v1.7.3

We are pleased to present Shipa 1.7.3 release.

Category

Description

Cron Job Support

Shipa expanded support for Kubernetes Job to suppor Cron Jobs. For details see: CronJob documentation

Kubernetes Health Check support

We have improved Kubernetes health check feature to support all different probes as well as specifying multiple probes using shipa.yaml. See health check documentation for details

Pod Security Standard policy: Baseline Profile support

We have added Pod Security Standard policy: Baseline Profile support. Shipa would automatically detect any baseline profile violation of discovered apps

Cluster Upgrade improvement

Users can see available upgrade of their connected cluster and can do one click upgrade from Dashboard

Sorting and Filtering of Security scan

You can now sort and filter Security Scan report by CVE, Severity and component

Launch application using CLI

Launch application using shipa app open -a APP_NAME,

e.g. to open dashboard:

shipa dashboard open

or

shipa app open -a dashboard

📘

Shipa CLI requirement

Shipa 1.7.2 require Shipa CLI 1.7.9 or later

📘

Upgrade Notes

Upgrade to 1.7.3 by running following commands:

Login to your shipa installation using admin password

shipa login $ADMIN_USER

Update helm repot to fetch Shipa 1.7.3 charts

helm repo update

Upgrade to Shipa 1.7.3

helm upgrade --install shipa shipa-charts/shipa \
  --set auth.adminUser=$ADMIN_USER --set auth.adminPassword=$ADMIN_PASSWORD \
  --namespace shipa-system --create-namespace --timeout=1000s --wait

Upgrade shipa cluster

Shipa 1.7.3 automatically upgrades root cluster with latest component updates using helm post-upgrade hook.

In case you experience any issue, you can always force upgrade using:

shipa cluster update shipa-cluster

Resolved Issues

Epic

SHIPA-2970 Add cluster upgrade action to dashboard and outdate indication

SHIPA-2959 Users should be able to filter security vulnerabilities

SHIPA-2958 Improve Kubernetes Health check support

SHIPA-2932 Cron Job support

SHIPA-2889 Shipa policy violation report with Github action CI build

Story

SHIPA-2986 Update ingress-nginx to latest version

SHIPA-2907 User should receive policy violation report for disallowed sysctls

SHIPA-2906 User should receive policy violation report for custom seccomp profile

SHIPA-2905 User should receive policy violation report for non default /proc mount type mask

SHIPA-2904 User should receive policy violation report for HostPath Volumes

SHIPA-2903 User should receive policy violation report for disallowed capabilities

SHIPA-2902 User should receive policy violation report for Host Ports

SHIPA-2901 User should receive policy violation report for Host Namespaces

SHIPA-2900 User should receive policy violation report for Privileged Container

SHIPA-2883 Make it easy for users to open application in browser using CLI

SHIPA-2880 Upload policy report to shipa

SHIPA-2878 Application to load files from CI/CD context - Github Action POC

SHIPA-2877 Make shipa-controller policy violation scan code reusable

SHIPA-2863 Dashboard should show cluster after its connected without requiring page refresh

SHIPA-2861 Helm upgrade should update root cluster over helm hook

Task

SHIPA-2996 Enhance cron field validation

SHIPA-2995 Fix flaky unit test - cluster

SHIPA-2994 Improve cluster refresh for controlled operations and more

SHIPA-2993 Replace cron job detail page's status dropdown component for badge component

SHIPA-2990 Add PUT /jobs endpoint to update CronJobs

SHIPA-2976 Implement security report UI changes

SHIPA-2975 Design new security report UI (filters)

SHIPA-2974 Update job details page to support cron jobs

SHIPA-2973 Enhance job mutation to support CronJobs

SHIPA-2972 Update jobs table to reflect cron information

SHIPA-2971 Add action to upgrade cluster from the dashboard

SHIPA-2968 Move Framework CRD from ketch-types to shipa-controller

SHIPA-2967 Remove Framework CRD from ketch

SHIPA-2960 Add e2e tests for Volumes

SHIPA-2957 Add e2e tests for Volume Plans

SHIPA-2955 Add command to seed/clean API resources for e2e tests

SHIPA-2953 Design UI for CronJobs

SHIPA-2951 Add e2e tests for adding permissions to user's role

SHIPA-2949 Add indicator to API that cluster requires upgrade

SHIPA-2948 Add "Outdated" indication to the cluster pages

SHIPA-2946 Add e2e tests for Policy Report Crud

SHIPA-2942 Add CronJob support to Shipa-Client

SHIPA-2941 Add CronJob CRUD to Shipa-API

SHIPA-2940 Add CronJob CRD & controller to Ketch

SHIPA-2936 add e2e test for app re-deploy

SHIPA-2896 Remove total swap chart

SHIPA-2893 Simplify Health Checks by serving it as passthrough

SHIPA-2822 Improve app.create and app.delete events for autodiscovered apps

SHIPA-635 Re-design the usage of title inside component

Bug

SHIPA-2989 world-110m.json removed from master in source repo

SHIPA-2988 Dashboard "Geographic Apps Distribution" isn't loading

SHIPA-2982 Display correct config map file paths in app metadata

SHIPA-2979 Shipa Payments: Stripe should not send invoices on Zero bills or Free Plan

SHIPA-2962 Shipa-api has to be restarted when user updates cluster with new kubernetes credentials

SHIPA-2894 Application re-deployment should not proceed if probes fail