Tanzu Application Platform v1.7.0 release notes

This topic contains release notes for Tanzu Application Platform v1.7.0.

Release Date: 07 November 2023

What’s new in Tanzu Application Platform v1.7

This release includes the following platform-wide enhancements.

New platform-wide features

New components

  • Aria Operations for Applications (AOA) dashboard (Beta): This dashboard, powered by Aria Operations for Applications (formerly Tanzu Observability), helps platform engineers monitor the health of clusters by showing whether the deployed Tanzu Application Platform components are behaving as expected.

  • AWS Services: Provides a more streamlined approach for integrating services from AWS into Tanzu Application Platform. Currently supports RDS PostgresSQL and MySQL on AWS. Installing this package is optional because it is not included in any Tanzu Application Platform profile.

  • Service Registry for VMware Tanzu: Provides on-demand Eureka servers for Tanzu Application Platform clusters. With Service Registry, you can create Eureka servers in your namespaces and bind Spring Boot workloads to them.

v1.7.0 New features by component and area

This release includes the following changes, listed by component and area.

v1.7.0 Features: API Auto Registration

  • Introduces API curation feature in alpha that is intended for testing only.

  • The new CuratedAPIDescriptor custom resource allows aggregating multiple APIs of type OpenAPI in a single curated API.

  • Integrates with Spring Cloud Gateway for Kubernetes to automatically generate SpringCloudGatewayMappings and SpringCloudGatewayRouteConfigs.

  • The API Auto Registration controller exposes API endpoints to view all curated APIs or filter for specific APIs to add as API portal’s source URLs.

v1.7.0 Features: Application Accelerator

  • Includes built-in integration of application bootstrap provenance through an accelerator into Artifact Metadata Repository (AMR). This enables application architects to get advanced insight into how accelerators are used, such as, the most commonly and rarely used accelerators. For more information, see Integration with AMR.

v1.7.0 Features: Application Configuration Service

  • The default interval for a new ConfigurationSlice resource is now 60 seconds.

  • When debugging ConfigurationSlice resources, you now see status information from GitRepository resources if any of the errors are related to the GitRepository reconciliation.

v1.7.0 Features: Application Single Sign-On

  • Includes cross-origin resource sharing (CORS) options so application developers can use client_credentials grants for single-page apps.

  • Adds new configuration option AuthServer.spec.session.expiry to customize how long an Authserver’s session is active.

  • Authorization servers support the user-information endpoint to obtain users identity information for OpenID Connect (OIDC) providers.

  • Updates the UI to have clearer messaging on login and consent screens.

  • Enhances audit log, error handling, and status fields.

v1.7.0 Features: Bitnami Services

  • Adds support for environments enforcing the restricted Pod Security Standard.

v1.7.0 Features: cert-manager

v1.7.0 Features: Cloud Native Runtimes

  • Adds the new configuration option resource_management, which allows you to configure CPU and memory for both Kubernetes request and limits for all Knative Serving deployments in the knative-serving namespace. For information about how to use this configuration, see Knative Serving Resource Management.

  • Adds the new configuration option cnrs.contour.default_tls_secret, which has the same meaning as cnrs.default_tls_secret. cnrs.default_tls_secret is deprecated in this release and is marked for removal in Tanzu Application Platform v1.10, which includes Cloud Native Runtimes v2.7. In the meantime both options are supported and cnrs.contour.default_tls_secret takes precedence over cnrs.default_tls_secret.

  • Adds new configuration options cnrs.contour.[internal|external].namespace. These two new options behave the same as cnrs.ingress.[internal|external].namespace. cnrs.ingress.[internal/external].namespace is deprecated in this release and is marked for removal in Tanzu Application Platform v1.10. In the meantime, both options are supported, but cnrs.contour.[internal/external].namespace takes precedence over cnrs.ingress.[internal/external].namespace.

