2021.10 Release
A strong focus on testing and security.
Develop
Micronaut 3 in Micronaut Tileset V3 (in beta now)
Implements support for Micronaut 3, this will be tested and rolled out next quarter. Contact us if you are interested in more information.
Cypress Tile v10 introduces cucumber support
practiv-tile-cypress:10
When it comes to quality, the teams which have the most at stake are often peripheral to the testing of that quality, particularly as testing has become more code-based and automated.
With the addition of Cucumber to our Cypress Tile, business teams can be more engaged in feature delivery, and ensuring the quality of their customer experience is one that they define.
Cucumber is a testing tool which enables Behavior Driven Development (BDD) allowing Product owners and other business roles to write tests in plain english which describe the behavior of the feature from a customers perspective.
Behaviour driven development is an excellent way to get the business more engaged in feature delivery, and shift left those last minute oversights in business requirements for feature delivery.
Trivy upgraded to version 19
dust-legacy-scripted
dust-maven-scripted
To ensure as much security coverage as possible - With Trivy upgraded to version 19, CVE scanning for Go binaries is now available. All other languages libraries have had improved as well.
Webdriver IO v1 introduces Webdriver IO to builds
Open source, native support for concurrency out of the box. Webdriver IO will allow you to test native applications and web applications with one tool.
We have decided to add Webdriver IO to our supported tool images collection, ensuring you will always have a compatible, QA’d version in your builds.
Build
dust-legacy-scripted
Support added for releasing from repository which uses main for its primary branch, rather than master
This is an improvement to support Github and any other repos which use main rather than master for all its repos.
Nexus
Added a tile that allows you to include Nexus into your builds via a tile practiv-build-nexus
Added a quality of life tile which means you no longer need a direct Shifty reference in your project.
Run
Improved environment management
chalk-environment
chalk-run-platform
We have added allowlisting to our environment templates. This improvement means that you have more control over exactly what is allowed to run in your environments, while also ensuring they remain clean and consistent when deployed.
This is useful for a few reasons
- You may want to deploy a new pod of debugging tools so that you can investigate something which has no observability. This will automatically be cleaned up on the next release, unless you allowlist it.
- You may need to change the version of something running in an environment manually, for the purposes of testing. This will allow you to do this quickly, without making changes to the template and running a deployment.
- Where operators manage resources independently of the templates, you can allowlist the resources they will create. For example Dynatrace uses the DynaKube operator to create deployments of agents and metric aggregators. The allowlist will prevent those deployments from being cleaned up.
Better environment passphrase support
chalk-environment
chalk-run-platform
In order to make it easier to rotate passphrases, we now store the environment passphrases encrypted in the Run Platform repositories. This was previously a manual process which involved logging into the cluster and changing secrets manually.
- This means that you now no longer need to store the passphrase for each environment anywhere else, improving security.
- This introduces a PR approval process for updating or rotating pass-phrases outside of the cluster, which reduces the number of people in your organization required to have cluster access.
Improvements to Shale EKS
shale-eks
Added support for Kubernetes 1.20 as well as scripts to automated and validate the upgrade from 1.19
Amazon CNI updated to version 1.9.1 which brings:
- Support for new M6i Amazon EC2 instances and ARM instances
- Calico networking ARM support for ARM based EKS nodegroups
- Regional Amazon STS so that regional private networking can be used for 100% private EKS cluster
Basalt-nginx updated to version 5.14
basalt-nginx
Nginx updated to 1.21.1 primarily to address CVEs
Digital Platform
Service and Service Ordering Reactive processing
Service Ordering and Service processing is now done reactively. This follows the patterns recently established for Product Ordering processing.
The improvements this change brings are:
- Reduced service and service ordering processing time and latency
- Increase the platform stability and performance
Removed Service permission creation
While access control is still enforced by Slate, permissions for services are no longer created by Slate and are a responsibility of the upstream application.
Branchout
Source repository migration support with Branchout ‘relocate’ in version 4.12
A new command, ‘relocate’ has been added to Branchout. It lets you change the origin URL of all of the repositories in a projection.
This is useful for when you are migrating your repositories from one version control system to another. Eg. from GHE to Github.
Security and compliance
During our regular nightly builds [at least] the following CVEs have been resolved:
CVE-2021-22923, CVE-2018-25009, CVE-2018-25010, CVE-2018-25011, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2020-24659, CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-36328, CVE-2020-36329, CVE-2020-36330, CVE-2020-36331, CVE-2020-36332, CVE-2021-20231, CVE-2021-20232, CVE-2021-20305, CVE-2021-22555, CVE-2021-23133, CVE-2021-23134, CVE-2021-27218, CVE-2021-27219, CVE-2021-27928, CVE-2021-29154, CVE-2021-32399, CVE-2021-3246, CVE-2021-33034, CVE-2021-33560, CVE-2021-33909, CVE-2021-3483, CVE-2021-3506, CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3580, CVE-2021-36222, CVE-2021-3711, CVE-2021-3712
How to get up to date
Depending on how your Tile Sets dependencies are configured, you may have pulled in some of these updates as they were released. You will have seen automatic updates for minor versions of Tile Sets within the range you use. In order to take an upgrade to a new major version then you should bump the range to the one that provides the upgrade you want. Be aware that if you change the range to include new major versions, you may encounter breaking changes, which will be detailed in you local documentation for each Tile Set.
If you would like some advice on the process, please feel free to contact us at support@practiv.com.