1. Foreman 3.5 Release Notes
1.1. Headline Features
1.1.1. Improved inventory pages
Inventory management has always been a core feature of Foreman. In Foreman 2.2 the host detail page redesign was started and made default in Foreman 3.2. This release greatly enhances the page with many more integrations which provides the user a more complete overview without having to navigate to other pages.
For a long time foreman_column_view has provided a way to customize the columns on the host list. The new Selectable columns feature feature brings a lot of this functionality to Foreman itself without the need to know a lot about the Foreman internals.
1.1.2. Enabled HTTP/2 on Apache
HTTP/2 is now enabled by default on all platforms. Compared to HTTP/1(.1) the newer HTTP/2 protocol allows multiplexing over a single connection, making it possible for clients to retrieve multiple resources at the same time. For example, browsers no longer need to wait for one one image to complete before requesting the next image.
1.1.3. Use of system crypto policy with Apache on Enterprise Linux 8
Red Hat Enterprise Linux 8 introduced consistent crypto policies and Foreman’s installer now configures Apache to use those. Where previously the installer manually maintained a list of protocols and ciphers, it now follows what is configured system wide.
Note that Katello users can’t use the FUTURE policy since cdn.redhat.com
has a cerificate signed with SHA1 in its signature chain.
This was already a problem prior to this change.
See Red Hat BZ#2117265 for more information.
For Debian/Ubuntu users nothing has changed.
1.1.4. Redis 6 on Enterprise Linux 8
The installer now ensures Redis 6 is used on Enterprise Linux 8.
The Redis 5 AppStream went EOL in May 2022.
Previously it was up to the user to switch streams, but now the installer enforces the redis:6
stream and updates the package.
1.1.5. Allow manual modifications of ansible.cfg
The installer no longer manages ansible.cfg and thus allows users to put in their own modifications. This file was previously used to configure the options that Foreman required to have set. This is no longer the case as the necessary options are set using a different mechanism. During upgrades the file is not touched which means some cruft remains. It is safe to remove the file or remove all content.
1.2. Upgrade Warnings
-
The
foreman_chef
plugin is unmaintained and broken since a few releases. It has been removed from the Installer and Packaging. -
Google compute resource has been extracted to the Foreman Google plugin. Foreman servers with Google compute resources enabled are automatically migrated to the plugin.
-
Puppet reports skip "Applied catalog in x.y second logs" messages. Uneventful Puppet runs are now completely empty, which reduces database storage requirements. This exposed a bug where Foreman is unable to determine the origin. Because of this, uneventful Puppet reports do not have an origin.
-
External node classifier renames hostname and fqdn parameters. In Foreman 2.4 the hostname and fqdn parameters were added, but this overrides with the facts in Puppet. The parameters are now prefixed by
foreman_
. -
Trends and statistics will be removed unless foreman_statistics is installed. This data used to be part of Foreman, but was extracted to a plugin in Foreman 2.3. Until now this data was kept in the database, but now this data will be purged unless the plugin is installed.
2. Katello 4.7 Release Notes
2.1. Headline Features
-
New Alternate Content Sources improvements
-
Alternate Content Sources support for RHUI types.
-
Alternate Content Sources support for bulk refresh and delete.
-
Alternate Content Sources have been moved out of labs into content on the vertical navigation bar.
-
Content Credentials have been updated to support Alternate Content Sources.
-
-
New Host UI improvements
-
Clicking on a Content Host in the legacy UI now takes you to the new host UI page.
-
Applicable errata now show as an option on the ErrataOverviewCard
-
-
New Inter Server Synchronization improvements
-
Syncable imports can now sync from a URL instead of a file path
-
Yum repository now has support for syncable formats
-
-
Over 45 bug fixes.
