Skip to content

Latest commit

 

History

History
428 lines (293 loc) · 26.9 KB

CHANGELOG.md

File metadata and controls

428 lines (293 loc) · 26.9 KB

Changelog

1.8.0

Breaking Changes for Deployer Admins

  • Note that we updated the Hashicorp Vault image by many release steps (1.8.3 to 1.16.3). While this did not cause issues in our testing, please be sure you have a good Vault backup before proceeding with the updagrade.

  • The files postgres data must be migrated to the new postgres 16 container before deploying 1.8.0. The new version will have a burnup script for a files-postgres-16 container, and it uses a new (empty) pvc. Before bringing all files services up, you must bring up the new files-postgres-16 container, and migrate the postgres data from the files-postgres container to the files-postgres-16 container. The best place to get information about this is the postgres docs. This could be done manually (using pg_dump/dbdump/dbdumpall). One thing to note is that passwords for postgres users will not be migrated and must be reset due to changes in the way that postgres hashes the passwords, so be sure to find the db user passwords before you get started. This could be scripted and some examples of how that might be done are included (they are different for Kubernetes & Docker). The examples may be found inside the generated files directory after deployer is run. In general:

    • Backup your current database in case something goes wrong.
    • After deployment, burn down all files pods EXCEPT files-postgres.
    • Edit the scripts such that they are correct for your environment. Check the variables are defined in files-migrate-pg-11-to-16-vars-configmap.yml (Kube) / migrate-pg-11-to-16-example (Docker)
    • After migration, check table counts to make sure they are the same for both old and new DBs. the script). Check for errors, etc.
    • cd into the files/postgres directory (postgres - not postgres_16), and burndown the old postgres.
    • Once the data is successfully migrated and verified, burndown and up any files services that are currently running and restart.

Service Updates

1.7.0

Service Updates

Breaking Changes for Deployer Admins

1.6.4

Service Updates

Breaking Changes for Deployer Admins

1.6.3

Service Updates

1.6.2

Service Updates

1.6.1

Tapis 1.6.1 contains a number of new features, enhancements and bug fixes. In addition to across-the-board dependency updates, significant new capabilities are highlighted below. More detail can be found in the Changelog for each of the services.

Service Updates

1.6.0

Service Updates

1.5.3

Services Updates

1.5.2

Services Updates

1.5.1

Services Updates

1.5.0

Services Updated

1.4.3

Services Updated

Breaking Changes for Deployer Admins

  • This is ONLY for Docker Tapis installs updating; it is NOT applicable to Kubernetes installs: Some components' Postgres directory volume mounts have moved within the tapisdatadir and may need to be moved on disk before starting the containers. Each component should now follow a similar structure, e.g. for authenticator: tapisdatadir/authenticator/postgres/data should contain the Postgres data, such as the PG_VERSION file, pg_wal directory, etc.

1.4.2

Services Updated

1.4.1

Services Updated

1.4.0

Services Updated

Breaking Changes for Services / Tapis Users

  • For Systems and Apps: Environment variables beginning with _tapis are no longer valid in the envVariables attribute. (This matches existing Jobs service behavior.) If you are a Tapis user who creates or maintains Systems or Apps resources, creating a resource that specifies an environment variable starting with _tapis will now result in the resource creation to be rejected. If such a resource already exists, future jobs that use it will fail.
  • Authenticator:
    • The DELETE /v3/oauth2/clients endpoint now returns the standard 5-stanza Tapis response. Previously, it returned an empty HTTP response. Applications that use this endpoint should be updated to handle a non-empty response.
    • The POST /v3/oauth2/tokens endpoint has been changed in the case of the device_code grant to require only the client_id as a POST parameter. Previously, the client_id and client_key were erroneously both required to be passed using an HTTP Basic Auth header. Client applications that utilized the device code grant type and passed the client credentials as part of the HTTP Basic Auth header must be updated to pass only the client id as part of the POST payload. The OA3 spec has been updated to reflect this new requirement. See issue #32.
  • Globus-Proxy:

Deployer Updates

  • Nginx locations for individual components have been split into their own location files. This should not cause a breaking change or interrupt routing.

