1. Foreman 3.2 Release Notes
1.2. Upgrade Warnings
1.2.1. require_ssl_smart_proxies
setting dropped
The require_ssl_smart_proxies
setting has been dropped and Foreman now behaves as if the value was true
(the default). This means it’s no longer possible to use reverse DNS instead of client certificates over HTTPS connections. Upgrading users should ensure a valid Public Key Infrastructure (PKI) exists.
1.3. Deprecations
1.3.1. Running Foreman on EL7
Foreman 3.4 will drop EL7 support. For fresh installations, it is advisable to install on EL8. Existing installations should start thinking about a migration plan.
Note that this support statement refers to running Foreman and Foreman Smart Proxy themselves on EL7. Managing EL7 hosts remains supported. See the RFC for more information.
1.3.2. Running Foreman on Debian 10
Now that Debian 11 is supported, Debian 10 support is deprecated and will be dropped with Foreman 3.4
Note that this support statement refers to running Foreman and Foreman Proxy themselves on Debian 10. Managing Debian 10 hosts remains supported. See the RFC for more information.
2. Katello 4.4 Release Notes
2.1. Headline Features
For the full list of changes, see the Changelog.
-
The repository indexing code has been rewritten and is now much faster. A 6x indexing speed improvement for the RHEL 7 RPMs repository was reported on the pull request.
-
Docker repositories can now use the "On Demand" download policy.
-
Docker repositories can now have tags both limited and included at sync time, as opposed to only included.
-
Source container images are now excluded by default, but that may be changed by editing the "exclude tags".
-
-
When syncing Debian content to smart proxies, the "APT Verbatim" publisher is used in Pulp for more efficient metadata mirroring.
-
A sync download rate limit setting has been introduced under the "Content" tab.
-
Content view versions may now be removed from a content view in bulk.
-
Work on the new host details page has progressed, specifically the packages and errata overview pages:
-
An Installable Errata card has been added to the overview, with links to pre-filtered errata views on the Errata tab.
-
The Packages tab now offers filter dropdowns for up-to-date / upgradable status.
-
-
The Inter-Server Sync interface (in Content > Subscriptions > Manage Manifest) has been rewritten completely, featuring a new CDN Configuration tab with three clear options for where Katello gets its content.
-
As part of the above, the 'content_disconnected' setting has been renamed to 'subscription_connection_enabled'.
-
-
The Red Hat repositories page no longer contacts the CDN when in Airgapped mode.
-
Fixed errata installation raising errors when using Remote Execution.
-
Numerous improvements to Content View exporting and importing have been included.
3. Foreman 3.2.1
A full list of changes is available via Redmine
3.1. Foreman
3.1.1. JavaScript stack
-
Adding the host parameters clears the values of the prior line - #34747
3.1.3. TFTP
-
Make the operatingsystem.bootfile usable in Jail - #34689
3.1.4. Host registration
-
The registration database migration could fail when the template is not available - #34661
3.1.5. Web Interface
-
Breadcrumb switcher doesnt work with Katello contentt work with Katello content - #34495
3.2. Installer
-
Installer does not restart foreman.service when changing Puma configuration - #34824
3.3. Packaging
3.3.1. Debian/Ubuntu
-
Updates oauth Gem installed by puppet-agent-oauth under Debian to a newer version (0.5.1 produces lots of warnings about URI.escape) - #34681
3.4. SELinux
3.4.1. Plugins
-
Syncing the git templates on RHEL8 raise SElinux errors - #34726
3.5. Smart Proxy
-
Set the MALLOC_ARENA_MAX variable to counter memory bloating in production environments - #34624
4. Foreman 3.2.0
A full list of changes is available via Redmine
4.1. Foreman
4.1.2. Inventory
-
The Submit button on a host form redirects to an invalid page - #34572
4.1.3. Web Interface
-
