Change logs for Rudder 5.0

Rudder 5.0 is currently a maintained version of Rudder.

This page provides a summary of changes for each version. Previous beta and rc versions are listed below for convenience.

Warning: The following features are now provided as plugins and no more available as part of default Rudder installation starting from 5.0:

  • LDAP-based authentication

  • Relay servers

  • Changes validation workflow (change requests)

If you were using them, upgrade will disable them and you will have to install the plugin. Read the plugins page on our website for more information.

The initial RUDDER model consisting of a single software block which includes all features, thus imposing a greater and greater complexity on all of our users, has reached its limits. We have now reached a sufficient understanding of the domain, its challenges, and the way RUDDER is used, to make us realize that this all-in-one model is not, or is no longer, the best suited.

New plugin ecosystem: Version 5.0 introduces a plugin ecosystem that gathers RUDDER’s most specific features. This way, only essential features have to be installed by default and advanced features can be used on a case by case basis. So what is essential and what is not? The basic rule is that the essential experience must contain the features used by 80% or more of users, whatever the scale of use. In other words, we keep as core features everything that delivers on RUDDER’s initial promise: enabling users to continuously audit and enforce configurations with an easy to use webapp providing visual reporting. The remaining 20% solve needs that are no less important, only less common (PDF compliance reports, UI branding, scale-out relay servers, validation workflow…). To know everything about the impact of this evolution, you can read the detailed dedicated article:

Integration: We provide integration with third party tools as plugins, making RUDDER more integrated with tools like Ansible, Centreon, Zabbix, GLPI or Vault. Except for a few (ie. managing AIX and Windows host), plugins are open source and source code is available in the rudder-plugins repository.

New documentation: Welcome to our brand new documentation website docs.rudder.io! Beyond its fresh look (both on the online website and in the embedded version), this new documentation includes updated content and new resources, like a ``getting started'' guide and examples of use-cases.

System API: We built a new REST API that allows to manage some advanced settings and perform maintenance operations in RUDDER, like triggering policy generations, updating dynamic groups and managing report archives. This was previously available in the now deprecated V1 API which will be removed in the next major version (5.1).

Debugging information script: We created a script to gather basic information about a RUDDER setup when you want to debug or understand RUDDER’s behavior. This script fetches log files and executes various commands, either to get information from databases or directly from the system (package versions, etc)

Automatic Technique upgrade: Techniques provided with RUDDER can now be automatically upgraded when you update RUDDER. This process used to be manual because you might have modified the base Technique Library and we thought you may want to have more control about the content of your Technique Library. But it appears that this process was forgotten by a majority of our users and so many bug fixes and new versions were not available after an upgrade. By default this feature is enabled on new RUDDER 5.0 installations but is disabled on upgrades from older versions, to prevent any accidental damage.

Support policy: Our general policy is to maintain major releases until 3 months after the next major version is released to give some time for upgrading. The ESR tag was previously given to major releases that were maintained 6 months after the next ESR version was announced. Rudder 4.1 is the last ESR release. For a slower major upgrade pace, Rudder subscription provides long-term maintenance up to 24 months after release (depending on the subscription level) for Rudder versions. Read the dedicated page for more informtion.

Packaging: Relay server support is now part of an open-source plugin, pre-compiled packages are available as part of the Rudder subscription.

The agent package is now more modular: instead of embedding all dependencies, we are using system libraries on maintained operating systems, to allow for a better system integration. As a consequence, the experimental rudder-agent-thin (which had this exact goal) package is not built anymore.

New repositories: https://repository.rudder.io/ We are using new repositories for versions starting from 5.0. We also provide all previous releases in these new repos. We improved our build system, files hierarchy, and added more gpg signatures on distributed files (Rudder sources, etc.)

Installing, upgrading and testing

We also recommend using the Rudder Vagrant config if you want a quick and easy way to get an installation for testing.

Supported operating systems

This version provides packages for these operating systems:

  • Rudder server and Rudder relay: Debian 8-9, RHEL/CentOS 7 (64 bits), SLES 12-15, Ubuntu 16.04 LTS-18.04 LTS

  • Rudder agent: all of the above plus RHEL/CentOS 6, Ubuntu 14.04 LTS

  • Rudder agent (binary packages available with a subscription) : Debian 5-7, RHEL/CentOS 3-5, SLES 10-11, Ubuntu 10.04 LTS-12.04 LTS-13.04-15.10, Windows Server 2008R2-2016, AIX 5-6-7, Slackware 14

Read more about supported operating systems in the documentation.

Known issues in Rudder 5.0.0 to 5.0.2

Communication between agents built with 1.1.0 vs. 1.0.x openssl versions

We have found a communication problem between some versions of rudder agent and server due to a bug in OpenSSL library.

The problem occurs when a client (resp. server) using OpenSSL 1.0 tries to communicate with a server (resp. client) using OpenSSL 1.1.0. It is corrected in newly released OpenSSL 1.1.1. The Rudder corresponding bug is traced on Rudder bug tracker.

Rudder versions from 5.0.0 to 5.0.2 on Ubuntu 18.04, Debian 9, and SLES 15 use OpenSSL 1.1.0. Any previous version of Rudder on these OS or any version of Rudder in any other OS use OpenSSL 1.0. If you have in your environment a Rudder server in one group and agents in the other group, these agents won’t be able to communicate with the server any more.

The most likely case where it could happen is if you upgrade a Rudder server on Ubuntu 18.04 or on Debian 9 from version 4.3 to 5.0. In such a case, a partial workaround is to also upgrade Debian 9/Ubuntu 18.04 agents to Rudder 5.0, but agents in other OS will still be impacted by the communication problem. A safer and simpler solution, if available, is to delay such on upgrade until a patch is available.

We are working on the patch to replace the buggy OpenSSL 1.1.0 and we will release a new version of Rudder 5.0 with it as soon as possible.

We are sorry for any inconvenience resulting from this problem. If you need more information or help, please don’t hesitate to contact us by email or other means of communication like gitter or irc (#rudder on freenode).

Rudder 5.0.14 (2019-10-10)

Changes

Packaging

  • Prepare the future build of rudder-api-client in 5.0 (#15815)

Architecture - Dependencies

  • Update scala to 2.12.10 (#15741)

System integration

  • Add test inventories for each major Rudder version (#15705)

Agent

  • Add a "rudder server health" command (#15715)

Generic methods

  • Add a check_variable_match method (#15200)

Documentation

  • Precise the documentation of user_present about user primary group (#15764)

Bug fixes

Packaging

  • Fixed: On sles12 the webapp gives "access denied" error after fresh install (#15914)

  • Fixed: Better sources clean in rudder-agent makefile (#15787)

  • Fixed: Create /opt/rudder/etc/plugins/licenses at server install (#15763)

  • Fixed: Add -XX:+UseStringDeduplication in G1GC optionnal config (#15758)

  • Fixed: rhel5 fails to get sources (#15754)

  • Fixed: Agent fail to build on slackware 14.1 (#15736)

  • Fixed: Prerm does not backup ppkeys (#15703)

Web - Nodes & inventories

  • Fixed: Invalid json in Rudder inventory hooks fails to log the problem (#13866)

  • Fixed: Job to clean unreference software may delete software for pending nodes (#15827)

  • Fixed: Virtuozzo Virtual machine reported as "Unknown type" (#15488)

  • Fixed: Impossible to reset the status of a Node using rudder-keys cli (#14209)

Documentation

  • Fixed: In the embedded docs the link to changelogs is broken (#14222)

  • Fixed: Port 5310 is only used internally, no need to open it on the server (#14159)

  • Fixed: Add a section in plugin documentation about plugin licenses installation (#15793)

  • Fixed: Display a warning in relay server documentatin that it needs a plugin to work (#15751)

  • Fixed: improve documentation on memory requirement (#15702)

Architecture - Refactoring

  • Fixed: Fix "Non exhaustive pattern match" warning (#15893)

Performance and scalability

  • Fixed: Clean up reports with log_* types more than once a day (#15802)

  • Fixed: When writing policies, we replace the RudderUniqueId with replaceAll which is twice as slow as StringUtils.replace (#15792)

  • Fixed: 'Nodes Configurations' ldap entry is too big (#15609)

  • Fixed: When computing system variables for each node, we compute the full "nodes<→policy server" mapping (#15786)

  • Fixed: When receving plenty of inventories at the same time, the web interface starts to parse them all at once (branch 5.0) (#15747)

  • Fixed: Make inventory processing less memory consuming (#15768)

  • Fixed: Use less memory in PreUnmarshallCheckConsistency (#15749)

Web - UI & UX

  • Fixed: Rules are shown in "Applied rules" on groups where they are not applied (#15599)

  • Fixed: if screen height is too small, it’s impossible to access settings in the rudder menu (#15795)