  • New Knative garbage collection defaults. Cloud Native Runtimes is reducing the number of revisions kept for each Knative service from 20 to 5. This improves the Knative controller’s memory consumption when there are several Knative services. Knative manages this through the config-gc ConfigMap under the knative-serving namespace. See the Knative documentation. The following defaults are set for Knative garbage collection:

    • retain-since-create-time: "48h": Any revision created with an age of 2 days is considered for garbage collection.
    • retain-since-last-active-time: "15h": Revision that was last active at least 15 hours ago is considered for garbage collection.
    • min-non-active-revisions: "2": The minimum number of inactive Revisions to retain.
    • max-non-active-revisions: "5": The maximum number of inactive Revisions to retain.

    For more information about updating default values, see Configure Garbage collection for the Knative revisions.

  • Knative Serving v1.11 is available in Cloud Native Runtimes. For more information, see the Knative v1.11 release notes.

  • Adds the Knative Serving migrator job. Cloud Native Runtimes now runs a new job in the knative-serving namespace that is responsible for ensuring that Cloud Native Runtimes uses the latest Knative Serving resource versions.

v1.7.0 Features: Contour

v1.7.0 Features: Crossplane

  • Updates Universal Crossplane to v1.13.2-up.1. For more information, see the Upbound blog.

  • Custom certificate data is now correctly passed through to the Crossplane Providers.

v1.7.0 Features: External Secrets Operator

  • External Secrets Operator has now reached General Availability.

  • Adds SYNC, GET, LIST and CREATE commands to the CLI. The GET command lets you get more details about your external secrets and secret stores. The CREATE command lets you create cluster external secret and cluster secret stores. For more information, see the Tanzu CLI Command Reference documentation.

v1.7.0 Features: Service Bindings

  • Introduces the new servicebinding.tanzu.vmware.com package, which supersedes the existing service-bindings.labs.vmware.com. The new package is based on the community maintained servicebinding/runtime implementation instead of the VMware-maintained vmware-tanzu/servicebinding.

v1.7.0 Features: Services Toolkit

  • Adds support for Kubernetes v1.27.

v1.7.0 Features: Supply Chain Choreographer

v1.7.0 Features: Supply Chain plug-in for Tanzu Developer Portal

v1.7.0 Features: Security Analysis plug-in for Tanzu Developer Portal

v1.7.0 Features: Spring Boot Conventions

v1.7.0 Features: Supply Chain Security Tools (SCST) - Scan

  • Adds support for Pod Security Admission with Pod Security Standards enforced.

  • Adds support for the new version of the Tanzu CLI Insight plug-in.

  • SCST - Scan 2.0 (beta) now uses Trivy as the default scanner for container image scanning using the included image and template. SCST - Scan 1.0 maintains Grype as the default.

v1.7.0 Features: Supply Chain Security Tools (SCST) - Store

Artifact Metadata Repository (AMR) is a new component that extends the capabilities of SCST - Store. AMR has the following new features in v1.7.0:

v1.7.0 Features: Tanzu CLI and plug-ins

  • This release includes Tanzu CLI v1.2.0 and a set of installable plug-in groups that are versioned so that the CLI is compatible with every supported version of Tanzu Application Platform. For more information, see Install Tanzu CLI.

v1.7.0 Features: Tanzu CLI Insight plug-in

  • You can access reports from each scan to find out what packages and vulnerabilities were discovered by using the tanzu insight report command. For more information, see the Tanzu CLI Command Reference documentation.

  • You can rebase vulnerability triage analyses by using the tanzu insight triage rebase command. For more information, see Rebase multiple analyses and the Tanzu CLI Command Reference documentation.

v1.7.0 Features: Tanzu Developer Portal

  • Tanzu Developer Portal Configurator has now reached General Availability. You can use Configurator to make use of VMware validated plug-ins and also integrate custom external plug-ins. For more information, see the Configurator overview.

