v0.3.1

What's Changed

Bug fixes:

• Fix CLI failures that occur when CLI configuration does not already exist.

Full Changelog: v0.3.0...v0.3.1

v0.3.0

The Kargo team is pleased to present a feature-packed v0.3.0 release!

⚠️  Be warned that with Kargo still in its early stages, and the team still learning what works and what doesn't, this release is packed with breaking changes. There is no supported upgrade path to v0.3.0 from previous releases.

What's New

PR-Based Promotions

Git-based promotion mechanisms may now, optionally, open a pull request instead of committing directly to a branch. Such promotions remain in a running state until the pull request is merged or closed. This exciting new capability gives teams the option to utilize code review as an implicit approval process.

This feature is currently only supported for GitHub repositories.

Verifications

After a successful promotion, Stage resources now enter a Verifying phase. Once such a Stage has cleared any applicable health checks, an optional, user-defined verification process is executed.

Some users may be familiar with Argo Rollouts AnalysisTemplate resources (and the AnalysisRun resources that are spawned from them). These were intentionally built to be re-usable in contexts other than Argo Rollouts. Kargo's user-defined verification processes, therefore, take the form of one or more references to AnalysisTemplate resources that reside in the same project/namespace as the Stage resource, which grants those processes all the benefits of this rich and battle-tested feature of Argo Rollouts.

SSO Improvements

Kargo is typically configured to support single-sign-on (SSO) using an external identity provider that implements the OpenID Connect protocol.

Kargo also implements authorization of all user actions using pure Kubernetes RBAC. i.e. Permission to perform various actions on various Kargo resources is therefore granted via RoleBinding resources that associate users or ServiceAccount resources with Role resources.

Because Kargo users log into the Kargo CLI or UI via SSO, their identifies are unknown to Kargo's underlying Kubernetes cluster. This represents an impediment to using Kubernetes RBAC to authorize the actions of such users. Kargo now answers this challenge through a scheme that permits users to be mapped to zero or more Kubernetes ServiceAccount resources.

Please, refer to the documentation for more details.

Freight Improvements

Aliases

If you've tried Kargo before, you may have noticed that each Freight resource's ID is a SHA-1 hash of that Freight resource's contents. Deriving the ID deterministically from the contents provides numerous technical benefits, but working with SHA-1 hashes is, to say the least, cumbersome for human users.

To that end, new Freight resources are now labeled with whimsical, system-generated aliases that are each guaranteed to be unique within the project/namespace. Unlike a Freight resource's ID, its alias is mutable, meaning users may optionally confer meaningful aliases on important pieces of Freight, such as a likely release candidate.

Updating Freight aliases is currently available via the Kargo CLI only. i.e. This feature is not yet present in the UI.

Manual Approvals

One bit of feedback we've heard a lot of is that a stringent requirement that a new piece of Freight traverses an entire delivery pipeline to reach production is too restrictive when the need for hotfix occasionally arises. To that end, Freight resources may now be manually approved for promotion to any Stage, thereby enabling that Freight to bypass deployment and verification in any number of intermediate Stages.

Manual Freight approval is currently available via the Kargo UI only. i.e. This feature is not yet present in the CLI.

Miscellaneous Improvements

• Warehouse resources now perform shallow, single-branch clones of the Git repositories they subscribe to.

• Freight references to container images now include digests as well as tags and digests can even be used in promotion processes in place of tags for a higher degree of determinism.

• Much as with kubectl, Kargo CLI users may now configure a default project/namespace.

• Numerous devx improvements.

• Too many UI improvements and bug fixes to enumerate here!

New Contributors

Last, but certainly not least, Kargo would be nothing without its community, so we'd like to take a moment to thank community members whose first contributions to the project are included in this release:

• @paulliwog made their first contribution in #1135
• @Juneezee made their first contribution in #1142
• @lrotim made their first contribution in #1041
• @Tchoupinax made their first contribution in #1223
• @Brightside56 made their first contribution in #1288
• @snooyen made their first contribution in #1277

Full Changelog: v0.2.1...v0.3.0

v0.3.0-rc.3

fix(controller): fix stage getting stuck in verifying phase if no ver…

v0.3.0-rc.2

fix(cli): project flag not recognized for several CLI commands (#1320)

v0.3.0-rc.1

fix: sort promotions with running and pending first (#1314)