Security

  • Fixed: A user with read only access can global parameters (#15104)

Web - Config management

  • Fixed: Webapp does not wait long enough for technique editor API response, which can break startup (#15809)

  • Fixed: Webapp does not wait long enough for technique editor API response, which can break startup (#15809)

  • Fixed: Missing generation failure hook (#15791)

API

  • Fixed: Cannot get Rule tree with the API (#15171)

  • Fixed: Rudder authentication api refuse api account even if they have correct access rights set (#15790)

Web - Maintenance

  • Fixed: Batch to purge deleted inventories starts 10 minutes after startup, rather than the defined interval after startup (#15710)

Techniques

  • Fixed: Broken indentation in fileManagement posthook (#15841)

  • Fixed: fileManagement can not remove files with last modification date in the future (#15840)

  • Fixed: Rename services techniques to make the difference clearer (#15839)

  • Fixed: sshKeyDistribution breaks root perms when target user has no home defined (#15738)

System techniques

  • Fixed: Rudder agent cannot copy the certificate if the user defined one that is a link to a file in a different mount point (#15801)

  • Fixed: rudder-vars.json is read but absent in initial promises (#15692)

  • Fixed: System technique try to edit pg_hba file only on SUSE, but packaging takes care of this part (#14296)

Agent

  • Fixed: Command not found when running "rudder agent enable -s" (#15697)

Generic methods

  • Fixed: Missing usermod path in stdlib on redhat-based distros (#15804)

Generic methods - File Management

  • Fixed: jinja templating does not clean up the temp files properly (#15800)

Technique editor - API

  • Fixed: Technique editor does not handle errors from rudder authentication api correctly (#15789)

Technique editor - UI/UX

  • Fixed: Cannot create 'or' condition in technique editor (using | character) (#15770)

Generic methods - User Management

  • Fixed: user_primary_group tests method does not properly clean up all potentially created groups (#15780)

  • Fixed: user_primary_group test fails on sles11 (#15769)

System integration

  • Fixed: InsecureRequestWarning pollute technique editor’s logs (#15777)

Generic methods - Service Management

  • Fixed: Test for service_check_running_ps fails on centos6 (#15771)

  • Fixed: Wrong service path used in method test (#15760)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Victor Héry

  • Philip Seeger

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.13 (2019-09-12)

Changes

Documentation

  • Update list of supported OS (#15443)

  • Add a variable documentation page (#15115)

Web - Config management

  • Allow to get informations from the node inventory to use them in Directives and ncf techniques (#3112)

Generic methods

  • Add a GM to ensure that a kernel module is enable at boot (#15220)

  • Add a generic method to ensure that a kernel module is not loaded (#15222)

  • Add a generic method to ensure that a kernel module is not loaded (#15222)

  • Add a generic method to ensure that a kernel module is loaded (#15216)

  • Add a generic method to ensure that a kernel module is loaded (#15216)

  • Add a Generic Method to ensure that a kernel module modprobe configuration is correct (#15430)

  • Add automatic class_prefix and old_class_prefix for all methods in 30_generic_methods (#15161)

  • Improve and correct tests for command_execution GM (#15166)

  • Improve and correct tests for command_execution_result GM (#15179)

  • Improve and correct tests for condition_from_command.cf GM (#15184)

  • Extend variable_dict_from_file to allow reading yaml and csv files (#10142)

  • Extend variable_dict_from_file to allow reading yaml and csv files (#10142)

  • Add methods to define variables from osquery queries (#15155)

Technique editor - UI/UX

  • Make the focus on the generic method we just added (#15139)

Bug fixes

Packaging

  • Fixed: Hooks content/permissions are changed during Rudder upgrade (for ex /opt/rudder/etc/hooks.d/policy-generation-node-ready/10-cf-promise-check is replaced) (#10623)

  • Fixed: Perl dependency in the agent package is not in dependencies directory (#15662)

  • Fixed: Fixes to allow building the agent on Fedora 30 (#15454)

  • Fixed: Add set -e in the qa-test of rudder-packages (#15250)

  • Fixed: qa test are failing in rudder-packages (#15256)

  • Fixed: qa tests in ncf does not fail if there is an error in the tests (#15248)

Agent

  • Fixed: Uuid generation fails on AIX 7.2 (#15586)

  • Fixed: Double logs when running the agent in "-r" (#15471)

  • Fixed: Rudder agent disable command has a -s option, that is not parsed (#15460)

System integration

  • Fixed: Remove warning: "Nashorn engine is planned to be removed from a future JDK release " (#14822)

  • Fixed: Autovacuum may never finish, or take more than one day, on busy Rudder instance, because of resources attrition (#15413)

  • Fixed: Clean-up Jetty abort on boot (#15387)

Server components

  • Fixed: support-info script doesn’t correctly detect jetty process with Rudder 4.3+ (#13072)

Documentation

  • Fixed: Correct archives procedure to include a 'technique reload' (#15180)

  • Fixed: Update link in readme to rudder.io (#15305)

Performance and scalability

  • Fixed: Reduce number of Loggable class instance (#15665)

  • Fixed: Huge quantity of memory not released after generation (#15646)

  • Fixed: Missing logs on NodeCompliance archive/deletion (#15372)

Relay server or API

  • Fixed: When creating a rule via the API the id parameter is only read from url parameters, and not from json (#15608)

Web - UI & UX

  • Fixed: Tags are not properly set when changing only value field before new insertion (#15419)

  • Fixed: Filtering tags with more than one tag with same "key" did not return correct results (#15423)

  • Fixed: Navigation menu is broken when it is folded (#15328)

  • Fixed: When we have a branding header, an annoying scrollbar appears on the technique editor page (#15158)

  • Fixed: "node management" and "config policy" menus should always be open (#15203)

  • Fixed: Quicksearch bar is misplaced when branding plugin is enabled (#15165)

Web - Config management

  • Fixed: Problem when updating a category name for Technique Management in /var/rudder (#2613)

  • Fixed: Avoid duplicating technique category when changing category name (#15575)

Web - Maintenance

  • Fixed: If we filter event logs with only a start or end date, we get a super ugly error (#9445)

Web - Nodes & inventories

  • Fixed: It is possible to download policies from any Windows node knowing its id by getting a forged inventory accepted (#14866)

Web - Compliance & node report

  • Fixed: Error when modifying a Directive when having the Change Request plugin (#15207)

Miscellaneous

  • Fixed: Parameters of a directive are not correctly checked by change requests (#15187)

Architecture - Dependencies

  • Fixed: Duplicate dependency "jsr305" in rudder-core/pom.xml (#14389)

System techniques

  • Fixed: Wrong exclusion of folder in update.cf for common ncf (#15428)

Techniques

  • Fixed: It’s not possible to use $(match.o) anymore in directives/techniques (#15029)

  • Fixed: Invalid detection of empty strings for edition in Techniques (#15167)

  • Fixed: Rudder directives posthook can not support multilines command execution (#15174)

  • Fixed: Multi-line command in post-modification hooks works incorrectly (#8933)

  • Fixed: Rudder technique User management 6.0 ends with status repaired if user’s comment field contains a comma "," (#10156)

  • Fixed: User Management doesn’t report when we request a change of user home directory and it fails to change its home (#15163)

Technique editor - Techniques

  • Fixed: typo in "Variable dict from file' method description (#15654)

  • Fixed: Reporting context is not re-evaluated when using multiple directives of the same technique (#15572)

Technique editor - UI/UX

  • Fixed: Missing components when exporting technique from the technique editor (#15606)

  • Fixed: Technique Editor accept invalid character (-) in condition (#15504)

Generic methods - Package Management

  • Fixed: Make zypper_pattern compatible with python2.6 (#15524)

  • Fixed: zypper_pattern module does not work in python3 (#15522)

  • Fixed: Fix zypper pattern module tests (#15457)

  • Fixed: package management reporting broken when trying to use latest version and absent state (#15149)

Generic methods

  • Fixed: broken command execution tests in 5.1 (#15312)

  • Fixed: Improve and correct tests for condition_from_variable_existence GM (#15198)

  • Fixed: Improve and correct tests for condition_from_expression GM (#15197)

  • Fixed: Modify ncf tests bundles to better handle the dry run stack (#15192)

  • Fixed: Reformat some classes bodies in ncf_lib.ncf (#15169)

  • Fixed: Improve and correct tests for condition_from_variable_match GM (#15157)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Dmitry Svyatogorov

  • Nicolas PERRON

  • Ferenc Ulrich

  • Jean VILVER

  • Alexander Brunhirl

  • Ilan COSTA

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.12 (2019-07-08)

Changes

Packaging

  • Soften Rudder version requirements in dependencies of nightly builds to allow easier testing (#15079)

