Releases: shipwright-io/build
Shipwright Build release v0.13.0
Release changes since v0.12.0
Features
#1471 by @HeavyWombat: Git and Bundle sources now produce additional status fields in a BuildRun to return the commit timestamp of the commit being used, or the image/source timestamp of Bundle images respectively.
#1448 by @SaschaSchwarze0: action required: after you upgraded from v0.12 to v0.13, you can run the following two commands to remove unnecessary permissions: kubectl delete crb shipwright-build-webhook && kubectl delete cr shipwright-build-webhook
#1435 by @SaschaSchwarze0: Controllers now use Tekton's V1 API to create and access the TaskRun that backs a BuildRun
Fixes
#1499 by @SaschaSchwarze0: You can now patch a completed BuildRun on the Beta API without removing its status
#1486 by @SaschaSchwarze0: A BuildRun object in v1alpha1 version is now correctly converted to v1beta1 when it has .spec.serviceAccount.generate set to true
#1429 by @SaschaSchwarze0: You can now use files and directories with two subsequent dots in its name when using an OCI artifact as source
API Changes
#1504 by @SaschaSchwarze0: You can now define a Build without any source. This is for example useful when you want to run this build only with local source. Also, some corrections have been made to the Go types.
#1463 by @qu1queee: Set the storage version to v1beta1 and update Shipwright controllers to operate on the same.
#1441 by @SaschaSchwarze0: The Build in the beta API has been corrected so that when defining .spec.source.git, then .spec.source.git.url is mandatory.
Docs
#1461 by @qu1queee: Add ADOPTERS doc
#1460 by @qu1queee: Add ROADMAP doc
Misc
#1593 by @openshift-cherrypick-robot: The usage of different secrets or secret keys as values inside one array parameter is now possible
#1591 by @openshift-cherrypick-robot: An Alpha Build where spec.dockerfile is set to \"\", is now transformed to a Beta Build without the dockerfile parameter to behave like in Alpha
#1552 by @qu1queee: Improve conversion webhook logging
#1513 by @SaschaSchwarze0: The minimum Kubernetes version is now 1.27. The minimum Tekton version is 0.50.
#1509 by @HeavyWombat: Output image section now supports an optional timestamp field, which can be used to change the image creation timestamp, i.e. use string "SourceTimestamp" to let the output image creation timestamp to be modified to the timestamp of the source timestamp.
#1495 by @SaschaSchwarze0: Shipwright Build is now compiled with Go 1.21
Contributors
Assets 4
Shipwright Build release v0.13.0-rc0
Changes since v0.12.0
Features
#1471 by @HeavyWombat: Git and Bundle sources now produce additional status fields in a BuildRun to return the commit timestamp of the commit being used, or the image/source timestamp of Bundle images respectively.
#1448 by @SaschaSchwarze0: action required: after you upgraded from v0.12 to v0.13, you can run the following two commands to remove unnecessary permissions: kubectl delete crb shipwright-build-webhook && kubectl delete cr shipwright-build-webhook
#1435 by @SaschaSchwarze0: Controllers now use Tekton's V1 API to create and access the TaskRun that backs a BuildRun
Fixes
#1499 by @SaschaSchwarze0: You can now patch a completed BuildRun on the Beta API without removing its status
#1486 by @SaschaSchwarze0: A BuildRun object in v1alpha1 version is now correctly converted to v1beta1 when it has .spec.serviceAccount.generate set to true
#1429 by @SaschaSchwarze0: You can now use files and directories with two subsequent dots in its name when using an OCI artifact as source
API Changes
#1504 by @SaschaSchwarze0: You can now define a Build without any source. This is for example useful when you want to run this build only with local source. Also, some corrections have been made to the Go types.
#1463 by @qu1queee: Set the storage version to v1beta1 and update Shipwright controllers to operate on the same.
#1441 by @SaschaSchwarze0: The Build in the beta API has been corrected so that when defining .spec.source.git, then .spec.source.git.url is mandatory.
Docs
#1461 by @qu1queee: Add ADOPTERS doc
#1460 by @qu1queee: Add ROADMAP doc
Misc
#1552 by @qu1queee: Improve conversion webhook logging
#1513 by @SaschaSchwarze0: The minimum Kubernetes version is now 1.27. The minimum Tekton version is 0.50.
#1509 by @HeavyWombat: Output image section now supports an optional timestamp field, which can be used to change the image creation timestamp, i.e. use string "SourceTimestamp" to let the output image creation timestamp to be modified to the timestamp of the source timestamp.