Signed-off-by: Remington Breeze <[email protected]>

v0.3.0-alpha.1

What's Changed

• update docs for v0.2.0 by @krancour in #875
• refactor kargo-render cmd invocation by @krancour in #1109
• chart: give controller permission to patch warehouses by @krancour in #1110
• fix auto-promotions by @krancour in #1112
• fix error invoking kargo render by @krancour in #1114
• chore: add awscli for nightly build by @34fathombelow in #1115
• chore(deps): bump golang from 1.21.3-bookworm to 1.21.4-bookworm by @dependabot in #1096
• upgrade golang image used in ci and release processes by @krancour in #1116
• chore(deps): bump undici from 5.22.1 to 5.27.0 in /ui by @dependabot in #1050
• chore(deps): bump the akp-js-major group in /ui with 8 updates by @dependabot in #1117
• chore(deps): bump the akp-js-minor group in /ui with 10 updates by @dependabot in #1118
• chore(deps): bump the akp-js-patch group in /ui with 15 updates by @dependabot in #1095
• make warehouse do shallow, single-branch clones by @krancour in #1091
• update values.yaml with notes about including port in api.host field by @krancour in #1122
• merge v0.2.x into main by @krancour in #1127
• shard warehouse reconcilers by @krancour in #1124
• update ci triggers by @krancour in #1133
• remove dead code by @krancour in #1125
• fix flakey priority queue test by @krancour in #1129
• include warehouses/finalizers in helm chart RBAC template by @paulliwog in #1135
• fix(ui): Node view styles improvements by @rpelczar in #1138
• add alias label to freight by @krancour in #1097
• chore: remove ACL permissions for Kargo Nightly CLI by @34fathombelow in #1141
• chore: replace github.com/ghodss/yaml with sigs.k8s.io/yaml by @Juneezee in #1142
• fix(ui): Warehouse subscription is not displayed in Stage details by @rpelczar in #1137
• chore(deps): bump the akp-js-minor group in /ui with 3 updates by @dependabot in #1146
• chore(deps): bump the akp-js-patch group in /ui with 2 updates by @dependabot in #1145
• chore(deps): bump the akp-js-major group in /ui with 1 update by @dependabot in #1147
• fix(ui): Checking token expiration before requests by @rpelczar in #1152
• rename Freight's "qualified" field to "verifiedIn"; add "approvedFor" field by @krancour in #1151
• on new freight, enqueue subscribed stages by @krancour in #1160
• chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in #1161

New Contributors

• @paulliwog made their first contribution in #1135
• @Juneezee made their first contribution in #1142

Full Changelog: v0.2.0...v0.3.0-alpha.1

v0.2.1

What's Changed

Bug fixes:

• Fixed auto-promotions
• Prevented Kargo Render failures from bleeding git repo credentials into logs
• Gave controller permission to patch warehouses
• Fixed broken "promote to subscribers" button (the "truck button") in UI

Full Changelog: v0.2.0...v0.2.1

v0.2.1-rc.2

make ci work for semver-ish branch names (#1131)

Signed-off-by: Kent <[email protected]>

v0.2.1-rc.1

Merge branch 'main' into v0.2.x

v0.2.0

What's Changed

First-Class Freight

Anyone who has been following what we've been doing already knows that "freight" -- a set of references to one or more versioned artifacts -- is an important concept in Kargo. Important as it is, it was nevertheless not represented as its own top-level resource type in Kargo v0.1.0. Freight existed only within the status of various Stage resources. This made it onerous and inefficient for Stage resources, when reconciled, to locate available freight (i.e. other states to which they could be transitioned).

In v0.2.0, we've promoted (pardon the pun) freight to a first-class concept represented by a new custom resource type -- Freight. This small architectural pivot makes it much easier to get a piece of freight, list freight, or query for freight available to a given stage (i.e. freight that has qualified in an upstream stage). The CLI has, of course, evolved along with this change, and it is now possible to get and list Freight.

Warehouses

In Kargo v0.1.0, with freight being the more nebulous concept that it was, production of new freight was tightly-coupled to stages with direct subscriptions to Git, container image, and/or Helm chart repositories.

With freight now having becoming a first-class concept with its own resource type, Kargo v0.2.0 has decoupled the production of new freight from the stages by introducing a warehouse concept, which is also represented by its own custom resource type -- Warehouse.

Warehouse resources now encapsulate subscriptions to one or more Git, container image, and/or Helm chart repositories. Those repositories are polled each time a Warehouse resource is reconciled, at times resulting in the production of new Freight resources. Stages that may previously have subscribed directly to various repositories subscribe indirectly now by subscribing to a warehouse instead.

The CLI and UI have, of course, evolved around this new concept as well. It is possible to use either to "refresh" a warehouse, thereby forcing the repositories to which it subscribes to be polled on-demand.

Most importantly, we believe the warehouse concept introduces a logical place to introduce more fine-grained control over repository subscriptions and the conditions under which new freight is produced as we begin work on v0.3.0.

Bookkeeper Rebranded as Kargo Render

Many Kargo users may not have known about Bookkeeper. Bookkeeper is Kargo's little brother and integrates very well with Kargo. In short, Bookkeeper makes short work of rendering stage-specific configuration in a GitOps repository into plain YAML manifests that it stores in stage-specific branches. Under the hood, it uses your choice of Kustomize or Helm and configuration that lives in the GitOps repository, right alongside the Kustomize overlays or Helm charts on which it operates.

We feel so strongly that Kargo works best when used with Bookkeeper that we've now rebranded Bookkeeper as Kargo Render.

Visit https://kargo-render.akuity.io to learn more!

Other Notable Changes

• Admin tokens now have a longer default TTL.
• Promotions are reconciled faster.
• Reduced (go mod) dependency on Argo CD and GitOps Engine -- part of an overall effort to eliminate those dependencies entirely so we can upgrade Kubernetes freely as needed.
• Numerous:
  • Small enhancements
  • Documentation improvements
  • Process improvements

New Contributors

We would also like to thank the following first-time community contributors! Their interest in the project and their efforts demonstrate that what we're aspiring to is bigger than Akuity, and that Kargo is out to solve real pain points that are felt throughout the entire GitOps community!

• @mocdaniel made their first contribution in #841
• @jaimin001 made their first contribution in #839
• @rumstead made their first contribution in #912
• @dhanusaputra made their first contribution in #900
• @moensch made their first contribution in #915
• @pabrahamsson made their first contribution in #924
• @tal-hason made their first contribution in #950
• @smolinari made their first contribution in #980
• @georgettica made their first contribution in #1002

Full Changelog: v0.1.0...v0.2.0