  • Better caching of already built binaries to speed-up builds (#14955)

  • Update CFEngine to 3.12.2 (#14921)

  • Update embedded openssl version to 1.1.1b/1.0.2r (#14933)

Documentation

  • Add a "Rudder by example" to add CPU vulnerabilities status to inventory (#15008)

Architecture - Internal libs

  • Using move into non existing branch failed but delete the source (#3591)

Web - UI & UX

  • Allow to filter by technique name or tag in when managing directives in rule details (#14803)

Agent

  • Add support for rudder commands without subcommands (#14944)

  • Add disable date to rudder agent info (#14929)

Web - Technique editor

  • Add visual indication to methods modified since last save (#14518)

Bug fixes

Packaging

  • Fixed: Libraries sometime fail to load on AIX (#15133)

  • Fixed: Error after upgrade from 4.1 to 5.0 on RPM because slapd is not restarted: apiAuthorizationKind: attribute type undefined (#15120)

  • Fixed: Rudder agent fails to build on aix due to unkown cp option (#15088)

  • Fixed: Rudder agent fails to build on rhel6 due to missing zlib and bzip2 build dependencies (#15086)

  • Fixed: The sourcedir parameter in dh_install needs to be lowercase for debian 10 compatibility (#15013)

  • Fixed: Disable shebang mangling in rhel8 to keep generic python shebangs (#14958)

Performance and scalability

  • Fixed: Allow overriding gc options for the webapp JVM to better deal with high volumes (#15075)

  • Fixed: Error at the end of a policy generation with too many nodes (#15011)

  • Fixed: Rule changes SQL request and data structure use too much memory (#15042)

  • Fixed: Compute change hook need to be on a dedicated threadpool (#15096)

  • Fixed: Hooks need to run on an dedicated thread pool (#15095)

  • Fixed: Add switch to disable some compliance and change tracking features for performance (#15073)

  • Fixed: Allow only catching up with recent runs in agent report processing batch (#15062)

  • Fixed: Make the size of the LDAP connection pool configurable (#15060)

  • Fixed: The computation of changes by rules, at start of web interface, is quite slow (#15041)

  • Fixed: Avoid fetching nodeconfigurations twice when when runs processed (#15035)

  • Fixed: Deleted node should be periodically fully erased in LDAP (after some ttl) (#9609)

  • Fixed: Missing timing logs in ldap queries (especially for dynamic groups) (#14922)

  • Fixed: Improve rsyslog performance by simplifying parsing of reports (#15028)

Security

  • Fixed: Arbitrary command execution in rudder relay API due to missing parameter sanitization (#14974)

Documentation

  • Fixed: Update backup and restore documentation (#15033)

  • Fixed: Update backup and restore documentation (#15033)

  • Fixed: Specify that we need more cpu cores for Rudder server when managing a lot of nodes (#14940)

  • Fixed: Add a note in the file content methods' docs to indicate they only work in full compliance mode (#15090)

Web - UI & UX

  • Fixed: Missing "disabled" status information in rules table (#15101)

  • Fixed: Menu items can overflow menu width (#15106)

  • Fixed: Loading animation on 404 page is broken (#15105)

  • Fixed: Make node properties editable on the GUI (#10612)

  • Fixed: Font in "recent changes" tooltip on rules page is too big (#14562)

  • Fixed: Rule table search filter is broken after creating or deleting a rule (#15070)

  • Fixed: Start generation date in status is incorrect (it should not be page load date) (#14941)

  • Fixed: Group clone popup does not refresh group list, does not close, and an error when clicking a second time on clone (#15039)

  • Fixed: Webapp tries to load a missing angularjs map file (#14935)

Web - Config management

  • Fixed: Clicking on a group in rule configuration does not lead to the group (#15099)

  • Fixed: Generation fails with "Task FutureTask rejected from ThreadPoolExecutor" due to timeout in JS computation (#14465)

  • Fixed: Generation wronly warns with"non stable policy on node" when the same directive is used in two rules (#15022)

Web - Compliance & node report

  • Fixed: Directive with at least 3 times the same parameterized generic method leads to missing reports (#15007)

System integration

  • Fixed: rudder.auth.admin.password appears in clear text in the logs (#14946)

API

  • Fixed: Missing rule name in compliance API (#14241)

Techniques

  • Fixed: Use umask defined in /etc/login.defs in Technique "SSH authorized keys" for creating missing home dir (#14916)

  • Fixed: Unexpected reports in Variable from JSON file(dict) when the json file is not present (#14605)

  • Fixed: File download technique generates error report on permissions (#14992)

Agent

  • Fixed: Agent should trim policy_server.dat content (#14930)

Generic methods

  • Fixed: We should test sles and suse classes in ncf tests (#15110)

  • Fixed: Style test fails because it parses .pyc files (#15061)

  • Fixed: Syntax error in file_report_content tests on 4.3 (#15053)

  • Fixed: Normal ordering is not respected in some policies in 4.3 (#15051)

Generic methods - File Management

  • Fixed: permissions_acl_*_absent generic methods report success if no acls binaries are found on the system (#15121)

  • Fixed: On sles15 there is no games user nor games group and we are using it in some acl tests (#15112)

Generic methods - Package Management

  • Fixed: Improve package management error reporting to suggest avoiding virtual packages (#14582)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Janos Mattyasovszky

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.11 (2019-05-21)

Changes

Bug fixes

Packaging

  • Fixed: rudder agent dependencies are missing for rhel8 (#14914)

Web - Nodes & inventories

  • Fixed: Inventory may never finish if there is a disk issue or invalid mountpoint (#14190)

Web - Config management

  • Fixed: "Dynamic group update time-outed (waited for 10 secondes to finish)" (#14918)

System techniques

  • Fixed: Unexpected status when sending inventory with non default schedule (#14909)

Techniques

  • Fixed: Broken ubuntu version detection in apt settings technique with 5.0+ agents (#14888)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Florian Heigl

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.10 (2019-05-14)

Changes

Packaging

  • Beautify pg_hba.conf (#8901)

  • Remove version replacement in packages and cleanup RUDDER_VERSION_TO_PACKAGE (#14659)

Performance and scalability

  • Document using pg_repack to prevent large disk usage (#14450)

Documentation

  • Add a debugging guide page to the doc (#14785)

Web - UI & UX

  • Make the Directive and Group sections foldable (#14783)

Techniques

  • Port MOTD Technique to DSC (#14313)

Generic methods - File Management

  • Add acl dedicated body in ncf_lib (#14815)

  • Add support for audit mode in "apply_gm" for the ncf tests (#14635)

Generic methods

  • Change all serverspec ncf tests in testinfra ones (#14799)

Technique editor - UI/UX

  • Merge the info and depreciation icon in technique editor (#14665)

Miscellaneous

  • Better Technique editor loading message (#14622)

Bug fixes

Packaging

  • Fixed: Postgresql is not started properly at postinstall on sles12 (#14832)

  • Fixed: Error when upgrading to Rudder 5.0.10 using centos7 with custom postgresql (#14827)

  • Fixed: ncf-api-virtualenv does not have a group created (#11126)

  • Fixed: Debian 8 server fail to install jdk during build (#14765)

  • Fixed: Debian 8 packages fail to build (#14754)

  • Fixed: build-caching fails on builder with python 2.6 (#14676)

  • Fixed: Import relay sources into rudder repo (#14660)

System integration

  • Fixed: Postgresql misconfigured when not the default distrib package (ex: Centos 6 with Postgresql 9.3 from pgfoundry.org) (#6403)

Agent

  • Fixed: Script rudder-support-info does not mask credentials (#13657)

  • Fixed: Rudder remote run accept an invalid option -b (#14852)

  • Fixed: Rudder commands should use rudder provided binaries when available (#14847)

  • Fixed: When policy cannot be updated, agent says ok: Rudder agent promises were updated. (#14824)

  • Fixed: Rudder agent check cannot restore saved uuid on AIX (#14763)

  • Fixed: Rudder agent check does not repair policies if they are broken (#14692)

Documentation

  • Fixed: Disk usage in documentation is insuficiently precise (#14842)

  • Fixed: Add 2019 CfgMgmgtCamp videos to the docs (#14731)

  • Fixed: Document that resource file of Techniques are shared to nodes with UTF-8 Encoding only (breaks for other encoding) (#13619)

Performance and scalability

  • Fixed: Correct disk usage in rudder configuration file (#14844)

  • Fixed: Default archive retention is too large, which cause very large disk usage (#14834)

Web - Config management

  • Fixed: A technique can have two agent section for the same kind of agent (#14797)

  • Fixed: Accepting a change request on dynamic group, make the group empty leads an invalid policy generation (#14758)

  • Fixed: When restoring archive (full or groups) dynamic groups are created empty (#4480)

