1. Foreman 3.14 Release Notes
1.1. Headline Features
1.1.1. IPv6 Support
Deployment and operation in IPv6-only networks is now fully supported.
Provisioning over IPv6 is supported on bare metal hosts. For compute resources, you can define the machine outside Foreman on the compute resource and then you can provision the machine as bare metal in Foreman.
1.2. Upgrade Warnings
1.2.1. EL 7 client repositories dropped
RHEL 7 is out of maintenance since June 2024 and at the same time CentOS Linux 7 went end of life. With Foreman 3.14, the client repository is no longer built for EL 7. This primarily affects Katello and OpenSCAP users.
For more details, see the removal RFC.
1.2.2. AWX Parameter Change
The ansible_tower_fqdn
parameter has been removed and replaced with ansible_tower_api_url
.
This new parameter includes both the previous ansible_tower_fqdn
value and the required API path for AWX.
By default, the API path is set to /api/controller/v2
.
If you are using an older AWX version, update the API path manually to /api/v2
.
If you’re unsure which version you have, check your instance’s API endpoints to confirm the correct path.
2. Katello 4.16 Release Notes
2.1. Headline Features
2.1.1. Image-mode host support
Katello has added a new type of host: image-mode hosts. Image-mode hosts are ostree-based atomic systems which have been provisioned with bootable container images (bootc images). Katello 4.16 enables users to register image-mode hosts, view bootc-related statistics, and remotely execute bootc commands.
Existing hosts are now considered 'package-mode hosts' and will exist alongside the new host type. Both host types can be set up and configured using existing host management processes.
Bootable container images are OCI compliant images which can be managed using existing container repository management tooling in Katello. A new 'Booted container images' page displays all bootc images and their respective host counts. These images are available via API at '/hosts/bootc_images'.
2.1.2. Flatpak content support
Katello now supports Flatpak content.
Flatpak content can be manually added as a local repository or can be scanned from external sources and used as a Flatpak remote repository.
After scanning, Flatpak remote repositories can be mirrored to local Katello repositories via remote repository mirroring.
Flatpak repositories can be easily synced and installed on remote hosts via any of Katello’s existing repository management techniques.
Flatpak remote repositories are available via API at /flatpak_remotes
.
Flatpak remote helpers are currently supported through hammer and API; full UI support will be coming soon. Currently, only OCI Flatpak repositories are supported.
2.1.3. 'Sync Dependencies' option for Ansible collection repositories.
Ansible collection repositories now have a new option: 'Sync Dependencies'. When enabled (default), Pulp will sync the collections given in the requirements file and their dependencies. When disabled, Pulp will only sync the collections, without their dependencies.
2.1.4. Organization custom labels
Organizations now support the ability to use user-submitted labels during creation. This can help mitigate confusion in cases where default labels result in difficult-to-type or difficult-to-read entries.
2.1.5. Allow for non-standard errata types in errata filters
Errata filtering by type now supports an additional 'other' option, letting users filter by errata types which don’t match the standard 'Bugfix', 'Enhancement', or 'Security' types.
2.1.6. postgresql-evr extension no longer required
Installation of the Katello database on remote systems where root access is not available is now possible. Only a basic PostgreSQL installation is required. With this feature, you can now install on systems like Amazon RDS or Azure Database for PostgreSQL.
