diff --git a/content/en/blog/posts/2024-11-15-release-v0.14.0.md b/content/en/blog/posts/2024-11-15-release-v0.14.0.md new file mode 100644 index 00000000..7e4a158c --- /dev/null +++ b/content/en/blog/posts/2024-11-15-release-v0.14.0.md @@ -0,0 +1,103 @@ +--- +title: "Shipwright v0.14.0 Is Here" +date: 2024-11-15T12:00:01-04:00 +draft: false +author: "Sascha Schwarze ([@SaschaSchwarze0](https://github.com/SaschaSchwarze0))" +--- + +We are happy to announce the v0.14.0 release of Shipwright. This is our first release since we have joined the [Cloud Native Computing Foundation (CNCF)](https://www.cncf.io/projects/shipwright/). + +In this release, we have put together some nice features: + +## Features + +### Vulnerability Scanning + +Keeping your environments secure is key these days. For container images, scanning them is widely adopted. Shipwright now performs a shift left of those scans by incorporating image scanning into the image build itself. We'll ensure that a vulnerable image never makes it into your container registry (though, you'd still have to re-scan it regularly to determine when it becomes vulnerable). This is a great safeguard for example against base images you consume in your Dockerfile that suddenly is not updated anymore. + +You can read more about it in the separate blog post [Building Secure Container images with Shipwright](2024-07-15-vulnerability-scanning.md). + +### Parameters in the CLI + +The Shipwright CLI finally received the first support for [build parameters](../../docs/build/build.md#defining-paramvalues). You can use the `--param-value` argument to provide values for strategy parameters such as the Go version and Go flags in our [ko sample build strategy](https://github.com/shipwright-io/build/blob/v0.14.0/samples/v1beta1/buildstrategy/ko/buildstrategy_ko_cr.yaml#L8-L13) like this: `shp build create my-app --param-value go-version=1.23 --param-value go-flags=-mod=vendor`. + +### The smaller but still nice things + +Often the small changes are what help you, here are some: + +* If a step in your BuildRun goes out of memory, then it is now easier to determine that as the BuildRun status will have `StepOutOfMemory` as reason. +* A [new sample build strategy](https://github.com/shipwright-io/build/blob/v0.14.0/samples/v1beta1/buildstrategy/multiarch-native-buildah/buildstrategy_multiarch_native_buildah_cr.yaml) has been added which orchestrates a multi-arch build using Kubernetes Jobs. See TODO link to doc for more information. +* We started to implement node selection properties on Builds with [node selectory support](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). Tolerations will come in v0.15. +* As usual, we have done our due diligence. DependaBot helped us to keep our dependencies secure. We are now building with Go 1.22. Kubernetes and Tekton dependencies have been updated. We are also in the process of establishing automation across our repositories that gives us a GitHub issue once our latest release becomes vulnerable. You'll probably see more patch releases in the future where we keep our release free of vulnerabilities. + +## Installing Shipwright + +### Build + +1. Install Tekton v0.65.1: + + ```bash + kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.65.1/release.yaml + ``` + +2. Install v0.14.0 using the release YAML manifest: + + ```bash + kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.14.0/release.yaml --server-side + + curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/v0.14.0/hack/setup-webhook-cert.sh | bash + ``` + +3. (Optionally) Install the sample build strategies using the YAML manifest: + + ```bash + kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.14.0/sample-strategies.yaml --server-side + ``` + +If you are a long-standing Shipwright user that started to use us on our Alpha API (before v0.13.0), then we recommend you to run a storage version migration. It will update the stored version of all Shipwright resources in your cluster to the Beta API omitting unnecessary invocations of our conversion webhook. + + ```bash + curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/v0.14.0/hack/storage-version-migration.sh | bash + ``` + +### CLI + +#### Windows + +```sh +curl --silent --fail --location https://github.com/shipwright-io/cli/releases/download/v0.14.0/cli_0.14.0_windows_x86_64.tar.gz | tar xzf - shp.exe +shp version +shp help +``` + +#### Mac + +```sh +curl --silent --fail --location https://github.com/shipwright-io/cli/releases/download/v0.14.0/cli_0.14.0_macOS_$(uname -m).tar.gz | tar -xzf - -C /usr/local/bin shp +shp version +shp help +``` + +#### Linux + +```sh +curl --silent --fail --location "https://github.com/shipwright-io/cli/releases/download/v0.14.0/cli_0.14.0_linux_$(uname -m | sed 's/aarch64/arm64/').tar.gz" | sudo tar -xzf - -C /usr/bin shp +shp version +shp help +``` + +### Operator + +To deploy and manage Shipwright Builds in your cluster, first ensure the operator v0.14.0 is installed and running on your cluster. You can follow the instructions on [OperatorHub](https://operatorhub.io/operator/shipwright-operator). + +Next, create the following: + +```yaml +--- +apiVersion: operator.shipwright.io/v1alpha1 +kind: ShipwrightBuild +metadata: + name: shipwright-operator +spec: + targetNamespace: shipwright-build +``` diff --git a/themes/docsy b/themes/docsy new file mode 160000 index 00000000..ef3398f5 --- /dev/null +++ b/themes/docsy @@ -0,0 +1 @@ +Subproject commit ef3398f5e55789ec09b0cbc0285ed476a8f3d6e0