  • Fixed: In node compliance, the rule name for root server is "distributePolicy", it should be at least "distribute policy" (#14689)

Web - Maintenance

  • Fixed: Postgres fills up and can’t be vaccumed (#14789)

  • Fixed: Invalid comparision of String and Option[String] in HistorizationService (#14770)

API

  • Fixed: API info does not list endpoints in their sorted order (#14807)

  • Fixed: Api ordering and tests are broken (#14652)

System techniques

  • Fixed: Sometimes, root server shows up with "No machine inventory" after install (#14627)

  • Fixed: Syntax error in techniques/system/server-roles/1.0/component-check.st (#14808)

  • Fixed: If postgresql is down, agent tried to fix password before checking that its up an running (#14750)

  • Fixed: rudder-directives.cf is included twice in policies (#14687)

Techniques

  • Fixed: Technique "SSH authorized keys" creates home directory with perms root:root when it does not exists yet (#14732)

Generic methods

  • Fixed: Fix badly translated files for ncf services tests (#14804)

  • Fixed: Missing '_not_kept' state in method outcome (#14649)

Technique editor - UI/UX

  • Fixed: Having a long Technique name breaks display of title (#14663)

  • Fixed: The deprecated tooltip doesn’t say why it is deprecated (#13031)

  • Fixed: Improve display of technique list in technique editor (#14282)

Web - Compliance & node report

  • Fixed: Reporting missing if several generic methods with same class_prefix and different condition applied (#9130)

  • Fixed: Reporting missing if several generic methods with same class_prefix and different condition applied (#9130)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • emb3dd3d server

  • Tobias Ell

  • Florian Heigl

  • Janos Mattyasovszky

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.9 (2019-04-15)

Changes

Packaging

  • Remove psl dependency on curl (#14500)

  • Repair and adapt AIX agent to work with 5.0 changes (#14467)

  • Reduce the size of the agent by removing cf-monitord (#14406)

Documentation

  • Add Windows known issues and improve install Windows software how-to (#14446)

  • Update antora theme/tools to 2.0.0 (#14385)

Web - UI & UX

  • Add a "Copy to clipboard" button for Node properties and show its type (#14593)

  • Add a "Copy to clipboard" button for Node properties and show its type (#14593)

  • New display of Directives and Groups in Rule details (#14536)

  • New modern look for all tables (#9557)

Web - Config management

  • New tab in group details: display Rules applied to the group (#11911)

API

  • Add "Last seen" to Node API (#7922)

Web - Nodes & inventories

  • Add Linux Mint support in inventories (#10812)

Techniques

  • Support separated policy generation for technique "Variable from JSON file (dict)" (#14160)

  • Support separated policy generation for technique "Variable from JSON file (dict)" (#14160)

Generic methods

  • Add a generic method call to test generic method (#14563)

  • Add bundle dedicated to the ncf tests (#14311)

  • Add systemd commands to the library of standard system command paths (#14401)

  • Improve service_{start/stop} tests (#14323)

Technique editor - UI/UX

  • We don’t know where to click on a generic method to edit it (#14317)

Bug fixes

Packaging

  • Fixed: When installing rudder-agent, there’s a long wait of run interval/2, so up to several hours (#14644)

  • Fixed: During installation of the agent, when staring "rudder agent" service, there is numerous error about missing '/opt/rudder/etc/uuid.hive' file (#14616)

  • Fixed: Debian 8 backports repository does not exist anymore, breaking our builds (#14608)

  • Fixed: Error message when installing or upgrading Rudder server about missing pid file (#13767)

  • Fixed: Build openssl for Slackware, so the agent can update promises (#14570)

  • Fixed: Error message when installing rudder-agent on rpm based systems due to missing directory '/var/rudder/inventories' (#14348)

System integration

  • Fixed: Agent stderr shows up in /var/log/apache2/error.log (#14602)

  • Fixed: Allow changing cf-serverd loglevel and set info as default (#8529)

  • Fixed: Only one Node below a Rudder server can be run through remote run API (#14391)

  • Fixed: Manage rudder webapp shutdown correctly in case of fatal exception at startup (#14281)

  • Fixed: Windows 10 inventory is not fully supported (#14295)

  • Fixed: Error about invalid variable in httpd at Rudder install on centos 7 (#14592)

Agent

  • Fixed: Slackware agent depends on mysql (#14472)

System techniques

  • Fixed: Agent connection cache does not work, and does not improve performance as expected (#14342)

  • Fixed: Bad reporting mode for "Monitoring; No Rudder monitoring information to share with the server" (#14532)

  • Fixed: Remove cf-monitord check on component "Binaries update" (#14561)

  • Fixed: Missing "update" reports on node (#12137)

Plugins integration

  • Fixed: Typo in rudder-pkg when package version is incompatible (#14408)

Documentation

  • Fixed: uuid.hive is not present afet an install or an upgradie ofrudder agent to latest 4.1.x, 4.3.x and 5.0.x on rpm system purges the uuid.hive (#14264)

  • Fixed: Command to upgrade server from old 4.1/4.2/4.3 to 5.0 does not upgrade rudder-agent, breaking everything (#14415)

  • Fixed: Command to upgrade server from old 4.1/4.2/4.3 to 5.0 does not upgrade rudder-agent, breaking everything (#14415)

  • Fixed: Update mustache templating method documentation to detail the windows syntax (#14451)

Architecture - Internal libs

  • Fixed: Rudder postgres unit test are broken (#14599)

Web - Config management

  • Fixed: Policies generated for Rudder server have wrong permissions (#14594)

  • Fixed: UI "settings" for management of hooks works inconsistently (#14386)

Web - UI & UX

  • Fixed: There is no visual indication of sort in node table (#14434)

  • Fixed: JS error in rule pages, and Directives don’t show in the list of directives (#14573)

  • Fixed: Fix some CSS issues following the style change of the Datatables (#14463)

  • Fixed: Typo in error message when aix plugin is not there (#14426)

Web - Compliance & node report

  • Fixed: Improve message on Node compliance details when reports are outdated (#14380)

  • Fixed: Missing report on generic method "command exec" with $() (#14390)

Security

  • Fixed: Missing eventlogs for technique editor action and technique update (#14312)

Web - Nodes & inventories

  • Fixed: Incoherent state when accepting a Node, where node is accepted but now available in UI (error when creating Node entry) (#14430)

  • Fixed: System groups should be treated like normal groups and display their list of nodes (#11796)

  • Fixed: Error about failed move of machine inventory doesn’t give sufficient context information (#14522)

Performance and scalability

  • Fixed: If a rule targets too many groups, policy generation fails (#14392)

  • Fixed: Improve 'rsyslog' to manage larger load of reports (#14506)

  • Fixed: Cron job checking rudder agent health, is ran every 5 minutes exactly, causing resource usage spike (#14258)

Techniques

  • Fixed: SNMP technique on windows wrongly parse the authorized sources (#14368)

Technique editor - UI/UX

  • Fixed: Padding in technique editor inputs makes you think there is a space before the value (#14340)

  • Fixed: Error in technique editor when there is "$()" in a parameter of a method (#14549)

Generic methods

  • Fixed: _classes_sanitize should be strict on the classes cancelled (#14578)

  • Fixed: Policy generation fails after upgrade to 4.3: Undefined bundle lines_present (#14548)

  • Fixed: Expected repaired class in ncf tests are not correctly defined (#14538)

  • Fixed: Reporting when executing severspec is not correct in ncf tests (#14537)

  • Fixed: monitoring.csv accumulate temporary files that can blow up the filesystem (#13716)

Generic methods - Package Management

  • Fixed: Broken yum usage with old package promises on CentOS (#14546)

Web - Technique editor

  • Fixed: Technique editor duplicate techniques for each change (#14370)

  • Fixed: Reporting fails on NCF when service start/stop is guarded by a class (#14404)

Generic methods - Service Management

  • Fixed: ncf_services does not work on slackware (#14471)

Generic methods - File Management

  • Fixed: Improve method 'file copy from shared files' parameters documentation (#14361)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Aspid ASM

  • Maxime Longuet

  • Janos Mattyasovszky

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.8 (2019-02-28)

Changes

Bug fixes

Packaging

  • Fixed: Upgrade to 5.0.7 fails because rudder-upgrade script returns 1 (#14400)

Generic methods

  • Fixed: Fix normal ordering in file report {tail/head} (#14396)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.7 (2019-02-28)

Changes

Architecture - Internal libs

  • Remove deprecated (and not use) code causing warning (#14291)

Agent

  • Add config id to rudder agent info (#14306)

Generic methods - File Management

  • Add a generic method that displays selected lines from a file in reports (#14357)

Generic methods

  • Add serverspec tests to the ncf ones (#14314)

