All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Support for multiple JWT signature algorithms
- Added option to follow symbolic links in the
POST /utilities/compressandPOST /storage/xfer-internal/compressendpoints - Added new "general" section to status/parameters describing
FIRECREST_VERSIONandFIRECREST_BUILDtimestamp - Environment variable
F7T_HOME_ENABLEDto setFalseif$HOMEis not mounted on systems executing FirecREST commands - Add support in the
GET /compute/jobsendopint to poll for jobs of any user - Environment variable
F7T_LOG_KIBANAto enable/disable the JSON format log reporting, detected and parsed by Kibana, and the related Helm chart's annotations.
- SLURM scheduler now uses
--exportoption for passing environment variables to a job. - Variable
F7T_REALM_RSA_PUBLIC_KEYSchanged toF7T_AUTH_PUBLIC_KEYS. - Variable
F7T_REALM_RSA_TYPE_changed toF7T_AUTH_ALGORITHMS. - Added default values on helm charts.
- Upgrade
requestslibrary to version2.32.0. - System availability is tested using
whoamiinstead ofls -lon a filesystem. Filesystem failures reported instatus/systems/<SYSTEM>do not affect the availability of a system. - Filesystem check is executed with the command
ls -1f, skipping listing and sorting of entries.
- Fix parsing in
GET /utilities/lsendpoint. - The job fields
job_data_outandjob_file_errfromGET /compute/jobswill be empty for jobs that are still pending (so that there is no confusion with older output/error files). - Added retry on task creation workflow.
- Error message when
$HOMEis not mounted.
- Added the endpoints
/compute/nodesand/compute/nodes/{nodeName}to retrieve information about nodes in the scheduling queue. - Added endpoints
POST /utilities/compress,POST /utilities/extract,POST /storage/xfer-internal/compressandPOST /storage/xfer-internal/extractfor file compression and extraction. - Added recurisive option to ls utilities command
&recursive=true. - Added the endpoint
/compute/partitionsto retrieve information about partitions in the scheduling queue. - Added grep support for tail and head command.
&grep=pattern. - Added
examplesdirectory for practical use cases of FirecREST.
-
Environment variable names:
-
Added:
F7T_CERTIFICATOR_HOST,F7T_COMPUTE_HOST,F7T_RESERVATION_HOST,F7T_STATUS_HOST,F7T_STORAGE_HOST,F7T_TASKS_HOST,F7T_UTILITIES_HOST -
Replaced
F7T_SYSTEMS_PUBLICbyF7T_SYSTEMS_PUBLIC_NAMEF7T_USE_SSLbyF7T_SSL_ENABLEDF7T_POLICY_PATHbyF7T_OPA_POLICY_PATHF7T_PERSISTENCE_IPbyF7T_PERSIST_HOSTF7T_SSH_CERTIFICATE_WRAPPERbyF7T_SSH_CERTIFICATE_WRAPPER_ENABLEDF7T_STATUS_SYSTEMSbyF7T_SYSTEMS_INTERNAL_STATUS_ADDRF7T_SECRET_KEYbyF7T_SWIFT_SECRET_KEYF7T_USE_SPANK_PLUGINbyF7T_SPANK_PLUGIN_ENABLED
-
Removed:
F7T_CERTIFICATOR_URL,F7T_COMPUTE_URL,F7T_RESERVATION_URL,F7T_STATUS_URL,F7T_STORAGE_URL,F7T_TASKS_URL,F7T_UTILITIES_URL, andF7T_SWIFT_ACCOUNT(it's using the same value thanF7T_OS_PROJECT_ID)
-
-
On task response metadata, the
task_urlvalue is now relative to the/tasksendpoint
- Fixed error on pipeline when releasing production version.
- Fixed response in task after timeout in one of the commands.
- Handle
ChunkedEncodingErrorerror in task creation to avoid crashing and returning 500 Error. - Fixed compute task error message on system not available.
- Add the endpoints
GET /status/filesystemsandGET /status/filesystems/<system>, providing enhancement in terms of filesystem availability - The endpoint
/utilities/whoamiadds thebooleanparameter "groups" which set ontruereturns a dictionary withuid,gid, andgroups - Added the parameter
WORKLOAD_MANAGERinGET /status/parametersto provide information on the resource and workload manager used for compute - Add
F7T_LOG_TYPEto select logging to files or stdout. - Add
F7T_GUNICORN_LOGfor Gunicorn logs. - Add profiling middleware.