#1495 by @SaschaSchwarze0: Shipwright Build is now compiled with Go 1.21
Contributors
Assets 4
Shipwright Build release v0.12.0
Release changes since v0.11.0
Features
#1398 by @apoorvajagtap: The Strategy struct does not have an APIVersion field anymore.
#1384 by @SaschaSchwarze0: Installing a nightly release now requires you to run a post-script that sets up the TLS certificate of the conversion webhook
#1370 by @apoorvajagtap: The BuildAh sample build strategies now do not anymore run privileged containers
#1342 by @SaschaSchwarze0: The shipwright-build namespace is now configured to enforce restricted PodSecurity. The shipwright-build-controller deployment was updated to fulfill all requirements.
#1323 by @SaschaSchwarze0: Buildpacks sample build strategies are updated to the latest Heroku version and a newer platform API version
#1302 by @qu1queee: Introduce conversion-webhook to convert SHP Custom Resources from v1beta1 to v1alpha1.
#1268 by @SaschaSchwarze0: Introduce a common base image for all supporting steps
#1266 by @SaschaSchwarze0: You can now define a securityContext on build strategy level to control the runAs user for all steps including the shipwright-managed steps. This allows you to use any runAs user for your build strategy steps while still being able to run without any runAsRoot steps.
#1235 by @qu1queee: API additions: Introduce Shipwright Build v1beta1 API types
#1046 by @SaschaSchwarze0: Shipwright is now capable of pushing the image built by the strategy steps to the container registry
Fixes
#1407 by @qu1queee: Downgrade k8s.io/utils/ptr to k8s.io/utils/pointer due to dependency conflicts with controller-runtime pkg
#1390 by @isibeni: The logic to detect whether a BuildRun failed due to an evicted Pod was improved
#1277 by @SaschaSchwarze0: The platform support for the ko build strategy is functional again
#1239 by @mjgallag: Fix buildkit cluster build strategy's cache import from insecure registry.
#1219 by @SaschaSchwarze0: The ko sample build strategy now makes the source directory a Git safe directory so that Go builds can retrieve version control information
#1176 by @HeavyWombat: The Git source step of a build strategy now returns a more elaborate error in case basic authentication (username and password) are used in combination with a HTTP URI. Instead of a generic error, an error message with an explanation is presented to be more clear and helpful. Also, inline credentials used in the URL will be redacted in the log output.
#1156 by @dalbar: Fixes cancelation of buildruns without a build reference.
API Changes
#1403 by @qu1queee: Add conversion logic for local type of sources. BuildRun CRs now support a .spec.source object that can only be of the type Local. Build CRs now make it explicit on support for the .spec.source of the type Local.
#1266 by @SaschaSchwarze0: You can now define a securityContext on build strategy level to control the runAs user for all steps including the shipwright-managed steps. This allows you to use any runAs user for your build strategy steps while still being able to run without any runAsRoot steps.
#1235 by @qu1queee: API additions: Introduce Shipwright Build v1beta1 API types
#1046 by @SaschaSchwarze0: Shipwright is now capable of pushing the image built by the strategy steps to the container registry
Docs
#1403 by @qu1queee: Add conversion logic for local type of sources. BuildRun CRs now support a .spec.source object that can only be of the type Local. Build CRs now make it explicit on support for the .spec.source of the type Local.
#1388 by @apoorvajagtap: Documentation was updated to describe the beta version of the custom resources
#1196 by @qu1queee: Marks BuildSpec volumes description field as deprecated.
#1117 by @dheerajodha: Deprecated support for passwords. Use Personal Access Tokens instead.
Misc
#1401 by @SaschaSchwarze0: Updates google.golang.org/grpc to address CVE-2023-44487
#1397 by @SaschaSchwarze0: The supported Kubernetes releases are now 1.25 to 1.28. The supported Tekton versions are 0.47 and 0.50
#1371 by @qu1queee: Add action to cleanup nightly assets regularly
#1362 by @SaschaSchwarze0: The BuildKit sample build strategy now does not cause BuildKit to tar the image to then untar it
#1361 by @SaschaSchwarze0: The Kaniko sample build strategy now uses the --snapshot-mode and --tar-path command line flags instead of the deprecated --snapshotMode and --tarPath
#1351 by @SaschaSchwarze0: Golang 1.20 is used to compile
#1202 by @SaschaSchwarze0: Updated the Kubernetes support to v1.24, v1.25, and v1.26, and Tekton to v0.41 and v0.44.
