Release Notes
August 2022
Self-Hosted version number: 1.74.0
New Features
Using One-Click Preview Environments, you can now effortlessly create preview environments for any branch in the Garden Cloud UI. This allows any user (technical or otherwise) to spin up a preview environment from any branch. The Automatic Environment Cleanup functionality can then be used to clean up the preview environments.
We gave the UI a refresh. This includes both visual and functional updates, geared for easier and more enjoyable everyday usage. You now have a better overview of the different functionality Garden Cloud provides and you can jump to the page you want to visit using keyboard shortcuts. We are always trying to improve how you, our users, interact with our product and we'd love to hear your feedback.
Using the Command Palette you can now trigger any action from within Garden Cloud, without having to start a new process in the terminal. While running Garden in watch mode, press
⌘P
if you're on Mac (or^P
if you're on another platform) and you'll see a screen that lets you type an action and run it by pressing enter.You can now view old stack logs in your namespace by selecting them from a dropdown in the logs modal.
Other Changes
We published examples of authentication scripts for AWS EKS and GCP GKE in the Authenticating to your Providers guide.
We included a number of bug fixes around watch mode and StackStreams as well.
IMPORTANT: Customers that self-host Garden Cloud must update the Admin Console (kotsadm
) to 1.76.1
or later before installing the August 2022 update. Please refer to our guide on updating the Admin Console for further information.
We made some changes to our release process. From now on we will release a new version of the self-hosted version of Garden Cloud once a month and update the release notes accordingly.
Version 1.21.0
This release fixes some issues around cli login with GitLab and improves the usernames handling when logging in with VCS providers. We also improved some UI components and added shortcuts for opening the StackStreams panel.
Version 1.20.0
This release introduces a big revamp to the StackStreams UI! 🎉 Additionally, it's now possible to switch between interleaved logs and paned logs and the new UI makes it easier to select the source of your logs.
We also reworked the frontend server setup and it's now possible to deploy multiple replicas: you can find the number of replicas under your General Settings in Replicated configuration (if you self-host Garden Enterprise).
If you are a Cloud user, the default replica number is now 2: please reach out to your Customer Success representative if your setup requires additional replicas.
Additionally we improved the overall system performance and fixed multiple bugs.
Version 1.19.1
This patch release fixes some performance issues when fetching logs and bumps the workflow-runner version to use Garden Core 0.12.36
.
Version 1.19.0
This last release introduces plenty of performance improvements, bug fixes, and three major new features: StackStreams beta release, pause mode for Automatic Environment Cleanup and SSO via SAML.
StackStreams
StackStreams beta is now generally available for all of our users.
With StackStreams you can stream events, build and service logs, and test/task results in real time when the Garden CLI is running in watch mode.
See also our StackStreams guide.
StackStreams is currently in beta and we're actively working on improvements and new features. Let us know what you think of it!
Pause mode for Automatic Environment Cleanup
With the release of Garden 0.12.35
, Garden Cloud now supports an additional Cleanup mode when using Automatic Environment Cleanup: Pause mode.
Pause mode will scale down all the target Deployments
and StatefulSets
replicas to 0
, as opposed to deleting all the namespaces in the environment that is being cleaned up.
This new mode is very useful if, for example, your stack is quite big and deploying takes a lot of time or if build times for all your services are long. Restoring a "paused" environment might take less time.
Please refer to the updated Automated Environment Cleanup guide for instructions on how to turn pause mode on.
SSO via SAML
It's now possible to log into Garden Cloud using the SAML protocol. We currently support authentication via Okta and Azure, please refer to the new Authentication via SAML guide for instructions on how to set things up.
Version 1.18.10
This patch release fixes some performance issues related to some migrations.
Version 1.18.9
This patch release fixes some performance issues related to the Garden Cloud events pipeline.
Version 1.18.8
This patch release improves loading speed when visiting the Namespace view.
Version 1.18.7
This patch release fixes malfunctioning pagination on the Secrets, Activity, and Namespaces pages. Additionally, a bug that was causing unnecessary refreshes when visiting the Workflow Runs page has also been resolved.
Version 1.18.6
This patch release fixes a small bug about deploying Garden Enterprise on Kubernetes 1.22.
Version 1.18.5
This release fixes a few bugs and ensures compatibility of Garden Enterprise with Kubernetes >= 1.22:
Fix a bug where the Stack Graph was not rendered for triggered workflows.
