Red Hat SummitChapter 1. Builds for Red Hat OpenShift release notes
Release notes contain information about new and deprecated features, breaking changes, and known issues. The following release notes apply for the most recent Builds releases on OpenShift Container Platform.
Builds is an extensible build framework based on the Shipwright project, which you can use to build container images on an OpenShift Container Platform cluster. You can build container images from source code and Dockerfiles by using image build tools, such as Source-to-Image (S2I) and Buildah. You can create and apply build resources, view logs of build runs, and manage builds in your OpenShift Container Platform namespaces.
Builds includes the following capabilities:
- Standard Kubernetes-native API for building container images from source code and Dockerfiles
-
Support for Source-to-Image (S2I) and
Buildahbuild strategies - Extensibility with your own custom build strategies
- Execution of builds from source code in a local directory
- Shipwright CLI for creating and viewing logs, and managing builds on the cluster
- Integrated user experience with the Developer perspective of the OpenShift Container Platform web console
For more information about Builds, see Overview of Builds.
1.1. Compatibility and support matrix
In the table, components are marked with the following statuses:
| TP | Technology Preview |
| GA | General Availability |
The Technology Preview features are experimental features and are not intended for production use.
| Builds Version | Component Version | Compatible Openshift Pipelines Version | OpenShift Version | Support | |
|---|---|---|---|---|---|
| Operator | Builds (Shipwright) | CLI | |||
| 1.5 | 0.16.0 (GA) | 0.16.0 (GA) | 1.17, 1.18, 1.19 and 1.20 | 4.16, 4.17, 4.18, and 4.19 | GA |
| 1.4 | 0.15.0 (GA) | 0.15.0 (GA) | 1.16, 1.17, 1.18 and 1.19 | 4.15, 4.16, 4.17, and 4.18 | GA |
1.2. Release notes for Builds 1.5.1
Builds 1.5.1 is now available on OpenShift Container Platform 4.19.
1.2.1. New features
The following sections highlight what is new in Builds 1.5.1.
- With this update, Builds deployment is FIPS compliant, ensuring that all the cryptographic modules and algorithms meet the security requirements.
1.2.2. Fixed issues
The following list highlights fixed issues in Builds 1.5.1.
-
Before this update, adding volumes to
BuildandBuildruncustom resources (CR) failed due to empty fields in the Custom Resource Definition (CRD). With this update, the empty fields in the CRD are removed. -
Before this update, using
ExtKeyUsageAnyfield in anx509certificate disabled policy validation incrypto/x509. This affected certificate chains that contain policy graphs. With this update, usingExtKeyUsageAnyfield does not disable the policy validation. CVE-2025-22874 - Before this update, the correct build container images were not pulled in a disconnected cluster because the image SHAs were not synchronized. With this fix, the SHAs of the images are updated and synced between the operator bundle and the build strategies. This ensures that correct build container images are pulled in a disconnected cluster.
1.3. Release notes for Builds 1.5
Builds 1.5 is now available on OpenShift Container Platform 4.16, 4.17, 4.18, and 4.19.
1.3.1. New features
The following sections highlight what is new in Builds 1.5.
- With this update, Builds for Red Hat OpenShift Operator deploys Shipwright v0.16 components.
-
With this update, you can use the optional
.spec.nodeSelectorvalue withshpCLI to specify the nodes on which build run pods should run. -
With this update, you can use the optional
--scheduler-nameflag withshpCLI to specify the scheduler for scheduling build run pods. With this update, the following two buildpacks
ClusterBuildStrategyoptions are available for Builds:-
buildpacksstrategy buildpacks-extenderstrategyNoteThe
buildpacks-extenderstrategy is compatible with the experimental buildpacksextenderlifecycle phase. You can use this strategy, for example, for builds based on Node.js. However, theextenderphase does not support Quarkus, or any other Java-based builds. For such builds, use thebuildpacksstrategy instead.These strategies introduce new features, enhance compliance with Cloud Native Buildpacks (CNB) 0.12 specifications, and improve the overall stability and usability of the
ClusterBuildStrategybuildpacks.ImportantBuildpacks is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.
For more information about the support scope of Red Hat Technology Preview features, see Technology Preview Features Support Scope.
-
With this update, the
source.git.depthparameter was added to theBuildresource to specify the depth of the Git history. The default value is 1, meaning no history is cloned. This method provides fastest way to clone a Git repository and is suitable for all cases where your build logic doesn’t rely on Git history.Any value greater than 1 will create a clone with the specified depth. For a full Git history clone, set the depth to 0.
NoteIf you specify a commit SHA as a revision, the full history is always cloned before this commit is checked out.
1.3.2. Fixed issues
The following list highlights fixed issues in Builds 1.5.
-
Before this update, the build controller had permission to modify
CustomResourceDefinitions. This caused the controller to have excessive permissions, resulting in a minor security risk. With this update, the issue is fixed. Before this update, if the Builds for Red Hat OpenShift Operator failed to reconcile theShipwrightBuildorSharedResourceobjects but the status update of the build controller succeeded, the controller was not requeued for reconciliation. With this update, the issue is resolved, and the controller is correctly requeued for reconciliation after a failure.
1.3.3. Deprecated features
The following section highlights deprecated features in Builds 1.5.
With this update, the following channels are deprecated:
- builds-1.3
Instead, use the builds-1.5 channel.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}