  • The following third-party plug-ins have validated compatibility with the Configurator:

    • Tech Insights - @vmware-tanzu/tdp-plugin-techinsights
    • Tech Insights Backend - @vmware-tanzu/tdp-plugin-techinsights-backend
    • Sonarqube - @vmware-tanzu/tdp-plugin-backstage-sonarqube
    • Sonarqube Backend -@vmware-tanzu/tdp-plugin-backstage-sonarqube-backend
    • Stack Overflow - @vmware-tanzu/tdp-plugin-stack-overflow
    • Prometheus - @vmware-tanzu/tdp-plugin-prometheus
    • Jira - @vmware-tanzu/tdp-plugin-backstage-jira
    • Grafana - @vmware-tanzu/tdp-plugin-backstage-grafana
    • GitHub Actions - @vmware-tanzu/tdp-plugin-github-actions
    • Snyk - @vmware-tanzu/tdp-plugin-snyk
    • Tanzu Developer Portal Home - @vmware-tanzu/tdp-plugin-home

v1.7.0 Features: Tanzu Developer Tools for VS Code

v1.7.0 Breaking changes

This release includes the following changes, listed by component and area.

v1.7.0 Breaking changes: Tanzu Application Platform

  • Minikube support has been removed.

v1.7.0 Breaking changes: Contour

  • By default, Tanzu Application Platform v1.7.0 installs the Contour’s Envoy pods as a Deployment instead of a DaemonSet. This causes application downtime during an upgrade. For more information about how to avoid upgrade downtime, see Configure Envoy for Contour.

v1.7.0 Breaking changes: Application Live View

  • The appliveview_connector.backend.sslDisabled key has been removed and is replaced by appliveview_connector.backend.sslDeactivated.

v1.7.0 Breaking changes: Application Single Sign-On

  • ClientRegistration.spec.clientAuthenticationMethod no longer supports basic and post.

  • The internal-unsafe identity provider forAuthServer no longer supports claim mappings.

  • ClusterUnsafeTestLogin no longer has the short name cutl.

v1.7.0 Breaking changes: Eventing

  • Eventing is removed in this release. Install and manage Knative Eventing as an alternative solution.

v1.7.0 Breaking changes: Learning Center

  • Learning Center is removed in this release. Use Tanzu Academy instead for all Tanzu Application Platform learning and education needs.

v1.7.0 Breaking changes: Services Toolkit

  • Services Toolkit forces explicit cluster-wide permissions to claim from a ClusterInstanceClass. You must now grant the permission to claim from a ClusterInstanceClass by using a ClusterRole and ClusterRoleBinding. For more information, see The claim verb for ClusterInstanceClass.

v1.7.0 Breaking changes: Supply Chain Security Tools (SCST) - Scan

  • The docker field and related sub-fields used in SCST - Scan are removed in this release.

  • The field scanning.metadataStore.url is now removed. If this field is present in the tap-values.yaml file, it can cause reconciliation failure. For more information, see Troubleshooting

  • SCST - Scan 2.0: You must upgrade the Tanzu Application Platform package to v1.7.0 before upgrading app-scanning.apps.tanzu.vmware.com to v0.2.0. See Troubleshooting.

v1.7.0 Breaking changes: Tanzu CLI command reference documentation

  • The Tanzu CLI plug-in command reference documentation has moved from the Tanzu Application Platform documentation to the VMware Tanzu CLI documentation. The following Tanzu CLI plug-ins are impacted: Accelerator, Apps, Build Service, External Secrets, Insight, and Tanzu Service.

v1.7.0 Breaking changes: Tanzu CLI RBAC plug-in

  • The RBAC plug-in for the Tanzu CLI, which was released as a beta to help manage user and group bindings to the Tanzu Application Platform Default Roles, has been removed in favor of native Kubernetes capability. For more information, see the Default roles for Tanzu Application Platform documentation.

v1.7.0 Breaking changes: Workloads

  • Function Buildpacks for Knative and the corresponding Application Accelerator starter templates for Python and Java are removed in this release.

v1.7.0 Security fixes

For the list of security fixes in this Tanzu Application Platform release, see Security fixes.

v1.7.0 Resolved issues

The following issues, listed by component and area, are resolved in this release.

v1.7.0 Resolved issues: Application Configuration Service

  • The pod security context now adheres to the restricted Pod Security Standard, which prevents some installation failures.

v1.7.0 Resolved issues: Application Single Sign-On

  • Authorization servers advertise only supported scopes by using the discovery endpoint.

  • AuthServer.spec.identityProviders.*.name has a description.

