Release notes

builds for Red Hat OpenShift 1.7

Highlights of what is new and what has changed with this OpenShift Builds release

Red Hat OpenShift Documentation Team

Abstract

The release notes for OpenShift Builds summarize all new features and enhancements, notable technical changes, major corrections from the previous version, and any known bugs upon general availability.

Chapter 1. Builds release notes

Release notes contain information about new and deprecated features, breaking changes, and known issues. The following release notes apply for the most recent Builds releases on OpenShift Container Platform.

Builds is an extensible build framework based on the Shipwright project, which you can use to build container images on an OpenShift Container Platform cluster. You can build container images from source code and Dockerfiles by using image build tools, such as Source-to-Image (S2I) and Buildah. You can create and apply build resources, view logs of build runs, and manage builds in your OpenShift Container Platform namespaces.

Builds includes the following capabilities:

  • Standard Kubernetes-native API for building container images from source code and Dockerfiles
  • Support for Source-to-Image (S2I) and Buildah build strategies
  • Extensibility with your own custom build strategies
  • Execution of builds from source code in a local directory
  • Shipwright CLI for creating and viewing logs, and managing builds on the cluster
  • Integrated user experience with the Developer perspective of the OpenShift Container Platform web console

For more information about Builds, see "Overview of Builds".

1.1. Compatibility and support matrix

In the table, components are marked with the following statuses:

TP

Technology Preview

GA

General Availability

The Technology Preview features are experimental features and are not intended for production use.

Table 1.1. Compatibility and support matrix

Builds VersionComponent VersionCompatible Openshift Pipelines VersionOpenShift VersionSupport

Operator

Builds (Shipwright)

CLI

   

1.7

0.18.0 (GA)

0.18.0 (GA)

1.18-1.21

4.16-4.21

GA

1.6

0.17.0 (GA)

0.17.0 (GA)

1.18-1.21

4.16-4.20

GA

1.2. Release notes for Builds 1.7.1

Builds 1.7.1 is now available on OpenShift Container Platform 4.16-4.21.

1.2.1. Fixed issues

User interface link now points to the correct product documentation version
Before this update, the user interface (UI) link for builds for Red Hat OpenShift documentation pointed to version 1.4 instead of version 1.7. As a result, users were directed to outdated documentation. With this update, the UI link is corrected to point to version 1.7. This ensures that users can access the documentation that corresponds to their version of OpenShift Container Platform.
OpenShift Builds ClusterRoleBinding corrected to prevent access errors
Before this update, the operator ClusterRole referenced in the openshift-builds-operator ClusterRoleBinding was missing. As a consequence, users encountered access denied errors in builds for Red Hat OpenShift. With this update, the ClusterRoleBinding for the openshift-builds-operator correctly references the ClusterRole, which resolves the access errors and ensures the Builds for Red Hat OpenShift Operator functions correctly.

1.3. Release notes for Builds 1.7

Builds 1.7 is now available on OpenShift Container Platform 4.16-4.21.

Note

With this release, you can use a new migration tool, Crane. It automatically converts the BuildConfig resources to Build resources, which simplifies adopting the builds for Red Hat OpenShift application. To learn more about this tool and its benefits, see This content is not included.Migrate BuildConfig resources to Builds for Red Hat OpenShift with Crane.

1.3.1. New features

The following sections highlight what is new in Builds 1.7.

Read-only root file systems enforced for containers
With this update, you must set the readOnlyRootFilesystem parameter to true for your containers in OpenShift Container Platform. This change addresses security audits and protects containers from potential vulnerabilities.
Operator pod containers now use read-only root file systems
With this update, the root filesystems of the Operator pod container and the shared resource container are set to read-only. This enhancement improves security by preventing runtime modifications to internal container files. The update also includes an end-to-end (E2E) test to validate the workflow.

1.3.2. Fixed issues

CSI driver correctly enforces RBAC permissions for Secrets and ConfigMaps
Before this update, the Container Storage Interface (CSI) driver ignored forbidden errors when attempting to fetch source Secret or ConfigMap resources, mounting an empty volume instead of failing the operation and bypassing RBAC controls. With this update, the CSI driver correctly returns API client errors and requires an explicit RoleBinding to access resources.

1.4. Additional resources

Legal Notice

Copyright © Red Hat.
Except as otherwise noted below, the text of and illustrations in this documentation are licensed by Red Hat under the Creative Commons Attribution–Share Alike 3.0 Unported license . If you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, the Red Hat logo, JBoss, Hibernate, and RHCE are trademarks or registered trademarks of Red Hat, LLC. or its subsidiaries in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
XFS is a trademark or registered trademark of Hewlett Packard Enterprise Development LP or its subsidiaries in the United States and other countries.
The OpenStack® Word Mark and OpenStack logo are trademarks or registered trademarks of the Linux Foundation, used under license.
All other trademarks are the property of their respective owners.