In this release note, we’ll walk you through the latest improvements to Eficode ROOT as of November 2020.
For a professional, having the right tools for the job is crucial since it's not just about getting the job done, but getting the job done right. The ubiquitous Atlassian-JFrog-Jenkins swiss army knife is ubiquitous for a good reason, but there are times and situations when you simply need something specialized.
Eficode ROOT DevOps platform is not a one-size-fits-all type of thing. We can tailor your platform to your specific needs. Keep using the tools you like, we’ll take care of the rest. That’s the beauty of Eficode ROOT.
Jenkins' features and approach to CI/CD don't really fit the bill? How about GoCD or GitLab CI? You can have them on your Eficode ROOT.
Not a fan of Bitbucket? Not a problem! Perhaps GitHub Enterprise or GitLab would be just the ticket for you?
Like every month, in November the “alternatives” will receive just as much love as the popular ones. Read on to find out what exactly is going on.
What's new in GoCD?
GoCD on Eficode ROOT will be updated to version 20.8.0 and this means some major updates and improvements. Make sure to check out Release notes of GoCD at gocd.org for all details.
Default permissions on new pipeline groups
All pipeline groups with no explicit permissions setup can only be viewed and operated by GoCD system administrators. Earlier, such pipeline groups could be viewed and operated by every valid user. This changes it to be secure by default.
Pipelines will get default permission changes. If a pipeline group has no explicit permissions added, only GoCD system admins will be allowed to view and operate the pipeline. This should add more intra-organizational security.
Database change in the backend
GoCD now supports PostgreSQL as a database and we will start supporting it in GoCD. This change has made GoCD easier to maintain for the developers since some backend components were no longer maintained.
Pipeline as Code Wizard
New pipeline definitions are made more easily with the new wizard.
(Screenshot from gocd.org)
New stage overview gives quicker access to stage details in the dashboard, and the dashboard allows you now to also trigger manual stages.
(Screenshot from gocd.org)
The new materials page displays all your materials that you have configured.
(Screenshot from gocd.org)
Stage overview on Pipeline Activity Page
Users can now use the pipeline activity page to see a stage overview. It is not tied to just the dashboard anymore.
(Screenshot from gocd.org)
What's new in GitLab?
GitLab’s own release notes for version 13.5 are just about as detailed and extensive as always, so we can definitely recommend getting all the facts straight from the horse’s mouth at GitLab 13.5 release notes on GitLab.com.
In brief, this release adds SAST security scanning support for Android and iOS mobile apps, multifile snippets, group wikis to mention a few of the improvements.
What’s new in Zabbix?
We have been hard at working on upgrading our own infrastructure to latest and greatest and this means you will also get a thoroughly tested upgrade to Zabbix 5 with great new features and enhancements, such such as SAML Single Sign-On (e.g. Azure AD) support, encrypted variables, out of the box integrations to cloud services like Azure, AWS and GCP.
Read more below or navigate directly to the source, Zabbix 5.0 LTS Release Notes at zabbix.com.
Zabbix UI got a complete makeover in version 5, now looking all modern and sleek. The previous navigation bar at the top of the view was fairly usable, if oftentimes a bit clunky and awkward. All of that has been done away with. Everything is now in a nice, configurable and easy-to-use side bar.
In addition to this, reports and dashboards now also scale properly on different display sizes and resolutions. There’s also an improved search function and a smarter approach to various configuration options with less clickety-clack than before.
SAML enables you to integrate Zabbix into your existing Single Sign-On solution. What this means in practice is that we now have the means to set up access management in Zabbix using Eficode ROOT Team Management (“RTM”) with Keycloak, Azure AD, ADFS, Okta and other SAML-based systems, allowing a easy single button authentication to Zabbix users.
Configuration page for SAML
Additional security features
Zabbix has added additional security features such as support for http proxies, blacklist and whitelist metrics for agents, cipher configurations for Zabbix, encrypted database connectivity and hashed passwords. These changes enable Zabbix deployments with higher security builtin. Furthermore this also makes it possible to enforce Zabbix to be compliant with your organization’s security standards.