  • AuthServer.spec.identityProviders.*.name is validated against DNS1123.

  • ClusterUnsafeTestLogin reconciles only if the namespace designated by cluster_resource_namespace exists.

  • Correctly implements the restricted Pod Security Standard for the controller and all AuthServer-related resources.

  • Authorization servers display OpenID Connect (OIDC) providers on the login page even when there are no SAML providers.

v1.7.0 Resolved issues: Artifact Metadata Repository Observer and CloudEvent Handler

  • The ReplicaSet status in AMR now shows the available and unavailable states in addition to created and deleted.

v1.7.0 Resolved issues: Cloud Native Runtimes

  • Certain combinations of app name, namespace, and domain no longer produce Knative Services with status CertificateNotReady.

v1.7.0 Resolved issues: Crossplane

  • Crossplane Providers can now communicate with systems using a custom CA.

v1.7.0 Resolved issues: Supply Chain Choreographer

  • You can safely ignore the label apps.tanzu.vmware.com/carvel-package-workflow when the package supply chain is deactivated. Previously, workloads with this label failed when the package supply chain was deactivated.

  • Workloads failed on image supply chains with multiple supply chain matches when testing or scanning supply chains are side loaded with the basic supply chain. Though side loading these supply chains is not a supported configuration, this fix allows you to continue to create workloads.

  • The package Supply Chain can now generate a Carvel package when building an image from source and uploading it to a private registry using a certificate.

v1.7.0 Resolved issues: Tanzu Developer Portal - Supply Chain GUI plug-in

  • Workloads created by using a custom resource definition (CRD) work as expected.

  • Downloading the SBOM from a vulnerability scan no longer requires additional configuration in tap-values.yaml.

v1.7.0 Resolved issues: Tanzu Developer Tools for VS Code

  • In the Tanzu activity panel, the config-writer-pull-requester of type Runnable is correctly categorized as Supply Chain.

v1.7.0 Known issues

This release has the following known issues, listed by component and area.

v1.7.0 Known issues: Tanzu Application Platform

  • Tanzu Application Platform v1.7.0 is not supported with Tanzu Kubernetes releases (TKR) v1.26 on vSphere with Tanzu v8.

v1.7.0 Known issues: API Auto Registration

  • Registering conflicting groupId and version with API portal:

    If you create two CuratedAPIDescriptors with the same groupId and version combination, both reconcile without throwing an error, and the /openapi?groupId&version endpoint returns both specifications. If you are adding both specifications to the API portal, only one of them might show up in the API portal UI with a warning indicating that there is a conflict. If you add the route provider annotation for both of the CuratedAPIDescriptors to use Spring Cloud Gateway, the generated API specspecification includes API routes from both CuratedAPIDescriptors.

    You can see the groupId and version information from all CuratedAPIDescriptors by running:

    $ kubectl get curatedapidescriptors -A

NAMESPACE           NAME         GROUPID            VERSION   STATUS   CURATED API SPEC URL
my-apps             petstore     test-api-group     1.2.3     Ready    http://AAR-CONTROLLER-FQDN/openapi/my-apps/petstore
default             mystery      test-api-group     1.2.3     Ready    http://AAR-CONTROLLER-FQDN/openapi/default/mystery

  • When creating an APIDescriptor with different apiSpec.url and server.url, the controller incorrectly uses the API spec URL as the server URL. To avoid this issue, use server.url only.

v1.7.0 Known issues: Application Live View

  • On the Run profile, Application Live View fails to reconcile if you use a non-default cluster issuer while installing through Tanzu Mission Control.

v1.7.0 Known issues: Artifact Metadata Repository Observer and CloudEvent Handler

  • Periodic reconciliation or restarting of the AMR Observer causes reattempted posting of ImageVulnerabilityScan results. There is an error on duplicate submission of identical ImageVulnerabilityScans you can ignore if the previous submission was successful.

v1.7.0 Known issues: Bitnami Services

  • If you try to configure private registry integration for the Bitnami services after having already created a claim for one or more of the Bitnami services using the default configuration, the updated private registry configuration does not appear to take effect. This is due to caching behavior in the system which is not accounted for during configuration updates. For a workaround, see Troubleshoot Bitnami Services.