3. Foreman 3.5.3
A full list of changes is available on Redmine
3.1. Foreman
3.1.1. Unattended Installations
-
preseed_netplan_generic_interface with DHCP interface - #35578
3.1.2. API
-
Parameter 'search' on fact_value API endpoint results in internal server error - #35990
3.1.3. Inventory
-
Host Detail button landed to old Host UI page - #36225
3.1.4. PuppetCA
-
"change Puppet Master" option does not work - #35949
3.2. Smart Proxy
3.2.1. TFTP
-
tftp initrd/vmlinux generation: curl malformed - #36209
4. Foreman 3.5.2
A full list of changes is available on Redmine
4.1. Foreman
4.1.1. API
-
Fixes API documentation typo - #35648
4.1.2. Development tools
-
Change container image to CentOS 8 Stream - #35593
4.1.5. Notifications
-
Make RSS notification stick around for 1 month instead of going away after a day - #35866
4.1.6. Settings
-
Foreman.settings.load_values is not able to pick settings which transitioned from a non-default to default value - #35894
4.1.8. Unattended installations
-
Pass URL parameters to foreman_url as hash - #36019
4.4. Smart Proxy
-
Invalid syntax for curl --time-cond - #36138
5. Foreman 3.5.1
A full list of changes is available on Redmine
5.1. Foreman
5.1.1. DB migrations
-
Statistics migrations are purged even if foreman_statistics is present - #35871
5.1.2. Facts
-
Support new Debian unstable OS facts - #35865
5.1.3. Host creation
-
Ubuntu Autoinstall enable offline and online installation - #35719
5.1.4. Unattended installations
-
Provisioning registered RHEL hosts is impossible without Katello installed - #35868
5.1.5. Web Interface
-
host details - Details tab cards have horizontal scroll - #35819
6. Katello 4.7.0
A full list of changes is available on Redmine
6.1. Katello
-
Use synced content broken if hostgroup is set to all media - #35624
-
Repair/ Verify checksum is broken - #35600
-
ACS create wizard: review details step displays password in plaintext when manual auth is selected - #35537
-
ACS create fails when same name used with "PG::UniqueViolation: ERROR: duplicate key value violates unique constraint" - #35482
-
New host details UI does not work at all - #35336
-
As a user, I can bulk delete and refresh ACSs via the UI - #33464
-
As a user, I can create CDN and RHUI ACSs via the UI - #33463
6.1.2. Activation Key
-
Activation key can be deleted, but still shows up in hostgroup configuration - #35386
6.1.3. Ansible Collections
-
Indexing error if a collection to be synced from galaxy doesn't have tags associated. - #35412
6.1.4. Content Credentials
-
Prevent the deletion of content credentials when they are in use - #35588
6.1.5. Content Views
-
CVV Compare - Add sorting to the tables - #35613
-
Content view filter will include module streams of other repos/arches if the errata contain rpms in multiple repos/arches. - #35610
-
CVV Compare - Add repository subtab to content view compare - #35589
-
Make cv publish fail on invalid/non existent content - #35572
-
Navigating to content view page from the left panel after creating a cv does not work - #35511
-
- Add static ouia-id to modal with wizard for publishing a cv - #35370
-
Input sanitation of Content View Names not working - #35235
6.1.6. Errata Management
-
Show applicable errata on ErrataOverviewCard - #35668
-
Toggle group is hidden when host has no installable errata - #35575
-
Errata Mail calculates updated_at date per repository, should be per erratum - #35503
-
Unable to apply all Errata via Remote Execution on Web UI with "Select All" - #35484
-
'This host has errata that are applicable, but not installable' message incorrectly appears - #35398
6.1.7. Foreman Proxy Content
-
Can't sync container repos from pulp_container 2.14 to proxies with pulp_container 2.10 - #35688
-
Use proxy template URL in registration - #35627
-
Accessing an external capsule from UI, shows "Last sync failed: 404 Not Found" even if the last capsule content sync was successful in Satellite 6.12 - #35552
-
Python content isn't sychronized to smart proxies - #35091
-
Assign HTTP Proxies to ACSs per smart proxy rather than per ACS - #34897
6.1.8. Hosts
-
As a user, when I click a link to a content host it should take me to the new host details page - #35632
-
Repository Sets does not list reposets - #35596
-
Content change template assumes host has a kickstart repository available - #35566