Bug fixes

System integration

  • Fixed: Patch cf-serverd to change loglevel on agent refusal (#8529)

  • Fixed: Rudder database grows with time because of defaults values for autovacuum that don’t fit our needs (#14336)

  • Fixed: qa-test break because of repository layout change (#14289)

Packaging

  • Fixed: Never modify policy_server.dat on upgrade (#14337)

  • Fixed: "/var/rudder/inventories: no such dir" error message on first run (#14257)

Documentation

  • Fixed: Typo in "Replacement" in doc (#14137)

  • Fixed: Root of webapp docs changed (#14284)

  • Fixed: variable_dict_from_file: Path of file is unclear if relative or absolute (#14117)

Web - Config management

  • Fixed: Add an optional hook to trigger node update on nodes with new policies (#14331)

  • Fixed: Add an optional hook to trigger node update on nodes with new policies (#14331)

  • Fixed: Directive parameter values are mixed between directives (#14322)

Web - Nodes & inventories

  • Fixed: Windows 2019 doesn’t show up correctly in node list (#14362)

  • Fixed: Mandatory fields for new inventories are not correctly checked (#13962)

Architecture - Refactoring

  • Fixed: We are comparing Option[String] and String (#14346)

Web - UI & UX

  • Fixed: Fix compliance bars text color (#14294)

  • Fixed: Drag and drop of a generic method displays a phantom method (#14321)

Architecture - Dependencies

  • Fixed: Compilation fails with Java 11 (#14290)

Techniques

  • Fixed: unexpected reports in zypper repo management technique (#14347)

  • Fixed: sshConfiguration technique should not authorize ssh password authent by default (#14316)

System techniques

  • Fixed: Technique uses /root as an hardcoded value for the home of user root (#6412)

Generic methods - File Management

  • Fixed: File lines absent generic method doesn’t report anything when the file doesn’t exist (#14246)

Generic methods

  • Fixed: ncf 4.1 is not compatible anymore with agent 3.1 (#14293)

  • Fixed: "monitoring" technique is broken since we removed def.policy_server (#14285)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Janos Mattyasovszky

  • Tobias Ell

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.6 (2019-02-04)

Changes

Bug fixes

Web - Nodes & inventories

  • Fixed: RHEL 7.6 appears as "Other Linux" (#14200)

Documentation

  • Fixed: Remove "repository" from Rudder repository name (#14262)

System integration

  • Fixed: Bad rights for hooks (#14273)

Web - UI & UX

  • Fixed: JS in directive name is executed on rule table if the directive is disabled (#14271)

  • Fixed: Rounding error in compliance bar (#10773)

Architecture - Dependencies

  • Fixed: Update very old maven-assembly version used for template-cli (#14247)

  • Fixed: Duplicate dependency "jsr305" in rudder-core/pom.xml (#14248)

  • Fixed: Update very old maven-assembly version used for template-cli (#14247)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.5 (2019-01-30)

Changes

System integration

  • Impossible to change keys of a Node using rudder-keys cli (#14207)

Documentation

  • Update links in doc to rudder.io (#14203)

  • Add some known issues in the known issue of the DSC doc (#14150)

  • Add some known issues in the known issue of the DSC doc (#14150)

Web - Maintenance

  • Update links in Rudder interface to use rudder.io (#14205)

Web - Config management

  • Configure report value of technique from technique editor (#14091)

Techniques

  • Port techniques downloadFile & cronManagement to separated policy generation (#14002)

Technique editor - UI/UX

  • In the technique editor, scrolling through the GM should not mask the filter (#14178)

  • Manage caching of technique editor resources (css/js) with Rudder version (#14194)

  • Display documentation of ncf methods directly in the editor (#14172)

Generic methods

  • Update to 3.12.1 CFEngine stdlib (#14129)

Bug fixes

Packaging

  • Fixed: "rudder-init" script does not allow the "auto" option (#14134)

Documentation

  • Fixed: Missing documentation for "state" and "policymode" parameter expansion (#13915)

  • Fixed: Jinja templating iteration example in the doc is invalid (#14179)

Web - UI & UX

  • Fixed: Error when creating a rule (#14245)

  • Fixed: Rudder node id is confused with machine id and not selectable by triple-click (#14243)

  • Fixed: API token expiration date form appears behind the popup (#14199)

  • Fixed: Enable/Disable button text should be capitalized (#14185)

Web - Compliance & node report

  • Fixed: we can inject html & javascript in Rudder tables (#14221)

Web - Maintenance

  • Fixed: Constraints on table nodecompliancelevels are not valid (#14218)

Performance and scalability

  • Fixed: Index nodeid_idx is not used and consumes a lot of disk space for nothing (#14149)

Web - Config management

  • Fixed: When hooks are exiting with an error we can have stackoverflow error if there are many of them (#10973)

  • Fixed: When refreshing a rule details, the current tab is not memorized (#4904)

API

  • Fixed: Logs full of WARN Attribute 'apiAuthorizationKind' or 'expirationTimestamp' is defined for API account but it will be ignored (#13913)

Techniques

  • Fixed: Technique "file content from remote template" does not work on the Rudder server when using remote file (#14211)

  • Fixed: "File content from remote template" technique ads tabs in the output file (#14188)

System techniques

  • Fixed: improve error message when the node cannot get the uuid from the server (#14176)

  • Fixed: psql should not freeze the agent (#14156)

  • Fixed: "classes promises do not support promise locking" warning message when running the agent (#14132)

  • Fixed: Add compatibility sles classes in failsafe (#13975)

  • Fixed: Missing report on File key-value parameter in list (#14164)

Plugins integration

  • Fixed: Separated policy generation does not work correctly with Rudder DSC agent (#14038)

Web - Nodes & inventories

  • Fixed: Inventory watcher is too quick and does not wait for file close (#14237)

Agent

  • Fixed: rudder agent inventory wrongly states that we are not in full compliance mode (#13882)

  • Fixed: Create a rudder server trigger_policy_generation command (#14052)

System integration

  • Fixed: Every agent check for postgresql and ldap partition size, resulting in possible overzealous shutting down of Rudder on node (#14162)

Server components

  • Fixed: cf-serverd may listen on port 8080 preventing rudder-jetty from running (#13982)

Generic methods

  • Fixed: Avoid checking for exit_on_lock option on newer yum (#14235)

  • Fixed: Enable 4h cache on available upgrades list in old package bodies (#14225)

  • Fixed: Error in inform mode about undefined @args in rudder agent output (#14214)

  • Fixed: file_from_string_mustache GM unwanted behaviour when the mustache template use non-printable elements (#14215)

  • Fixed: Generic method in 4.3 should not use the class has_promiser_stack (#14167)

Technique editor - UI/UX

  • Fixed: Filter in generic method should not be case sensitive (#14216)

  • Fixed: Categories in Technique Editor do not work in IE 11.26.70 (#14181)

Generic methods - File Management

  • Fixed: Jinja templating method does not correctly clean up temporary files in audit mode (#13666)

  • Fixed: Generic Method "File key-value present with option " treats the option as one of the value (#14186)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Valentin Lelong

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.4 (2019-01-10)

Changes

Packaging

  • Cleanup rudder promises generated (#13996)

  • Update CFEngine to 3.12.1 (#13927)

Documentation

  • Add a page with an array for all versions info (#13956)

  • Add a page for videos about Rudder (#14029)

  • Update rudder-setup url in docs (#14034)

  • Render changelogs in Rudder doc (#13928)

  • Document some node-level system variables (#13945)

System integration

  • Missing flag file to trigger a policy generation (#14050)

Web - UI & UX

  • Remove jquery-ui related css libraries (#13920)

Techniques

  • Download files needed to build rudder-techniques package from repository.rudder.io (#14036)

  • Add a technique to manage basic SNMP configuration (#13602)

  • Technique File download (Rudder server) has a borken posthook and should incorporate a windows and a linux section (#13918)

Technique editor - UI/UX

  • Add a filter on generic method tree to find methods faster (#14013)

  • Allow to clone Generic methods in a technique in the editor (#11676)

  • Make conditions visible in the Technique editor (#12740)

Bug fixes

Packaging

  • Fixed: uuid.hive file should not be a rudder-agent package conf file (#14062)

  • Fixed: Force http 1.1 when downloading curl (#14059)

  • Fixed: When installing a rudder root server (on debian), it asks to run rudder-node-to-relay (#11630)

  • Fixed: Change packaging to allow openjdk > 8 (#13896)

  • Fixed: When we stop rudder-jetty, it says it stops Jetty 7 (we are using Jetty 9 …​) (#13929)

Agent

  • Fixed: Agent run errors are not outputed on stderr anymore (#14061)

  • Fixed: Os name for sles 12 is not correct in 5.0 inventories (#13964)