v1.7.0 Known issues: Carbon Black Scanner for SCST - Scan

  • Carbon Black Scanner templates raise a PodSecurity violation error in clusters that use the restricted Pod Security Standard. As a workaround, see Troubleshooting.

v1.7.0 Known issues: Cartographer Conventions

  • While processing workloads with large SBOMs, the Cartographer Convention controller manager pod can fail with the status CrashLoopBackOff or OOMKilled. For information about how to increase the memory limit for both the convention server and webhook servers, including app-live-view-conventions, spring-boot-webhook, and developer-conventions/webhook, see Troubleshoot Cartographer Conventions.

v1.7.0 Known issues: Cloud Native Runtimes

  • Web workloads created with Tanzu Application Platform v1.6.3 and earlier fail to update with the error API server says: admission webhook "validation.webhook.serving.knative.dev" denied the request: validation failed: annotation value is immutable. For a workaround, see Troubleshoot Cloud Native Runtimes for Tanzu.

v1.7.0 Known issues: Contour

  • A renewed CA certificate might not get updated in the CA section of Envoy and Contour certificate’s secrets

v1.7.0 Known issues: Crossplane

  • The Crossplane validatingwebhookconfiguration is not removed when you uninstall the Crossplane package. To workaround, delete the validatingwebhookconfiguration manually by running kubectl delete validatingwebhookconfiguration crossplane.

v1.7.0 Known issues: Service Bindings

  • When upgrading Tanzu Application Platform, pods are recreated for all workloads with service bindings. This is because workloads and pods that use service bindings are being updated to new service binding volumes. This happens automatically and will not affect subsequent upgrades.

    Affected pods are updated concurrently. To avoid failures, you must have sufficient Kubernetes resources in your clusters to support the pod rollout.

  • ServiceBinding is not immediately reconciled when status.binding.name changes on a previously bound service resource. This impacts the timely rollout of new connection secrets to workloads. The reconciler eventually picks up the change but this might take up to 10 hours. As a temporary workaround, you can do one of the following:

    • Delete the existing ServiceBinding and create a new one that is identical.
    • Trigger reconciliation of the existing ServiceBinding by adding an arbitrary annotation or label.
    • Delete and recreate the application workload referred to by the ServiceBinding.

v1.7.0 Known issues: Services Toolkit

  • An error occurs if additionalProperties is true in a CompositeResourceDefinition. For more information and a workaround, see Troubleshoot Services Toolkit.

v1.7.0 Known issues: Supply Chain Choreographer

  • By default, Server Workload Carvel packages generated by the Carvel package supply chains no longer contain OpenAPIv3 descriptions of their parameters. These descriptions were omitted to keep the size of the Carvel Package definition under 4 KB, which is the size limit for the string output of a Tekton Task. For information about these parameters, see Carvel Package Supply Chains.

  • When using the Carvel Package Supply Chains, if the operator updates the parameter carvel_package.name_suffix, existing workloads incorrectly output a Carvel package to the GitOps repository that uses the old value of carvel_package.name_suffix. You can ignore or delete this package.

  • If the size of the resulting OpenAPIv3 specification exceeds a certain size, approximately 3 KB, the Supply Chain does not function. If you use the default Carvel package parameters, this issue does not occur. If you use custom Carvel package parameters, you might encounter this size limit. If you exceed the size limit, you can either deactivate this feature, or use a workaround. The workaround requires enabling a Tekton feature flag. For more information, see the Tekton documentation.

  • Pods created by using Tekton do not adhere to the Pod Security Standard. To run Supply Chains in a cluster where this webhook is installed by default, VMware recommends labeling the namespace with pod-security.kubernetes.io/enforce=privileged to ensure that they are correctly created.

v1.7.0 Known issues: Supply Chain Security Tools (SCST) - Scan

  • When container.SecurityContext is not null and the Capabilities field or SeccompProfile field is empty (null), the controller fails because of panic. For a workaround, see Troubleshoot Supply Chain Security Tools - Scan.

