v6.22.0 (2024-06-19)
Added
Changed
Agent Changelog
Security
- ⚠️ When using
artifact download, artifacts that were uploaded with paths containing..will no longer be able to traverse up from the destination path. This change is unlikely to break the vast majority of pipelines, however if you are relying on..for path traversal and cannot fix your pipeline, you can enable the new experimentallow-artifact-path-traversal#2815 (@DrJosh9000) - Redact Job API token like other env vars #2834 (@DrJosh9000)
Added
- Add logs to allowed-[repositories|plugins] #2810 (@jakubm-canva)
Fixed
- Fix error in k8s after job completes #2804 (@DrJosh9000)
Changed
Internal
- kubernetes-exec is now a flag #2814 (@DrJosh9000)
- shell logger: Use fmt functions once #2805 (@DrJosh9000)
- Update deprecated import #2811 (@DrJosh9000)
- Use Rand per-test in agent/plugin/error_test.go #2795 (@moskyb)
- Publish debian and rpm packages to Buildkite Packages #2824 #2826 #2831 #2830 #2833 (@sj26)
- Dependabot updates: #2809, #2816, #2800, #2801, #2802, #2803, #2787, #2798, #2808, #2827 #2817, #2818, #2819, #2822, #2829, #2832, #2835 (@dependabot[bot])
Important
When using artifact download, artifacts that were uploaded with paths containing .. will no longer be able to traverse up from the destination path. This change is unlikely to break the vast majority of pipelines, however if you are relying on .. for path traversal and cannot fix your pipeline, you can enable the new experiment allow-artifact-path-traversal
Fixed
- Lazy-unmount /tmp before masking #1327 (@DrJosh9000)
Dependencies
- Bump Docker buildx to v0.15.0 #1329 (@rianmcguire)
Upgrading
Perform a CloudFormation stack update with the following URL:
https://s3.amazonaws.com/buildkite-aws-stack/v6.22.0/aws-stack.yml
If you want to launch a new stack, you can use this link (make sure not to use your production AWS account, create a new one for CI):