Release Notes
TIP
The maintenance period for version v4.0.z is from April 8, 2025 to April 8, 2026.
TOC
Compatibility and support matrix
The following table shows the compatibility and support matrix between the Alauda DevOps Pipelines operator and ACP versions.
| Alauda DevOps Pipelines Version | Tekton Component Versions | ACP Version |
|---|---|---|
| v4.0.14 | Pipelines: v0.65.7 Chains: v0.23.1 Pipelines-as-Code: v0.32.0 Results: v0.13.4 Triggers: v0.30.1 Tekton Hub: v1.19.2 | v4.0, v4.1 |
| v4.0.13 | Pipelines: v0.65.7 Chains: v0.23.1 Pipelines-as-Code: v0.32.0 Results: v0.13.4 Triggers: v0.30.1 Tekton Hub: v1.19.2 | v4.0, v4.1 |
| v4.0.12 | Pipelines: v0.65.5 Chains: v0.23.0 Pipelines-as-Code: v0.32.0 Results: v0.13.2 Triggers: v0.30.1 Tekton Hub: v1.19.2 | v4.0, v4.1 |
| v4.0.10 | Pipelines: v0.65.5 Chains: v0.23.0 Pipelines-as-Code: v0.32.0 Results: v0.13.2 Triggers: v0.30.1 Tekton Hub: v1.19.2 | v4.0, v4.1 |
| v4.0.7 | Pipelines: v0.65.5 Chains: v0.23.0 Pipelines-as-Code: v0.32.0 Results: v0.13.2 Triggers: v0.30.1 Tekton Hub: v1.19.2 | v4.0, v4.1 |
v4.0.14
New and Optimized Features
With this update, some vulnerabilities and security issues have been fixed, ensuring the stability and security of the system.
Fixed Issues
- Before this update, when executing Tekton Pipeline workflows, users occasionally encountered random test case failures due to Out Of Memory (OOM) errors in init containers, which terminated with exit code 137 and caused pipeline execution failures. With this update, init container memory allocation has been optimized to prevent OOM errors, ensuring stable and reliable pipeline execution during frequent e2e testing scenarios.
Known Issues
No issues in this release.
v4.0.13
New and Optimized Features
With this update, some vulnerabilities and security issues have been fixed, ensuring the stability and security of the system.
Fixed Issues
- Before this update, when tektoncd-operator deployed the Tekton Results component, if the external PostgreSQL credentials contained special characters such as "/", the deployment would fail. With this update, tektoncd-operator can successfully deploy the Tekton Results component even when the PostgreSQL credentials contain special characters like "/".
- Before this update, when users created a trigger form in the Pipelines interface and navigated to Interceptors → Parameters → Key input box, pressing the Enter key would cause the entire page to refresh, interrupting the form editing workflow and potentially causing data loss. With this update, the behavior of the Enter key in the input fields of the trigger form has been fixed to prevent unnecessary page refreshes, allowing users to complete form editing without interruption and ensuring a smooth user experience.
Known Issues
No issues in this release.
v4.0.12
New and Optimized Features
With this update, we fixed some small bugs and improved the user experience.
Fixed Issues
- Before this update, if there was an update in the Hub component of the Tektoncd Operator, manual intervention was required to trigger the upgrade. With this update, the system will automatically detect updates to the Hub component and trigger the upgrade automatically.
- Before this update, after deploying the Tektoncd Operator, the clustertriggerbinding resource required by trigger was not imported, resulting in inconvenience when using the trigger function. With this update, the resource will be automatically imported, making the trigger function easier to use.
- Before this update, Tekton Results components (tekton-results-api, tekton-results-retention-policy-agent, tekton-results-postgres) were storing secrets as environment variables, which violated the Kubernetes STIG security baseline requirement V-242415 that prohibits storing secrets as environment variables. With this update, these components no longer mount secrets through environment variables, ensuring compliance with Kubernetes security standards.
Known Issues
No issues in this release.
v4.0.10
New and Optimized Features
With this update, some vulnerabilities and security issues have been fixed, ensuring the stability and security of the system.
