v4.3.1

What's Changed

Features

• feat: Redesign the pipeline overview by @MoritzWeber0 in #1793

Bug fixes

• fix: Remove small pixel differences in diagram cache dialog by @MoritzWeber0 in #1802

Internal changes

• ci: Use reg-actions for visual regression testing by @MoritzWeber0 in #1803
• ci: Only consider staged files for license check by @MoritzWeber0 in #1811

Full Changelog: v4.3.0...v4.3.1

v4.3.0

What's Changed

This release contains a long-awaited feature to rename and delete TeamForCapella instances. There are also many smaller UI tweaks such as a more modern icon set and a redesign of the TeamForCapella instance configuration.

Full changelog

Features

• feat: Allow renaming of T4C instances in the frontend by @MoritzWeber0 in #1777
• feat: Redesign T4C Instance administrator view by @MoritzWeber0 in #1779
• feat: Delete TeamForCapella server instances by @MoritzWeber0 in #1778
• feat: Animate load-in of notices by @zusorio in #1796

Bug fixes

• fix: Broken loading animation of model sources by @MoritzWeber0 in #1776
• fix: Remove WWW-Authenticate header from responses by @MoritzWeber0 in #1790
• fix: Disable "Connect to session" button when missing session info by @zusorio in #1799
• fix: Hide welcome banner on small screens by @zusorio in #1797

Internal changes

• ci: Skip Storybook build on draft PRs by @MoritzWeber0 in #1775
• build: Expose development environment on localhost only by @MoritzWeber0 in #1781
• build: Bump fastapi and fastapi-pagination by @MoritzWeber0 in #1782
• build(dev): Run frontend on localhost instead of 127.0.0.1 by @MoritzWeber0 in #1787
• chore: Update font stack by @zusorio in #1798

Full Changelog: v4.2.1...v4.3.0

v4.2.1

What's Changed

Features

• feat: Name project roles consistently by @MoritzWeber0 in #1755

Documentation

• docs: Add troubleshooting for slow Capella and unresponsive Xpra by @MoritzWeber0 in #1750

Bug fixes

• fix: Redirect to login page when authentication validation fails by @MoritzWeber0 in #1757
• docs: Fix wrong link to connected users docs by @MoritzWeber0 in #1763
• fix: Destroy session history subscription by @dominik003 in #1764
• fix: Use T4C repository in multiple projects / models by @MoritzWeber0 in #1772

Internal changes

• ci: Temporarily set fastapi to <0.112.4 due to incompatibility by @MoritzWeber0 in #1758
• build: Update OpenAPI Generator by @MoritzWeber0 in #1759
• ci: Activate Chromatic TurboSnap by @MoritzWeber0 in #1760
• build(deps): bump capella-dockerimages from 402ec5e to 10e3a4d by @dependabot in #1756
• chore: Migrate more code to @if by @zusorio in #1754
• build(deps): bump capella-dockerimages from 10e3a4d to af1eb24 by @dependabot in #1762
• build: Bump frontend versions by @MoritzWeber0 in #1773

Full Changelog: v4.2.0...v4.2.1

v4.2.0

What's Changed

This release allows communication between sessions of the same user. This can be used to automate tasks between sessions, such as talking to a Capella session from Jupyter.

Full changelog

Features

• feat: Allow communication between sessions of same user by @MoritzWeber0 in #1708
• feat: Allow customizing Nav URLs by @zusorio in #1696
• feat: Add icons to session indicator for a11y by @zusorio in #1712

Bug fixes

• fix: Hide "Unauthenticated" error in the frontend by @MoritzWeber0 in #1707
• fix: Update styling and deprecated highlight.js-method by @MoritzWeber0 in #1733
• fix: Update proxy buffering options on Ingress by @MoritzWeber0 in #1745

Documentation

• docs: Improve TeamForCapella model migration docs by @MoritzWeber0 in #1711
• docs: Add ArtifactHub badge to README by @MoritzWeber0 in #1706

Internal changes

• build(deps): bump capella-dockerimages from b5b31b4 to 402ec5e by @dependabot in #1713
• ci: Mark package-lock.json as generated by @MoritzWeber0 in #1734
• ci: Add support for ESLint 9 by @MoritzWeber0 in #1725
• ci: Replace existing commitlint PR comments by @MoritzWeber0 in #1747
• ci: Add Storybook visual testing results to PR comment by @MoritzWeber0 in #1746

Full Changelog: v4.1.0...v4.2.0

v4.1.0

What's Changed

Projects in the project overview are now sorted alphabetically and there a new search function. In addition, the login / authorization view was redesigned.

