v6.7.0
The primary focus of this release is to adapt to Docker Hub's upcoming rate limits for free users, which will take effect November 2.
We recommend that anyone who uses images hosted on Docker Hub - either without authentication or with a free account - to upgrade to this release, which includes the following:
registry-image
resource type v0.14.0 anddocker-image
resource type v1.5.0- Both resource types now use a
HEAD
request rather thanGET
during thecheck
operation so that they don't count towards the rate limit. This was shipped in v6.6.0, but registries which do not supportHEAD
broke - now they'll fall back onGET
.
- Both resource types now use a
- Ability to configure defaults for resource types (#6079).
- The
check
fix is not enough in isolation - a large enough Concourse cluster might still run into rate limits when it comes time to fetch the image. - With resource type defaults, a cluster-wide pull-through cache may be configured by setting a default
registry_mirror
config for theregistry-image
resource type and thedocker-image
resource type. (Note that their configuration is slightly different.)
- The
More details follow!
✈️ Features
- Allow configuring source "defaults" for resource types (#6079) @evanchaoli 🔗
-
With this feature, a cluster admin may configure default
source
configuration for core resource types on theweb
node. For example, when the following file is specified to ATC--base-resource-type-defaults=brt_default.yml
:registry-image: registry_mirror: host: 192.168.1.12:5000
then all
registry-image
will pull images from the mirror192.168.1.12:5000
.At pipeline level,
defaults
can be defined with resource types, for example:resource_types: - name: rt-gitlab type: registry-image source: repository: <uri of a gitlab resource type> defaults: url: <gitlab url> project: <project-id> resources: - name: gitlab-mr type: rt-gitlab source: kind: MergeRequest - name: gitlab-release type: rt-gitlab source: kind: Release
In this sample, when defines the gitlab resource-type, GitLab url and project-id are defined as defaults of the resource type, so that all resources of the type will inherit those defaults.
-
🐞 Bug Fixes
- containerd does not grant access to /dev/console (#6181) @jamieklassen 🔗
- If you are running concourse with the containerd backend inside a runc-managed process and your version of runc is v1.0.0-rc91 or above, creating privileged containers no longer fails with EPERM.