Releases: shipwright-io/build
Shipwright Build release v0.15.2
Release changes since v0.15.1
None. This is a rebuild of all components to address vulnerabilities in the underlying base images.
Features
Fixes
API Changes
Docs
Misc
Shipwright Build release v0.15.1
Release changes since v0.15.0
This release updates go.mod dependencies to address CVE-2025-22868 and CVE-2025-22869.
Features
Fixes
API Changes
Docs
Misc
Shipwright Build release v0.15.0
Release changes since v0.14.0
Features
#1770 by @dorzel: Add Custom Scheduler Name to Build and BuildRun objects
#1737 by @SaschaSchwarze0: The Dockerfile-based sample build strategies for BuildAh, BuildKit and Kaniko now have a target parameter to define the stage to be built
#1711 by @dorzel: Add Tolerations to Build and BuildRun objects
Fixes
#1762 by @SaschaSchwarze0: The source steps for sources of type Git and OCIArtifact now check the connectivity of the endpoint before entering the main download logic. This should eliminate failures caused by BuildRuns running in namespaces with NetworkPolicies that define that allow rules are only eventually applied.
API Changes
#1770 by @dorzel: Add Custom Scheduler Name to Build and BuildRun objects
Docs
#1769 by @qu1queee: Move Mailing List and Calendar to CNCF provided ones.
Misc
#1806 by @SaschaSchwarze0: The BuildKit sample build strategy defines the seccomp profile now in the security context instead of the - since k8s 1.31 - unsupported annotation
#1797 by @SaschaSchwarze0: Shipwright Build now depends on Tekton v0.59 or newer. Kubernetes v1.32 is supported.
#1796 by @subhasree91: Fixed deprecated release-actions in favor of gh command line.
#1792 by @shipwright-ci-bot: Update the the new latest Tekton LTS release v0.68.0
#1790 by @shipwright-ci-bot: Update the the new latest Tekton LTS release v0.65.6
#1788 by @SaschaSchwarze0: All binaries are now compiled with Go 1.23
#1782 by @shipwright-ci-bot: Update the the new latest Tekton LTS release v0.65.5
Contributors
Assets 4
Shipwright Build release v0.14.4
Release changes since v0.14.3
None. This is a rebuild of all components to address vulnerabilities in the underlying base images.
Features
Fixes
API Changes
Docs
Misc
Shipwright Build release v0.14.3
Release changes since v0.14.2
None. This release is a rebuilt with existing code using updated base images to address security vulnerabilities.
Features
Fixes
API Changes
Docs
Misc
Shipwright Build release v0.14.2
Release changes since v0.14.1
None. This release is a rebuilt with existing code using updated base images to address security vulnerabilities.
Features
Fixes
API Changes
Docs
Misc
Shipwright Build release v0.14.1
Release changes since v0.14.0
This minor release addresses security vulnerabilities in dependencies
Features
Fixes
API Changes
Docs
Misc
#1768 by @SaschaSchwarze0: Update github.com/go-git/go-git/v5 from v5.12.0 to v5.13.1 to address CVE-2025-21613 and CVE-2025-21614
#1761 by @SaschaSchwarze0: Update golang.org/x/net from v0.30.0 to v0.33.0 to address CVE-2024-45338
#1755 by @adambkaplan: Update golang.org/x/crypto to v0.31.0, to mitigate CVE-2024-45337
Contributors
Assets 4
Shipwright Build release v0.14.0
Release changes since v0.13.0
Features
#1723 by @SaschaSchwarze0: The sample build strategy for BuildKit now uses the latest BuildKit release instead of its nightly build
#1702 by @HeavyWombat: Added flag to bundle-step and git-step command to print a file listing when pull and unpack of the source bundle, or Git clone is complete.
#1683 by @dorzel: Added NodeSelector on Build and BuildRun objects, which enables specifying the scheduling behavior of TaskRuns.
