Version 0.3.0
These are the release notes for the v0.3.0 release of witboost.
Please refer to the official documentation for a more in-depth overview of the released features.
Features
Policies permissions
Since policies should be available to all users, but created and edited only by specific groups of users, we added a new permission to handle governance policies.
All users that do not have those permissions will see the policies in a read-only fashion.
To enable editing, simply add the permissions builder.policy.global.edit
and builder.policy.template.edit
to the platform roles that can create and edit governance policies.
Deploy permissions by environment
Now there are different permissions for the deploy
operation for each environment.
The permission builder.dp.deploy
no longer exist, it was then deleted from the permissions
table and from roles_permissions
table.
To replace the permission that was removed, we introduced some new permissions in the format builder.dp.deploy.<envName>
. Please note that the <envName>
will always be lowercase.
It is necessary to associate the various deploy permissions to your existing roles (in the table roles_permissions
).
Priority for environments
Since the Marketplace Supervision page was often displaying wrong values, we decided to add a new column for environments in the marketplace: priority. This field will be used to sort environments based on their importance (a lower priority means a higher importance). In this way, all customers can identify their core environment (usually the production one) by assigning a priority 0 to it. All the other values of priorities will be just used to sort environments in the UI when they are displayed.
RBAC array configurations
In the RBAC plugin configurations for automatic permissions generation, you can define which fields should be used to extract the target users and groups for the permissions.
The fields referenced in the catalog-info.yaml
file can now be strings or arrays of strings, so you can define a list of users/groups to assign to the permissions generated automatically.
Trace ID for requests
It is now possible to look for log lines related to the same operations using a unique trace ID. The behavior of the tracing feature can be configured in case you want to add tracing information also to external APIs invoked by witboost.
Alignment of domain IDs in the RBAC tables
The URN for the entities of type domain has been standardized to urn:witboost:dmn:<name>
in the RBAC tables.
There can be breaking changes, since the table roles_subjects
in column entity_ref
may contain incorrect values, in this case simply align them to the URN convention above.
Names of imported users and groups normalized
Standardized the normalization of the names of the users and group read from the LDAP and Active Directory services. If you want to maintain the default behavior that was implemented before, you can skip the next lines regarding custom configuration.
It is now possible to customize the normalization function by inserting some properties in the configuration which modify its behavior:
catalog:
processors:
entityNameNormalization:
regex: "<regex>"
replaceWith: "<replace_with>"
....
This allows you to indicate through a regex which characters to replace, and which characters replace them.
Provisioning Coordinator refactoring
The Provisioning Coordinator went under a complete refactoring to make error handling and maintenance smoother. Now the core classes handle errors in the correct way using monads, granting a better experience for people working in the support areas. These changes will also allow for faster change requests implementation.
Issues Fixed
- Now the dashboard correctly displays the data taken from the underlying environments, using the new priority values.
- Fixed breadcrumb not working properly by showing the parent Dataproduct inside the component page breadcrumb.
- Added an RBAC permission for authoring policies.
- Fixed a typo in the resources setup documentation.
- RBAC plugin configuration can now deal with arrays of strings while keeping the possibility of using strings only.
- Users can now refresh entities from the
Register existing component
procedure correctly, even when RBAC is enabled. - Added some documentation regarding the usage of Microsoft AD to better explain corner cases.
- The urn for the entity of type domain has been standardized:
urn:witboost:dmn:<name>
. - Updated docs to make evident that entities of kind Resource must be explicitly made visible to users when setting up RBAC, unless users are already allowed to read entities within the same domain.
- Standardized the normalization of the names of the entities for the internal modules. Now it is also possible to customize the normalization function by inserting some properties in the configuration which modify its behavior.
- Improved the RBAC rule generation mechanism and added docs for setting up resources visibility.
- Fixed a bug causing resources entities to not be visible from users.
- Fixed typo for the word
My Data Product
in the breadcrumb navigation. - Fixed some errors that made the theme disappear after refreshing the current UI page.
- Fixed a PayloadTooLargeError error during data product validation. Now there is a possibility to configure payload size limit for the Builder router, and the default payload size limit in Builder router was increased so that it can accept payloads up to 10MB.
- Improved visibility for Data Product components that were not visible.
- Improved the way witboost backend communicates with the Provisioning Coordinator. This solves an error that appeared in case a deployment failed for validation errors: since the error was not handled, the deploy operation failed with an error in another point of the code that couldn't find the right data. Now errors raised during the calls to the Coordinator should be handled correctly.
- Added an error message when the specific provisioner has failed.
- Fixed a marketplace response unmarshalling problem due to complex YAML definitions.
- Improved deployment that in case of some validation errors now returns the correct error message.
- Removed useless dependsOn nested field in the getProvisioningPlan response
- Added policy validation results even when they passes with success.
- Solved an unhandled error in validation service
- FIxed an error in the Marketplace Plugin that failed to upsert when the string fields contained special characters.