Breaking Changes for Deployer Admins

  • None

1.3.8

Breaking Changes

  • There is a breaking change related to how Files and Systems interact for systems of type IRODS. Please see the CHANGELOG for the Files service for more information.

1.3.7

1.3.6

1.3.5

Breaking Changes

Previous versions of Tapis Deployer have placed important vault configs in ~/vault, ~/vault-token. These files are now moved to a configurable directory set by the tapisdatadir variable. This should be set to the directory on your deployment machine that contains data for your installation and should

If you migrating from an existing Tapis deployement be sure to copy:

  • create the tapisdatadir/vault directory
  • copy ~/vault file to tapisdatadir/vault/vault-init file
  • copy ~/vault-token file to tapisdatadir/vault/vault-token file

Other changes:

Image updates for:

  • Systems: 1.3.0 to 1.3.1 (tapis/systems)
  • Apps: 1.3.1 to 1.3.2 (tapis/apps)
  • Notifications: 1.3.0 to 1.3.1 (tapis/notifications,notifications-dispatcher)
  • Jobs: 1.3.1 to 1.3.2 (tapis/jobsworker, jobsmigrate, jobsapi)
  • SK: 1.3.0 to 1.3.1 (tapis/securitymigrate, securityexport, securityadmin, securityapi)
  • Files: 1.3.2 to 1.3.3 (tapis/tapis-files and tapis/tapis-files-workers)

1.3.4

  • Vault config (vault.hcl) fixes

1.3.3

  • Updated security images to 1.3.1

1.3.2

  • Updated several image minor release versions.
  • Added VERSION file to reflect which version of tapis-deployer was used.

Breaking Changes

  • If you have an existing Tapis deployment, you may be using the "file" storage type for vault. In the future the default will use "raft" storage type. For new installs, no action is required. Follow Migration steps below to migrate from file to raft storage.

Migration from 1.2.x steps

  • Check your existing vault for storage type. Exec into the container and get storage type

    kubectl exec -it deploy/vault vault status | grep "Storage Type" Storage Type file

If your storage type if "file", include this in your host_vars:

vault_raft_storage: false

If your storage type is "raft", no further action required. Ensure that "vault_raft_storage" var is undefined in your host_vars.

1.3.0

Breaking Changes

Migration from 1.2.x steps

  • Remove "tokens_tenants" var from the tokens section of your input file. Is now set to ["*"] by default, meaning tokens will get a list of tenants from tenants service.

  • Remove "authenticator_service_tenants" var from the authenticator section of your input file. Is now set to ["*"] by default, meaning authenticator will get a list of tenants from tenants service.

  • Update your host_vars (deployer input file) to include the following new variables. (see inventory_examples for reference):

    Choose where your deployment files should be created.

    tapisdir: '{{ ansible_env.HOME }}/tmp/{{ inventory_hostname }}' tapisdatadir: '{{ ansible_env.HOME }}/tmp/{{ inventory_hostname }}-data'

1.2.x - 2023-01-06

  • Docker flavor: Proxy/Nginx: Moved each location stanza to its own file.

1.2.0 - 2022-05-31

This is the initial release of Tapis Deployer components.

It attempts to reconcile differences between input files and generator checks.

Breaking Changes:

  • None.

New features:

  • Created input generator.
  • Add more checks to ensure the vault is running before starting other services.
  • Add workflows service.
  • Add container-registry service.
  • Add globus-proxy service.

Bug fixes:

  • None.

0.9.1 - 2022-01-13

0.9.0 - 2022-01-12

Initial pre-release of Tapis Deployer for generating Tapis deployment YAML & scripts.

Breaking Changes:

  • Initial release.

New features:

  • Initial release.

Bug fixes:

  • None.