Today we proudly present the next release of Kabanero, version 0.6.0. Check out the changes we have for you.
Stacks and Stack Hub
Kabanero 0.6.0 represents a significant improvement in configuration flexibility and conceptual simplification! We have evolved the way we codify the operational behavior of application stacks. Specifically, we removed collections as a concept. Instead, the developer, ops staff, and architects manage the application stacks directly without the complexity of publishing pipelines simultaneously.
Externally, the changes to move from collections to stacks are fairly simple. Instead of a collection hub, we have a stack hub (a normal, Appsody stack hub) and instead of collections, we have stacks. It really is that straightforward. The configuration for each stack is now managed using the Kabanero custom resources (CRs): Kabanero, stack, and pipeline. Where previously, we would have pipeline configuration and specification co-mingled in the collections themselves; the pipelines are now revved independently through normal Kubernetes operator control of the CRs, e.g. oc apply kabanero.yaml is used to update the pipeline configuration of a stack hub or an individual stack.
The operator, command line interface, user experience console, samples, guides, kabanero.io website and documentation have been updated to reflect these changes. Many user enhancements also were made to the Kabanero CLI.
The stack hub build script is also improved to reference pre-built indexes, making precise version management of stacks much easier.
Version 0.6.0 completes the support for the activation of multiple versions of the same named application stack. The stack CR now reflects which versions of a given stack are active — multiple version support is necessary for allowing time to test, validate and transition from one version of an application stack to the next. Stack governance is tightened by validating container digests, ensuring the desired configuration of containers and container publishing discipline is properly executed. Validation mismatches of digests result in warning messages logged in the pipeline output. The command line interface and user experience console are also improved to support multiple versions of stacks.
Having done the prep work in version 0.5.0 to pull in trigger support for OpenShift Pipelines, we have updated our trigger configuration to show best practice pipeline execution based on GitHub repository events. In addition, we moved to a newer release of triggers, so if you have existing webhooks created in a previous version, you will need to delete them and recreate them.
There is a behavior change in the build-deploy-pl pipeline that allows a deploy task (which deploys the application to the cluster) to be conditionally run. In previous releases, all events in the GitHub repo that triggered a pipelinerun using the webhook would trigger both build and deploy tasks. In this release, events trigger a build task, but only a PR merge triggers a deploy task.
As part of the transition from collections to stacks, we have introduced a release process for the kabanero-pipelines repo. With pipelines separated into its own release, users can quickly create and update pipelines and associate them with stacks in the Kabanero CR.
You should see significant performance improvement in the nodejs and nodejs-express pipeline run execution times when the pipelines are run against stacks in the new stack hub.
We’ve enabled the community GitHub repositories with support for new users to agree to a contribution license — which protects the community, as well as the contributors. Just open a PR and GitHub will automatically check if you’ve agreed, and if you haven’t, you will have the opportunity to do so at that time.
Unique Experience Console
The console has been enhanced to securely interact with the command line services. We added the ability to synchronize your stacks with the Kabanero CRD, deactivate stacks, and view the CLI service version via the manage stacks UI. More updates can be found in the release https://github.com/kabanero-io/kabanero-landing/releases
With version 0.6.0, we provide an application-supporting single sign-on server, pre-configured and running in the cluster for applications to use. Learn more here: https://github.com/kabanero-io/docs/blob/master/ref/general/configuration/rhsso.adoc
We also provide security improvements with TLS for microservice-to-microservice interactions with a certificate manager implementation sample that has step-by-step instructions for customers to enable and use this for applications. More here: https://github.com/kabanero-io/kabanero-security/tree/master/certmanager/samples/openliberty
We provide enhancements to the DevSecOps story for the best practice pipelines. These include making container scan results more readily available and allowing scan OVAL and XCCDF files to be configured so that admins can determine how much scanning is to be done. Look here at the pathToInpuFile argument: https://github.com/kabanero-io/kabanero-security/blob/master/pipelines/scanning/README.md
We’ve also improved our container signing sample to provide an easy way to create and configure the RSA keys (private/public) used by the signing task. Refer to these links for more information: https://github.com/kabanero-io/kabanero-security/blob/master/pipelines/samples/signing/README.md https://github.com/kabanero-io/kabanero-security/blob/master/pipelines/samples/signing-operator/README.md
Blocking and Tackling
As usual, we’ve updated the foundation components to stay current.
Dependent open source components
OpenShift Pipelines Operator
OpenShift Serverless Operator
OpenShift ServiceMesh Operator
The community has decided to move away from a Kabanero "branded Che" and towards the CodeReady variant to make the developer experience more consistent with Kabanero and OCP. The version of the CodeReady Workspaces Operator varies depending on OCP release.
Kabanero 0.6.0 executes on OCP 4.3.
The curated stack hub is moved and located here: https://github.com/kabanero-io/kabanero-stack-hub/releases/tag/0.6.0
0.25.2 (in the process of deprecation)
You’ll note the addition of the java-openliberty stack, which is a functional replacement for the java-microprofile stack. The java-microprofile stack will be removed from stack hub in version 0.9.0. Also note that the nodejs-loopback stack is no longer part of the default Kabanero stack hub.