ForgeOps

ForgeOps 2025.1.0 release notes

Get an email when there’s an update to ForgeOps 2025.1.0 documentation. Go to the Notifications page in your Backstage profile and select ForgeOps 2025.1 Changes in the Documentation Digests section.

Or subscribe to the ForgeOps 2025.1 RSS feed.

Learn about how to configure GitHub notifications here so you can get notified on ForgeOps releases.

Important information for this ForgeOps release:

Validated Kubernetes, NGINX Ingress Controller, HAProxy Ingress, cert-manager, and operator versions for deploying Ping Identity Platform 2025.1.0

Link

Limitations when deploying Ping Identity Platform 2025.1.0 on Kubernetes

Link

More information about the rapidly evolving nature of the forgeops repository, including technology previews, legacy features, and feature deprecation and removal

Link

Legal notices

Link

Archive of release notes prior to October 13, 2023

Link

2025

January 13, 2025

Release notes for ForgeOps release 2025.1.0

New features and updated functionality
The ForgeOps releases are based on the main branch

The master branch of forgeops repository is no longer used. The ForgeOps artifacts are released from the main branch. The latest Docker images are tagged as dev images. You can view the available Docker images using the forgeops image command.

New forgeops command

  • The forgeops-ng command has been renamed forgeops. The new forgeops command subsumes all the functionality provided by the previous version of forgeops command. The previous version of forgeops command has been removed.

  • The process of deploying and managing ForgeOps deployments has been improved with the use of provisioning environments with the forgeops env command for both Kustomize and Helm user environments. Learn more about forgeops env command in the command reference.

  • Provided an option to select the Docker image as appropriate for a user deployment with the forgeops image command.

  • You can view configured environments and product versions using the forgeops info command.

Learn more in forgeops command reference

ForgeOps-provided Docker images are now supported

Ping Identity now supports ForgeOps-provided Docker images. Accordingly, the documentation is revised, and the "unsupported" admonition is removed.

New supported product versions

Platform UI

7.5.1

PingAM

7.4.1, 7.5.1

PingDS

7.4.3, 7.5.1

PingGateway

2024.6.0, 2024.9.0, 2024.11.0

PingIDM

7.5.0
Removed legacy DS docker directories

Removed the legacy docker/ds/idrepo and docker/ds/cts directories. The content that was in docker/ds/ds-new is now moved to docker/ds.

Removed the requirement to build ldif-importer

The ldif-importer component uses the DS Docker image, so a separate Docker is not required to be built. The required ldif-importer scripts are mounted to the ldif-importer pod using a configmap.

Documentation updates
New forgeops command reference

The new forgeops command is documented here.

Description of the release process

Learn more about the ForgeOps release process here

New section on customizing DS image

A new section on customizing DS image is now available. Learn more about customizing DS image here.

Moved Base Docker Image page to the Reference section

Considering the ForgeOps-provided docker images are supported, the need to build base docker images arises only in special cases. Accordingly, the Base Docker Images section is moved to the Reference section.

2024

December 05, 2024

Documentation updates

Added description of the release process

Learn more about the ForgeOps release process here

Moved forgeops command description and reference to the Reference section

As the new forgeops command is supported, the corresponding documentation pages have been moved into the Reference section. Learn more about the forgeops command here.

The previous version of the forgeops utility is not supported in this ForgeOps release. It continues to be supported in ForgeOps 7.5 and 7.4, as long as the corresponding Ping Identity Platform components are supported.
Moved Base Docker Image page to the Reference section

Considering the ForgeOps-provided docker images are supported, the need for building base docker images is only required in special cases. Accordingly, the Base Docker Images section has been moved to the Reference section.

November 20, 2024

Documentation updates

Removed the legacy forgeops and renamed forgeops_ng to forgeops

The ForgeOps team has replaced the legacy forgeops command with the new forgeops command.

ForgeOps-provided Docker images are now supported

Ping Identity now supports ForgeOps-provided Docker images. Accordingly, the documentation is revised, and the "unsupported" admonition is removed.

November 6, 2024

Documentation updates

Procedure to build ldif-importer Docker image

We’ve added steps to build ldif-importer Docker image. Learn more about building ldif-importer Docker image here.

October 30, 2024

Documentation updates

Use of forgeops for performing ForgeOps deployment

The procedures for performing ForgeOps deployment in the Deployment scenarios section have been revised to use forgeops instead of forgeops.