Contributors
Assets 4
Shipwright Build release v0.11.0
Fixes
#1112 by @SaschaSchwarze0: The ko sample build strategy was fixed to download from the ko-build organization.
#1081 by @SaschaSchwarze0: Secret names which had a dash at the 59th characters could not be used for a bundle source because of an error in the translation of secret into volume names
API Changes
#1008 by @otaviof: Adding the API for Shipwright Triggers, a event driven approach to instantiate new builds. This is preparation work for the Triggers project
#1111 by @adambkaplan: The following features are deprecated: 1) Multiple sources for builds, 2) HTTP artifact downloads, 3) Status validations for Builds, 4) Providing a builder image in a Build, 5) Providing the path to a Dockerfile in a Build, 6) Generating service accounts in a BuildRun.
Misc
#1108 by @SaschaSchwarze0: Sample build strategies updated to use BuildAh v1.27, Kaniko v1.9, Crane v0.11, Trivy v0.31.3, and UBI9
#1093 by @SaschaSchwarze0: Updated the support statement to the current Kubernetes and Tekton version
#1086 by @SaschaSchwarze0: The base image of our released images are now based on UBI 9
#1077 by @SaschaSchwarze0: The sample build strategies are using the latest v1.26.0 BuildAh version.
Contributors
Assets 4
Shipwright Build release v0.10.0
Features
#1068 by @SaschaSchwarze0: The ko sample build strategy now supports a gocache volume that you can assign a writable volume in your Build to speed up rebuilds
#1035 by @alicerum: Build Strategies can now define volumes, which can be mounted in build steps, and overridden by Builds and BuildRuns. Build strategies which contain volume mounts in their buid steps must also declare the associated volumes in the strategy spec.
Fixes
#1043 by @HeavyWombat: Fixed delete issue for bundle image prune feature when using the IBM Container Registry for the source image
API Changes
#1035 by @alicerum: Build Strategies can now define volumes, which can be mounted in build steps, and overridden by Builds and BuildRuns. Build strategies which contain volume mounts in their buid steps must also declare the associated volumes in the strategy spec.
Misc
#1064 by @SaschaSchwarze0: The sample build strategies have been updated to use the most recent BuildAh image, v1.23.3
#1061 by @SaschaSchwarze0: We now build our binaries with Go 1.18
Contributors
Assets 4
Shipwright Build release v0.9.0
Features
#1027 by @raghavbhatnagar96: Introducing support for automatic cleanup by extending build and buildrun specifications. A new optional retention section has been introduced in both buildrun and build specifications, that consists of 4 optional fields - ttlAfterFailed, ttlAfterSucceeded, failedLimit, succeededLimit in build specifications and 2 optional fields - ttlAfterFailed, ttlAfterSucceeded - in buildrun specifications.
#1025 by @adambkaplan: Add default RBAC controls for "view" and "edit" users.
#1020 by @HeavyWombat: New field for BundleContainer to allow to specify whether the source bundle image is suppose to be deleted after it was successfully pulled from the registry.
#1016 by @HeavyWombat: Introducing support to embed a BuildSpec inside a BuildRun to have one-off builds, where only a BuildRun is required without the need of a Build resource. This includes an API change as the BuildRef in BuildRuns is no longer mandatory. Either BuildRef or BuildSpec can be used.
#1012 by @SaschaSchwarze0: All sample build strategies now use a documented secure approach to access parameter values that does not allow code injection
#1007 by @SaschaSchwarze0: The BuildKit sample build strategy now supports a platforms parameter to enable multi-platform builds
#1001 by @SaschaSchwarze0: action required: The Buildah sample build strategy now supports build-args. The registry related parameters were changed to arrays in favor of comma-separated strings. You need to update your builds accordingly.
Fixes
#1029 by @SaschaSchwarze0: Use BuildAh's --digestfile argument in the sample build strategies
#1026 by @SaschaSchwarze0: The BuildKit and BuildAh sample build strategies were fixed to correctly set the shp-result-image-digest system result.
#990 by @dalbar: The buildpacks strategy now assumes the version "0.4" as its platform api version. The buildpacks strategies are more granular in their build process and chose "web" as a default process.
API Changes
#1027 by @raghavbhatnagar96: Introducing support for automatic cleanup by extending build and buildrun specifications. A new optional retention section has been introduced in both buildrun and build specifications, that consists of 4 optional fields - ttlAfterFailed, ttlAfterSucceeded, failedLimit, succeededLimit in build specifications and 2 optional fields - ttlAfterFailed, ttlAfterSucceeded - in buildrun specifications.