-
The "Change Content Source" feature does not changes the "registered_through" proxy - #35548
-
Changing content source for a host breaks REX pull, if configured - #35516
-
User report: host repo files are not updating when switching lifecycle environments or content views - #35458
-
Packages tab - Add dropdown to select upgrade version - #35452
-
Host UI - cards have cursor pointer - #35441
-
'0 enhancements' text sometimes overflows Errata overview card - #35399
-
Add host collections card empty state - #35372
-
new host ui details, add button to navigate to old content UI - #35367
-
Details tab cards - Switch to masonry card layout instead of square grid - #35295
-
All errata are applied when user only selects certain errata - #35045
-
New host details - Hide module streams tab for EL7 hosts - #34973
6.1.9. Inter Server Sync
-
Generated content views are displayed in Main Dashboard - #35723
-
Make syncable import accept a url instead of a path - #35606
-
[RFE] Need syncable yum-format repository imports - #35505
-
Content View Versions generated by Export are still listed in Composite page - #35501
-
Syncable exports not properly validated - #35442
-
Importing a custom repository with different label but same name causes validation error - #35425
-
Pathing issue on exports - #35410
-
Incremental export on repository exports not working correctly after syncably exporting repository - #35369
-
Need to be able to provide custom cert for ISS for Red Hat CDN - #35296
-
[RFE] Allow to export Docker images from content views or as repository as part ISS - #35247
6.1.10. Repositories
-
Index module profiles for modular repos - #35653
-
Remove ACS from labs and place it in the Content section - #35608
-
Pulpcore 3.21 - Upload rpm fails - #35590
-
Unable to "Remove" a repository directly if the repo is part of a CV as well as CCV in Satellite 6.12 - #35549
-
- Add rhel-6-server-els-rpms repository under recommended repositories - #35539
-
Repo Deletion with no feed url causes a `ArgumentError` - #35534
-
CV version details repository tab links to library_instance_inverse version and lets you use it like a regular library repo - #35517
-
Simplified ACSs are being created during content view publishing - #35504
-
Non-enabled repository types make it into the apipie help-text - #35459
-
Add Alternate Content Sources tab to content credentials - #35344
-
ModuleStreamErratumPackages aren't indexed at first repository syncing - #35337
-
Katello rpm search via nvra also - #35290
-
Task group errors do not drill into child task errors - #35275
-
Retain packages on Repository removes RPMs from Pulp but not from Katello - #35120
6.1.12. Sync Plans
-
Capsule Last Sync date and status should not be based on task data. - #35407
6.1.14. Tooling
-
Nightly eslint failure on babel plugin dependency in eslintrc - #35532
-
Development env issue: param group Api::V2::HostsController#installed_products not defined - #35499
-
Upgrade to Pulpcore 3.21 - #35476
-
When installing errata via katello-agent, content_action_finish_timeout is ignored and tasks don't wait for client status to finish - #35364
6.1.15. Web UI
-
Audit permissions on ACS UI - #35661
-
Edit ansible_collections menu link to be /content/ansible_collections to avoid redirect - #35643
-
Change 'Subscription Allocation' to 'Manifest' on the Manage Manifest screen - #35618
-
Add content profile for hosts index page - #35595
-
ACS UI - General updates - #35571
-
ACS Wizard - UX changes - #35565
-
When searching for content, dropdown filters are literal search terms. - #35512
-
Don’t allow to mismatch Environment / CV / capsule - #35446
-
Remove unused jquery.trunk8 vendored library - #35435
7. Foreman 3.5.0
A full list of changes is available on Redmine
7.1. Foreman
7.1.2. Authentication
-
Kerberos authentication fails for POST, PUT and DELETE api calls - #35473
7.1.3. Compute resources - GCE
-
Remove GCE Compute resource code - #35088
7.1.4. Compute resources - VMware
-
hammer cannot use the cluster name or id as valid input when clusters are residing inside folders and fails with error fog not found - #35438
7.1.5. DB migrations
-
Remove i386 from seeded host architectures - #35528
-
