features and improvements

0.76.5

Bug fixes

  • FIXED: In some cases updates for AWS Tags were generated incorrectly, causing commands to fail.
  • FIXED: If there were unfinished commands on agent startup, the agent would some times try to resume those commands before the plugins were fully initialized.
  • FIXED: Commands would fail when a read operation failed with a recoverable error (like a rate limit).
  • FIXED: AWS::EC2::TaskSet was incorrectly marked as discoverable causing noise in the logs during discovery.

0.76.0

Breaking Changes

  • Plugin Architecture Migration: Plugins must now be built as standalone executables instead of shared libraries (.so files). Existing custom plugins need to be updated with a main() function that calls plugin.Run(). See the AWS plugin implementation for reference.

New features and improvements

  • Plugin Architecture Overhaul: Plugins now run as separate executables in their own processes rather than as shared libraries, enabling independent dependency graphs and multi-host deployment.
  • Major Performance Improvements: Significantly improved command processing performance. Previously limited to around 500 resources, the agent now handles up to 20,000 resources. See the agent sizing recommendations for resource requirements.
  • Enhanced Observability: The agent now exports comprehensive telemetry via OpenTelemetry including metrics, structured logs with trace correlation, and distributed traces for API requests, resource operations, and database queries.
  • Grafana Dashboards: Pre-built Grafana dashboards for monitoring formae are now available in the new formae-grafana-dashboards repository.
  • New temporality configuration option for OTLP metrics export, supporting both delta (OTel-native) and cumulative (Prometheus/Mimir) temporality.

Bug fixes

0.75.5

New features and improvements

  • Shell auto-completion is now supported for formae commands in bash and zsh. The installer can now install the necessary completion scripts
  • Sync commands that did not pull in any changes are now automatically removed from the database

Bug fixes

0.75.4

Bug fixes

0.75.3

Bug fixes

0.75.2

New features and improvements

  • Watch output prints useful hints at the end of the output
  • Targets are now discoverable by default
  • When creating a target, discovery is automatically initiated
  • Discovery now traverses multuple levels of parent-child relationships in resource hierarchies
  • Discovery can now handle multiple namespaces
  • Discovery creates resolvables to parent properties in child resources
  • Destroy queries no longer accept "managed" as a field parameter, as it does not apply to destroy operations

Bug fixes

0.75.1

New features and improvements

  • Implemented database migration for future changes
  • Discovery is enabled now by default in the configuration
  • Targets are now discoverable by default
  • Default discovery interval is now at 10 minutes instead of previously 1 hour

Bug fixes

0.75.0

New features and improvements

  • New formae cancel command that allows to cancel any apply or destroy command already being executed by the agent.
  • New formae inventory targets command to query and list targets with filtering by label, namespace, and discoverability.
  • Targets now support a discoverable field for granular control over which targets participate in discovery scans.
  • Pkl: Nested fields are now being parsed.
  • The lifeline example now uses more idiomatic PKL code.

Breaking changes

  • We are deprecating configuration of discovery targets through the agent config. Instead, targets need to be configured through forma application now.

Bug fixes

0.74.0

Public launch.