- Improved retrieval of tasks from persistence storage.
- Upgraded
konggateway to v3.6.0 - Upgraded
cryptographypackage to v42.0.4 - Upgraded
paramikopackage to v3.4.0
- Fixed demo images dependency declarations preventing docker-compose to build successfully.
- Fixed check when submitted an empty batch file on
POST /compute/jobs/upload. - Fixed error message when
GET /status/systemsencounters error in one filesystem. - Fixed SSH connection error catching.
- Fixed secured "ssh-keygen" command execution.
- Add constraint in xfer-internal job script when provided by the configuration. The associated environment variable is
F7T_XFER_CONSTRAINTand can be empty, when no machine needs it. Otherwise, the different constraints should be separated by;. - Support passing environment variables when submitting a job.
- Support listing directories without resolving UID/GID.
- Add description for each parameter in
GET /status/parametersresponse. - Add support for Object Storage Tenants in S3v4 object storage. The associated environment variable is
F7T_S3_TENANTand it can be empty or benullornonewhen the tenant is not needed. Otherwise the tenant name has to be set. - The task that is returned from a successful
GET /jobs/acctwould returns the attributetime, which iscputimefrom slurm. The attribute will remain andcputimeandelapsedwill be also returned. Similarly,time_leftis actually the time of termination of the jobs.time_leftwill remain for compatibility reasons, butelapsedattribute will also be returned. - Added
F7T_AUTH_ISSUERto specify the JWT token issuer to be checked by Kong GW. - Removed
F7T_AUTH_REALMandF7T_AUTH_URLwhich are no longer needed.
- CI/CD pipeline is now adapted to create helm charts images and push to a repository when TDS or Prod are tagged:
- Also secrets now can be managed from ExternalSecrets on K8s deployment.
- Deployment on TDS triggers ArgoCD deployment.
- Demo and k8s deployments have the Swagger UI API specification at unauthenticated
/docsendpoint.
- Take into account
pageNumberandpageSizearguments inGET /compute/jobsandGET /compute/acct.
-
Tasks microservice now provides filtering by a subset of tasks with a
tasksparameterGET /tasks?tasks=<taskid>,<taskid>,<taskid>.
-
Tasks microservice now reports in task metadata the system for which the task was created.
-
For storage tasks, now the
sourceandtargetpath are part of thedatafield on the response for all statuses. -
For certificator container sets up the environment variables
F7T_CA_KEY_PATHandF7T_PUB_USER_KEY_PATHas absolute paths in the container for the CA Private key (ca-key) and the user key (user-key.pub), respectively. If not set, the default directory will be root (ie,/ca-key). -
For the rest of microservices, the value to set is
F7T_PRIV_USER_KEY_PATH(user-key). -
The
headendpoint has a new argument:skip_ending. The output will be the whole file, without the last NUM bytes/lines of each file. -
The
tailendpoint has a new argument:skip_beginning. The output will start with byte/line NUM of each file.
- Demo template UI client has been fixed in order to integrate latest changes.
- Fixed correct header when the result of an operation in the system is
Not a directorytoX-Not-A-Directory. - Fixed the automatic change of the filename in uploaded files with empty spaces and other special characters.
- Fixed the issue with parsing
lswhen encountering filenames with the$character and whitespace.
- Flask version upgraded to
2.3.2. - Cryptography version upgraded to
39.0.2. - Certificator now uses
f7t-baseas base image.
- More tests for
/storage/xfer-external/uploadendpoint.
- For
/storage/xfer-external/uploadnow is possible for the form parametertargetPathto be a file path or a directory path.
- Upgrade to
redis == 4.5.4intasksAPI.
- Automated process for extracting the version number and using it in K8s OpenAPI pod.
- Add github workflow for automatic releases.
- Add new endpoints for
headandtailcommands. - Add endpoint for the
whoamicommand. - Add
X-Size-Limitto/utilities/downloadand/utilities/viewendpoints API specification.
- Allow square brackets in user input.
/utilities/statendpoint now uses%fto return file type and permissions inmodefield.
- Return the
X-Existsheader for existing folders in/utilities/mkdir, instead ofX-A-Directory. - Fix bug on view endpoint. Return normally the files that included error messages.