#1646 by @karanibm6: You can now run a post-installation step to migrate the storage version of the custom resources
#1600 by @SaschaSchwarze0: The sample build strategies now uses imagePullPolicy=Always for the BuildAh steps to ensure the latest available image version is always used
#1588 by @SaschaSchwarze0: You can now easily determine that your BuildRun failed because a step went out of memory as the reason is now set to StepOutOfMemory
#1489 by @karanibm6: Vulnerability Scanning Implementation
Fixes
#1700 by @SaschaSchwarze0: The image-processing step now retries the vulnerability scan using Trivy if that failed to download the vulnerability database due to rate-limiting
#1699 by @HeavyWombat: Fixed an issue when unpacking a code bundle that contains a non-writable sub-directory.
#1634 by @aleskandro: Add sample build strategy to orchestrate multi-arch container image builds. The service account executing this build strategy must have the ability to manage Jobs and Pods, as well as have the ability to exec into Pods.
#1628 by @HeavyWombat: The bundle prune option now also supports the legacy registry endpoints for both DockerHub and IBM Container Registry in its registry detection routine.
#1623 by @SaschaSchwarze0: The controller now does not panic when no vulnerabilities are found, also severity is correctly parsed
#1569 by @SaschaSchwarze0: An Alpha Build where spec.dockerfile is set to "", is now transformed to a Beta Build without the dockerfile parameter to behave like in Alpha
#1566 by @SaschaSchwarze0: The usage of different secrets or secret keys as values inside one array parameter is now possible
API Changes
#1683 by @dorzel: Added NodeSelector on Build and BuildRun objects, which enables specifying the scheduling behavior of TaskRuns.
#1489 by @karanibm6: Vulnerability Scanning Implementation
Docs
Misc
#1727 by @SaschaSchwarze0: The supported Kubernetes versions are now v1.29 to v1.31
#1710 by @SaschaSchwarze0: The new minimum Tekton version is v0.56
#1704 by @shipwright-ci-bot: Update to the new latest Tekton LTS release v0.65.0
#1697 by @shipwright-ci-bot: Update the the new latest Tekton LTS release v0.62.4
#1671 by @SaschaSchwarze0: We now build Shipwright Build with the latest Tekton LTS version
#1649 by @SaschaSchwarze0: Shipwright Build is now validated on the oldest supported and the newest available Tekton LTS releases
#1629 by @SaschaSchwarze0: The kaniko-trivy sample build strategy is removed as you can now enable a vulnerability scan for the image in the output section of your Build or BuildRun
Contributors
Assets 4
Shipwright Build release v0.14.0-rc0
Draft Release changes since v0.13.0
Features
#1723 by @SaschaSchwarze0: The sample build strategy for BuildKit now uses the latest BuildKit release instead of its nightly build
#1702 by @HeavyWombat: Added flag to bundle-step and git-step command to print a file listing when pull and unpack of the source bundle, or Git clone is complete.
#1683 by @dorzel: Added NodeSelector on Build and BuildRun objects, which enables specifying the scheduling behavior of TaskRuns.
#1646 by @karanibm6: You can now run a post-installation step to migrate the storage version of the custom resources
#1600 by @SaschaSchwarze0: The sample build strategies now uses imagePullPolicy=Always for the BuildAh steps to ensure the latest available image version is always used
#1588 by @SaschaSchwarze0: You can now easily determine that your BuildRun failed because a step went out of memory as the reason is now set to StepOutOfMemory
#1489 by @karanibm6: Vulnerability Scanning Implementation
Fixes
#1700 by @SaschaSchwarze0: The image-processing step now retries the vulnerability scan using Trivy if that failed to download the vulnerability database due to rate-limiting
#1699 by @HeavyWombat: Fixed an issue when unpacking a code bundle that contains a non-writable sub-directory.
#1628 by @HeavyWombat: The bundle prune option now also supports the legacy registry endpoints for both DockerHub and IBM Container Registry in its registry detection routine.
