concourse v6.6.0 Release Notes

Release Date: 2020-10-02 // over 3 years ago
  • 🍱 🚨 Breaking

    • 🚀 The concourse worker process now depends, via gdn v1.19.16, on runc v1.0.0-rc91. There is a known issue with using BPM to manage newer versions of runc, which has been resolved in bpm-release v1.1.9. So if your concourse is deployed using BOSH, you will also need to use at least BPM 1.1.9. After upgrading, if you start to see build steps erroring with a message like:

      runc run: exit status 1: container_linux.go:349: starting container process caused "process_linux.go:439: container init caused \"process_linux.go:405: setting cgroup config for procHooks process caused \\"failed to write \\\\"c 5:1 rwm\\\\" to \\\\"/sys/fs/cgroup/devices/system.slice/concourse.service/garden/a206550f-f6dd-4609-4f13-0a11afd3fd93/devices.allow\\\\": write /sys/fs/cgroup/devices/system.slice/concourse.service/garden/a206550f-f6dd-4609-4f13-0a11afd3fd93/devices.allow: operation not permitted\\"\""

    ⬆️ then you probably need to upgrade BPM. Thanks @tlwr for investigating this!

    🍱 ✈️ Features

    👍 Allow rotating the encryption key via concourse migrate (#5980) @aoldershaw 🔗

    • concourse migrate can be called with --old-encryption-key to rotate the database encryption key as a one-time operation
    • concourse web still accepts --old-encryption-key

    - You should stop any ATCs prior to running this command

    👌 Support SAML 2.0 as an auth backend (#5998) @adnankobir 🔗

    🔧 Use the configured resolv.conf for containerd (#6001) @YoussB 🔗

    🍱 set_pipeline step header indicates whether changes were applied (#6011) @andy-paine 🔗

    - If a set_pipeline step made any changes, it will indicate by highlighting in yellow and displaying pipeline config changed message when hovered over the step.

    👍 Allow the fly http transport to use client certificates (#6017) @avanier 🔗

    - Adds new --client-cert and --client-key flags to the fly login command. The provided client certificates will then be used by fly's http transport.

    ➕ Add new default values to the Guardian flags network-pool and max-containers (#6031) @muntac 🔗

    👍 Allow statx in containerd (#6045) @muntac 🔗

    - Update containerd's seccomp profile to allow the statx system call. This lets basic commands like ls -l to be executed.

    🍱 Enable secret caching for var_sources. (#6046) @evanchaoli 🔗

    🍱 Custom background image (#6053) @andy-paine 🔗

    🍱 🐞 Bug Fixes

    🍱 Return real JSON from fly get-team --json (#5996) @agurney 🔗

    - The --json flag on fly get-team is meant to yield a structured JSON representation of the team data, including auth details, but instead just gave {}. Now it works as intended.

    🍱 Admins can only login to teams that exist (#6021) @izabelacg 🔗

    - Previously admins could log into any team, even if the team did not exist. Admins can still log into any team but now fly verifies that the team exists before saving the target to .flyrc.

    ⏱ Request schedule when cancelling a pending build (#6023) @xtremerui 🔗

    - Fix a bug that a build can't be cancelled if it is in pending state because of unsatisfiable inputs

    🍱 Enable fly validate-pipeline to accept --enable-across-step (#6027) @flavorjones 🔗

    - Enable fly validate-pipeline to accept --enable-across-step and recognize across as a valid step.

    🛠 Fix build reaper missing builds due to pagination (#6051) @chenbh 🔗

    • Fixed the build reaper missing builds

    - Fixed pagination bugs on the resource version and job builds pages

    🛠 Fix a bug where running fly execute fails in an environment when all workers are tagged. (#6059) @aledeganopix4d 🔗

    🛠 Fix horizontal scrolling on build page (#6083) @zoetian 🔗

    🍱 Only set Guardian flag default when flag not provided by user (#6087) @muntac 🔗

    • Only pass garden the configured defaults within Concourse for the guardian flags max-containers and network-pool if it is not set through the garden config file, environment variables or flags.

    🍱 🤷 No Impact

    🍱 Deflake k8s topgun (#6030) @jamieklassen 🔗

    🏗 build(deps): bump yargs-parser from 13.1.1 to 13.1.2 (#6047) @dependabot 🔗

    🍱 Remind people they need JS to run the browser app (#6065) @steadysupply 🔗

    🍱 Use atc.TaskEnv type in task step (#6066) @vito 🔗

    🔀 Make --client-cert flag name consistent between fly login and fly sync (#6068) @aoldershaw 🔗

    🍱 Skip yarn benchmark until dependency is fixed (#6078) @clarafu 🔗