Miscellaneous

  • Fixed: Rudder-jetty depends on jdk8 but always try to install jdk9 as dependency (#14024)

Documentation

  • Fixed: Use B instead of b for bytes in the doc (#14126)

  • Fixed: Add documentation about rudder <→ plugin version compatibility in docs (#14099)

  • Fixed: Broken 4.1/4.3 doc build (#14048)

  • Fixed: Broken current redirect in docs (#14047)

Web - Config management

  • Fixed: Cannot modify groups when workflow are enabled (#14056)

Plugins integration

  • Fixed: indexes on nodecompliancelevels table are not valid and table ArchivedReportsExecution is never used (#14007)

Performance and scalability

  • Fixed: A lot of space is wasted on table nodecompliance and nodeconfigurations due to pretty jsonification (#14014)

  • Fixed: Massive performance penalty in policy generation due to invalid usage of StringTemplate (#13987)

  • Fixed: Load all ncf files in one go (or two) (#13859)

Web - Maintenance

  • Fixed: Impossible to log in with root admin (#13910)

Web - UI & UX

  • Fixed: In the node details, clicking on the link to the policy server doesn’t redirect to the policy server (#13834)

  • Fixed: Alignement of radio button on Settings page is still imperfect (#13889)

Techniques

  • Fixed: "Job Scheduler" Technique miss runs when using a non-default agent execution frequency (#4840)

System techniques

  • Fixed: Inventory fails since the files are not copied on the right location (#13966)

  • Fixed: "File from shared folder" technique in very old version does not work anymore since a common variable has been removed (#13932)

Web - Nodes & inventories

  • Fixed: Huge latency between inventory sent and inventory appears in Rudder (#14080)

Generic methods

  • Fixed: Error in the info (rudder agent run -i) output of the agent at first run (#13951)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Florian Heigl

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.3 (2018-11-26)

Changes

API

  • Add rudder server version to the Rest API (system/info endpoint) (#13654)

System techniques

  • Remove default server value from system techniques (#13819)

Techniques

  • Provide a rudder.json file with initial policies (#13805)

Documentation

  • Cleanup the ncf repo (#13651)

Bug fixes

Plugins integration

  • Fixed: Improve error messsage when path to install a plugin package is not correct (#13891)

Packaging

  • Fixed: Rudder agent 4.3 needs libxml-treepp-perl on debian (#12599)

  • Fixed: Slackware agent is not started at boot (#13850)

  • Fixed: Error when uninstalling rudder-webapp and ncf-api-virtualenv (#11206)

  • Fixed: Don’t create crontab entry at Rudder agent install but during first run (#13846)

  • Fixed: Remove unnecessary conflict dependency with openjdk 9 on debian (#12664)

  • Fixed: Missing _ in slackware package name (#13839)

  • Fixed: Download Rudder sources from the new repository (#13838)

  • Fixed: Agent should depend on a logging system on SUSE (#13788)

  • Fixed: On rudder-webapp upgrade, ncf.conf file is not commited (#13679)

Agent

  • Fixed: Upgrade CFEngine to 3.10.5 (#13851)

  • Fixed: ``rudder-keys change-key'' does not check for key file existence (#12496)

  • Fixed: When ``policy-server.dat'' is missing, generated inventory is not legit (#11715)

  • Fixed: /var/log/rudder/agent-check/check.log should contains only error level messages (#12230)

  • Fixed: rudder remote run error, and unable to pass -i option (#11318)

  • Fixed: Command ``rudder remote run -a'' does not warn about missing token (#11417)

  • Fixed: Add a warn message when agent run is incomplete (#10751)

  • Fixed: Command ``rudder agent reset'' sets incorrect permission in /var/rudder/cfengine-community/inputs (#12410)

  • Fixed: ``rudder agent info'' returns invalid report mode for not yet accepted nodes (#12992)

  • Fixed: Missing spaces between key and message on rudder agent run report when using -w option (#13663)

Performance and scalability

  • Fixed: There are still tables expectedreports & expectesreportsnodes on upgraded Rudder 4.x and 5.x, (#13770)

  • Fixed: After a node is deleted, a policy generation is started every 5 secondes (#13845)

  • Fixed: Invalid value reported for Node expected reports saved in base in Rudder log (#13418)

Security

  • Fixed: Impossible to update promises when using a debian9 or Ubuntu 18 server and older distributions as Nodes (incompatible openssl version) (#13690)

System integration

  • Fixed: ``rudder-pkg enable-all'' command fails when a plugin has no jar (#13785)

  • Fixed: Bad log level during generation (#9512)

  • Fixed: Init check on group All classic Nodes known by Rudder (Using a CFEngine based agent) always tries to rewrite the group (#13792)

Documentation

  • Fixed: Windows doc has disappeared (#13880)

  • Fixed: Document syslog port 5514 if Rudder server is an ubuntu < 14 (#11016)

  • Fixed: No favicon for Rudder doc on embeded doc (#13520)

  • Fixed: Fix path to jinja2_custom.py in jinja2 templating doc (#13784)

Web - Config management

  • Fixed: The password field allows storing a password without any selected hash (#12198)

  • Fixed: Spinning compliance in nodes list on a disabled node (#12649)

  • Fixed: Spinning compliance in nodes list on a disabled node (#12649)

  • Fixed: ``Not copying missing license file into'' in webapp log (#10917)

  • Fixed: Missing node state variable expansion in directive (#13671)

  • Fixed: Add full path to shared-folder in description of ``Download file from shared folder'' Technique (#13530)

Web - UI & UX

  • Fixed: Wrong text color in table header in Rule page (#13835)

  • Fixed: Quotes in reports are displayed as " in the web interface (#13349)

  • Fixed: Upgrade loading wheel with a new look (#8622)

  • Fixed: On Dashboard, when we have 100% of something, the pie is including a confusing white line (#12233)

  • Fixed: Imperfect alignement of radio button (#13512)

  • Fixed: No color difference on hover on the user menu (#12926)

  • Fixed: ``Configure the default state'' is lacking explanations (#12462)

  • Fixed: Bad display of radio button on the Reports Database page in Rudder 5.0 (#13476)

  • Fixed: Remove static ids in Password section (#13457)

  • Fixed: Button to enable a technique in Directive Screen is not working, should be a link to the Technique (#13779)

  • Fixed: In directive page, tooltip is not correctly aligned with text (#13511)

  • Fixed: The ``hardware'' tab is not displayed in accept new nodes screen (#13688)

Web - Nodes & inventories

  • Fixed: When a node is deleted, its generated promises are not removed (#4709)

  • Fixed: Inventory keeps its key certified when node is deleted (#9149)

  • Fixed: Missing gateway, network in network interface details (#13804)

  • Fixed: Network group criteria not working (#13772)

  • Fixed: Node details shows Operating System Type: MSWin for Windows node rather than Windows (#6019)

  • Fixed: The error message for bad inventory signature is unclear (#9192)

  • Fixed: Network, mask and gateway not correctly parsed from inventory (#13803)

Web - Compliance & node report

  • Fixed: Compliance error (missing) when a directive is applied by two rules on a node (#13674)

API

  • Fixed: Remove old ``machyne type'' api Rest typo since it should not be called anymore (#13795)

  • Fixed: Tags in rules are ignored in POST API (#13374)

Techniques

  • Fixed: Option description for ``File download (Rudder server)'' technique is misleading (#13887)

  • Fixed: Technique Cron job v3.0'' does not use the user'' setting with predefined scheduled (#8004)

  • Fixed: Missing reports on password component on ``User management'' Technique in audit mode (#9474)

  • Fixed: Enforce checkbox tooltip in ``Group management'' Technique is misleading (#13489)

  • Fixed: Missing report with `File and directory basics' Technique in audit mode when checking perms on non existing file (#11653)

  • Fixed: Broken reporting when copying a directory from the Rudder server without specifying the trailing / in the destination (#13290)

  • Fixed: Missing report for post-modification hook in Technique ``File download (Rudder server)'' (#13717)

  • Fixed: Details of usage of technique ``Variable from command output (string)'' is not clear (#12058)

  • Fixed: Some files in the techniques repository do not present any licence header (#13633)

  • Fixed: Technique ``cron job'' refuses task user name if it contains hyphen (#12960)

  • Fixed: Missing report for component Post-modification hook'' when cleaning files with File and directory basics'' Technique version 4.1 (#13786)

System techniques

  • Fixed: Mustache templates are not processed at all (including cron.d/rudder-agent file) (#13885)

  • Fixed: Slackware agent cron.d is broken in system technique (#13848)

Server components

  • Fixed: server command based on jq should exit when jq is not installed and explain to install it (#13682)

Generic methods

  • Fixed: Typo in ``File content'' generic method description (#13883)

  • Fixed: Generic method ``File_remove'' can delete empty directories (#12857)

