Skip to content

Brigade 0.7.0: Gateway Improvements
Compare
Choose a tag to compare
@technosophos technosophos released this 01 Dec 21:12
· 1459 commits to main since this release
v0.7.0
This tag was signed with the committer’s verified signature.
adamreese Adam Reese
GPG key ID: 06F35E60A7A18DD6
Learn about vigilant mode.
387aacc
This commit was signed with the committer’s verified signature.
adamreese Adam Reese
GPG key ID: 06F35E60A7A18DD6
Learn about vigilant mode.

We're excited to bring you Brigade 0.7.0, with features and bugfixes. We made some big changes that may impact existing users.

Join the discussion in the Kubernetes slack #brigade room!

The big feature of this release is the much-improved handling of GitHub pull_request events. For security reasons, Brigade now blocks pull requests on forked repos from triggering pull_request events. To disable this behavior, you can set the BRIGADE_BUILD_FORKED_PULL_REQUESTS environment variable on the Gateway's deployment.

Breaking Changes

We try to be careful with our breaking changes. But prior to the 1.0 release of Brigade, we also occasionally make changes that are inconvenient but (we believe) in the overall best interest of the project.

Summary of breaking changes:

  • The imagePull event was renamed image_pull to match other events.
  • The Dockerhub/ACR webhook integration has been moved to a separate gateway service.

The gateway has been split in two. The existing gateway (which will likely be renamed to "github-gateway" in the future) now only handles GitHub's push and pull_request hooks.

A new gateway, the Container Registry Gateway (cr-gateway) now handles container registry webhooks (event image_push) from Dockerhub and ACR. Because that webhook API does not have authentication, we have turned this gateway off by default. To enable it with Helm, use --set cr.enabled=true.

In the future, we will be moving toward gateway microservices instead of configuring one gateway to listen to lots of different external services.

Changes

  • docs(javascript): document the JS api for enabling docker socket 34f50ce (Matt Butcher)
  • fix(charts): add roles to services, deployments, pods c92dc82 (Matt Butcher)
  • fix(webhook): do not set ssh key in environment cd23d1d (Adam Reese)
  • fix(worker): add regexp to validate job name f2a1d19 (Matt Butcher)
  • fix(git-sidecar): add openssh back in b500bd3 (Matt Butcher)
  • fix(worker): print worker version in logs a8ac06c (Adam Reese)
  • ref(*): name vcs-sidecar consistently across components 2edd731 (Adam Reese)
  • fix(gateway): correctly set default flag 8a131e7 (Adam Reese)
  • ref(cr): set default namespace for cr-gateway fd97ad2 (Adam Reese)
  • feat(gateway): make forked pull-request builds optional 9b330c2 (Adam Reese)
  • feat(cr-gateway): break container registry gw into separate binary (#99) 6dd534d (Matt Butcher)
  • fix(brig): remove dead code a366e02 (Matt Butcher)
  • fix(api): improve performance of fetching builds fe6a95c (Matt Butcher)
  • ref(*): set flag defaults a8e0721 (Adam Reese)
  • fix: delete the dead link in the Github status payload ba4dfd7 (meyerbaptiste)
Assets 2
Loading