3. Foreman 3.14.0
A full list of changes is available on Redmine
3.1. Foreman
3.1.1. API
-
Hide organization-id and location-id options from api documentation of unscoped resources - #37824
3.1.2. Authentication
-
NameError: undefined local variable or method `logger' for JwtToken - #38122
3.1.3. Compute resources
-
Fields in OS tab don't populate until after failed host import and the network details are incorrect - #37855
3.1.4. Compute resources - EC2
-
Remove EC2 subnet from compute profiles - #38193
3.1.6. Compute resources - libvirt
-
Add Libvirt UEFI & SecureBoot support - #37566
3.1.7. DNS
-
Fix DNS orchestration conflict detection to take IPv6 filed into account - #37990
3.1.9. Facts
-
Make sure an IPv6 interface is suggested as primary - #38046
3.1.11. Internationalization
-
Do not try to translate ruby-symbol - #38106
3.1.13. JavaScript stack
-
CardTemplate should allow customizing ouidId - #38289
-
datatables pagination not working - #38282
-
remove select2('destroy') for non select2 item - #38177
-
Allow generic table children outside of tbody - #38154
-
Remove @theforeman/vendor-dev - #37830
-
add js-cookie - #37664
-
drop jquery-ui - #37390
-
Update to jQuery 3 - #37382
3.1.14. Logging
-
Password from HTTP(S) proxy Setting is logged in plaintext to production.log - #38185
3.1.15. Network
-
Pagelet for HTTP Proxy form - #38000
3.1.17. Performance
-
PG::UniqueViolation: ERROR: duplicate key value violates unique constraint "index_operatingsystems_on_title" DETAIL: Key (title)=(RedHat 9.2) already exists. - #38169
3.1.18. Proxy gateway
-
Test connection for HTTP proxy errors out - #38208
3.1.23. Unattended installations
-
Can't provision using image + SSH - #38272
-
AAP 2.5 support in Ansible Callback - #38219
-
Anaconda is not setting up the host name correctly during the setup - #38168
-
Kickstart template generates interfaces with --ipv6=dhcp - #38155
-
Replace deprecated wget "-Y off" parameter in templates - #38067
-
Use IPv6 address for SSH provisioning, if available - #38057
-
References to syspurpose addons still remain in Foreman - #38053
-
Remove NicIpResolver class - #38052
-
Unattended controller should accept IPv6 address as part of the built request - #38051
-
Make sure host_finder knows to find hosts given an IPv6 address - #38050
-
Major version accepts negative values while creating operating system - #38044
-
Allow the remote execution user to become any user when creating sudoers drop-ins - #38030
-
Provisioning uses wrong URLs for subscription-manager when a load balanced smart proxy is involved - #38029
-
Support Windows deployment with UEFI - #37862
-
Clevis/Tang disk encryption broken for Ubuntu/multiple disks - #37857
-
New PXE loader "Grub2 UEFI SecureBoot (target OS)" - #36834
3.1.25. Web Interface
-
Failure occurs after selecting the correct value while creating an Ansible variable. - #38281
-
select2 search not working in modals - #38237
-
select 2 not showing placeholders - #38211
-
vmware Create controller select freezes the page - #38209
-
form_select_f auto selects first option - #38183
-
Hide search submit button when not submittable - #38141
3.2. Installer
-
New PXE loader "Grub2 UEFI SecureBoot (target OS)" - #36940
3.2.1. External modules
-
Stop managing postgresql-evr extension - #37680
3.3. Packaging
3.3.1. RPMs
-
Drop EL7 client support - #38034
4. Katello 4.16.0
A full list of changes is available on Redmine
4.1. Katello
-
Humanize Resource Type for flatpak permissions - #38161
-
Label option is removed while creating new Organization in UI - #38025
-
Use #add instead of #<< for ActiveModel::Errors - #38023
-
Empty Error Pop Up related to structured APT on the RepositorySets page - #38011
-
deb type content host with structured APT enabled throws errors on repository sets tab - #37998
-
As a user, I can expect container repo names to follow the latest standard - #37988
-
Upload deb package through hammer results in an invalid package being included when it's uploaded for the first time - #37864
-
add jquery-ui dependency - #37402
4.1.1. API
-
Flatpak remote returns auth_token on the API - #38102
4.1.2. Activation Key
-