  • When using SCST - Scan 2.0 with a ClusterImageTemplate, the value for the scanning image is overwritten with an incorrect default value from ootb_supply_chain_testing_scanning.image_scanner_cli in the tap-values.yaml file. You can prevent this by setting the value in your tap-values.yaml file to the correct image. For example, for the Trivy image packaged with Tanzu Application Platform:

    ootb_supply_chain_testing_scanning:
  image_scanner_template_name: image-vulnerability-scan-trivy
  image_scanning_cli:
    image: registry.example.com/tanzu-application-platform/tap-packages@sha256:675673a6d495d6f6a688497b754cee304960d9ad56e194cf4f4ea6ab53ca71d6

  • When using SCST - Scan 2.0, Trivy must be pinned to v0.42.1. This is because CycloneDX v1.5 is the default for later versions of Trivy and is not supported by AMR.

  • When container.SecurityContext is not null but either of fields Capabilities or SeccompProfile are left empty (null), the controller fails because of panic. For a workaround, see Troubleshoot Supply Chain Security Tools - Scan.

  • SCST - Scan 1.0 fails with the error secrets 'store-ca-cert' not found during deployment by using Tanzu Mission Control with a non-default issuer. For how to work around this issue, see Deployment failure with non-default issuer.

v1.7.0 Known issues: Supply Chain Security Tools (SCST) - Store

  • AMR-specific steps have been added to the Multicluster setup for Supply Chain Security Tools - Store.

  • SCST - Store automatically detects PostgreSQL database index corruptions. If SCST - Store finds a PostgresSQL database index corruption issue, it does not reconcile. For how to fix this issue, see Fix Postgres Database Index Corruption.

  • When observer.deploy_through_tmc is true, properties are auto-configured for Tanzu Mission Control (TMC). This causes the MultiClusterPropertyCollector resource to overwrite existing Tanzu Application Platform values for Observer.

    When using Let’s Encrypt ACME issuers, the resultant Kubernetes secret resource does not contain a ca.crt property. Therefore, when the MultiClusterPropertyCollector resource creates the Observer package configuration values secret, the required ca_cert_data is empty.

    To work around this issue, add the Certificate Authority (CA) Certificate to the shared.ca_cert_data key in the Tanzu Application Platform installation values.

v1.7.0 Known issues: Tanzu Build Service

  • During upgrades a large number of builds might be created due to buildpack and stack updates. Some of these builds might fail due to transient network issues, causing the workload to be in an unhealthy state. This resolves itself on subsequent builds after a code change and does not affect the running application.

    If you do not want to wait for subsequent builds to run, you can manually trigger a build. For instructions, see Troubleshooting.

v1.7.0 Known issues: Tanzu Developer Portal

  • If you do not configure any authentication providers, and do not allow guest access, the following message appears when loading Tanzu Developer Portal in a browser:

    No configured authentication providers. Please configure at least one.

    To resolve this issue, see Troubleshooting.

  • When viewing a supply chain with the Supply Chain Choreographer plug-in, scrolling horizontally does not work. Click and drag left or right instead to move the supply chain diagram. A fix is planned for the future. The zoom function was removed because of user feedback.

  • Ad-blocking browser extensions and standalone ad-blocking software can interfere with telemetry collection within the VMware Customer Experience Improvement Program and restrict access to all or parts of Tanzu Developer Portal. For more information, see Troubleshooting.

  • When installing Tanzu Developer Portal for the first time, there might be a transient failure during reconciliation. No action is needed because the reconciliation succeeds during the automatic retry. The issue is related to the order of creation for Kubernetes resources. A fix is planned for a later release.

  • Back-end Kubernetes plug-in reporting failure in multicluster environments. In a multicluster environment when one request to a Kubernetes cluster fails, backstage-kubernetes-backend reports a failure to the front end. This is a known issue with upstream Backstage and it applies to all released versions of Tanzu Application Platform GUI. For more information, see this Backstage code in GitHub. This behavior arises from the API at the Backstage level. There are currently no known workarounds. There are plans for upstream commits to Backstage to resolve this issue.

