Skip to main content

Introducing KubriX 4.0 - Scalable, Flexible and Team-Centric Platform Engineering

· 3 min read
Philipp Achmueller
Philipp Achmueller
kubriX Dev, platform enthusiast

We’re thrilled to announce the release of KubriX 4.0 — our most flexible and team‑centric version yet!

This upgrade delivers major component refreshes, native vcluster integration, and fine‑grained controls that give platform and application teams more autonomy without sacrificing security.

What’s New in KubriX 4.0?

Next-Gen Core Components

KubriX 4.0 brings the heart of the platform to the latest majors:

  • Argo CD 3.0 brings the new UI, faster diff engine, and improved sharding - we implement tighter RBAC too
  • Grafana 12 a major visual refresh plus query caching for lightning-fast dashboards.
  • Kyverno 1.14 policy exceptions & generate-controls for air-tight supply-chain guardrails..
  • Backstage 1.38.1 faster catalog sync, tighter permissions and dynamic scaffolder secrets into vault

Keeping these giants current means less manual patching and an instant security win.

vCluster Integration & Team Self-Service (Prime)

Need ephemeral clusters for tests, proofs-of-concept, or customer demos? With the new vcluster template you can spin up fully-isolated, cost-efficient virtual clusters inside any host in minutes—complete with KubriX guardrails out-of-the-box. Team Members get admin rights inside shared vcluster while platform engineers keep global policy control.

Smarter Hub & Spoke Onboarding (Prime)

Large organisations rarely have a single prod cluster. The new destinationClusters list inside the onboarding workflow lets you declare which team may deploy to which physical or virtual cluster. No more mis-deployments or ticket ping-pong governance and autonomy in a single YAML stanza.

Quality-of-Life Enhancements

  • ignoreDifferences everywhere – fewer false “Out-of-Sync”s after Argo CD 3.0.
  • Auto-bootstrap of KubriX core into fresh customer repos.
  • Namespace label/annotation presets in the onboarding template for better policy targeting.

Granular Permissions Separation

Building on last versions RBAC overhaul, kubriX v4.0 provides sub-team-level scopes across Argo CD, Vault, Backstage, Kargo and Grafana. You can now:

  • Restrict dashboard editing while still allowing query exploration.
  • Delegate environment-specific Argo CD sync privileges to release engineers.
  • Separate catalog write access from Backstage entity ownership.

Breaking changes you must review

  • Argo CD 2.14 → 3.0: check for removed RBAC verbs and new diff options.
  • Grafana 11 → 12: legacy dashboard JSON v1 IDs are no longer accepted.
  • External-Secrets v0.16+: v1alpha1 resources are now unsupported—migrate or prune, see github.com. (For next Release there will be another change requirement for external-secrets, we will inform with next release accordingly).

Upgrade guides for each component are linked in the release notes — read them before hitting helm upgrade.

Why This Release Matters

  • Stay Ahead of Upstream – Ship on the latest Argo CD, Grafana, Kyverno, Kubevirt & Backstage without spending weeks on migration/testing.
  • Accelerate Team Autonomy – vcluster and destinationClusters unlock safe self‑service while keeping guard‑rails intact.
  • Security by Default – Updated dependencies, tighter policies, and CVE tracking reduce risk across the board.
  • Future‑Proof – 4.0 lays the groundwork for upcoming multi‑cluster rollout orchestration and delivery enhancements

Get Started with KubriX 4.0

  • Already a KubriX Prime customer? You’re getting KubriX 4.0 automatically via your Git update channel — no action needed.

  • New to KubriX? Schedule a demo to see how we can accelerate your platform engineering journey.

  • Like what we’re building? ⭐ us on GitHub!

KubriX 4.0 — Your internal developer platform for faster, smarter, and more secure application delivery.