Full changelog

Features

• feat: Attach helm chart to Github releases by @MoritzWeber0 in #1681
• feat: Auto-select recommended version for read-only sessions by @zusorio in #1683
• feat: Make project view searchable and sorted by @zusorio in #1695
• feat: Cancel previous sessions requests by @dominik003 in #1688
• feat: Redesign login component by @MoritzWeber0 in #1702
• feat: Align projects with announcements by @MoritzWeber0 in #1703

Bug fixes

• fix: Unify buttons in authentication components by @MoritzWeber0 in #1704

Internal changes

• build: Bump frontend versions by @MoritzWeber0 in #1682
• ci: Push Helm charts to GH Pages Helm registry by @MoritzWeber0 in #1684
• refactor(docs): Use indentation of 4 instead of 2 by @MoritzWeber0 in #1697
• refactor: Wait for database container to start for database init test by @dominik003 in #1687
• refactor: Remove unused audience configuration field by @dominik003 in #1686
• refactor: Calculate min-height centrally in the app component by @MoritzWeber0 in #1705

New Contributors

• @zusorio made their first contribution in #1683

Full Changelog: v4.0.0...v4.1.0

v4.0.0

What's Changed

In this release, we've improved some logic around authentication. The previous authentication providers oauth and azure have been removed. Instead, we added support for OpenID Connect including it's security features like state, nonce and PKCE. We have also changed the implementation so that cookies are used for authentication of the frontend.

The new changes might be incompatible with your identity provider if it doesn't have support for OpenID Connect. We have that covered and in this case Keycloak can also be used as middleware. A documentation is available here.

Please read the "Breaking Changes" section carefully. You have to update the values.yaml before this update.

Breaking Changes

For Administrators

• Support for non-compliant OIDC identity providers has been removed. If you've used OAuth without OIDC before, you can set up Keycloak as intermediate identity provider. More information here.
• Since we no longer distinguish between different identity implementations, we have removed the providers abstraction in the values.yaml. This means that the providers field that supported azure or oauth as values has been removed and instead of oauth.xy or azure.xy xy is used directly (e.g. instead of oauth.endpoints.wellKnown it's endpoints.wellKnown).
• The OIDC well-known endpoint is now a required configuration value and must be defined in endpoints.wellKnown. As a result of reading all endpoints from the well-known endpoint, the endpoints.token_issuance endpoint has been removed. The endpoints.authorization endpoint can still be used to overwrite the authorization endpoint from the well known configuration. It's needed for the OAuth mock, in most of the cases you can omit it.
• The usernameClaim configuration was removed. Instead, a more fine-grained mapping is available. If you want to have the same behaviour as it was before the update, set idpIdentifier and username to the previous value of usernameClaim.

  claimMapping:
      idpIdentifier: sub # Maps the `sub` attribute in the JWT to the `idpIdentifier` attribute in the CCM. `idpIdentifier` is a new attribute to identify users uniquely. The attribute can be patched via the API for existing users.
      username: preferred_username # The username which is displayed in the UI and can be used to add users to projects.
      email: email # Optional email address.

• Only relevant if you use the image-builder or k8s-deploy Gitlab CI/CD templates for the deployment of the Collaboration Manager: The unencrypted suffix of keys was removed from the SOPS encrypted files. In addition, the general.values.yaml and secret.values.yaml were merged into one encrypted file values.yaml. in both cases it's recommended to use the encrypted_regex configuration of SOPS instead. More information about the new setup here: image-builder / k8s-deploy

For API Users

• The PATCH /api/v1/users/{id}/roles route has been removed. Use the new PATCH /api/v1/users/{id} route and pass the new role as attribute in the payload.
• The POST /api/v1/users endpoints requires a new attribute idp_identifier in the payload.
• The GET /api/v1/sessions/{session_id}/connection returns the cookies as header (Set-Cookie) instead of an attribute in the payload.

Full changelog

Features

• feat!: Replace bearer with cookie-based authentication by @dominik003 in #1587

Documentation

• docs: Rewrite Keycloak documentation by @MoritzWeber0 in #1674

Internal changes

• chore(docs): Remove prettier-ignore where unnecessary by @MoritzWeber0 in #1673
• refactor!: Restructure SOPS files in Gitlab CI/CD templates by @MoritzWeber0 in #1680

Full Changelog: v3.5.0...v4.0.0

v3.5.0

Important

The upcoming database migration will fail if there are multiple users with the same username but different casing! Scan your users list to remove duplicated users before updating.

