CloudOne: Pipeline Release Notes - V 4.7
Please Note
This document describes the changes to the CloudOne CI/CD pipelines introduced in version 4.7. In order to learn about the changes made to the previous versions of CloudOne CI/CD pipelines, please refer to those specific versions of this document.
New Features of Version 4.7
Version 4.7 of the CloudOne CI/CD Pipelines introduces a number of enhancements. These changes include the following: These are the features we have released in V4.7.
Preventing use of system generated (dynamic) hosts on production
Preventing the use of system-generated (dynamic) hosts on production involves implementing measures to ensure that only static and controlled hosts are used in a production environment. This is important because dynamic hosts can introduce instability and security risks to the production environment. By preventing the use of dynamic hosts on production, we can improve the reliability and security of the production environment. You can still use dynamic or system generated hosts for workspace, devint and non-production spaces.
Database updates
New versions of database images introduced in version 4.7. The updates include:
- MariaDB 10.1.1 (using image: sclorg/mariadb-1011-c10s)
- PostgreSQL 15.10 (using image: sclorg/postgresql-15-c9s)
- Redis 6.2.17 (using image: redis:6.2.17)
- MongoDb 7.0.16 (using image: library/mongo:7.0.16)
These updates aim to resolve vulnerabilities and improved performance.
Envoy: upgraded to 1.33
As part of the CloudOne pipeline releases, we have updated the base images to version 1.33 (image: envoyproxy/envoy:v1.33-latest). After the upgrade, please refer to the Configuration Details, for more information. Make sure to compare and update any newer configurations into your repository.
Rust: Update and Support for multiple tarpaulin versions
Tarpaulin is a code coverage tool used in Rust projects. Pipeline v4.7 supports custom Tarpaulin versions based on the requirements and Rust version used. To use this feature, update azure-pipelines.yaml and add below section under parameters:-
parameters:
appVersion: 4.7.0
rust:
version: "1.84.1"
tarpaulinVersion: "0.31.5"Support for latest Rust version 1.84 has been added with Pipeline v4.7 release. we aim to provide flexibility to developers in choosing the version that best suits their project requirements.
Flask: Support for custom pipenv
With CloudOne CI/CD pipeline v4.7 release application teams can use specific pipenv version as per the requirement. Update azure-pipelines.yaml as below:
parameters:
appVersion: 4.7.0
flask:
python: 3.10.0 #minVersion supported 3.5.0
pipenvVersion: 2022.7.24Stateful CaaS
Stateful CaaS involves providing support for stateful applications in CaaS. This feature will allow developers to deploy and manage stateful applications in containerized environments.
Decommissioning of Default Pool
In Azure DevOps, we have decommisioned default pool and customers should use custom pool for their builds instead.
PVC for application stacks
Persistent Volume Claims (PVCs) for application stacks involve providing support for persistent storage in application stacks deployed in Kubernetes clusters. By enabling PVCs for application stacks, This feature will allow developers to define and configure persistent storage requirements for their applications using PVCs.
Please note: This feature will be disabled, please enable it in values.yaml if required.
JFrog plugin upgrades
Jfrog plugins used by the pipeline have been updated to latest stable official versions. This does not require any change from application teams.
Security
We are rolling out a new security tool (Checkmarx) in a phased approach. Once fully rolled out, this tool will perform SCA, SAST, DAST, and Image Vulnerability Scanning. We will provide updates via email notifications to DevOps users in the upcoming months.