  • ScmAuth is a Backstage concept that abstracts Source Code Management (SCM) authentication into a package. An oversight in a recent code-base migration led to the accidental exclusion of custom ScmAuth functions. This exclusion affected some client operations, such as using Application Accelerators to create Git repositories on behalf of users.

  • The back-end Kubernetes plug-in reports failure in multicluster environments. In a multicluster environment when one request to a Kubernetes cluster fails, backstage-kubernetes-backend reports a failure to the front end. This is a known issue with upstream Backstage and it applies to all released versions of Tanzu Developer Portal. For more information, see this Backstage code in GitHub. This behavior arises from the API at the Backstage level. There are currently no known workarounds. There are plans for upstream commits to Backstage to resolve this issue.

v1.7.0 Known issues: Tanzu Developer Tools for IntelliJ

  • The error com.vdurmont.semver4j.SemverException: Invalid version (no major version) is shown in the error logs when attempting to perform a workload action before installing the Tanzu CLI apps plug-in.

  • If you restart your computer while running Live Update without terminating the Tilt process beforehand, there is a lock that incorrectly shows that Live Update is still running and prevents it from starting again. For the fix, see Troubleshooting.

  • Workload actions and Live Update do not work when in a project with spaces in its name, such as my app, or in its path, such as C:\Users\My User\my-app. For more information, see Troubleshooting.

  • An EDT Thread Exception error is logged or reported as a notification with a message similar to "com.intellij.diagnostic.PluginException: 2007 ms to call on EDT TanzuApplyAction#update@ProjectViewPopup". For more information, see Troubleshooting.

v1.7.0 Known issues: Tanzu Developer Tools for Visual Studio

  • Clicking the red square Stop button in the Visual Studio top toolbar can cause a workload to fail. For more information, see Troubleshooting.

v1.7.0 Component versions

The following table lists the supported component versions for this Tanzu Application Platform release.

Component Name Version
API Auto Registration 0.4.0
API portal 1.4.4
Application Accelerator 1.7.3
Application Configuration Service 2.2.0
Application Live View APIServer 1.7.2
Application Live View back end 1.7.2
Application Live View connector 1.7.2
Application Live View conventions 1.7.2
Application Single Sign-On 5.0.0
Artifact Metadata Repository Observer 0.2.1
AWS Services 0.1.0
Bitnami Services 0.3.1
Carbon Black Scanner for SCST - Scan (beta) 1.2.2
Cartographer Conventions 0.8.5
cert-manager 2.4.1 (contains cert-manager v1.12)
Cloud Native Runtimes 2.4.1
Contour 1.25.2
Crossplane 0.3.0
Default Roles 1.1.0
Developer Conventions 0.14.0
External Secrets Operator 0.9.4+tanzu.1
Flux CD Source Controller 0.36.1+tanzu.2
Grype Scanner for SCST - Scan 1.7.0
Local Source Proxy 0.2.1
Namespace Provisioner 0.5.0
Out of the Box Delivery - Basic 0.14.7
Out of the Box Supply Chain - Basic 0.14.7
Out of the Box Supply Chain - Testing 0.14.7
Out of the Box Supply Chain - Testing and Scanning 0.14.7
Out of the Box Templates 0.14.7
Service Bindings 0.10.2
Service Registry 1.2.0
Services Toolkit 0.12.0
Snyk Scanner for SCST - Scan (beta) 1.1.0
Source Controller 0.8.3
Spring Boot conventions 1.7.2
Spring Cloud Gateway 2.1.4
Supply Chain Choreographer 0.8.5
Supply Chain Security Tools - Policy Controller 1.6.3
Supply Chain Security Tools - Scan 1.7.1
Supply Chain Security Tools - Scan 2.0 (beta) 0.2.1
Supply Chain Security Tools - Store 1.7.1
Tanzu Developer Portal 1.7.7
Tanzu Developer Portal Configurator 1.0.3
Tanzu Application Platform Telemetry 0.7.0-build.3
Tanzu Build Service 1.12.2
Tanzu CLI 1.1.0
Tekton Pipelines 0.50.1+tanzu.3
check-circle-line exclamation-circle-line close-line
Scroll to top icon