Skip to content

v7.0.0

Latest
Latest

Choose a tag to compare

View all tags
@rezib rezib released this 11 Jun 07:35
v7.0.0
This tag was signed with the committer’s verified signature. The key has expired.
rezib Rémi Palancher
GPG key ID: 5B8B293B68C6FEA9
Expired
Verified
Learn about vigilant mode.
07b089f

Added

  • gateway:
    • Add support for SSO authentication with OpenID Connect (#268).
    • Add support for branding of UI with custom colors, logos and favicon (#287).
    • Add route to reverse-proxy /jobs/past to agents.
  • agent:
    • Add route /jobs/past to query last terminated jobs from Slurm accounting service.
    • Implement (dummy) Slurm REST API adapter from v0.0.44 to v0.0.45.
    • Enforce RBAC actions jobs-view-own and jobs-view-past-own to restrict job lists and details to the authenticated user (#259).
  • front:
    • Add OIDC login page and callback view for OpenID Connect SSO authentication.
    • Support custom branding parameters as defined in UI runtime configuration file.
    • Add page to list last terminated jobs with configurable time window (#325).
    • Support jobs-view-own and jobs-view-past-own permissions in jobs menu, scope toggles and filters panel.
    • Display job names in active and terminated jobs pages (#346).
    • Add possibility to filter jobs by name (substring or regex) in active and terminated jobs pages.
  • Add support for Slurm REST API v0.0.45 provided by Slurm 26.05+ (#718)
  • Add Dockerfile for multi-staged agent and gateway containers (#266).
  • Add compose file to quickly deploy for Slurm-web stack in mono-cluster mode.
  • gensession:
    • Add slurm-web gen-session-key command to generate gateway session secret file.
    • Add --set-ownership option to require root and assign generated session secret key to slurm-web system user.
  • genjwt: Add --set-ownership option to require root and assign generated JWT signing key to slurm-web system user.
  • lib: Support slurm-web gen-session-key in compat wrapper.
  • pkgs:
    • Add dependency on RFL.authentication[jwt] extra package provided in RFL >= 1.8.0.
    • Add gateway dependency on RFL.authentication[ldap] extra package provided in RFL >= 1.8.0.
    • Add gateway dependency on RFL.authentication[oidc] extra package provided in RFL >= 1.8.0.
    • Add dependency on RFL.build >= 1.8.0 for testing.
    • Add container extra package for containers specific dependencies.
  • docs:
    • Mention official support of Ubuntu 26.04 LTS « Resolute Raccoon ».
    • Mention official support of Fedora 44.
    • Add upgrade guide for migration from v6 to v7, with specific section for gateway session key creation and authorization policy actions rename.
    • Add Authentication pages with detailed LDAP and OIDC authentication flows and setup guides.
    • Add manpage for slurm-web gen-session-key command.
    • Mention Slurm-web gateway session key creation in quickstart guide.
    • Mention OIDC authentication feature in overview page.
    • Mention OIDC authentication in integration section of architecture documentation.
    • Introduce a custom branding guide.
    • Mention custom site branding feature in overview page.
    • Mention new jobs-view-past permission in quickstart guide and authorization policy configuration guide.
    • Document jobs-view-own and jobs-view-past-own actions in authorization policy guide.
    • Mention possibility to remove RacksDB load warning logs by disabling integration in quickstart guide.
    • Add container installation and quickstart documentation for Docker, Podman and the reference Compose stack.
    • Add container troubleshooting commands to check Slurm-web component versions and inspect container access and application logs.
  • conf:
    • Prepend default list of supported API versions in [slurmrestd] > versions parameter with 0.0.45.
    • Add support for oidc value for [auth] > method gateway parameter.
    • Introduce new [oidc] section in gateway configuration.
    • Introduce new color_*, logo_* and favicon parameters in [ui] section of gateway configuration.
    • Introduce jobs-view-past action in authorization policy.
    • Assign jobs-view-past permission to all authenticated users in default policy.
    • Introduce [slurmdbd] section for jobs_max_hours parameter in agent configuration.
    • Add [filters] > jobs_dbd agent setting with filtered fields for SlurmDBD accounting service list of jobs.
    • Add [cache] > jobs_past agent cache setting to control expiration of list of past jobs from SlurmDBD accounting service.
    • Introduce jobs-view-own and jobs-view-past-own actions in authorization policy.
    • Add name in whitelisted fields for jobs and jobs_dbd default filters in agent configuration.
    • Document non-root usage and --set-ownership option in slurm-web-gen-jwt-key and slurm-web-gen-session-key manpages.

Changed

  • gateway:
    • Add user login in LDAP successful authentication JSON response, for consistency with OIDC authentication response format.
    • Expose slurmdbd.jobs_max_hours agent setting in /clusters endpoint for frontend.
  • agent:
    • Filter only actives jobs (ie. not terminated) in response of /jobs route.
    • Add slurmdbd.jobs_max_hours setting in agent info response.
    • When [racksdb] > enabled is omitted in configuration, the agent tries to load the database and schema and disables the feature if unable to load. Explicit enabled=yes now fails agent startup on load errors (previously fail-soft with error in logs).
  • front:
    • Display active jobs (ie. not terminated) only in jobs page.
    • Require Node.js >= 20.19.
    • Update dependencies to latest versions (Vite 8, Vitest 4, ESLint 10, TypeScript 6, Tailwind CSS 4.3, …).
  • genjwt: Allow slurm-web gen-jwt-key to run as non-root user to generate JWT signing key without changing ownership or ACLs. Root is still required with --set-ownership or --with-slurm.
  • gensession: Allow slurm-web gen-session-key to run as non-root user to generate session secret key without changing ownership. Root is still required with --set-ownership.
  • conf:
    • Rename authorization policy actions from view-* to {resource}-view (stats-view, jobs-view, nodes-view, partitions-view, qos-view, accounts-view, reservations-view). Legacy view-* names remain accepted in custom policy.ini files with deprecation warnings until updated.
    • Update default vendor policy.ini to use new action names.
    • Set [racksdb] > enabled agent configuration parameter default value to unset.
  • pkgs:
    • Bump minimal version of RFL.authentication to 1.8.0.
    • Bump minimal version of RFL.settings to v1.8.0.
    • Bump minimal version of RacksDB[web] to v0.7.0.
  • docs:
    • Update configuration reference documentation.
    • Update Slurm REST API supported versions section in architecture page.
    • Update policy action names in quickstart guide and authorization policy configuration guide.
    • Move the illustrated authorization policy example from quickstart guide to authorization policy configuration guide.

Fixed

  • front:
    • Update bundled dependencies to fix CVE-2026-46625 (js-cookie).
    • Use custom light color instead of indigo-100 for badge background color in jobs and resources filters panels.
  • docs: typo in configuration guide. Contribution from @yosinn1-blip.

Removed

  • front: Drop Node.js 18 support.
  • pkgs: Drop testing dependency on parameterized external library.
  • docs: Drop support of Fedora 42, Debian 12 « bookworm » and Ubuntu 24.04 LTS.

Contributors

yosinn1-blip
Assets 2
Loading
0 Join discussion