  • Fixed: Scheduler classes have incomplete labels (#8008)

Web - Technique editor

  • Fixed: In technique editor, on save, we get ``success'' but some errors are shallowed (#12210)

Generic methods - File Management

  • Fixed: Generic Method ``permission dirs'' incorrect reporting when target path is a file (#10689)

  • Fixed: File key-value present'' Generic Method and Manage keys-values in file'' Technique does not support | as separator (#13562)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Thomas CAILHE

  • Ilan COSTA

  • vlycop Doo

  • Florian Heigl

  • Renaud Manus

  • Janos Mattyasovszky

  • Romain Quinaud

  • David Svejda

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.2 (2018-11-06)

Changes

Generic methods

  • Add condition_once and execute_once generic methods (#13667)

Documentation

  • Document zypper pattern usage in the ``Package state'' generic method documentation (#13725)

Bug fixes

Web - UI & UX

  • Fixed: We have no way to know that a Technique is disabled when editing a Directive (#12829)

  • Fixed: Broken display of popup to delete node property in Rudder 5.0.1 (#13694)

Generic methods

  • Fixed: Generic method ``Sharedfile to node'' always return repaired status (#13753)

  • Fixed: Unit tests for generic method ``File from a Jinja2 template'' fail on Ubuntu12 on Rudder 4.1 (#13747)

  • Fixed: Time lib may not work when the first non-loopback interface has no ip adress (#13744)

  • Fixed: Remove comment about classes_generic_two being deprecated (#13286)

  • Fixed: Style test nbsp_is_not_allowed.sh always fails, missing 4.1 version of 13637 (#13722)

  • Fixed: Missing report when using default value in Generic method parameters (#13704)

  • Fixed: Add more tests for the schedule lib in ncf (#13668)

  • Fixed: Zypper patterns tests should not be executed on non sles os (#13638)

Web - Nodes & inventories

  • Fixed: Group of group is empty if we use the AND combinator (#13424)

Plugins integration

  • Fixed: Authentication providers are not loaded before authentication is initialized (#13695)

Generic methods - File Management

  • Fixed: Change the detection of curl path in ncf to use rudder_curl if available (#13745)

  • Fixed: Missing report in ``Manage keys-values in file'' technique (#13715)

  • Fixed: Missing reporting in ``Permisisons recurse'' method (#13683)

  • Fixed: Generic Method ``File copy from remote source'' does not report when copying a directory (#13634)

  • Fixed: Missing status when I use ``File copy from Rudder shared folder'' Technique (#13669)

Web - Config management

  • Fixed: In directive, change input for parameter from technique editor from text to textarea (#12824)

Generic methods - Package Management

  • Fixed: Missing report when using the Package state'' generic method with default value for the state'' parameter (#13703)

Agent

  • Fixed: Redhat Openstack Nova compute QEMU virtual machines are seen as physical (#10265)

  • Fixed: Mustache templating in audit mode always considers destination compliant once it exists (#13664)

Packaging

  • Fixed: rudder-cf-execd and rudder-cf-serverd are not enabled nor running after a server install on debian 8 (#13774)

  • Fixed: Rudder agent uninstall may fail to to systemd unit (#13762)

  • Fixed: can’t upgrade debian package if /bin/systemd exist but sysv is used (#13174)

  • Fixed: rudder.conf is not removed from /etc/ld.so.conf.d (#12554)

  • Fixed: Fusioninventory error about unitialized value $FQDN (#13739)

  • Fixed: Embedded openssl does not build on Ubuntu 15.10 (#13712)

  • Fixed: ``type: systemctl : not found'' appears in rudder-agent installation logs (#13693)

  • Fixed: Script rudder-support-info is too chatty when looking for time (branch 5.0) (#13670)

  • Fixed: Rudder syslog port is reset after upgrade on Ubuntu (< 14) Servers (#12714)

Generic methods - Service Management

  • Fixed: Broken variable in ``Service restart'' method report (#13713)

Documentation

  • Fixed: Broken doc build (#13734)

System techniques

  • Fixed: Use embedded curl when available (#13687)

Performance and scalability

  • Fixed: LDAP IO error on generation with a lot of nodes (#13256)

Techniques

  • Fixed: Sharing files with ``root'' does not work (#10605)

  • Fixed: Add option for Zypper Patterns in Technique ``Packages'' (#13721)

  • Fixed: Add a bigger warning about full path in ``Download a file'' technique (#13647)

  • Fixed: Add a bigger warning about full path in ``Download a file'' technique (#13646)

  • Fixed: Fix some typo in ``rudder server directive upgrade'' help output (#13765)

  • Fixed: ``directive-upgrade'' rudder command does not work (#13681)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • tim c

  • Matthew Frost

  • Ilan COSTA

  • Jérémy HOCDÉ

  • Janos Mattyasovszky

  • Thomas CAILHE

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.1 (2018-10-19)

Changes

Packaging

  • Embed dependencies on ubuntu 15 (#13677)

Generic methods

Generic methods - Package Management

  • Add a package provider for zypper patterns (#12164)

Bug fixes

Generic methods

  • Fixed: Allow to report on same reporting parameters (#13632)

  • Fixed: style test nbsp_is_not_allowed.sh always fails (#13637)

  • Fixed: rudder agent log files content in user facility (#13175)

  • Fixed: 4.3+ version of 12164 (#13621)

  • Fixed: still some typos in package tests (#13591)

  • Fixed: some ncf test are failing on SLES because they are trying to deal with packages that are not available (#13573)

Web - Nodes & inventories

  • Fixed: Node group with `OR' multi criteria fails (#13649)

Web - Config management

  • Fixed: Change request must not be saved when no validation is needed (#13609)

Documentation

  • Fixed: rudder-doc embedeed doesn’t work anymore (#13659)

  • Fixed: Document Amazon Linux compatibility (#13624)

  • Fixed: Add sles 15 in 5.0 supported OS (#13533)

  • Fixed: Bad explanation for generic variable overide priority cause people making the opposite of what is needed (#13615)

Technique editor - UI/UX

  • Fixed: Rename ``bundle name'' in the technique details (#12847)

Agent

  • Fixed: rudder server command states that ``Warning: Long arguments are not supported, you probably tried to use one!'' - but it does support it (#13505)

Packaging

  • Fixed: Ubuntu 13.04 package tries to use systemd (#13676)

  • Fixed: Debian package cannot build in 4.1 because of docs.rudder.io (#13594)

  • Fixed: cebtos7 install_package_existant should be skipped (#13596)

Security

  • Fixed: StackOverflowError during policy generation in JavascriptEngine

    • debian 9.5 with jdk 1.8.0_181 (#13014)

  • Fixed: In Rudder 5.0, user password encoding is broken for some passwords. (#13643)

  • Fixed: Api User Account doesn’t have User role (#13629)

  • Fixed: file enforce content log file content which can have private info (#13608)

Performance and scalability

  • Fixed: Hikari pool autocomit configuration is incorrect, which can impact performance (#13582)

  • Fixed: Policy generation fails definitively when postgresql is shut down during policy generation (#13517)

Techniques

  • Fixed: SudoParameter technique version 3.2 returns a report that is not parsable by the CLI (#13350)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Jeremy CHAMPEL

  • tim c

  • Marco Kirchhoff

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.0 (2018-09-27)

Changes

Packaging

  • Require Postgresql 9.2 for rudder server (#13545)

  • rename support info'' script to debug info'' script and change store debug info in a standard path (#13443)

Documentation

Bug fixes

Web - UI & UX

  • Fixed: Blue text color in node details tabs (#13168)

  • Fixed: fields are not correctly aligned in group page (#13417)

  • Fixed: Dual scrolling bars on the right of group details in Rudder 5 (#13428)

  • Fixed: Tooltip on the source of property is not dislpayed in Rudder 5.0 (#13456)

  • Fixed: JS error when loading Rules pages (#13469)

  • Fixed: In Rudder 5.0, Password fields in directive is empty (#13446)

  • Fixed: Rudder web login page shows 5 instead of 5.0 in the right bottom corner (#13472)

Generic methods

  • Fixed: Some old tests are failing on centos (#13535)

  • Fixed: there is still a trailing new line in the jinja result test file (#13529)

  • Fixed: variable_string and variable_string_default GM are failing in rudder 5.0 (#13523)

  • Fixed: Some tests are failing on ubuntu distros (#13514)

  • Fixed: add a method to set reportiing_context from within a technique (#13351)

Generic methods - File Management

  • Fixed: Missing report on Permissions (non recursive) (#13536)

Documentation

  • Fixed: Update download link in documentation (#13534)

  • Fixed: Fix appearance of titles (#13502)

Packaging

  • Fixed: rudder-jetty cannot extract java version on sles15 (#13552)

