Pike Serie Releasenotes

4.0.0

New Features

  • Added a new yaql function ‚decryptData‘ which pairs with ‚encryptData‘ on the dashboard side. Application authors can use these functions to secure sensitive input to their Murano applications such as passwords.

    Requires a valid secret storage backend (e.g. Barbican) to be configured via Castellan.

  • Users can now assign an existing security group to an application as an alternative to using the one created by Murano’s SecurityGroupManager.

  • Murano switched to using standard oslo middleware HTTPProxyToWSGI instead of custom implementation. This middleware parses the X-Forwarded-Proto HTTP header or the Proxy protocol in order to help murano respond with the correct URL refs when it’s put behind a TLS proxy (such as HAProxy). This middleware is disabled by default, but can be enabled via a configuration option in the oslo_middleware group.

Upgrade Notes

  • File murano-paste.ini has been updated to use oslo HTTPProxyToWSGI middleware. Config option ``secure_proxy_ssl_header has been removed. Please refer to oslo_middleware configuration options if you wish deploy murano behind TLS proxy. Most notably you would need to set enable_proxy_headers_parsing under group oslo_middleware to True, to enable header parsing.

Deprecation Notes

  • Removed show_categories endpoint from the application catalog API which has been deprecated since the Liberty cycle. Use list_categories instead.

Bug Fixes

  • Remove hardcoded constant called ‚ITERATORS_LIMIT‘, that can be exceeded (2000) having big amount of objects. Introduce dsl_iterators_limit configuration option instead of constant.