Integrations with alerting and ITSM systems
Monitoring applications, infrastructure and systems is certainly of utmost importance. Setting up proper notification channels is, however, just as - if not more - important in order to actually make use of the monitoring.
This release of Zabbix has brought with it out-of-the box integrations for the industry-standard alerting and ITSM platforms. Finally there’s no need for the endless scripting, banging your head against that proverbial wall of a REST API, only to end up with something that works… kind of. Integrating Zabbix to your favorite tools like Jira, Slack, ServiceNow or Teams can now be done in a breeze.
We have particularly enjoyed having our Zabbix hooked up to our OpsGenie from Atlassian as well as to our Jira Service Desk.
- Secrets with encryption are now supported.
- New agent system is now live enabling larger scale of agents
- New integrations for elasticsearch and memcached
- SNMP Caching
- No support of Internet Explorer 11
- Dropped support of IBM DB2
- mbedTLS (former polarSSL) is no longer supported for encryption. Only OpenSSL and GnuTSL libraries
- Minimum supported version for PHP is now 7.2: safer and more strict code
In other news
Hashicorp Vault is updated to 1.5.4
As a part of our own ISO 27001 initiative we took management of our secrets to the next level, among a lot of other stuff, naturally. After a lot of research, testing, trial and error we found HashiCorp's Vault to be the best possible tool to cater to our needs in application and infrastructure secrets management.
In fact, it has made such a compelling case for itself in our day-to-day life, we've decided to make HashiCorp Vault a readily available add-on for Eficode ROOT platform as well.
Interested? Get in touch with your Eficode ROOT support or representative for adding Vault to your Eficode ROOT! You can also check out Introduction to Vault at vaultproject.io to see what Vault is about.
The November release of version 1.5.4 brings with it security fixes and improvements to your kubernetes secret management.
See the Vault 1.5 Release Highlights at vaultproject io for more details on this release.
Jenkins’ monthly treatment
Jenkins will receive a bugfix update from 2.249.1 LTS to 2.249.2 LTS, along with a similar bugfix update for Blue Ocean (from 1.24.0 to 1.24.1) and a number of other enhancements and fixes to other plugins.
Breaking change to Google Play Android Publisher plugin
This is an advance warning, the update to version 4.0 will not be deployed until December. Release track name and Rollout percentage parameters will become mandatory in job configuration, so please ensure that your configurations are up to snuff!
See the Google Play Android Publisher plugin release notes for more information.
JFrog Artifactory and Xray
Artifactory will receive an update from current 7.7.8 to version 7.10.2, Xray from 3.8.6 to 3.10.3.
This release of Artifactory will improve on many aspects of the system, including:
- Docker Schema 2 support for remote registries, Docker Pull performance improvements.
- Improved log analytics and onboarding experience for Artifactory administrators.
- Bundler Compact index support for RubyGems remote repositories.
This release of Xray adds support for Alpine Repositories and Alpine Packages. There’s also a new Due Diligence Licenses report for the reporting feature plus a bunch of other improvements and fixes under the hood.
SonarQube’s plugin updates
We are anticipating SonarQube 8 to receive its LTS tag some time early 2021, which will then mean upgrade time in Eficode ROOT too. But for the time being we are simply fine tuning your current SonarQube 7.9 LTS experience with some targeted plugin updates:
- SonarQube Community Branch plugin is updated from 1.3.0 to 1.3.2.
- SonarCSS is updated from 1.2.0 to 1.2.1.
- SonarJS is updated from 6.2.1 to 6.2.2.
Sonatype Nexus IQ reaches release 100
Nexus IQ will get an update from release 98 to release 100. There are improvements to Advanced Development Pack addon features, APIs and GitLab MR usage. See the IQ Server Release Notes at sonatype.com for details.
Did you know that you can use Nexus IQ with JFrog Artifactory? Read more on our blogpost.