#1020 by @HeavyWombat: New field for BundleContainer to allow to specify whether the source bundle image is suppose to be deleted after it was successfully pulled from the registry.
#1016 by @HeavyWombat: Introducing support to embed a BuildSpec inside a BuildRun to have one-off builds, where only a BuildRun is required without the need of a Build resource. This includes an API change as the BuildRef in BuildRuns is no longer mandatory. Either BuildRef or BuildSpec can be used.
Misc
#1036 by @SaschaSchwarze0: The sample build strategies now use Kaniko v1.8.1 and Trivy v0.25.3
#1022 by @adambkaplan: Released images for shipwright-io/build also include a Software Bills of Materials (SBOM), published as a separate OCI artifact.
#1021 by @karanibm6: action required: Minimum required version for kubernetes is 1.21
#1014 by @SaschaSchwarze0: Update sample build strategy tools: Kaniko to 1.8.0, Trivy to 0.24.4
#1000 by @qu1queee: Enhance waiter timeout processing.
#945 by @shahulsonhal: action required: We have cleaned up our APIs to provide a consistent representation of optional fields in Go. If you consume our Go types, many optional field types have been converted to pointers.
Contributors
Assets 4
Shipwright Build release v0.8.0
Features
#975 by @SaschaSchwarze0: The parameter support in build strategy now includes arrays. Build users can start to reference parameter values from ConfigMaps and Secrets. Action required: If you previously used the go types with parameters, then you will need to make slight changes to adopt to the changed type structure.
#972 by @dalbar: In case of failures during the Git source step, further error details are now made available in .status.failureDetails.
#934 by @otaviof: Adding support for local sources. Action required: .spec.sources contains a new attribute type, for Remote Artifacts the type is "HTTP". The newly introduced type is LocalCopy.
#930 by @dalbar: Added a new field FailureDetails to BuildRun's Status that has the failure location of a failed build pod and container. Additionally the new field contains a Reason and Message to communicate error information to users and third parties.
Fixes
#982 by @dalbar: Fixes override bug for pkg/config: Setting the environment variabel MUTATE_IMAGE_CONTAINER_TEMPLATE now works as intended and does not override config.GitContainerTemplate.
#970 by @shahulsonhal: Fix the Buildpack build strategies failing for python source with a requirements.txt that failed during pip install
API Changes
#930 by @dalbar: Added a new field FailureDetails to BuildRun's Status that has the failure location of a failed build pod and container. Additionally the new field contains a Reason and Message to communicate error information to users and third parties.
Misc
#992 by @SaschaSchwarze0: Update build strategy tool: Trivy to 0.22.0, go-containerregistry/crane to 0.8.0
#959 by @SaschaSchwarze0: Update Buildah to 1.23.1, introduce parameters to setup registry configuration
Contributors
Assets 4
v0.7.0
Breaking Changes
- The minimum supported Kubernetes version is now v1.20.
Deprecations
- Shipwright's implicit association of an
emptyDirvolume to any BuildStep that has a volume mount is deprecated, with the intent of replacing it with an implementation of SHIP-0022 in the following release. If your build strategies leverage this behavior, please start planning to employ the alternative approach described in https://github.com/shipwright-io/community/blob/main/ships/0022-build-strategy-volumes.md.
Features
#944 by @sm43: Users can now specify output image labels and annotation in BuildRun which will be merged with Build's before adding to the image.
#941 by @gabemontero: Shipwright's implicit association of an emptydir volume to any BuildStep/Container VolumeSource that needs an associated Volume is marked as deprecated in the upcoming release, with the intent of replacing it with an implementation of SHIP-22 in the following release. If your build strategies (both Clustered and Namespaced) leverage this behavior, please start planning to employ the alternative approach described in https://github.com/shipwright-io/community/blob/main/ships/0022-build-strategy-volumes.md
#938 by @imjasonh: Released images are signed with an ephemeral key using cosign
#937 by @HeavyWombat: Git step now supports setting an optional rewrite rule so that HTTPS URLs are translated into Git+SSH URLs during the Git clone and Git submodule operations.
#933 by @sm43: Adds branchName in buildrun results if revision is not specified in Build
#906 by @shahulsonhal: The Buildpacks sample build strategies now pass environment variables to the the Buildpacks allowing users to customize their behavior
Fixes
#953 by @HeavyWombat: Fixed incorrect flag name for Git step in controller code.
