Release Notes
TIP
The maintenance period for version v4.1.x is from July 14, 2025 to Nov 14, 2025.
TOC
Compatibility and support matrix
The following table shows the compatibility and support matrix between the Alauda DevOps Pipelines operator and ACP versions.
| Alauda DevOps Pipelines Version | Component Version | ACP Version | |||||
|---|---|---|---|---|---|---|---|
| Operator | Pipelines | Triggers | CLI | Chains | Hub | Results | |
| 4.1.0 | 0.65.7 | 0.30.1 | 0.39.1 | 0.23.1 | 1.19.2 | 0.14.0 | 4.0 |
| 4.0.x (LTS) | 0.65.x | 0.30.x | 0.39.x | 0.23.x | 1.19.x | 0.13.x | 4.0 |
v4.1.0
New and Optimized Features
This release enhances task capabilities, strengthens Pipeline security, introduces standardized Java templates, improves execution efficiency via Trigger configurations, and optimizes end-to-end orchestration experience.
- Expanded Task Capabilities
- Support for kubectl Task: Directly operate Kubernetes resources.
- Support for git Task: Simplify code repository interaction processes.
- Enhanced Pipeline Security
- Integration of syft Task: Automatically generate image SBOM.
- Integration of cosign Task: Implement image signing and verification.
- Integration of trivy Task: Conduct vulnerability scanning and dependency security detection.
- Provide standardized Java Pipeline templates, covering the entire workflow of compilation, scanning, building, and deployment.
- Pipelines support Trigger Template configuration to improve pipeline execution efficiency.
- Optimize the end-to-end user experience of orchestrating Pipelines.
Fixed Issues
- Before this update, when Tekton Chains was enabled and the default-pod-template configuration was modified after PipelineRun and TaskRun resources had completed, these resources could not be deleted due to a conflict between the default webhook (which attempted to update pod templates) and the validation webhook (which prevented spec modifications on completed resources). With this update, the default webhook no longer attempts to modify pod templates for completed PipelineRun and TaskRun resources, allowing them to be successfully deleted.
- Before this update, after deploying the Tektoncd Operator, the clustertriggerbinding resource required by trigger was not imported, resulting in inconvenience when using the trigger function. With this update, the resource will be automatically imported, making the trigger function easier to use.
- Before this update, if there was an update in the Hub component of the Tektoncd Operator, manual intervention was required to trigger the upgrade. With this update, the system will automatically detect updates to the Hub component and trigger the upgrade automatically.
- Before this update, Tekton Results components (tekton-results-api, tekton-results-retention-policy-agent, tekton-results-postgres) were storing secrets as environment variables, which violated the Kubernetes STIG security baseline requirement V-242415 that prohibits storing secrets as environment variables. With this update, these components no longer mount secrets through environment variables, ensuring compliance with Kubernetes security standards.
- Before this update, the tekton-results-watcher container in the tekton-results-watcher component did not have CPU or memory limits configured, which could lead to resource exhaustion and security vulnerabilities in Kubernetes environments. With this update, the tekton-results-watcher container now has proper CPU and memory limits configured, ensuring better resource management and security compliance.
- Before this update, the tekton-results-retention-policy-agent container in the Tekton Results retention policy agent component did not have CPU or memory limits configured, which posed a security vulnerability as containers could potentially consume unlimited resources. With this update, proper CPU and memory limits have been added to the retention-policy-agent container, ensuring resource usage is properly constrained and the security vulnerability is resolved.
- Before this update, the tekton-results-api container in the Tekton Results component did not have CPU or memory limits configured, which could lead to resource exhaustion and security vulnerabilities. With this update, proper CPU and memory limits have been added to the tekton-results-api container to ensure resource constraints and improve security posture.
- Before this update, the tekton-hub-api component was generating zombie processes every 30 minutes when performing git clone operations, which could potentially cause node failures due to abnormal process behavior. With this update, the zombie process issue has been resolved through updates to the tektoncd-operator, and the system now operates without generating zombie processes during git operations.
Known Issues
No issues in this release.