github akuity/kargo v0.9.0
on GitHub

9 hours ago

💥 Kargo v0.9.0 is here!

🪜 Promotion Steps

This release executes a highly anticipated pivot.

When we first introduced Kargo to the world, its "promotion mechanisms" -- the processes by which Stages are transitioned from one state to another -- were highly opinionated, reflecting our team's own experiences and sense of what practices had served us well up to that point. We've listened intently to feedback from users with differing experience and opinions. Up to a point, we attempted to add "switches and dials" to the existing promotion mechanisms to improve their flexibility, but ultimately found that approach to be unsustainable and also unlikely to ever achieve the degree of flexibility that the maintainers and the community mutually desired.

Around the time of the v0.8.0 release, we decided that a primary focus of the v0.9.0 release would be a pivot toward a much more flexible system for describing promotion processes. Today, we're excited to release the culmination of that effort. Promotion steps represent the new, basic building blocks of more complex promotion processes which users can now more fully customize to suit their specific needs. With them, promotion processes can be composed of discrete actions such as:

  • Clone a repository
  • Render manifests using helm template or kustomize build
  • Commit and push changes to a repository
  • Create a pull request
  • Sync an Argo CD Application
  • And much more

We believe users will find promotion steps to be reminiscent of GitHub Actions, and in fact, we think of this feature as being to CD what GitHub Actions is to CI.

As excited as we are to introduce this feature, we also believe we've only begun to scratch the surface of what this will enable over the longer term:

  • We know this shift means more verbose configuration. Over the coming releases, we intend to create "higher-order" steps composed of multiple lower-level steps to reduce the configuration required for common promotion processes. These will differ from legacy promotion mechanisms, which were monolithic and rigid. By contrast, higher-order steps will afford users the flexibility to "drop down" to lower-level steps when higher-order steps do not meet their needs.

  • We have long seen the potential for extending Kargo via a plugin system. With promotion steps, we believe we've built a solid foundation upon which to finally integrate custom and third-party functionality into user-defined promotion processes. Over the coming releases, you can expect to see the maintainers doing more work to pave the way for this -- first by isolating promotion processes to their own containers, then later publishing a formal specification for how custom or third-party promotion steps can be implemented and installed. This capability will form the cornerstone of other future functionality, such as notifications.

  • Over the coming releases, maintainers also expect to introduce support for a basic expression language to improve the ease with which promotion steps can reference attributes of a the Promotion, the Freight being promoted, the Stage being promoted to, credentials, the output of previous steps, and more.

Finally, this pivot does mean the deprecation of the legacy promotion mechanisms. The v0.9.x series of releases will continue to support those legacy mechanisms, but users should expect them to be removed in the releases > v0.9.x. The community should expect no further investment in improving those legacy mechanisms.

To learn more about promotion steps, please refer to the updated concepts doc and to the new promotion steps reference doc. Our quickstart has also been updated to showcase the new promotion steps feature.

‼️ Breaking Changes

We continue to strive toward minimizing breaking changes. There are just a few to make note of in this release:

  • As previously mentioned, the legacy promotion mechanisms are now deprecated and will be removed in releases > v0.9.x. Automated migration from the legacy promotion mechanisms to promotion steps was not feasible, which is why we elected to continue supporting the legacy promotion mechanisms in the v0.9.x series of releases.

  • The annotation keys rbac.kargo.akuity.io/sub, rbac.kargo.akuity.io/email, and rbac.kargo.akuity.io/groups used for mapping SSO users to Kubernetes ServiceAccounts have changed to rbac.kargo.akuity.io/claim.sub, rbac.kargo.akuity.io/claim.email, and rbac.kargo.akuity.io/claim.groups, respectively. Kargo will automatically migrate the old annotation keys to the new ones upon upgrade, but if you are gitops'ing your Kargo configuration, you may also wish to update it manually.

  • The kargo.akuity.io/authorized-stage annotation that is applied to Argo CD Application resources to indicate consent to be modified or synced by a given Stage has dropped support for wildcards. Values for this annotation must now be of the form <project name>:<stage name>. If you have been using values of the form <project name>:*, you will need to update your configuration to use the specific Stage name. The technical justifications for this change can be found in #2617.

🆕 Other Major Features

  • With special thanks to @gnadaban, Kargo is now able to perform comprehensive health checks on Stages that integrate with multi-source Argo CD Applications.

  • @BenHesketh21 has generalized the mapping of SSO users to Kubernetes ServiceAccounts via OIDC claims. While only sub, email, and groups claims were previously supported, any claims supported by your identity provider can now be referenced by these mappings.

  • @lknite collaborated with maintainers to make it significantly easier to customize the CA bundles used by Kargo's API server and controller components.

🆕 UI Improvements

As has been customary, this release is packed with too many UI improvements to list. Here are some highlights:

  • Live view of in-progress promotions. See what step is currently running as well as the configuration, outcome, and output of each step.

  • Is your Freight timeline getting too crowded? It is now possible to hide Freight older than the oldest still in use or all currently unused Freight.

  • The pipeline view now surfaces considerably more information about the status of each Stage.

  • Have long pipelines? You can now zoom in to focus on a specific segment or zoom out for a holistic view.

🆕 CLI Improvements

  • Settings in your local Kargo CLI configuration will now be retained, instead of being reset, when re-authenticating to the same Kargo server.

  • The kargo server command finally fully works! This enables an interesting option that some orgs with a few highly-privileged Kargo users may wish to take advantage of. Instead of centrally hosting a Kargo API server, which usually requires configuring SSO, users who have direct access to the Kargo control plane's underlying cluster can run the API server locally and all operations performed by the API server will be carried out using the user's own cluster credentials (i.e. from ~/.kube/config).

🛡️ Security Improvements

Like to GitOps everything including your Kargo Projects? (Great! We do too!) Now you can optionally disable the API server's access to Project Secrets at install-time as there will be no need for that access when credentials are no longer managed via the Kargo UI or CLI.

🗞️ Project News

With mixed emotions, we bid farewell to maintainer @rbreeze as he moves on to new opportunities. The project is indebted to him for his extensive contributions, most notably Kargo's tremendous UI. With his departure, our colleague, @Marvin9 will be stepping up to play a more central role in the project.

This release also welcomes @fykaa to the ranks of the project maintainers!

💥 GA Imminent

Now for some truly big news!

The v0.9.0 release and our pivot to promotion steps marks a major milestone for the Kargo project. While we will no doubt continue to innovate at the brisk pace that you have come to expect through the introduction of new and experimental features (much like Kubernetes does), the maintainers are now confident that we have implemented the right set of core features. Satisfied with the stability of those features, which we, ourselves, are using in production, we consider Kargo's general availability to be imminent.

Expect our next major release to be v1.0.0!

🙏 New Contributors

Last, but not least, we are grateful to the vibrant community that makes this project possible. We would like to extend a special thank you to community members who have gone above and beyond by making their first contributions to the project in this release:

Full Changelog: v0.8.8...v0.9.0

Check out latest releases or
releases around akuity/kargo v0.9.0

Don't miss a new kargo release

NewReleases is sending notifications on new releases.

Get notifications