You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Welcome to our unified Release Notes, including Codefresh pipelines and Codefresh GitOps! If you missed online announcements, this is where you can find the new features, enhancements, and bug fixes.
Welcome to our unified Release Notes, including Codefresh pipelines and Codefresh GitOps!
If you missed any of our online announcements, you can find the latest features, enhancements, and bug fixes, here in the cumulative Release Notes!
## April 2023
### Features & Enhancements
#### Pipelines: Annotations for builds
We are happy to introduce two cool features to annotations for pipeline builds! It’s now easier than ever to find the builds you’re looking for, and customize your build views.
First, you can configure an annotation as the build's _display_ annotation, from among the available annotations. Why would you do this? When configured, the annotation is displayed for the build in the Builds page, making it easy to see which builds share common properties like target environments.
For details, see [Configure display annotation for builds]({{site.baseurl}}/docs/pipelines/annotations/#configure-annotation-to-display-for-build).
Second, as an obvious extension, you can filter builds by annotations. Filter builds by any annotation added for the build, whether it’s a display annotation or any other annotation with the Annotation filter in the Builds page.
For details, see [Applying filters to build views]({{site.baseurl}}/docs/pipelines/monitoring-pipelines/#applying-filters-on-the-build-view).
Here's an example of builds filtered by `display` annotations.
<br>
#### Pipelines: Project-based RBAC
We are excited to announce project-level Attribute-Based Access Control (ABAC) in this month's release. ABAC for projects saves a lot of effort without compromising security, as now you can control access to the project entity and to pipeline entities based on project tags.
How can you do this?
First by creating projects and by assigning tags to projects and then creating rules.
* Project access to teams with project-tags
Decide which teams have access to which projects, and at which level. By adding tags to projects, you can define rules for different teams who can create, update, delete, and view projects. For example, you may decide that the DevOps team has full access to all projects with all tags, but the Users team has view-only access to projects with `Shared` tag.
Also, read the next feature description, [Pipelines: Auto-create projects for teams](#pipelines-auto-create-projects-for-teams).
* Pipeline access to teams with project-tags
Create rules for pipeline entities by project tags instead of pipeline tags. Define access to pipelines on the basis of the projects that house the pipelines. Instead of tagging each pipeline, you add tags to the project, and define rules that determine the teams who can access the pipelines which share the project tags.
Builds now honor the permissions of the pipelines. If you don't have access to the pipeline, you will not have access to its builds.
This also means fewer email notifications, as these are only sent for builds you have access to.
alt="Example of rules for pipelines with project tags"
caption="Example of rules for pipelines with project tags "
max-width="50%"
%}
For details, see [ABAC for entities with tags and rules]({{site.baseurl}}/docs/administration/account-user-management/access-control/#abac-for-entities-with-tags-and-rules).
<br>
#### Pipelines: Auto-create projects for teams
Simplify access control and setup with `Auto-create projects for teams`. Enabled by default, this global pipeline setting automatically creates projects whenever you create teams in your account.
alt="Auto-create projects for teams in Pipeline settings"
caption="Auto-create projects for teams in Pipeline settings"
max-width="50%"
%}
In addition to automatically creating a project for the team, it also automatically creates a Project rule, and a Pipeline rule for the same team, with basic permissions.
For details, see [Auto-create projects for teams]({{site.baseurl}}/docs/pipelines/configuration/pipeline-settings/#auto-create-projects-for-teams).
<br>
#### Pipelines: Multi-platform builds in Codefresh
Build and push Docker images, including multi-platform images in Codefresh with BuildX.
We have extended the capabilities of our `build` step with the new `buildx` field. Leverage Docker’s support for multi-architecture/multi-platform support right here in Codefresh. Build an image once and reuse it on multiple architectures/platforms.
We also support custom `buildx` configurations with QEMU and Builder, giving you all the options you may need.
For details, see [Build step field descriptions]({{site.baseurl}}/docs/pipelines/steps/build/#fields).
<br>
#### Pipelines: (On-premises) Custom root CA for services
On-premises installations can now configure custom Root CA for volumes and containers.
Reference the K8s secret containing the root CA in `config.yaml`. Define the volume or volumes with the K8s secret objects, and then the volume mounts for the container.
For details, see [Configure custom Root CA for volumes and containers]({{site.baseurl}}/docs/installation/codefresh-on-prem/#configure-custom-root-ca-for-volumes-and-containers).
<br>
#### GitOps: Rollback GitOps applications
We now have the Rollback feature for GitOps applications! With just a click of a button, you can rollback any new or active version of an application directly from the GitOps Apps dashboard in Codefresh.
Like Argo CD, Codefresh allows you to rollback to any of the ten previous deployment versions.
For details, see [Rollback GitOps applications]({{site.baseurl}}/docs/deployments/gitops/manage-application/#rollback-gitops-applications).
<br>
#### GitOps: Static integration option for Amazon ECR
We extended the integration options for Amazon Elastic Container Registry (ECR) in GitOps to include static integrations with Access keys.
You can now set up the integration with Amazon ECR using an access key and secret (static integration). Unlike IAM roles, access keys are long-term credentials, without a default expiration date.
Sorry, this file is invalid so it cannot be displayed.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