October 22, 2024

Changes

Use of forgeops image to set the image tag in ForgeOps deployment

Refer to the ForgeOps deployment for more information.

October 14, 2024

Documentation updates

Added command reference for forgeops

Refer to the forgeops command reference for more information.

July 12, 2024

Documentation updates

Added Bash version 4 or above to the required third-party software

Bash version 4 or above is required to run mapfile used by the snapshot-restore.sh and stdlib.sh scripts. snapshot-restore.sh is used when restoring DS from snapshot backup. stdlib.sh contains general functions that are used by other Bash scripts.

July 8, 2024

Changes

Updated the Secret Agent operator to version 1.2.3

The Secret Agent operator is updated to version 1.2.3. This version of the operator:

  • Addresses some critical and high vulnerabilities

  • Adds the ability to specify UID for certificate DistinguishedNames

  • Updates openjdk version to remove vulnerabilities

Refer to the secret-agent v1.2.3 release notes for full details.

May 13, 2024

Changes

Updated the DS operator to version 0.3.0

The DS operator is updated to version 0.3.0 with security updates. Refer to the DS operator README file for full details.

Highlights

Updates to the forgeops repository

Updates for Ping Identity Platform version latest are available in the 2025.1.0 branch of the forgeops repository.

Terminology change: removal of the terms CDK and CDM

The ForgeOps documentation has been revised to no longer use the terms CDK and CDM. Deployments based on forgeops repository artifacts are now referred to simply as ForgeOps deployments.

When they were initially developed, there were significant difference between the CDK and CDM deployments. This is no longer the case. Because of this, the documentation now uses a single name for all deployments.

Developers who configure AM and IDM are still required to use ForgeOps deployments that have single instances of AM and IDM. This type of ForgeOps deployment is now referred to in documentation as a single-instance ForgeOps deployment. For more information, refer to Cluster and deployment sizes on the ForgeOps architecture page.

Perform ForgeOps deployments using Helm

In version latest, you can perform ForgeOps deployments using Helm.

Helm deployments are available as an alternative to using the forgeops install command, which uses Kustomize bases and overlays. Performing ForgeOps deployments with the forgeops install command continues to be supported.

For more information and example commands, refer to the following pages:

If you perform ForgeOps deployments with Helm, you’ll still need to use the forgeops command for several use cases:

  • forgeops build to build custom Docker images

  • forgeops info to write administrative passwords and URLs for accessing Ping Identity Platform admin UIs to standard output

Helm deployment doesn’t support Kustomize manifest generation using the forgeops generate command. Continue deploying the platform with the forgeops command if you use Kustomize manifest generation.

Existing Kustomize-based deployments can’t be changed to be Helm-based. If you want to use Helm, create a new deployment separate from any existing Kustomize-based deployments.

forgeops-minikube command replaces cdk-minikube

The forgeops-minikube command is used for setting up a Minikube cluster locally instead of cdk-minikube. The forgeops-minikube command requires the PyYaml Python 3 package.

Changes

Updated ds-operator to version 0.2.9

The DS Operator is updated to version v0.2.9 with security updates and patches, and to fix a bug that prevented kubectl rollout restart from working properly. Refer to the DS operator release notes for full details.

This is the new minimum ds-operator version supported by the forgeops command.

Support for annotations and labels in the directoryservice custom resource

The directoryservice custom resource now supports annotations and labels.

Documentation updates

New layout of documentation

The layout of the ForgeOps documentation has been revised to make it easier to navigate through the documentation and search for topics of interest.

Updated the steps to build custom IDM base image

The procedure to build custom IDM base image has been revised. Refer to the steps to build IDM base image for more information.

New backup and restore procedures using volume snapshots

A new Backup and restore using volume snapshots section has been added which describes how to use Kubernetes volume snapshots to back up and restore DS data.

Docker images for Helm installs

Instructions about how to specify Docker images for Helm installs have been added.

New task to initialize deployment environments

A new task to initialize deployment environments has been added to the instructions for developing custom Docker images.

Before you can use a new deployment environment, you must initialize a directory that supports the environment.

Clarification about support for environments that deviate from the published ForgeOps architecture

The Support for ForgeOps page has been updated to state that environments that deviate from the published ForgeOps architecture are not supported. For details, refer to Support limitations.