Unable to an create activation key when no content-view is selected - #38251
-
hammer activation-key create false positive when passing in only --content-view - #38170
-
FakeActivationKey doesn't respond to #organization method - #38147
-
[RFE Hint to enable settings 'allow_multiple_content_views' in hammer ak command] - #38143
-
Can't remove a version from an environment if it is being used by a multi-CV activation key. - #37895
4.1.3. Container
-
Container push should hide expected 404 message from pulp when looking up blobs - #38212
-
OSP Authenticated Pull fails from Satellite with error 422 Client Error: Unprocessable Content for url - #38206
-
As a user, I can see an overview of container images used with image-mode systems in the UI - #38107
-
"hammer repository upload-content" not long working for docker repository - #38103
4.1.4. Content Views
-
Old CV versions may contain deb repos without structure content - #38231
-
CV with depsolving and filters on selected repos is broken at orhpan cleanup - #38218
-
Update web UI wording for multiCV - #38194
-
Content views list duplicate relations for multiCV hosts and activation keys - #38179
-
Use new host page setting to link to hosts index from content view details page - #38160
-
To convert "Got multiple version_hrefs for pulp task" error into a warning or suppress it - #38150
-
Reassigning host content views when removing Content view version/environment in multi-CV hosts - #38116
-
As a client, I should have access to all flatpaks available via registered Content View/Environment - #38105
-
The content view APIs will pass repository_ids to the code both as a list of int or a list of strings - #38076
-
Scoped search is broken for for content views if the search parameter is boolean - #38062
-
Deleting a CV version does not scale when a product has too many repos (cloned in CVs) - #38003
4.1.6. Foreman Proxy Content
-
Smart proxy sync is not updating package count for repos inside content view. - #38117
-
APT repos using flat repo format cannot be synced to smart proxy - #38096
-
Refresh content counts action on Smart proxy fails when content_counts is set to {} - #38056
-
LCE id is not passed on Refresh counts trigger from WebUI - #38042
-
Update smart proxy url methods for load balancer compatibility - #38028
-
Smart proxy content page console error when count is {} - #38015
-
Ansible collection capsule sync doesn't respect optimized:false value - #37959
-
podman login via smart proxy fails on GMT+x timezones - #37925
4.1.7. HTTP Proxy
-
Set HTTP proxy as default after creating - #37923
4.1.8. Hosts
-
When nesting hostgroups, CV/LCE do not populate upon changing the content source - #38265
-
Registering a host with non-admin user with "Register hosts" role doesn't move the host in specified location - #38243
-
Job template "Set up Flatpak remote" fails when /run/containers/0/auth.json is missing - #38236
-
in host edit, unselecting media causes page freeze - #38230
-
Image mode all hosts column title should be 'Type' - #38226
-
Extra tbody left inside booted containers table causes automation issues - #38225
-
Add unset feature in set release version bulk action on the content host - #38215
-
Should hide Change content source task when permissions are missing - #38214
-
RHEL 10 support policy + EOL info is added to hosts - #38152
-
content_view_environments methods need to be added to Safemode - #38142
-
Job: Resolve Traces - Katello Ansible Default - fails to reboot machine - #38140
-
Do not double-escape "*" during package update - #38137
-
Image mode digests should be allowed to be empty - #38128
-
Add a link to the new REX bootc action on the image mode details card - #38113
-
Change content source & REX Pull provider - #38111
-
In host/groups media should not be visible when Synced Content is selected - #38104
-
New "All Hosts Page" should show Package Updates for Debian/Ubuntu - #38097
-
Add new job templates for bootc upgrade/switch/rollback via REX - #38084
-
As a user, I can see an overview of container images used with image-mode systems via API & hammer - #38072
-
A new card on Host details tab for image information - #38013
-