Add pagelet mountpoints for hosts list table - #34543
-
Default variant prop is missing from the pagination component - #34410
-
Remove the experimental banner in new host page - #34293
-
Ignore URL query params when setting active tab - #34271
-
Add slot for rex dropdown in new host page - #34259
-
New host details link should be removed from hosts index page - #34254
-
Use the Patternfly 4 pagination - #34185
-
Use the new host page by default - #34166
-
Core cards in overview tab should be arrangeable - #34142
-
Hosts UI - UX Review - Spacing - #34129
-
New Host detail page - small screen cant see build modalt see build modal - #33955
-
New host detail page shows IP address over multiple lines - #33948
-
The new host page lacks an empty state - #33862
-
Delete the unused react_pagination_props - #33681
-
Host Detail Graphs VERY slow to load after upgrade to 3.0.0-rc1 - #33310
4.1.4. Templates
-
Ensure that the insights snippet is being called by honoring the value of host_registration_insights parameter - #34525
-
Allow puppet setup to be skipped even if you set a puppet master - #34388
-
Update examples for truthy? and falsy? macros - #34365
-
Associate redhat templates with CentOS_Stream OS name - #34302
-
Upgrade fails during db:seed with ActiveRecord::RecordNotDestroyed: Failed to destroy the record - #34299
-
The pxe_kernel_options are not handled in Preseed PXE templates - #34292
-
More Anaconda kernel boot parameters without inst.' prefix template changesinst. prefix template changes prefix template changes - #34265
-
Puppet aio detection is broken in Foreman 3.1 provisioning templates, PR#8899 is full of typos - #34214
-
Introduce is_true? & is_false? template helpers - #34213
-
Rename enable-puppetlabs-puppetX-repo to enable-puppetofficial-puppetX-repo - #34088
-
Rename Job Invocation template - #34068
-
Include Tower extra vars feature when calling the API callback - #33942
-
Add current date macro - #33907
-
Include Puppet 7 repository support in provisioning snippets - #32602
4.1.7. Facts
-
Normalize fact parsers to use CentOS instead of centos - #34450
-
Identifying CentOS Stream as CentOS_Stream breaks in upgrades - #34409
-
Fix IPv6 support in rhsm fact facter - #34330
-
Add Oracle hypervisor virtual interface naming pattern to the ignore list - #34315
-
Improve the fact_values api performance when loading a large number of facts - #34160
-
Remove the deprecated Host#import_facts method - #34063
-
New OS created due to facts mismatch for operatingsystem for RHSM, Puppet and Ansible - #33981
-
Support ? for setting wildcards - #33775
-
Cloned viewer role cannot view facts - #33656
-
Support CentOS Stream 8 detection based on all facts - #33470
-
Use modern Facter 3 facts - #27906
4.1.8. Organizations and Locations
-
Organization context fails to change in web UI - #34416
4.1.9. API
-
Change example for --order - #34381
4.1.10. Plugin integration
-
Facets do not allow emptying their relations through mass assignment - #34375
-
GraphQL types touch database in migration rakes - #34366
-
Allow Site manager role to be extended from plugins - #34351
-
Allow specific permissions to be excluded from being added to default roles - #34329
-
Add medium_providers_registry instance method - #34002
-
Clean up the deprecated methods for foreman 3.2 - #33996
-
Enable Salt Autosign via Grains for Provisioning Template - #32919
4.1.13. Host registration
-
Insights snippet - remove connection test - #34340
-
Missing example for "Install packages" field - #34252
-
Grammatical errors with Insecure help text at Host Registration - #34250
-
Host facts are not uploaded to Foreman when host is registered with global registration - #34249
-
Fix bool params in global registration template - #34206
-
Preview of registration and host_init_config templates - #34198
-
Fix name & path to OS host_init_config template - #33979
4.1.15. Network
-
Add `ip_include?\` method to IPAM::Base that uses `IPAddr#include?\` method - #34280
4.1.17. Audit Log
-
Recent audits card in new host page is missing username - #34223
