1. Foreman 3.13 Release Notes

1.1. Headline Features

There are no highlights with Foreman 3.13.

1.2. Upgrade Warnings

1.2.1. Running Foreman on Enterprise Linux 8 is not supported anymore

Running Foreman on Enterprise Linux 8 has been deprecated since 3.11 and removed in this release. Users can upgrade to Enterprise Linux 9 on version 3.12 and then upgrade to 3.13.

Note this is for running Foreman itself. Clients will remain supported.

For more details and discussion, see https://community.theforeman.org/t/drop-support-for-running-on-el8-with-foreman-3-13/38083.

1.3. Deprecations

There are no deprecations with Foreman 3.13.

2. Katello 4.15 Release Notes

2.1. Headline Features

2.1.1. Granular Smart Proxy Content Counts

You can now update smart proxy content counts per lifecycle environment and per content view. Smart proxy auto-syncs will now update only the lifecycle environment rather than all counts. A substantial performance improvement is expected.

2.1.2. Multiple content view environments for hosts and activation keys

Hosts and (new in 4.15) activation keys can now be associated with multiple content view environments. To use this feature, turn on the allow_multiple_content_views Setting. Multi-environment hosts and activation keys are displayed in the web UI, but currently can only be changed via Hammer. Use the new --content-view-environments or --content-view-environment-ids options in hammer activation-key create and hammer activation-key update. To display multi-environment hosts in the new All Hosts list page, click Manage columns and add the Content view environments column. The existing content view and lifecycle environment columns will still work, but will only display the host’s first content view environment. You can also set content view environments from a registered host with subscription-manager environments --set. You can now view a list of available content view environments with a new Hammer command, hammer content-view-environment list. Multi-environment information is now displayed in hammer host info and hammer activation-key info. As part of this change, content view and lifecycle environment must be provided together when creating or updating activation keys. You can no longer assign only a content view or only a lifecycle environment.

2.1.3. Pulpcore upgraded to 3.63

Pulpcore has been upgraded to 3.63, which brings bug fixes and new features that Katello can integrate with. As an example, the new Pulp Container now has container image compressed size and operating system information available for Katello to show. Expect integration with this new data sometime in the near future.

2.1.4. New depth option for OSTree repositories

When creating OSTree repositories, users can now determine how much of the OSTree commit history gets synced and published. Select the number of commits by entering a number in the new depth field.

2.2. Upgrade Warnings

Container content users will want to run foreman-maintain advanced procedure run pulpcore-container-handle-image-metadata to pre-migrate data to avoid a lengthy migration in the future. There will be multiple releases to allow this before it is mandatory. This has been requested before, and it’s back because new container manifest data is being made available in Pulp.

2.3. Deprecations

There are no deprecations with Katello 4.15.

3. Foreman 3.13.0

A full list of changes is available on Redmine

3.1. Foreman

  • Make SeedHelper.test_template_requirements public - #37963

  • Typo in app/models/provisioning_template.rb - #37949

  • Enable remote desktop on Windows Hosts - #37927

  • Rubocop layout rules fix - #37926

  • Make sure sudo is installed for non-root users to use REX - #37919

  • don't use plain "proxy" when talking about HTTP proxies on the settings page - #37843

  • Bulk Packages wizard - Host search bleeds into package/errata search - #37768

  • User search filter for auth_source_type returns error code 500 - #37767

  • Incorrect Network at displayed host/edit page in the interface tab when importing host from compute resources - #37731

  • Web UI: Error message not copyable - #37718

  • Move telemetry allowed_labels to settings - #37647

  • Fix Style/SoleNestedConditional cop - #37431

  • Fix some Style/ cop - #37427

  • Fix Layout/ArgumentAlignment cop - #37425

  • setup Zeitwerk inflector - #33895

3.1.1. API

  • Parameters API doesn't expose hidden_value attribute when creating parameters - #37878

