v2.30.1-rc2 Armory Release (OSS Spinnaker™ v1.30.3)

Release notes for Armory Continuous Deployment v2.30.1-rc2. A beta release is not meant for installation in production environments.

2023/08/24 Release Notes

Disclaimer

This pre-release software is to allow limited access to test or beta versions of the Armory services (“Services”) and to provide feedback and comments to Armory regarding the use of such Services. By using Services, you agree to be bound by the terms and conditions set forth herein.

Your Feedback is important and we welcome any feedback, analysis, suggestions and comments (including, but not limited to, bug reports and test results) (collectively, “Feedback”) regarding the Services. Any Feedback you provide will become the property of Armory and you agree that Armory may use or otherwise exploit all or part of your feedback or any derivative thereof in any manner without any further remuneration, compensation or credit to you. You represent and warrant that any Feedback which is provided by you hereunder is original work made solely by you and does not infringe any third party intellectual property rights.

Any Feedback provided to Armory shall be considered Armory Confidential Information and shall be covered by any confidentiality agreements between you and Armory.

You acknowledge that you are using the Services on a purely voluntary basis, as a means of assisting, and in consideration of the opportunity to assist Armory to use, implement, and understand various facets of the Services. You acknowledge and agree that nothing herein or in your voluntary submission of Feedback creates any employment relationship between you and Armory.

Armory may, in its sole discretion, at any time, terminate or discontinue all or your access to the Services. You acknowledge and agree that all such decisions by Armory are final and Armory will have no liability with respect to such decisions.

YOUR USE OF THE SERVICES IS AT YOUR OWN RISK. THE SERVICES, THE ARMORY TOOLS AND THE CONTENT ARE PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. ARMORY AND ITS LICENSORS MAKE NO REPRESENTATION, WARRANTY, OR GUARANTY AS TO THE RELIABILITY, TIMELINESS, QUALITY, SUITABILITY, TRUTH, AVAILABILITY, ACCURACY OR COMPLETENESS OF THE SERVICES, THE ARMORY TOOLS OR ANY CONTENT. ARMORY EXPRESSLY DISCLAIMS ON ITS OWN BEHALF AND ON BEHALF OF ITS EMPLOYEES, AGENTS, ATTORNEYS, CONSULTANTS, OR CONTRACTORS ANY AND ALL WARRANTIES INCLUDING, WITHOUT LIMITATION (A) THE USE OF THE SERVICES OR THE ARMORY TOOLS WILL BE TIMELY, UNINTERRUPTED OR ERROR-FREE OR OPERATE IN COMBINATION WITH ANY OTHER HARDWARE, SOFTWARE, SYSTEM OR DATA, (B) THE SERVICES AND THE ARMORY TOOLS AND/OR THEIR QUALITY WILL MEET CUSTOMER”S REQUIREMENTS OR EXPECTATIONS, (C) ANY CONTENT WILL BE ACCURATE OR RELIABLE, (D) ERRORS OR DEFECTS WILL BE CORRECTED, OR (E) THE SERVICES, THE ARMORY TOOLS OR THE SERVER(S) THAT MAKE THE SERVICES AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. CUSTOMER AGREES THAT ARMORY SHALL NOT BE RESPONSIBLE FOR THE AVAILABILITY OR ACTS OR OMISSIONS OF ANY THIRD PARTY, INCLUDING ANY THIRD-PARTY APPLICATION OR PRODUCT, AND ARMORY HEREBY DISCLAIMS ANY AND ALL LIABILITY IN CONNECTION WITH SUCH THIRD PARTIES.

IN NO EVENT SHALL ARMORY, ITS EMPLOYEES, AGENTS, ATTORNEYS, CONSULTANTS, OR CONTRACTORS BE LIABLE UNDER THIS AGREEMENT FOR ANY CONSEQUENTIAL, SPECIAL, LOST PROFITS, INDIRECT OR OTHER DAMAGES, INCLUDING BUT NOT LIMITED TO LOST PROFITS, LOSS OF BUSINESS, COST OF COVER WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, EVEN IF ARMORY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. IN ANY EVENT, ARMORY, ITS EMPLOYEES’, AGENTS’, ATTORNEYS’, CONSULTANTS’ OR CONTRACTORS’ AGGREGATE LIABILITY UNDER THIS AGREEMENT FOR ANY CLAIM SHALL BE STRICTLY LIMITED TO $100.00. SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU.

You acknowledge that Armory has provided the Services in reliance upon the limitations of liability set forth herein and that the same is an essential basis of the bargain between the parties.

Required Armory Operator version

To install, upgrade, or configure Armory 2.30.1-rc2, use Armory Operator 1.70 or later.

Security

Armory scans the codebase as we develop and release software. Contact your Armory account representative for information about CVE scans for this release.