After removing the foreman_docker plugin, foreman log is flooded with huge tracebacks related to "unknown class DockerRegistry, ignoring" and "unknown class Container, ignoring" - #35347
-
Remove Trends and Statistics data from all instances - #32116
7.1.6. Development tools
-
Describe dealing with pkgconfig error in foreman_dev_setup.asciidoc - #35647
-
Updating Contributions file with a few links & adding a link to it in ReadMe file - #35587
-
developer_docs/foreman_dev_setup adding a guide for Fedora users and edge error fix - #35581
-
Update as_deprecation_tracker to at least 1.6 for Ruby 3 - #35430
-
Add testing instructions to the Foreman development setup guide - #35417
-
Add a disabled option to the dropdown menu items on foreman - #35416
-
Document developer setup for Smart Proxy, REX & Ansible - #35391
7.1.7. External Nodes
-
Foreman Puppet ENC "hostname" and "fqdn" conflict with core Puppet Facts - #35326
7.1.8. Facts
-
Add BIOS info to reported data facet - #35696
-
Ansible fact parser fails to parse Windows facts if they do not contain os_name - #35658
-
Add kernel_version to reported data facet for use in new host UI OS card - #35619
-
Missing icons for salt and chef as fact sources - #35569
-
While running concurrent registrations, foreman fails with 500 ISE on index_operatingsystems_on_title unique index violation - #35485
7.1.9. Host creation
-
Bulk rebuild hosts can not reset the build token - #35203
7.1.12. Inventory
-
BIOS UUID on host detail page is incorrect - #35836
-
Status of same columns in different categories should affect each other - #35757
-
Add Virtual guests to System properties card - #35745
-
Add network category to selectable columns - #35733
-
Incorrect page title on host statuses page - #35724
-
Host Details - Add a BIOS card - #35667
-
Host Details - Add a provisioning card - #35665
-
Host - Details tab - 'Networking interfaces' card - #35656
-
Display host name instead of host ID in delete host confirm modal in host overview - #35636
-
Add reported data profile for hosts index page - #35623
-
Add kernel release to new host details operating system card - #35622
-
new host details - Details tab cards are all in one column on very tall screens - #35605
-
Add a link to the host group on the new host detail page - #35497
-
add masonryLayout to os card in host details - #35475
-
host details audits, change from list to table - #35424
-
Add a card with templates to the Host details page - #35387
-
Make columns on host index page selectable - #35361
-
Host details Operating system card - #35345
-
Host detail page - Cursor on boxes should be regular pointer - #35319
-
New host detail - OS label as a link to OS detail - #35305
-
Host Details tab - Switch to masonry card layout instead of square grid - #35294
-
Create column selector on host index page - #35287
-
Use more accurate messaging when host statuses are cleared - #35206
-
Hosts "New UI" no way to review templates - #35176
-
Fix host details tab cards Expand/collapse all behavior - #34997
-
Page title incorrect on new host details page - #34219
7.1.14. Network
-
Boding interface bondig slaves are always changed to lower case - #35377
7.1.15. Organizations and Locations
-
Taxonomies are being set during extlogin too early, leading to user's default taxonomies being ignored - #34949
7.1.16. Packaging
-
Allow latest 6.1 version of Rails for bug fixes and CVEs - #35758
-
Relax JWT pin to get newer versions of the gem - #35663
-
Update rack-cors to 1.1.x - #35450
-
Update sshkey to version 2.x - #35449
-
Update roadie-rails to version 3 for Ruby 3 support - #35448
-
Update apipie-rails to 0.8.x - #35447
-
Update oauth to version 1 - #35429
-
Update rails-i18n to version 7 - #35428
-
Ensure scoped_search is at least 4.1.10 - #35427
-
Update ancestry to version 4 - #35423
-
Update audited to version 5 - #35422
-
Pin will_paginate to at least 3.3.0 - #35421
-
Bump sidekiq to 6.3.x - #35414
-
Disable public_file_server in production - #35403
-
Allow additional entries in config.hosts - #35376
-
Update graphql gem to at least 1.12 - #32685
-
Unbundle websockify - #29539
7.1.17. Plugin integration
-
Remove empty webpack_assets.rb file - #35419
7.1.18. Proxy gateway
-
Make the Http Proxy store a CA certifcate - #35359
7.1.21. Reporting
-
new report template to list all the installed packages - #29590
7.1.22. Settings
-