Fix duplicate or incomplete build Logs.
Update Garden Enterprise manifests and Helm Charts to support Kubernetes 1.22.
Note: If you are a Garden Enterprise user and have installed the monitoring add-on Prometheus a manual intervention is necessary. The Prometheus Helm Chart was updated to the latest version and the label selectors for the kube-state-metrics
deployment changed. Please delete the kube-state-metrics
deployment, before upgrading in the kots admin console by running:
The kube-state-metrics
deployment will be re-created with the new label selectors, when you deploy Garden Enterprise 1.18.5 via the kots admin console.
Version 1.18.4
The release updates the version of the optional ElasticSearch and Kibana monitoring services to mitigate against the Log4Shell vulnerability. Again. 🙃
Version 1.18.3
This patch release fixes a few minor stability related bugs and updates the workflow runner image to use Garden 0.12.33.
Version 1.18.2
This release introduces few stability-related bug fixes:
Fix a bug introduced in the last release which caused errors while deleting a project.
Improve the scheduling of cleanup runners and fix queries performance.
Fix the live-update logic for the StackGraph view when running Garden in dev mode.
Update ElasticSearch and Kibana to version
7.16.1
in order to mitigate against Log4Shell (only relevant for Enteprise customers who choose to install the additional monitoring services).
Version 1.18.1
This patch release bumps the workflow runner image to use Garden 0.12.32. Additionally, it fixes few minor UI bugs.
Version 1.18.0
Welcome, StackGraph and Service accounts!
This release introduces two new features: the StackGraph view and Service accounts.
StackGraph view
You can now switch between list and graph views under the Stack tab of your namespace. Especially useful for large projects, this view will help you better understand the dependency structure of your project, and the tasks that are currently being run by Garden.
Service accounts
You can now use service accounts to run workflows and automatic cleanups in specific environments. To create a new service account, add a new team member as usual and tick the "Service account" checkbox. You can assign groups and secrets and create access tokens as for any other user. However, service accounts cannot log into Garden Cloud.
Once the account is created, you can assign it to an environment from the environment Settings modal. All workflows triggered by Git events and automatic cleanups will now run using that account.
Note: in future releases, we will enforce the usage of service accounts for automatic cleanups: meaning you will need to create a service account and assign it to the environment that will be automatically cleaned up.
Additionally, the "Import users" functionality for GitHub users is now generally available and its feature flag has been removed.
Finally, we implemented better error messaging for workflow failures, fixed some bugs, and overall added many small UX improvements.
Version 1.17.1
This version fixes a bug that would make the webpage crash when opening the task logs modal.
Version 1.17.0
This new version introduces a new feature: the Stack view. If your namespace is created or updated by Garden >0.12.27
, a new tab called "Stack" will appear on the Namespace page.
This new view allows users to get an overview of their project structure and automatically updates while running Garden, showing the results from the latest command run.
Garden Cloud will now highlight any error encountered during the latest execution (e.g. a failing test) and help users immediately locate the module that is causing the issue.
Additionally, Garden Core now streams all Build, Test, Deploy and Task logs to Garden Cloud where they are available under their respective modules in the Stack view.
Additional improvements include:
A less "chatty" GitLab integration: the Merge Request comments created by the GitLab integration are now updated at each run, resulting in less noise.
Added ingress links to workflow runs.
Return lists of items ordered alphabetically (e.g. users on the Team page).
Update color scheme to reflect the updated brand identity.
...and many more bug fixes and UI improvements.
Deprecated:
The old "Tests" and "Services" tabs in the Namespace page are now deprecated and only shown for Namespaces created or updated by a version of Garden older than 0.12.27
. Please rely on the new Stack tab for getting Services and Test statuses.
Version 1.16.5
This version contains a fix for a bug that was causing authentication issues when using GitHub Enterprise Server.
Version 1.16.4
This version adds the possibility to specify a custom GitHub Enterprise hostname.
Version 1.16.3
This version contains some fixes for the Automatic Environment Cleanup functionality:
It is now possible to save the environment settings with an empty authentication script and schedule, which allows for disabling AEC.
A bug that would keep failing Cleanup runners alive is now fixed.
Version 1.16.2
This release contains a few bug fixes and upgrades to downstream dependencies. Notably:
A bug which would cause the creation of multiple webhooks when adding a project on GitLab
A bug in a dependency which would make secret resolution fail under certain conditions
and more are now fixed.