Breaking changes

Breaking changes are kept in this list for 3 minor versions from when the change is introduced. For example, a breaking change introduced in 2.21.0 appears in the list up to and including the 2.24.x releases. It would not appear on 2.25.x release notes.

Orca requires RDBMS configured for UTF-8 encoding

Impact

  • 2.28.6 migrates to the AWS MySQL driver from the OSS MySQL drivers. This change is mostly seamless, but we’ve identified one breaking change. If your database was created without utf8mb4 you will see failures after this upgrade. utf8mb4 is the recommended DB format for any Spinnaker database, and we don’t anticipate most users who’ve followed setup instructions to encounter this failure. However, we’re calling out this change as a safeguard.

Update kubectl to 1.20

Impact

With 2.28 of Spinnaker, we’ve updated the kubectl binary to a 1.20 release. You may have potential caching issues as a result due to certain resources in Kubernetes being removed and/or no longer supported. Look for failures in your log files and exclude resources that don’t match your target cluster. For example, adding “PodPreset” to the “omitKinds” on your Kubernetes account configs would cause Spinnaker to skip trying to cache resources that no longer be able to be cached in newer kubernetes releases.

Introduced in: Armory CD 2.28.0

Plugin Compatibility

Due to changes in the underlying services, older versions of some plugins may not work with Armory CD 2.28.x or later.

The following table lists the plugins and their required minimum version:

Plugin Version
Scale Agent for Spinnaker and Kubernetes Clouddriver Plugin 0.11.0
App Name 0.2.0
AWS Lambda 1.0.10
Evaluate Artifacts 0.1.1
External Accounts 0.3.0
Observability Plugin 1.3.1
Policy Engine 0.3.0

Introduced in: Armory CD 2.28.6

Known issues

1.30+ “required artifacts to bind” breaks pipelines

Expected artifacts can be used in automated triggers and stages, and OSS 1.30 changed the way artifact constraints work on triggers. Unfortunately those changes broke the previous behavior when triggering a pipeline from a stage, and this fix restores the previous behavior.

Affected versions: Armory CD 2.30.0

Clouddriver and Spring Cloud

The Spring Boot version has been upgraded, introducing a backwards incompatible change to the way configuration is loaded in Spinnaker. Users will need to set the spring.cloud.config.enabled property to true in the service settings of Clouddriver to preserve existing behavior. All of the other configuration blocks remain the same.

Affected versions: Armory CD 2.30.0

Application attributes section displays “This Application has not been configured”

There is a known issue that relates to the Application Attributes section under the Config menu. An application that was already created and configured in Spinnaker displays the message, “This application has not been configured.” While the information is missing, there is no functional impact.

Affected versions: Armory CD 2.28.0 and later

SpEL expressions and artifact binding

There is an issue where it appears that SpEL expressions are not being evaluated properly in artifact declarations (such as container images) for events such as the Deploy Manifest stage. What is actually happening is that an artifact binding is overriding the image value.

Workaround: 2.27.x or later: Disable artifact binding by adding the following parameter to the stage JSON: enableArtifactBinding: false. This setting only binds the version when the tag is missing, such as image: nginx without a version number.

Affected versions: Armory CD 2.27.x and later

Deprecations

Reference Feature Deprecations and end of support

Early access enabled by default

Automatically Cancel Jenkins Jobs

You now have the ability to cancel triggered Jenkins jobs when a Spinnaker pipeline is canceled, giving you more control over your full Jenkins workflow. Learn more about Jenkins + Spinnaker in this Spinnaker changelog..

Enhanced BitBucket Server pull request handling

Trigger Spinnaker pipelines natively when pull requests are opened in BitBucket with newly added events including PR opened, deleted, and declined. See Triggering pipelines with Bitbucket Server in the Spinnaker docs for details

Early Access

Dynamic Rollback Timeout

To make the dynamic timeout available, you need to enable the feature flag in Orca and Deck. You need to add this block to orca.yml file if you want to enable the dynamic rollback timeout feature:


rollback:
  timeout:
    enabled: true

On the Orca side, the feature flag overrides the default value rollback timeout - 5 min - with a UI input from the user.

On the Deck side, the feature flag enhances the Rollback Cluster stage UI with timeout input.

window.spinnakerSettings.feature.dynamicRollbackTimeout = true;

The default is used if there is no value set in the UI.

Dinghy PR Checks

This feature, when enabled, verifies if the author of a commit that changed app parameters has sufficient WRITE permission for that app. You can specify a list of authors whose permissions are not valid. This option’s purpose is to skip permissions checks for bots and tools.

See Permissions check for a commit for details.

Terraform template fix

Armory fixed an issue with SpEL expression failures appearing while using Terraformer to serialize data from a Terraform Plan execution. With this feature flag fix enabled, you will be able to use the Terraform template file provider. Please open a support ticket if you need this fix.