Power status should be a selectable column - #35621
7.1.24. Unattended installations
-
custom pre/post snippet hooks - #35674
-
dhclient not available in minimal iso image for EL>=8 - #35583
-
NetPlan templates broken when using Dual Stack environments - #35578
-
Allow delaying yggdrasild restart - #35561
-
REX pull deployment snippet is not included in kickstart default template - #35547
-
Fix the iPXE default template description - #35519
-
Raise an error if OS family is not set - #35480
-
Change puppetlabs_repo snippet to reference puppet-release files from repo root directory - #35466
-
Ubuntu Autoinstall template does not take host params into account - #35397
-
RHEL 9 provisioned host goes into emergency mode after initial reboot - #35331
-
New kexec template required in order to deploy Ubuntu 22 via discovery - #35285
-
AutoYaST PXELinux does not support networks without DHCP - #35240
-
Dual Stack Fallback mode for provisioning - #35207
-
Add option to use `reboot --kexec` to speed up provisioning - #35194
-
Ubuntu Autoinstall default network identifier - #35180
-
Add option to permit graphical installs for Red Hat - #35177
-
Ubuntu Autoinstall does not support static IP deployment - #35166
-
Add option to clone installation media - #35152
-
Add installation medium for Stream 9 - #35151
-
Permit setting puppet tag during install - #35137
-
remove reference to legacy puppet brand identifier puppetlabs in provision templates - #31593
7.1.26. Web Interface
-
Hide Manage columns button text in small screens - #35751
-
Searchbar disappears when trying to select a bookmark as user without bookmark permissions - #35634
-
Host details statuses clear button is always disabled - #35491
-
Add ouiaId for the host details pages - #35436
-
New/Edit Subnet form help text for Range field - #25507
7.2. Installer
7.2.1. External modules
-
SSO feature settings are not getting enabled and fails with HTTPD CONF issue - #35524
7.2.2. Foreman modules
-
smart_proxy_ansible needs smart_proxy_rex, but installer doesn't set it up automatically - #35809
-
Provide a parameter to set Candlepin log level - #35699
-
allow setting GssapiLocalName Off - #35685
-
Filter "Applied catalog in x.y seconds" messages out of Puppet report - #35684
-
Add support to customize rhsm API URL and pulpcore content URL - #35681
-
Add support to set registration_url - #35680
-
Add stronger ciphers to Candlepin's config - #35638
-
Configure Pulpcore's TELEMETRY feature - #35607
-
Support ensuring the OpenSCAP Puppet module in the foreman_proxy module - #35531
-
Add default pulp_deb config during installer runs - #35496
-
Restart yggdrasil from /usr/bin/katello-rhsm-consumer - #35486
-
Make installer generate an environment file for ansible instead of ansible.cfg - #35455
-
Salt master configuration file has wrong file permission - #35396
-
Compatibility with apache mod_status - #35356
-
serve assets directly via Apache, not via Puma/Rails - #33956
7.3. Packaging
7.3.1. RPMs
-
foreman-proxy logrotate sends signal to all processes under foreman-proxy.service - #35859
-
katello-change-hostname uses removed --disable-system-checks - #35756
-
Obsolete foreman_docker - #35538
-
make sprockets-based plugin assets reachable from within /var/lib/foreman/public/assets - #35409
-
dnf can't load foreman-protector.py as a regular user - #35366
Appendix A: Foreman Contributors
We’d like to thank the following people who contributed to the Foreman 3.5 release:
Adam Ruzicka, Alex Fisher, Alexander Olofsson, Amit Upadhye, Anthony Somerset, Bastian Schmidt, Bernhard Suttner, Chris Roberts, Christian Ruppert, Dan Ports, Dirk Götz, Dirk Heinrichs, Dyrkon, Elkin Aguas, Eric D. Helms, Evgeni Golov, Ewoud Kohl van Wijngaarden, Frank Adaemmer, Ian Ballou, Jeremy Lenz, Jonas Trüstedt, Kamil Szubrycht, Karolina Malyjurkova, Leos Stejskal, Lior Keren, Lucy Fu, Lukáš Zapletal, Manuel Laug, Marcel Kühlhorn, Marek Hulán, Maria Agaphontzev, Matt Darcy, Matěj Mudra, Maximilian Kolb, Nofar Alfassi, Oleh Fedorenko, Ondrej Ezr, Partha Aji, Pat Riehecky, Paul Donohue, Pavel Moravec, Peter Koprda, Quirin Pamp, Ron Lavi, Samir Jha, Sayan Das, Shim Shtein, William Clark, benjamin-robertson, kobybr, timdeluxe, Štefan Németh
As well as all users who helped test releases, report bugs and provide feedback on the project.