Fixed Issues
- Before this update, the plugin installed a ClusterRole and several namespace-scoped Role objects that used the wildcard ("*") for both resources and verbs. With this update, all wildcard entries have been replaced by explicit resource and verb lists that match only the operations required by the plugin.
Known Issues
No issues in this release.
v4.0.7
New and Optimized Features
Based directly on Tekton and its APIs, Alauda DevOps Pipelines provides a more user-friendly and efficient way to build and manage pipelines. With an intuitive interface and a rich set of features, users can easily create and manage pipelines, and get real-time feedback and insights.
Has out-of-the-box deployment of:
- Tekton Pipelines
- Tekton Triggers
- Tekton Chains
- Tekton Hub
With configuration and deployment options for:
- Tekton Results
- Pipeline-as-code
Fixed Issues
- Before this update, the Tekton Pipeline component had a Kubernetes STIG security vulnerability, where secrets were exposed through environment variables in the tekton-hub-api deployment, violating security best practices. With this update, the secret mounting logic in environment variables has been completely removed to ensure that the tekton-hub-api deployment no longer exposes any credentials, complying with Kubernetes STIG security requirements.
- Before this update, when creating pipelines containing the git-clone task in the Tekton Operator plugin, pipeline execution failed due to missing required images. With this update, the issue of missing images has been fixed, ensuring that the git-clone task can now execute successfully within the pipeline.
- Before this update, the tekton-results-retention-policy-agent container in Tekton Results included sensitive information in environment variables, posing a security risk of exposing credentials in plaintext during container operations and logging scenarios. With this update, sensitive information has been properly secured and removed from environment variables to prevent credential leakage, ensuring that the retention-policy-agent container no longer contains plaintext passwords or tokens in its configuration, thereby enhancing the overall security posture of the Tekton Results system.
- Before this update, the PostgreSQL container in tekton-results-postgres-0 contained environment variables with sensitive information such as PASSWORD, password, TOKEN, and token, which posed a security risk when these credentials were exposed in plain text. With this update, the sensitive environment variables have been properly secured and no longer contain plain text passwords or tokens, ensuring that sensitive credentials are handled securely and not exposed in container environment variables.
- Before this update, the environment variables of the tekton-results-api container contained sensitive information, posing security risks when these credentials were exposed in plain text. With this update, sensitive environment variables have been properly protected, and passwords and token information are no longer exposed in plain text, enhancing the security of the tekton-results-api component.
- Before this update, when running pipelines containing buildah task with non-root security context (UID 65532), the pipeline would fail due to permission errors. This was because the container's subuid configuration was incomplete, lacking support for UID 65532. With this update, we fixed the subuid configuration by adding the missing UID ranges (noroot:1:65531 and noroot:65533:65535) to support non-root execution with UID 65532. Additionally, we added integration tests to ensure buildah task runs successfully under non-root user scenarios.
- Before this update, the pipeline interface experienced multiple display issues including text display problems, poor user experience with variable completion multi-line functionality, and unstable behavior when updating triggers where parameters and workspace would sometimes appear and sometimes disappear, requiring users to reselect the pipeline to make them appear (including the Pipeline list). With this update, these display issues have been resolved. The pipeline and pipelinerun pages now display correctly with improved text rendering, enhanced variable completion multi-line functionality for better user experience, and stable trigger update behavior where parameters and workspace consistently appear without requiring pipeline reselection.
- Before this update, when the PAC (Pipelines as Code) webhook triggered multiple pipelines simultaneously, the pipeline run parameters were corrupted due to global variable issues in the PAC controller logic. This caused all triggered pipelines to use the same parameters, resulting in pipelines executing in unintended ways. With this update, the PAC controller has been fixed by eliminating the dependency on global variables that caused parameter interference between concurrently triggered pipelines. Now, when multiple pipelines are triggered simultaneously via webhook, each pipeline run correctly receives and uses its specific parameters, ensuring execution with the intended parameters.
Known Issues
No issues in this release.