Additionally, we carried out a few tweaks and refinements on the UI.
Version 1.16.1
A follow-up patch release to 1.16.0 which ensures Jobs respect the Replicated node selector config field for on-prem deployments.
Version 1.16.0
This release contains a number of usability improvements. The biggest one is the new activity feed, which allows you to view activity across your project.
In this first iteration it shows activity related to VCS events and automatic environment clean-up runs.
We'll be adding more activity types in the future, and we'd love to hear your feedback and ideas on what to include there. And, speaking of feedback, this release also adds a "Share feedback" button to the menu on the top right. We're looking forward to hearing from you :)
Other notable improvements include:
Environments can now be created and deleted from the UI. This can be useful if you need to add a secret to an environment before it's automatically created.
Added a search bar and environment filters to Secrets page.
The git branch name is now displayed on namespace rows for namespaces in which triggered workflows have run.
Added VCS info to triggered workflow runs on Namespace pages.
Workflow step names are now displayed in logs modal.
Version 1.15.2
This release improves the stability of workflow runner pods by using Core version 0.12.22 (which improves robustness against timeouts and network errors, and doesn't use NFS for kaniko
builds).
We've also fixed a bug when re-adding repos to Garden Enterprise, making sure that duplicate projects don't get created for project configurations at the same relative path in the repo.
Finally, we've made some tweaks and improvements to the web UI.
Enjoy!
Version 1.15.1
This release significantly improves robustness and workflow runner pod logging, which makes Garden Enterprise's workflow runners more reliable and easier to use for challenging workloads.
Garden Enterprise now periodically checks for in-progress workflow runs with missing workflow runner pods, updates their status to "missing" and updates the workflow run's status in GitHub/GitLab.
This is very useful when running workflows that occasionally run into out-of-memory problems, and generally makes the system more robust during periods of high load or when the cluster is experiencing issues.
We now also stream the logs of the workflow to the runner pod log in real time to facilitate debugging. The log level can be customized in the Replicated console.
Additionally, we now keep timed-out workflow runner pods alive for five hours after marking the workflow run as timed out. This is done to facilitate debugging of timed-out workflows.
Note that if you haven't already enabled the Automatic Environment Cleanup feature flag, you'll have to fill in the In-Cluster Auth Token in your Replicated config. This is used to authenticate the CRON jobs used to check for missing/timed out workflow runs (as well as for Automatic Environment Cleanup). If you've already enabled Automatic Environment Cleanup, you'll have already provided this token (so there's no need to change your configuration for this release).
Happy hacking!
Version 1.15.0
This release introduces a major new feature: automatic environment cleanup.
We have also done a major design overhaul of the web UI! 🎉
Finally, we've added the ability to delete projects. This can be done from the new project Settings tab.
Enjoy!
Automatic environment cleanup (experimental)
With automatic environment cleanup, you can configure Garden Enterprise to automatically delete Kubernetes Namespace resources:
When the namespace hasn't been used by a Garden command for longer than a specified number of hours; or
At a specified time of day (or at a specified time on a given weekday). This cleanup can optionally be enabled on a per-environment basis, and the cleanup schedule for each environment can be set independently.
Automatic environment cleanup can greatly save on infrastructure costs by making sure that namespaces (and their associated resources) aren't kept around longer than needed.
This functionality is currently flagged as experimental. To enable it, please see our automatic environment cleanup guide.
Version 1.14.4
This release contains a handful of UI fixes and some performance improvements. In particular, we now automatically clean up dangling workflow pods and set their status to timed out.
Beyond that, we've been busy working on the Automatic Environment Clean-up (AEC) functionality along with some substantial UI polishing. We plan on releasing those changes next week.
Here's the full changelog:
Improvements
kots: set better values for liveness and readiness probes for kots manifests
api: automatically clean up timed-out runs
api: speed up workflows query
frontend: list usernames in failed imports
frontend: expose validation errors
frontend: show start time for long durations
frontend: avoid refetching user on focus change
Bug Fixes
api: ensure namespaces query filters on project
frontend: fix potential undefined environment
frontend: fix title size regression
Version 1.14.2
This release adds support for custom resource requests for workflow runners. See the workflows guide and the workflow config reference for more details.
As of this release, the workflow runner image includes the Azure CLI tools, which makes it easier to authenticate against Azure AKS clusters.