  • Host Creation via GraphQL only as Admin - #37765

3.1.2. Authentication

  • NetIQ eDirectory for authentication - #37085

  • User mail address should either be always optional or always required - #10946

3.1.3. Host creation

  • Don't apply the compute profile when updating host - #37800

  • Host create form - UI improvements - #37519

3.1.4. Host registration

  • Provide option to use wget for the new Register Host feature - #36688

3.1.5. JavaScript stack

  • Give Toasts keys for ToastsList - #37915

  • not all webpack assets are properly invalidated on change - #37775

  • rename AuthSource Welcome variables to fix translation - #37691

3.1.6. Rails

  • Enable Zeitwerk autoload mode for Rails 6+ - #29991

3.1.7. Templates

  • Fix CVE-2024-8553 - #37978

  • Update remote_execution_pull_setup to generate a yggdrasil-version-agnostic yggdrasil configuration file - #37877

  • Installing packages on SLES fails if they involve a repo whose GPG key is not yet present on the target system - #37870

  • remote_execution_ssh_keys template does not set proper sudoers file permissions - #37867

  • Typo in "Unknown '%{klass}' resource class" error message - #37841

  • subscription_manager_setup.erb doesn't point to correct host - #37769

  • Use http proxy in provisioning templates if host parameter has been set - #37730

3.1.8. Tests

  • intermittent host_js integeration test failure: test_0002_correctly override global params " Expected false to be truthy." - #37774

3.1.9. Unattended installations

  • Windows default user template sets incorrect Puppet server - #37912

  • Ansible password is not extracted correctly in the Windows default provisioning template - #37903

  • Missing enable-puppet8 parameter to enable AIO style packaging - #37891

3.1.10. Web Interface

  • Add possibility to display action when table is empty - #37836

  • Add possibility to display message when table is empty - #37805

  • Pagination doesn't re-render a table when switching pages - #37770

  • inherit overrides deploy on in hostgroup - #37714

  • open Documentation in new tab in generic table - #37592

  • remove hand cursor from generic table - #37591

3.2. Installer

  • Checks don’t disable the default CA path which means openssl will use the default system CA path by default - #37828

  • PostgreSQL 13 upgrade aborts when user locale doesn't match cluster locale - #37797

3.2.1. Foreman modules

  • Installer fails with OpenJDK 17 on missing keyalg parameter to keytool - #38010

  • Not possible to use ProxyJump or ProxyCommand for Ansible. - #37803

  • Cockpit integration fails with AH: Unsafe URL with %3f URL rewritten without UnsafeAllow3F in foreman-ssl_error_ssl.log - #37761

3.2.2. foreman-installer script

  • Java detection doesn't handle Java 11 and newer and always stops the service - #38012

  • reset data hook passes PGPASSWORD as part of the shell command - #37940

  • Disconnected upgrade fails to switch postgresql dnf module - #37874

3.3. SELinux

  • websockify doesn't work with SELinux enabled - #37791

4. Katello 4.15.0

A full list of changes is available on Redmine

4.1. Katello

  • Empty Error Pop Up related to structured APT on the RepositorySets page - #38011

  • "Manage Manifest" modal links to access.redhat.com - #37889

  • Update global registration form for multi-env AK display - #37881

  • Full Capsule Sync always trigger pulp optimised sync - #37879

  • Unable to add subscription to the empty manifest - #37876

  • Allow smart proxy content counting for an environment/content view - #37871

  • Use memory fact instead of dmi - #37866

  • Container push sometimes makes duplicate repos due to race condition - #37785

  • Handle empty CVE in InfoProvider content_view_info - #37779

  • Use :default_location_subscribed_hosts in registration - #37703

  • Pagination within Packages wizard is wonky - #37587

  • Support Zeitwerk loader - #37471

4.1.1. API

  • apidoc doesn't allow to unset CV/LCE of an activationkey - #38008

  • Add content view environment labels to host rabl - #37957

4.1.2. Activation Key

  • Activation key doesn't get LCE/CV assigned to it on creation - #37941

  • Multi-CV activation keys get their content view environments overwritten on any edit - #37798

  • As a user, I want to be able to set multiple Content Views via a single Activation key - #37795

  • Single activation key is not filled in on Register page - #37572

4.1.3. Content Credentials

  • Unable to load gpg key using downloaded key file - #37804

4.1.4. Content Views

  • Content view version errata page shows incorrect date for "updated at" value - #37911

  • Content View publish from different pages gives inconsistent warning message - #37886

  • Add a content view environments controller - #37884

  • Update web UI for multi-CV activation key display - #37861

  • Pagination component navigation within content view details pages does not function properly - #37760