Pipelines as Code multi-branch enhancement

Now you can configure Pipelines as Code to pull Dinghy files from multiple branches on the same repo. Cut out the tedious task of managing multiple repos; have a single repo for Spinnaker application pipelines. See Multiple branches for how to enable and configure this feature.

Highlighted updates

Clouddriver

  • Fixed AWS CLI pip installation
  • feat: Add the possibility to update the default handler for the Global Resource Property Registry. Due to the fact it is not possible to override the default handler behavior from a Spinnaker plugin code, we introduced a new setter function specifically designed to update the default handler for the Global Resource.
  • fix(gce): remove the duplicate cache attribute “subnet”

Orca

  • fix(waiting-executions) : Waiting executions doesn’t follow FIFO. The fix makes Changes to push StartWaitingExecutions to the queue only when execution status is not running and disabled concurrent executions, in all other cases no need to push StartWaitingExecutions to the queue.

Terraformer

  • Session duration support on AWS roles

Kayenta

  • Addressed an issue related to verbose error messages in Kayenta logs

Spinnaker Community Contributions

There have also been numerous enhancements, fixes, and features across all of Spinnaker’s other services. See the Spinnaker v1.30.3 changelog for details.

Detailed updates

Bill Of Materials (BOM)

Here’s the BOM for this version.

Expand
artifactSources:
  dockerRegistry: docker.io/armory
dependencies:
  redis:
    commit: null
    version: 2:2.8.4-2
services:
  clouddriver:
    commit: e83f27627c37921732db249ca823b2e6485a6f97
    version: 2.30.1-rc2
  deck:
    commit: 7737669d9a68843f448cc4c93ac2a6ea3485f95e
    version: 2.30.1-rc2
  dinghy:
    commit: 5250de80948732c8caac6ffc5293a8af80a63a0f
    version: 2.30.1-rc2
  echo:
    commit: 56844c654cd1b3981686933a9d5bc68011ee2bae
    version: 2.30.1-rc2
  fiat:
    commit: 30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46
    version: 2.30.1-rc2
  front50:
    commit: ec0919166ced870668d787708c249945e9291a01
    version: 2.30.1-rc2
  gate:
    commit: 2dc9b4b767ab502faaa1b99c131eb7263cf519da
    version: 2.30.1-rc2
  igor:
    commit: 67b4c66f33b8b97b89e6b052654bebfea460a41f
    version: 2.30.1-rc2
  kayenta:
    commit: 4d82ef4a72129a715749005235ce0d6ba4778603
    version: 2.30.1-rc2
  monitoring-daemon:
    commit: null
    version: 2.26.0
  monitoring-third-party:
    commit: null
    version: 2.26.0
  orca:
    commit: 638d81c8d3186b6deb8829574c6ac5b65c88c94a
    version: 2.30.1-rc2
  rosco:
    commit: e74de6eaccbed6301505d9f3d2f6745b410211a7
    version: 2.30.1-rc2
  terraformer:
    commit: 650746ae3f596f9c6458987487c81840c85dd2a0
    version: 2.30.1-rc2
timestamp: "2023-08-23 17:49:50"
version: 2.30.1-rc2

Armory

Armory Clouddriver - 2.30.1-rc1…2.30.1-rc2

Armory Igor - 2.30.1-rc1…2.30.1-rc2

Terraformer™ - 2.30.1-rc1…2.30.1-rc2

Armory Rosco - 2.30.1-rc1…2.30.1-rc2

Armory Front50 - 2.30.1-rc1…2.30.1-rc2

Armory Deck - 2.30.1-rc1…2.30.1-rc2

Armory Kayenta - 2.30.1-rc1…2.30.1-rc2

  • chore(cd): update base service version to kayenta:2023.08.22.17.00.47.release-1.30.x (#463)

Dinghy™ - 2.30.1-rc1…2.30.1-rc2

Armory Fiat - 2.30.1-rc1…2.30.1-rc2

  • chore(cd): update base service version to fiat:2023.08.22.18.06.01.release-1.30.x (#515)

Armory Orca - 2.30.1-rc1…2.30.1-rc2

Armory Echo - 2.30.1-rc1…2.30.1-rc2

Armory Gate - 2.30.1-rc1…2.30.1-rc2

Spinnaker

Spinnaker Clouddriver - 1.30.3

Spinnaker Igor - 1.30.3

Spinnaker Rosco - 1.30.3

Spinnaker Front50 - 1.30.3

Spinnaker Deck - 1.30.3

Spinnaker Kayenta - 1.30.3

  • fix(orca): Fix orca contributors status. (backport #977) (#981)

Spinnaker Fiat - 1.30.3

  • fix(ssl): Removed unused deprecated okHttpClientConfig from retrofitConfig. (#1082) (#1091)

Spinnaker Orca - 1.30.3

Spinnaker Echo - 1.30.3

Spinnaker Gate - 1.30.3


Last modified August 24, 2023: (4eaabe5d)