  • Fixed: rudder-agent service is not removed when removing rudder-agent (#13549)

  • Fixed: add insserv-compat dependency on SLES15 packages (#13550)

  • Fixed: Use openjdk 10 on sles 15 (#13543)

  • Fixed: Use new man page URL after doc URL redirect (#13537)

  • Fixed: Error at install of Rudder Server Root 5.0 on Sles 12 (#13527)

  • Fixed: rudder-agent 4.1 install hangs on Debian 7 (#13525)

  • Fixed: Doc download in webapp package does not work anymore (#13499)

  • Fixed: rudder server upgrade-techniques –autoupdate-technique-library fails when run during Rudder upgrade (#13458)

API

  • Fixed: Harmonize URLs of system API (#13471)

Techniques

  • Fixed: deprecate old version of techniques for Rudder 5.0 (#13487)

  • Fixed: Package management technique fails to check if a package is absent in the ``latest'' version (#12939)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.0.rc1 (2018-09-12)

Changes

Architecture - Internal libs

  • We need to be able to decide what workflow to use based on the change request (#13396)

Bug fixes

API

  • Fixed: POST/PUT/DELETE API requests gives 403 (#13426)

  • Fixed: Rudder system api token only have RO access (#13416)

Generic methods

  • Fixed: " error: List or container parameter `args' not found while constructing scope `log_rudder' - use @(scope.variable) in calling reference" when running Rudder 4.3 (#13430)

Performance and scalability

  • Fixed: On error on nodecompliance SQL, logs are huge (#13427)

Architecture - Refactoring

  • Fixed: Git merge issue between Rudder 4.3 and Rudder 5.0 (#13432)

Agent

  • Fixed: remove unessecary patch that remove truncation of line in inventory (#13403)

  • Fixed: Upgrade perl to latest minor version in 5.0 for fusion inventory (#13402)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.0.beta2 (2018-09-06)

Changes

Packaging

  • Remove rudder agent thin in 5.0 (#13377)

  • Upgrade python related dependencies (#13371)

  • Remove apache 2.2 support (#13325)

  • keep only systemd on server packages (#13320)

  • Upgrade jetty to 9.4.11 (#13323)

  • Remove support for old system on rudder server builds (#13315)

  • Update agent dependencies (#13314)

  • Upgrade openssl (#13316)

  • Upgrade python related dependencies (#13373)

Web - UI & UX

  • Update main menu: plugin at top level, techique editor in configuration policy (#13067)

Documentation

  • Use repository.rudder.io in 5.0 doc (#13382)

Plugins integration

  • Make user/role management a plugin (#13030)

Architecture - Dependencies

  • Update all rudder dependencies (#13313)

Bug fixes

Web - UI & UX

  • Fixed: Fonts changed in Rudder 5.0 (#13364)

  • Fixed: Save button in group page is not readable in Rudder 5.0 (#13368)

  • Fixed: In directives pages, Text selector and input field are not correctly allligned in Rudder 5.0 (#13372)

  • Fixed: Clicking on Status/Details leads to a disabled screen in Rudder 5.0 (#13362)

Generic methods

  • Fixed: user_primary_group tests are failing on suse (#13282)

  • Fixed: Some ncf tests are too old and fails on many distributions (#13249)

Architecture - Internal libs

  • Fixed: Spring Security error - leading to random unlogging in Rudder 5 (#13365)

Technique editor - API

  • Fixed: Error message is not correctly treated when an exception occurs in when authenticating to Rudder authentication API (#13219)

Packaging

  • Fixed: libxml 2.9.8 doesn’t compile on aix (#13363)

  • Fixed: libxml fails to build with old compiler (#13337)

  • Fixed: Use correct version when building Slackware packages (#13329)

  • Fixed: Use https everywhere to download server sources (#13324)

  • Fixed: parallel build on rpmbuild hides build error (#13300)

Generic methods - Service Management

  • Fixed: Service test do not use any service to test on suse (#13278)

  • Fixed: 4.3+ version of 13278 (#13279)

  • Fixed: services GM are not working anymore due to typo (#13258)

Security

  • Fixed: ``//'' in rudder-web/secure/api//settings/global_policy_mode cause browser/spring error (#13356)

  • Fixed: Bad mime type for our js files: application/js (#13334)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

This is a bug fix release in the 5.0 series and therefore all installations of 5.0.x should be upgraded when possible. When we release a new version of Rudder it has been thoroughly tested, and we consider the release enterprise-ready for deployment.

Rudder 5.0.0.beta1 (2018-08-29)

Changes

API

  • Create system Rest API to replace V1 API (#12516)

Generic methods

  • Add a generic method to test variable existence (#12986)

Plugins integration

  • Remove the need for Spring in plugin (#13036)

Documentation

  • Add a search field (#13093)

  • Change version of documentation on rudder-doc (#13019)

  • Build a centralized place for doc: docs.rudder.io (#12907)

  • Use a rudder-specific theme (#12875)

  • Add DSC content to Rudder by example (#12584)

  • Add a ``Rudder by example'' guide to the documentation (#12383)

Technique editor - API

  • Remove expected reports.csv logic (#11915)

Agent

  • Use CFEngine 3.12 in Rudder agent (#12856)

  • Add a package techniques migration script (#12710)

  • Update technique migration technique with 12614 review (#12676)

Packaging

  • Add sles 15 support to rudder-packages (#13295)

  • Disable HTTPs for sources download on old OSes (#13197)

  • Download sources from repository.rudder.io instead of www.normation.com (#13172)

  • Download man on docs.rudder.io (#13170)

Generic methods - Service Management

  • Remove unused _service_check_running_smf and _service_check_running_src in branch 5.0 (#13245)

System integration

  • Bundle support info script into Rudder (#13213)

Architecture - Refactoring

  • Make scale-out (relay) server a plugin (#12885)

  • Make third-party authentication a plugin (#12906)

  • Make validation workflow a plugin (#12904)

Generic methods - Package Management

  • Use the new class_prefix for package methods (#12427)

Bug fixes

Web - UI & UX

  • Fixed: Remove the ``tw-bs'' css hack (#13022)

Generic methods

  • Fixed: Incomplete management of disabled/reenable reporting (#13209)

  • Fixed: file_check_special tests are failing on debian (#13243)

  • Fixed: Huge agent logs when we define an new class_prefix that is longer than 1024 chars (#13155)

Plugins integration

  • Fixed: Missing real-time check of license capabilities for api and others plugins (#13073)

Generic methods - File Management

  • Fixed: Error when using 2 or more File from a jinja2 template (#13183)

Documentation

  • Fixed: Git repository not initialised in plugin directory (13306)

  • Fixed: Wrong version displayed on the login page for plugin branding (#13274)

  • Fixed: Update screenshot for Rudder Branding (#13270)

  • Fixed: Make plugin doc build with 5.0 doc (13137)

  • Fixed: Typos in rudder-by-example (#12611)

  • Fixed: Add a favicon for Rudder by example (#12490)

  • Fixed: Build rudder man page using asciidoctor (#12977)

Miscellaneous

  • Fixed: Removing workflow comet leads to missing user information and session is destroyed (#13026)

Agent

  • Fixed: Broken agent build on linux platforms (#13311)

  • Fixed: rudder technique-migrate is not documented nor properly named (#13146)

Packaging

  • Fixed: Purge of rudder-webapp should not fail (#13210)

  • Fixed: Fix bdb download link from repository.rudder.io (#13198)

  • Fixed: slackware should not build its package into /tmp (#13194)

  • Fixed: Download rudder.8 for new man page url (#12982)

  • Fixed: Add back missing migration script in 5.0 (#13084)

  • Fixed: Makefile fails if a symbolink link /usr/bin/ncf already exists (#13277)

Generic methods - Service Management

  • Fixed: service_started_start.cf test fails on redhat (#13257)

  • Fixed: service_started_path.cf does not generate classes anymore since 13220 (#13254)

API

  • Fixed: Compilation warnings in master (#13028)

Generic methods - Package Management

  • Fixed: old packages generic methods are failing on old debian (#13305)

Techniques

  • Fixed: Package repository keys Technique in Audit Mode : Missing Reports (#13065)

  • Fixed: Package repository keys Technique in Audit Mode : Missing Reports (#13065)

  • Fixed: Rudder SNMP technique has a component failing on first run (#13159)

Release notes

Special thanks go out to the following individuals who invested time, patience, testing, patches or bug reports to make this version of Rudder better:

  • Mikaël Mantel

  • Pierre HAY

  • Guillaume Terrier

This software is in beta status and contains several new features but we have tested it and believe it to be free of any critical bugs. The use on production systems is not encouraged at this time and is at your own risk. However, we do encourage testing, and welcome all and any feedback!


api-authorizations →