  • Make distributing archived content view repositories off by default - #37006

4.1.5. Errata Management

  • Bold "Skip dependency solving for a significant speed increase" on incremental update page - #37839

4.1.6. Foreman Proxy Content

  • Granular content counting on the UI - #37945

  • If a smart proxy sync task fails in plan, for_resource helper does not work - #37820

4.1.7. Host Collections

  • Issues when using Host Collection membership Management, the number of content hosts is not accurate - #37934

4.1.8. Hosts

  • Katello tries to update the deleted Candlepin consumer during force register after deleting certificates - #37966

  • As a user, I can see image-mode hosts' current and future image, manifest, tag via API - #37888

  • getting hosts list performs redundantly huge query over duplicated host IDs - #37842

  • Package profile is not updated when overriding reposet to enabled - #37831

  • Registration without environments or environment_id param causes NoMethodError - #37829

  • Large table titles show in All Hosts wizards - #37788

  • Hammer host update false positive when assigning multiple environments - #37772

  • Registration without environments or environment_id param causes NoMethodError - #37763

  • Remote execution controller still uses old job invocation form - #37728

  • Package update chooses latest version instead of input version - #37072

4.1.9. Repositories

  • Upgrade Pulp Container to 2.22 - #37973

  • Upgrade Pulpcore to 3.63 and plugins - #37950

  • Support on-demand for file repos - #37929

  • Add RHEL 9 AppStream and BaseOS EUS repos under Recommeded Repositories - #37916

  • Add to manifest lists and index is-bootable, is-flatpak, labels, and annotations fields - #37887

  • Org deletion fails if there are container repositories present - #37863

  • Add depth option for OSTree repository type - #37853

  • Update recommend repositories for RHEL 7 on Satellite GUI and add new client tools repo - #37840

  • Active Only checkbox on Sync Status page does not work - #37827

  • Creating a repository with duplicate name fails with confusing error - #37822

  • Pagination broken on Redhat repos page and generic content tables - #37777

  • "Remove Repositories" button not shown for non-admin users with "destroy_repositories" permission - #37732

  • No one needs migrated_pulp3_href on content tables anymore - #36874

  • Container image manifests synced without tags triggers "no content added" - #36404

  • Replace simple publisher with structured publisher for Debian Repositories - #35959

4.1.10. Roles and Permissions

  • Improve the error message when listing/viewing capsules via API w/o permissions - #37816

4.1.11. Subscriptions

  • Installed products report fails with Jail issue for #purpose_role and #purpose_usage - #37921

  • Unable to change the system purpose for the hypervisor. - #37899

  • Subscriptions page can retrieve stale manifest expiration date in certain situations - #37832

  • Down migration in AddConvert2rhelToHostFacets has wrong table name for subscription facets - #37815

  • Reuse the Foreman client SSL settings for Candlepin - #30368

4.1.12. Tooling

  • Upgrade theforeman-rubocop gem to the v0.1.0 - #37517

4.1.13. Web UI

  • Send events on angular translation load - #37858

  • Managing errata from content hosts page disturbs Satellite web page alignment - #37845

  • Align deb-package details with rpm-package details - #37794

  • Refactor deprecated jquery functions - #37671

Appendix A: Foreman Contributors

We’d like to thank the following people who contributed to the Foreman 3.13 release:

Adam Lazik, Adam Růžička, Archana Kumari, Bernhard Suttner, Cole Higgins, Eric Helms, Evgeni Golov, Ewoud Kohl van Wijngaarden, Francesco Di Nucci, Girija Soni, Gordon Bleux, Jan Bundesmann, Jason, Jeremy Lenz, Leos Stejskal, Manisha Singhal, Marcel Kühlhorn, Marek Hulán, Maria Agaphontzev, Markus Bucher, Markus Reisner, Matthias Dellweg, Nadja Heitmann, Nofar Alfassi, Oleh Fedorenko, Pablo Fernández Rodríguez, Patrick Creech, Pavel Moravec, Thorben Denzer, Tim Meusel, Waldirio M Pinheiro, kmalyjur

As well as all users who helped test releases, report bugs and provide feedback on the project

Appendix B: Katello Contributors