#952 by @HeavyWombat: Fixed issue where a HTTPS URL and private SSH key could not be used due to the credentials verification routine not taking the Git URL rewrite flag into account.
API Changes
#933 by @sm43: Adds branchName in buildrun results if revision is not specified in Build
Misc
#958: by @SaschaSchwarze0: action required: We updated our used Tekton and Kubernetes dependencies. The minimum Kubernetes version now is v1.20
#957 by @SaschaSchwarze0: Removing compatibility code that deleted generated service accounts with the naming pattern from before v0.6
#956 by @SaschaSchwarze0: Update Trivy in the sample build strategy to 0.21.2
#950 by @sm43: Shipwright Build is now built with Go v1.17
#917 by @imjasonh: Released images are available on ghcr.io, instead of quay.io
#909 by @SaschaSchwarze0: Updated Kaniko in the sample build strategies to v1.7.0
#905 by @SaschaSchwarze0: Update Trivy in sample build strategy to 0.20.1
#713 by @sbose78: Fix source-to-image strategy's kaniko step to ignore missing AWS credentials
Contributors
Assets 4
v0.6.0
Release v0.6.0
Breaking Changes
This release removes .spec.runtime from the Build and BuildRun APIs, which was previously deprecated in v0.5.0.
Features
#883 by @SaschaSchwarze0: Nightly and normal releases now include a sample-strategies.yaml
#858 by @MayukhSobo: The BuildRun status is improved when a BuildRun Pod gets evicted.
#854 by @shahulsonhal: You can now specify annotations and labels in the Build that will be added to the image
#835 by @HeavyWombat: Introduced support for so called bundle images, which contain packaged source code and can be used instead of a Git repository for builds.
#817 by @coreydaley: Developers can now add Environment Variables to the Spec section of their Builds and BuildRuns.The Environment Variables will be added to all Steps of the chosen BuildStrategy, though any conflictswill result in a failed TaskRun.
#816 by @SaschaSchwarze0: The message field of the Succeeded condition of a failed BuildRun now includes the name of the step that has failed
#809 by @gabemontero: Support for cancelling an active BuildRun has been added.
#781 by @qu1queee: Add support for parameters in the strategies, so that users can parameterize their usage.
Fixes
#885 by @SaschaSchwarze0: The -sa suffix from generated service accounts has been removed so that BuildRuns with names longer than 60 characters also work with older Calico versions
#840 by @shahulsonhal: Added validation to make sure that Build and BuildRun names follow the required character limits
#813 by @HeavyWombat: Fixed issue in source retrieval code that led to slow loading times compared to the previous implementation.
API Changes
#871 by @shahulsonhal: You can now see the TaskRun results in BuildRun status
#854 by @shahulsonhal: You can now specify annotations and labels in the Build that will be added to the image
#836 by @imjasonh: Removes the .spec.runtime field that was deprecated in v0.5.0.
#835 by @HeavyWombat: Introduced support for so called bundle images, which contain packaged source code and can be used instead of a Git repository for builds.
#817 by @coreydaley: Developers can now add Environment Variables to the Spec section of their Builds and BuildRuns. The Environment Variables will be added to all Steps of the chosen BuildStrategy, though any conflicts will result in a failed TaskRun.
#809 by @gabemontero: Support for cancelling an active BuildRun has been added.
#781 by @qu1queee: Add support for parameters in the strategies, so that users can parameterize their usage.
Docs
#880 by @SaschaSchwarze0: Correcting the statement about the contextDir which is supported in all sample build strategies
Misc
#848 by @dalbar: Fixed documentation for build and buildStrategies
#839 by @HeavyWombat: Updated Git download step to avoid misleading warnings and messages.
#837 by @HeavyWombat: Improved output messages created by the Git step to be more human readable.
Contributors
Assets 4
v0.5.1
Release v0.5.1
This is a patch release bump that fixes #806 .
Release v0.5.0 lacks of RBAC permissions required by the OwnerReferencesPermissionEnforcement admission controller, which is enabled by default in OpenShift clusters. This was causing reconcile errors on the Shipwright controllers.
Note: We recommend OpenShift users to bump directly to this Release v0.5.1, instead of the v0.5.0.
Fixes
#807 by adambkaplan: Add RBAC permissions to let the build controller set owner references if a cluster has the OwnerReferencesPermissionEnforcement admission controller enabled.
Misc
#804 by qu1queee: Enhance CI with automated README updates