4.1.18. Packaging
-
Pin psych < 4 - #34212
4.1.19. Rails
-
Require code from lib folder - #34165
-
Audit human class name is translated twice - #34151
-
Move services from lib/foreman to app/services/foreman - #34146
-
Move Foreman::Renderer from lib/ to app/services - #34139
-
Autoload ProxyAPI files from /app/services - #34138
-
Add initialization method to RbacRegistry - #34010
-
Add plugin after_initialize hook - #34009
-
Plugin and its rbac_support are using Role and Permission models too early - #34006
-
Drop the truncate_bytes method - #33992
-
Require /lib dependencies in initializers/foreman.rb - #33991
-
Delay Initialization of ApiPie that depends on Model classes - #33989
-
Hostmix to use class_methods - #33987
-
Move Callback classes to separate files - #33986
-
Move identification methods to ApplicationRecord - #33985
-
Remove custom update methods - #33984
-
Fix loading of Foreman::Telemetry in initializers - #33968
-
Move basic ActiveRecord::Base custom extensions to ApplicationRecord - #33967
-
Load Menu::Loader in to_prepare’to_prepare - #33964
-
Require Foreman::Util in initializers - #33957
-
Fix early load of ForemanInternal in initializer - #33950
-
Fix early load of plugin fact parsers - #33949
-
Postpone setting validations to to_prepare - #33892
-
Require foreman/gettext directly - #33890
-
Remove usage of content_tag_for & div_for helpers so we can drop record_tag_helper - #28571
-
Do not use string interpolation when composing SQL queries. - #23300
4.1.22. Rake tasks
-
Remove legacy models:consolidate task - #34117
4.1.26. DB migrations
-
Clean up old data migrations from Foreman < 2.0 - #33909
4.1.27. Development tools
-
API Development Guidelines - #33865
4.1.28. Search
-
Make ordering by id possible for more models - #33842
4.1.29. Host groups
-
Reprovisioning a host using new HostGroup does not inherit root password from the new HostGroup - #33811
4.1.31. Authentication
-
Support ADFS-style JWTs - #33055
4.2. Installer
-
The katello-rhsm-consumer scripts subscription-manager version detection depends on subscription-manager rpm being installeds subscription-manager version detection depends on subscription-manager rpm being installed - #34406
-
The Installer does not restart foreman.service when changing puma configuration - #33973
-
Add iPXE bootstrap to the dhcpd.conf - #33549
4.2.1. foreman-installer script
-
Run the foreman-rake upgrade:run only conditionally - #34440
4.2.2. Foreman modules
-
Dynflow doesnt properly come back if the DB is unavailable for a brief period of timet properly come back if the DB is unavailable for a brief period of time - #34394
-
Create the Pulp group as system group - #34379
-
Enable the redis cache for pulp content server by default - #34325
-
[Custom Certs] - Failed to install the custom certs on Katello 4.3, works on 4.1 - #34317
-
Seed may not be triggered after migration - #34308
-
Support the KEEP_CHANGELOG_LIMIT option with pulpcore - #34298
-
Candlepin errors when using an encrypted key generated with genpkey or on a FIPS enabled machine - #34189
-
Katello 4.2 to 4.3 upgrade doesnt trigger apipie:cache:index, breaking some new hammer commandst trigger apipie:cache:index, breaking some new hammer commands - #34161
-
The foreman-proxy-content-enable-ostree true doesnt refresh the proxy features, leading to ostree being unavailablet refresh the proxy features, leading to ostree being unavailable - #34154
-
Puppet module puppet-foreman missing parameter for :trusted_proxies: - #34089
-
Set permissions on Candlepin config files to be owned by root:tomcat - #30366
Appendix B: Katello Contributors
-
Adam Ruzicka
-
Amir Fefer
-
Andrew
-
Bastian Schmidt
-
Chris Roberts
-
Evgeni Golov
-
Ewoud Kohl van Wijngaarden
-
Ian Ballou
-
Jeremy Lenz
-
Jonathon Turel
-
Justin Sherrill
-
Lucy Fu
-
Manisha Singhal
-
Nadja Heitmann
-
Oleh Fedorenko
-
Ondřej Ezr
-
Partha Aji
-
Ron Lavi
-
Samir Jha
-
Stejskal Leos
-
Tomer Brisker
-
William Bradford Clark
-
hao-yu
-
rverdile