Skip to content

v2.3.0

Compare
Choose a tag to compare
@arm4b arm4b released this 19 Jun 12:35
· 10012 commits to master since this release

https://stackstorm.com/2017/06/19/stackstorm-2-3-something-everyone/

  • Refactor the action execution asynchronous callback functionality into the runner plugin architecture. (improvement)
  • Introduce new CAPABILITIES constant on auth backend classes. With this constant, auth backends can advertise functionality they support (e.g. authenticate a user, retrieve information about a particular user, retrieve a list of groups a particular user is a member of). (new feature)
  • Linux file watch sensor is now disabled by default. To enable it, set enabled: true in /opt/stackstorm/packs/linux/sensors/file_watch_sensor.yaml
  • Add support for automatic RBAC role assignment based on the remote auth backend groups user is a member of (e.g. LDAP groups) and mappings defined in /opt/stackstorm/rbac/mappings directory. Note: This functionality is currently implemented for enterprise LDAP auth backend and only available in enterprise edition. (new feature)
  • Update the code so user can specify arbitrary default TTL for access tokens in st2.conf and all the StackStorm services which rely on access tokens still work. Previously, the lowest TTL user could specify for all the services to still work was 24 hours. This has been fixed and the default TTL specified in the config now only affects user access tokens and services use special service access tokens with no max TTL limit. (bug fix) Reported by Jiang Wei. #3314 #3315
  • Allow user to specify a custom list of attribute names which are masked in the log messages by setting log.mask_secrets_blacklist config option. (improvement)
  • Update /executions/views/filters API endpoint so it excludes null / None from filter values for fields where null is not a valid field value. (improvement) Contributed by Cody A. Ray. #3193
  • Make sure all the role assignments for a particular user are correctly deleted from the database after deleting an assignment file from /opt/stackstorm/rbac/assignments directory and running st2-apply-rbac-definitions tool. (bug fix)
  • Add webhook payload to the Jinja render context when rendering Jinja variable inside rule criteria section.
  • Implement RBAC for traces API endpoints. (improvement)
  • Implement RBAC for API_KEY_CREATE permission type. (improvement)
  • Implement RBAC for timers API endpoints. (improvement)
  • Implement RBAC for webhooks get all and get one API endpoint. (improvement)
  • Implement RBAC for policy types and policies get all and get one API endpoint. (improvement)
  • Require ACTION_VIEW permission type to be able to access entry_point and parameters actions view controller. (improvement)
  • Update /v1/rbac/permission_types and /v1/rbac/permission_types/<resource type> API endpoint to return a dictionary which also includes a description for each available permission type. (improvement)
  • Require EXECUTION_VIEWS_FILTERS_LIST RBAC permission type to be able to access /executions/views/filters API endpoint. (improvement)
  • Add webhook payload to the Jinja render context when rendering Jinja variable inside rule criteria section
  • Switch file_watch_sensor in Linux pack to use trigger type with parameters. Now you can add a rule with file_path and sensor will pick up the file_path from the rule. A sample rule is provided in contrib/examples/rules/sample_rule_file_watch.yaml. (improvement)
  • Cancel actions that are Mistral workflow when the parent workflow is cancelled. (improvement)
  • Update st2rulesengine to exit non-0 on failure (bug fix) #3394 [Andrew Regan]
  • Upgrade various internal Python library dependencies to the latest stable versions (pyyaml, requests, appscheduler, gitpython, paramiko, mongoengine, tooz).
  • Fix a bug where trigger parameters and payloads were being validated regardless of the relevant settings in the configuration (system.validate_trigger_payload, system.validate_trigger_parameters). (bug fix)
  • Fix system=True filter in the /v1/rbac/roles API endpoint so it works correctly. (bug fix)
  • Add new /v1/rbac/role_assignments API endpoint for retrieving user role assignment information. (new feature)
  • Add CLI commands for listing RBAC roles:
    • st2 role list [--system]
    • st2 role get <role id or name>
  • Add CLI commands for listing RBAC user role assignments:
    • st2 role-assignment list [--role=<role name>] [--user=<username>]
    • st2 role-assignment get <role assignment id>
  • Update /v1/rbac/roles API endpoint so it includes corresponding permission grant objects. Previously it only included permission grant ids. (improvement)
  • Fix a bug where keyvalue objects weren't properly cast to numeric types. (bug fix)
  • When action worker is being shutdown and action executions are being abandoned, invoke post run on the action executions to ensure operations such as callback is performed. (bug fix)
  • Fix action chain runner workflows so variables (vars) and parameter values support non-ascii (unicode) characters. (bug fix)
  • When RBAC is enabled and action is scheduled (ran) through the API, include rbac dictionary with user and roles action_context attribute. (improvement)
  • Fix a bug in query base module when outstanding queries to mistral or other workflow engines could cause a tight loop without cooperative yield leading to 100% CPU usage by st2resultstracker process. (bug-fix)
  • Make the query interval to third party workflow systems (including mistral) a configurable value. You can now set query_interval in [results_tracker] section in /etc/st2/st2.conf. With this, the default query interval is set to 20s as opposed to 0.1s which was rather aggressive and could cause CPU churn when there is a large number of outstanding workflows. (improvement)
  • Ignore unicode related encoding errors which could occur in some circumstances when packs.setup_virtualenv fails due to a missing dependency or similar. (improvement, bug fix) #3337 [Sean Reifschneider]
  • Update st2-apply-rbac-definitions so it also removes assignments for users which don't exist in the database. (improvement, bug fix)
  • Add the following new actions to chatops pack:
    • chatops.match
    • chatops.match_and_execute
    • chatops.run
      #3425 [Anthony Shaw]
  • Add new examples.forloop_chain action-chain workflow to the examples pack which demonstrates how to iterate over multiple pages inside a workflow. #3328 [Carles Figuerola]
  • Fix a bug where action runner throws KeyError on abandoning action executions during process shutdown. (bug fix)
  • Fix URL parsing bug where percent encoded URLs aren't decoded properly (bug fix)
  • Add new core.uuid action for generating type 1 and type 4 UUIDs. [John Anderson] #3414
  • Drop support for invalid semver versions strings (e.g. 2.0) in pack.yaml pack metadata. Only full semver version strings are supported, e.g. 2.1.1. This was originally deprecated in v2.1.0.
  • Let st2 pack install register all available content in pack by default to be consistent with st2 pack register. (improvement) #3452
  • The API endpoint for searching or showing packs has been updated to return an empty list instead of None when the pack was not found in the index. (bug fix)
  • The dest_server parameter has been removed from the linux.scp action. Going forward simply specify the server as part of the source and / or destination arguments. (improvement) #3335 #3463 [Nick Maludy]
  • Add missing database indexes which should speed up various queries on production deployments with large datasets. (improvement)
  • Use a default value for a config item from config schema even if that config item is not required (required: false). (improvement) Reported by Nick Maludy #3468 #3469
  • Removing empty config.yaml for packs pack so warning isn't thrown by default now that deprecation warning is in place. (improvement)