Gather bootc-related facts and populate content facet fields - #37994
-
Improve restart services job - #37918
4.1.9. Inter Server Sync
-
Importing into a repository that already exists on the importing instance broken - #38156
4.1.11. Localization
-
generic content units controller api translation broken - #37981
4.1.12. Reporting
-
Failed to genereate report using "Host - Applied Errata" template. - #38058
4.1.13. Repositories
-
flatpak-remote create writes the token string to production.log in plaintext - #38273
-
Update Recommeneded Repositories Page to modify Satellite, Capsule and Maintainance repository from 6.16 to 6.17 for RHEL 9 - #38261
-
APT repos using flat repo format with a distribution other than "/" are broken - #38221
-
Http proxy is referenced in postgres even after being removed from the Satellite server - #38204
-
Sync Status page Select None not working - #38196
-
The "Synchronize Now" button within Sync Status page of Satellite WebUI does not perform any visible action when the associated Content View is being published - #38188
-
Flatpak rex templates don't appear in order - #38180
-
Repository > New form doesn't render properly - #38162
-
Add RHEL 10 to repo version restriction logic. - #38158
-
Add a job template for flatpak setup on hosts and possibly install a flatpak image - #38109
-
Products index page is slow for products that have no synced repositories - #38086
-
Filter Deb Packages by repository - #38083
-
Migrate to using type field in container manifests and lists - #38071
-
Using deb content filters with structured APT enabled breaks repo publications - #38061
-
Error Mirroring Policy: Additive -> Complete Mirroring - #38040
-
Show URL to GPG Key - #38038
-
Upload deb package through hammer may not add it publication - #38035
-
[DEV Add RHEL 10 repos to recommended repositories (after 4.15 branching)] - #38020
-
As a user I can interact with remote repositories and manifests via API and mirror remote repositories in Katello - #37989
-
Remove Client2 repos from Recommended Repositories on Sat6.16 - #37985
-
Update recommend repositories on Satellite GUI to add Capsule, Utils and Maintenance repos for 6.16. - #37984
-
Add API endpoints with permissions for Flatpak remotes - #37976
-
Add keep-latest-packages from pulp python backend to UI - #37974
-
Add option to not sync dependencies of Ansible collections - #37958
-
Ostree repo creation fails if Depth is not set to a value - #37951
-
Support on-demand for file repos - #37929
-
Errors while deleting repository from Katello: Unable to find content with the ID "XXXX" - #37600
-
Python Package Types don't filter out whitespace - #35676
-
Make sure debian repositories support incremental-updates in pulpcore - #31257
Appendix A: Foreman Contributors
We’d like to thank the following people who contributed to the Foreman 3.14 release:
Adam Lazik, Adam Růžička, Aneta Šteflová Petrová, Archana Kumari, Bastian Schmidt, Ben Erickson, Bernhard Suttner, Brenden Wood, Chris Roberts, Cole Higgins, Eric Helms, Evgeni Golov, Ewoud Kohl van Wijngaarden, Francesco Di Nucci, Gaurav Talreja, Girija Soni, Hao Yu, Ian Ballou, Jan Löser, Jeremy Lenz, Leos Stejskal, Lucy Fu, Maria Agaphontzev, Markus Bucher, Markus Reisner, Martin Alfke, Martin Spiessl, Matthew Davis, Maximilian Kolb, Nadja Heitmann, Nofar Alfassi, Oleh Fedorenko, Partha Aji, Patrick Creech, PopiBrossard, Samir Jha, Sayan Das, Shimon Shtein, Takashi Kajinami, Tim Meusel, VHS, dosas,
As well as all users who helped test releases, report bugs and provide feedback on the project.
Appendix B: Katello Contributors
We’d like to thank the following people who contributed to the Katello 4.16 release:
Adam Lazik, Adam Ruzicka, Archana Kumari, Ashish Humbe, Bernhard Suttner, Chris Roberts, Evgeni Golov, Ewoud Kohl van Wijngaarden, Hao Chang Yu, Ian Ballou, Jeremy Lenz, Leos Stejskal, Lucas Bickel, Lucy Fu, Maria Agaphontzev, Markus Bucher, Nadja Heitmann, Oleh Fedorenko, Partha Aji, Pavan Soma Shekar, Pavel Moravec, Quinn James, Quirin Pamp, Samir Jha, and Thorben Denzer.
As well as all users who helped test releases, report bugs and provide feedback on the project.