#1623 by @SaschaSchwarze0: The controller now does not panic when no vulnerabilities are found, also severity is correctly parsed
#1569 by @SaschaSchwarze0: An Alpha Build where spec.dockerfile is set to \"\", is now transformed to a Beta Build without the dockerfile parameter to behave like in Alpha
#1566 by @SaschaSchwarze0: The usage of different secrets or secret keys as values inside one array parameter is now possible
API Changes
#1489 by @karanibm6: Vulnerability Scanning Implementation
Docs
Misc
#1727 by @SaschaSchwarze0: The supported Kubernetes versions are now v1.29 to v1.31
#1710 by @SaschaSchwarze0: The new minimum Tekton version is v0.56
#1704 by @shipwright-ci-bot: Update to the new latest Tekton LTS release v0.65.0
#1697 by @shipwright-ci-bot: Update the the new latest Tekton LTS release v0.62.4
#1671 by @SaschaSchwarze0: We now build Shipwright Build with the latest Tekton LTS version
#1649 by @SaschaSchwarze0: Shipwright Build is now validated on the oldest supported and the newest available Tekton LTS releases
#1634 by @aleskandro: Add sample build strategy to orchestrate multi-arch container image builds. The service account executing this build strategy must have the ability to manage Jobs and Pods, as well as have the ability to exec into Pods.
#1629 by @SaschaSchwarze0: The kaniko-trivy sample build strategy is removed as you can now enable a vulnerability scan for the image in the output section of your Build or BuildRun
Contributors
Assets 4
Shipwright Build release v0.13.0
Release changes since v0.12.0
Features
#1471 by @HeavyWombat: Git and Bundle sources now produce additional status fields in a BuildRun to return the commit timestamp of the commit being used, or the image/source timestamp of Bundle images respectively.
#1448 by @SaschaSchwarze0: action required: after you upgraded from v0.12 to v0.13, you can run the following two commands to remove unnecessary permissions: kubectl delete crb shipwright-build-webhook && kubectl delete cr shipwright-build-webhook
#1435 by @SaschaSchwarze0: Controllers now use Tekton's V1 API to create and access the TaskRun that backs a BuildRun
Fixes
#1499 by @SaschaSchwarze0: You can now patch a completed BuildRun on the Beta API without removing its status
#1486 by @SaschaSchwarze0: A BuildRun object in v1alpha1 version is now correctly converted to v1beta1 when it has .spec.serviceAccount.generate set to true
#1429 by @SaschaSchwarze0: You can now use files and directories with two subsequent dots in its name when using an OCI artifact as source
API Changes
#1504 by @SaschaSchwarze0: You can now define a Build without any source. This is for example useful when you want to run this build only with local source. Also, some corrections have been made to the Go types.
#1463 by @qu1queee: Set the storage version to v1beta1 and update Shipwright controllers to operate on the same.
#1441 by @SaschaSchwarze0: The Build in the beta API has been corrected so that when defining .spec.source.git, then .spec.source.git.url is mandatory.
Docs
#1461 by @qu1queee: Add ADOPTERS doc
#1460 by @qu1queee: Add ROADMAP doc
Misc
#1593 by @openshift-cherrypick-robot: The usage of different secrets or secret keys as values inside one array parameter is now possible
#1591 by @openshift-cherrypick-robot: An Alpha Build where spec.dockerfile is set to \"\", is now transformed to a Beta Build without the dockerfile parameter to behave like in Alpha
#1552 by @qu1queee: Improve conversion webhook logging
#1513 by @SaschaSchwarze0: The minimum Kubernetes version is now 1.27. The minimum Tekton version is 0.50.
#1509 by @HeavyWombat: Output image section now supports an optional timestamp field, which can be used to change the image creation timestamp, i.e. use string "SourceTimestamp" to let the output image creation timestamp to be modified to the timestamp of the source timestamp.
#1495 by @SaschaSchwarze0: Shipwright Build is now compiled with Go 1.21