What's Changed

Features

• feat: Add workspace management for admins by @MoritzWeber0 in #1652

Documentation

• docs: How-to disable grouping and resolution of alerts by @MoritzWeber0 in #1670

Internal changes

• build(deps): bump capella-dockerimages from df2d5b1 to cb9daea by @dependabot in #1667
• build: Bump frontend versions by @MoritzWeber0 in #1671
• build(deps): bump alembic from 1.13.1 to 1.13.2 in /backend by @dependabot in #1639
• ci: Add Gitleaks to pre-commit configuration by @MoritzWeber0 in #1672

Full Changelog: v3.4.0...v3.5.0

v3.4.0

Notable changes

We started using Grafana alerts to notify system administrators of unexpected application and session states. For the beginning, there will be alerts about unhealthy sessions and failed jobs. The change may result in duplicated data sources in your Grafana instance. More information here: #1661

What's Changed

Features

• feat: Add alerts for system administrators in Grafana by @MoritzWeber0 in #1661
• feat: Increase size of Prometheus volume by @MoritzWeber0 in #1638

Bug fixes

• fix: Tolerate Pods without labels in metrics by @MoritzWeber0 in #1660

Development

• refactor: Add stories, use generated frontend client and Angular control flow by @MoritzWeber0 in #1623
• build: Skip initialization of Guacamole if not needed by @MoritzWeber0 in #1636
• build: Derive helm version from Git tags by @MoritzWeber0 in #1635
• refactor: Improve error msg for missing status in T4C lic-server by @MoritzWeber0 in #1655
• build(deps): bump capella-dockerimages from 3f55ddf to df2d5b1 by @dependabot in #1651
• build: Bump frontend versions by @MoritzWeber0 in #1656
• build: Update generated frontend API client by @MoritzWeber0 in #1657
• build(deps): bump actions/add-to-project from 1.0.1 to 1.0.2 by @dependabot in #1637
• build(deps): bump docker/build-push-action from 5 to 6 by @dependabot in #1624

Full Changelog: v3.3.0...v3.4.0

v3.3.0

Notable changes

In this version, it's possible to share sessions with other users for better collaboration. Once enabled for a specific connection method, it's possible to enter usernames to share the session with. For the beginning, sharing is supported for Jupyter and Xpra.

To enable session sharing, follow the those steps as administrator (as user, no additional action is required):

• Enable the sharing flag in the tool configuration for the supported connection methods (Xpra & Jupyter)
• Append &sharing=1 to the redirect URL for the Xpra connection method.

What's Changed

Features

• feat: Share sessions with other users by @MoritzWeber0 in #1584
• feat(routing): Add redundancy and 401 error handling to session routing by @MoritzWeber0 in #1612
• perf: Improve CLI speed and display options by @MoritzWeber0 in #1621

Bug fixes

• fix: Reduce Storybook log level and fix warnings by @MoritzWeber0 in #1607
• fix(monitoring): Filter out negative values by @MoritzWeber0 in #1610
• fix: Apply executable flag to askpass.py by @MoritzWeber0 in #1619
• fix: Infinite authentication loop by @MoritzWeber0 in #1622

Documentation

• docs: Update tool examples to latest configuration by @MoritzWeber0 in #1605
• docs: Add new deployment strategy by pulling images from GitHub by @MoritzWeber0 in #1601
• docs(dev): Make setup of development environment clearer by @MoritzWeber0 in #1600

Internal changes

• build: Listen to all hosts when running dev mode by @jamilraichouni in #1608
• build(deps): bump capella-dockerimages from da419ef to 80444c4 by @dependabot in #1595
• chore: Remove unused certificate generation for OAuth mock by @MoritzWeber0 in #1604
• ci: Run Storybook only on frontend changes by @MoritzWeber0 in #1611
• build: Update Guacamole to 1.5.5 by @MoritzWeber0 in #1602
• build(deps): bump capella-dockerimages from 80444c4 to 3f55ddf by @dependabot in #1609
• build: Bump frontend versions by @MoritzWeber0 in #1620
• refactor: Remove special handling of Jupyter idletime by @MoritzWeber0 in #1603

Full Changelog: v3.2.9...v3.3.0

v3.2.9

What's changed

Bug fixes

• Revert "feat: Never restart session containers" by @MoritzWeber0 in 6e6e779

Full Changelog: v3.2.8...v3.2.9