Slurm-web release v7.0.0

[rezib]

Added

• gateway:
  • Add support for SSO authentication with OpenID Connect (SSO authentication #268).
  • Add support for branding of UI with custom colors, logos and favicon (Support custom theme and logo #287).
  • Add route to reverse-proxy /jobs/past to agents.
• agent:
  • Add route /jobs/past to query last terminated jobs from Slurm accounting service.
  • Implement (dummy) Slurm REST API adapter from v0.0.44 to v0.0.45.
  • Enforce RBAC actions jobs-view-own and jobs-view-past-own to restrict job lists and details to the authenticated user (Restrict users to view their own jobs only #259).
• front:
  • Add OIDC login page and callback view for OpenID Connect SSO authentication.
  • Support custom branding parameters as defined in UI runtime configuration file.
  • Add page to list last terminated jobs with configurable time window (List of completed jobs #325).
  • Support jobs-view-own and jobs-view-past-own permissions in jobs menu, scope toggles and filters panel.
  • Display job names in active and terminated jobs pages (Show jobs name in jobs page #346).
  • Add possibility to filter jobs by name (substring or regex) in active and terminated jobs pages.
• Add support for Slurm REST API v0.0.45 provided by Slurm 26.05+ (Support Slurm REST API v0.0.45 (Slurm 26.05+) #718)
• Add Dockerfile for multi-staged agent and gateway containers (Docker/Podman/OCI containers #266).
• Add compose file to quickly deploy for Slurm-web stack in mono-cluster mode.
• gensession:
  • Add slurm-web gen-session-key command to generate gateway session secret file.
  • Add --set-ownership option to require root and assign generated session secret key to slurm-web system user.
• genjwt: Add --set-ownership option to require root and assign generated JWT signing key to slurm-web system user.
• lib: Support slurm-web gen-session-key in compat wrapper.
• pkgs:
  • Add dependency on RFL.authentication[jwt] extra package provided in RFL >= 1.8.0.
  • Add gateway dependency on RFL.authentication[ldap] extra package provided in RFL >= 1.8.0.
  • Add gateway dependency on RFL.authentication[oidc] extra package provided in RFL >= 1.8.0.
  • Add dependency on RFL.build >= 1.8.0 for testing.
  • Add container extra package for containers specific dependencies.
• docs:
  • Mention official support of Ubuntu 26.04 LTS « Resolute Raccoon ».
  • Mention official support of Fedora 44.
  • Add upgrade guide for migration from v6 to v7, with specific section for gateway session key creation and authorization policy actions rename.
  • Add Authentication pages with detailed LDAP and OIDC authentication flows and setup guides.
  • Add manpage for slurm-web gen-session-key command.
  • Mention Slurm-web gateway session key creation in quickstart guide.
  • Mention OIDC authentication feature in overview page.
  • Mention OIDC authentication in integration section of architecture documentation.
  • Introduce a custom branding guide.
  • Mention custom site branding feature in overview page.
  • Mention new jobs-view-past permission in quickstart guide and authorization policy configuration guide.
  • Document jobs-view-own and jobs-view-past-own actions in authorization policy guide.
  • Mention possibility to remove RacksDB load warning logs by disabling integration in quickstart guide.
  • Add container installation and quickstart documentation for Docker, Podman and the reference Compose stack.
  • Add container troubleshooting commands to check Slurm-web component versions and inspect container access and application logs.
• conf:
  • Prepend default list of supported API versions in [slurmrestd] > versions parameter with 0.0.45.
  • Add support for oidc value for [auth] > method gateway parameter.
  • Introduce new [oidc] section in gateway configuration.
  • Introduce new color_*, logo_* and favicon parameters in [ui] section of gateway configuration.
  • Introduce jobs-view-past action in authorization policy.
  • Assign jobs-view-past permission to all authenticated users in default policy.
  • Introduce [slurmdbd] section for jobs_max_hours parameter in agent configuration.
  • Add [filters] > jobs_dbd agent setting with filtered fields for SlurmDBD accounting service list of jobs.
  • Add [cache] > jobs_past agent cache setting to control expiration of list of past jobs from SlurmDBD accounting service.
  • Introduce jobs-view-own and jobs-view-past-own actions in authorization policy.
  • Add name in whitelisted fields for jobs and jobs_dbd default filters in agent configuration.
  • Document non-root usage and --set-ownership option in slurm-web-gen-jwt-key and slurm-web-gen-session-key manpages.

Changed

• gateway:
  • Add user login in LDAP successful authentication JSON response, for consistency with OIDC authentication response format.
  • Expose slurmdbd.jobs_max_hours agent setting in /clusters endpoint for frontend.
• agent:
  • Filter only actives jobs (ie. not terminated) in response of /jobs route.
  • Add slurmdbd.jobs_max_hours setting in agent info response.
  • When [racksdb] > enabled is omitted in configuration, the agent tries to load the database and schema and disables the feature if unable to load. Explicit enabled=yes now fails agent startup on load errors (previously fail-soft with error in logs).
• front:
  • Display active jobs (ie. not terminated) only in jobs page.
  • Require Node.js >= 20.19.
  • Update dependencies to latest versions (Vite 8, Vitest 4, ESLint 10, TypeScript 6, Tailwind CSS 4.3, …).
• genjwt: Allow slurm-web gen-jwt-key to run as non-root user to generate JWT signing key without changing ownership or ACLs. Root is still required with --set-ownership or --with-slurm.
• gensession: Allow slurm-web gen-session-key to run as non-root user to generate session secret key without changing ownership. Root is still required with --set-ownership.
• conf:
  • Rename authorization policy actions from view-* to {resource}-view (stats-view, jobs-view, nodes-view, partitions-view, qos-view, accounts-view, reservations-view). Legacy view-* names remain accepted in custom policy.ini files with deprecation warnings until updated.
  • Update default vendor policy.ini to use new action names.
  • Set [racksdb] > enabled agent configuration parameter default value to unset.
• pkgs:
  • Bump minimal version of RFL.authentication to 1.8.0.
  • Bump minimal version of RFL.settings to v1.8.0.
  • Bump minimal version of RacksDB[web] to v0.7.0.
• docs:
  • Update configuration reference documentation.
  • Update Slurm REST API supported versions section in architecture page.
  • Update policy action names in quickstart guide and authorization policy configuration guide.
  • Move the illustrated authorization policy example from quickstart guide to authorization policy configuration guide.

Fixed

• front:
  • Update bundled dependencies to fix CVE-2026-46625 (js-cookie).
  • Use custom light color instead of indigo-100 for badge background color in jobs and resources filters panels.
• docs: typo in configuration guide. Contribution from @yosinn1-blip.

Removed

• front: Drop Node.js 18 support.
• pkgs: Drop testing dependency on parameterized external library.
• docs: Drop support of Fedora 42, Debian 12 « bookworm » and Ubuntu 24.04 LTS.

---

This discussion was created from the release v7.0.0.