2025.1 Series Release Notes

2025.1 Series Release Notes¶

15.0.0-5¶

New Features¶

A new module, blazar.wsgi, has been added as a place to gather WSGI application objects. This is intended to ease deployment by providing a consistent location for these objects. For example, if using uWSGI then instead of:
```
[uwsgi]
wsgi-file = /bin/blazar-api-wsgi
```
You can now use:
```
[uwsgi]
module = blazar.wsgi.api:application
```
This also simplifies deployment with other WSGI servers that expect module paths such as gunicorn.

Upgrade Notes¶

The WSGI script blazar-api-wsgi has been removed. Deployment tooling should instead reference the Python module path for the wsgi module in Blazar, blazar.wsgi.api:application if their chosen WSGI server supports this (gunicorn, uWSGI, etc.) or implement a .wsgi script themselves if not (mod_wsgi).

Security Issues¶

Fixes a bug where any user could update/delete a lease from any project, provided that they had the lease ID. When using the default policy configuration, there is no way for a regular user to see lease IDs of another project. However, operators that are running the Resource Availability Calendar may have overridden this policy, and so may be vulnerable without this fix. LP#2120655

15.0.0¶

New Features¶

The Blazar policies implemented the scope concept and new default roles (admin, member, and reader) provided by keystone.

Upgrade Notes¶

All the policies implement the scope_type and new defaults.
- Scope
  
  Each policy is protected with project scope_type.
- New Defaults(Admin, Member and Reader)
  
  Policies are default to Admin, Member and Reader roles. Old roles are also supported. There is no change in the legacy admin access.

Bug Fixes¶

Fixes functionality of host randomization feature. LP#2099927

this page last updated: 2025-08-26 11:49:19

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.