Version 1.14.0
With this release we make changes to how new users are added to Garden Enterprise. Please see below for more details.
This release contains several usability improvements and introduces a new way to add users to Garden Enterprise. In particular, users are no longer added via their GitHub/GitLab email addresses, but their GitHub/GitLab user names. You will find these on the user profile in the respective VCS provider, but in general you won't need to know the user name if you're using the new bulk user imports functionality.
Beyond that, we've been adding a handful of utility commands to the Garden CLI that allow you to list, create, and delete Garden Enterprise resources such as users and secrets. This can be very useful for performing bulk operations on these resources. We plan to release this with Garden Core in the next few days and will of course keep you posted.
Bulk User Imports (Experimental)
Note that this functionality is currently only available for GitHub users. GitLab users can however still do bulk imports via the CLI (see note above).
This functionality has been requested by many of our users. By enabling this feature in your Replicated config, you can now bulk import users from GitHub and assign them to a group at the push of a button. You can also filter on specific GitHub teams. For example, you can select all the members in your, say, developers team on GitHub, and import them to a corresponding developers group in Garden Enterprise.
This functionality is currently flagged as experimental. To enable it, you need to do the following:
Step 1: Enable the feature in your Replicated Config:
Step 2: Update your GitHub App permissions. You must set the "Organization" level "Members" permission to Read-only
and save your changes:
Step 3: Review and accept the changes from the Installed GitHub App page:
We realise that it's inconvenient to have to update the permissions, but we explicitly always follow the principle of least privilege and will continue to do so. That's why we instead allows users to turn this feature on at their own convenience.
Prettier Logs Modal
We now make sure to chain related log entries together to provide better context and add highlighting as applicable.
Filter on Environment and User
You can now filter on both the environment name and user name on the environment pages.
K8s Manifest Changes
As you make the update and compare the two releases, you will notice that most of the manifests will have been renamed. This a necessary evil for us to better manage the different configuration options that we support. However, the resulting Kubernetes resources will materially be the same as before. If you have questions on this, don't hesitate to reach out.
Version 1.13.0
This release contains several improvements and a major new feature: Role Based Access Control (RBAC). We've also started publishing our release notes on this page.
Role Based Access Control
This is by far the star of the release and has been much awaited by many of our users. In short, you can now manage access at a much more granular level than before. In particular, you can control access at the environment level and for instance configure which group of users has access to secrets in which environments. If you're storing user credentials in Garden Enterprise, you can by extension control who gets to deploy into what environment.
You'll find detailed information and examples in our Roles and Permissions guide.
When you update Garden Enterprise, two groups will be created: the Admins group and the Developers group. Everyone in your team that had the Admin role will automatically get assigned to the Admins group, and everyone in your team that had the User role will be assigned to the Developers group.
You can now proceed to create your own custom groups and assign users as needed. Note however that the Admins group is built-in and can't be edited.
Here's an example of one such custom group:
Better GitLab Status Reports
GitLab doesn't support displaying statuses from integrations the way GitHub does with the Checks page. We now work around that limitation by posting Garden Enterprise workflow statuses as comments on the relevant merge request. Each workflow gets it's own comment, and when the status updates, we update the existing comment in place so as not to spam the merge request's comment section.
Here's an example of a GitLab event that matched on the deploy-preview-env
and full-test-ci
workflows.
And here's an example of the same workflows after they've finished running:
We've also added better support for different GitLab events and now we explicitly handle events that get sent when a PR is closed.
Base Branch Workflow Filters
We support setting a baseBranches
filter on workflow configs. This is useful for running workflows on merges to your main branch, or any other base branch for that matter. Here's an example where we run a given workflow every time a pull/merge request is merged (not just closed), and the base branch is main
:
You can read more about workflow triggers in our Triggered Workflows guide.
Ensure Git Credentials in Workflow Runner
Previously, users had to manually configure git credentials in the workflow runner pods. We now ensure that the access token obtained from GitHub/GitLab for the specific workflow run is accessible to all git commands in the container. This means e.g. that if your workflow run requires a remote source, Garden can clone it without further configuration.
Note that we use the access token for the respective GitHub App / GitLab user. This means that it should have access to all repositories that need cloning. In the case of GitHub, you'll need to install the GitHub App on the relevant repositories. In the case of GitLab, you'll need to grant the associated user account access to the project.
Note that the access token only works for clones over HTTPS. You will need to configure git specifically for clones over SSH.
Last updated