The Kargo team is pleased to present a feature-packed v0.3.0 release!
⚠️ Be warned that with Kargo still in its early stages, and the team still learning what works and what doesn't, this release is packed with breaking changes. There is no supported upgrade path to v0.3.0 from previous releases.
What's New
PR-Based Promotions
Git-based promotion mechanisms may now, optionally, open a pull request instead of committing directly to a branch. Such promotions remain in a running state until the pull request is merged or closed. This exciting new capability gives teams the option to utilize code review as an implicit approval process.
This feature is currently only supported for GitHub repositories.
Verifications
After a successful promotion, Stage
resources now enter a Verifying
phase. Once such a Stage
has cleared any applicable health checks, an optional, user-defined verification process is executed.
Some users may be familiar with Argo Rollouts AnalysisTemplate
resources (and the AnalysisRun
resources that are spawned from them). These were intentionally built to be re-usable in contexts other than Argo Rollouts. Kargo's user-defined verification processes, therefore, take the form of one or more references to AnalysisTemplate
resources that reside in the same project/namespace as the Stage
resource, which grants those processes all the benefits of this rich and battle-tested feature of Argo Rollouts.
SSO Improvements
Kargo is typically configured to support single-sign-on (SSO) using an external identity provider that implements the OpenID Connect protocol.
Kargo also implements authorization of all user actions using pure Kubernetes RBAC. i.e. Permission to perform various actions on various Kargo resources is therefore granted via RoleBinding
resources that associate users or ServiceAccount
resources with Role
resources.
Because Kargo users log into the Kargo CLI or UI via SSO, their identifies are unknown to Kargo's underlying Kubernetes cluster. This represents an impediment to using Kubernetes RBAC to authorize the actions of such users. Kargo now answers this challenge through a scheme that permits users to be mapped to zero or more Kubernetes ServiceAccount
resources.
Please, refer to the documentation for more details.
Freight Improvements
Aliases
If you've tried Kargo before, you may have noticed that each Freight
resource's ID is a SHA-1 hash of that Freight
resource's contents. Deriving the ID deterministically from the contents provides numerous technical benefits, but working with SHA-1 hashes is, to say the least, cumbersome for human users.
To that end, new Freight
resources are now labeled with whimsical, system-generated aliases that are each guaranteed to be unique within the project/namespace. Unlike a Freight
resource's ID, its alias is mutable, meaning users may optionally confer meaningful aliases on important pieces of Freight
, such as a likely release candidate.
Updating Freight
aliases is currently available via the Kargo CLI only. i.e. This feature is not yet present in the UI.
Manual Approvals
One bit of feedback we've heard a lot of is that a stringent requirement that a new piece of Freight
traverses an entire delivery pipeline to reach production is too restrictive when the need for hotfix occasionally arises. To that end, Freight
resources may now be manually approved for promotion to any Stage
, thereby enabling that Freight
to bypass deployment and verification in any number of intermediate Stage
s.
Manual Freight
approval is currently available via the Kargo UI only. i.e. This feature is not yet present in the CLI.
Miscellaneous Improvements
-
Warehouse
resources now perform shallow, single-branch clones of the Git repositories they subscribe to. -
Freight
references to container images now include digests as well as tags and digests can even be used in promotion processes in place of tags for a higher degree of determinism. -
Much as with
kubectl
, Kargo CLI users may now configure a default project/namespace. -
Numerous devx improvements.
-
Too many UI improvements and bug fixes to enumerate here!
New Contributors
Last, but certainly not least, Kargo would be nothing without its community, so we'd like to take a moment to thank community members whose first contributions to the project are included in this release:
- @paulliwog made their first contribution in #1135
- @Juneezee made their first contribution in #1142
- @lrotim made their first contribution in #1041
- @Tchoupinax made their first contribution in #1223
- @Brightside56 made their first contribution in #1288
- @snooyen made their first contribution in #1277
Full Changelog: v0.2.1...v0.3.0