ยซ Changelog History


StackStorm v2.10.2 Release Notes

Release Date: 2019-02-28 // about 5 years ago

  • โž• Added

    Add support for various new SSL / TLS related config options (ssl_keyfile, ssl_certfile,
    ssl_ca_certs, ssl_certfile, authentication_mechanism) to the messaging section in
    st2.conf config file.

    ๐Ÿ”ง With those config options, user can configure things such as client based certificate
    authentication, client side verification of a server certificate against a specific CA bundle, etc.

    0๏ธโƒฃ NOTE: Those options are only supported when using a default and officially supported AMQP backend
    with RabbitMQ server. (new feature) #4541

    โž• Add metrics instrumentation to the st2notifier service. For the available / exposed metrics,
    ๐Ÿ“„ please refer to https://docs.stackstorm.com/reference/metrics.html. (improvement) #4536

    ๐Ÿ”„ Changed

    โšก๏ธ Update logging code so we exclude log messages with log level AUDIT from a default service
    ๐ŸŒฒ log file (e.g. st2api.log). Log messages with level AUDIT are already logged in a
    ๐ŸŒฒ dedicated service audit log file (e.g. st2api.audit.log) so there is no need for them to also
    ๐ŸŒฒ be duplicated and included in regular service log file.

    ๐ŸŒฒ NOTE: To aid with debugging, audit log messages are also included in a regular log file when log
    level is set to DEBUG or system.debug config option is set to True.

    Reported by Nick Maludy. (improvement) #4538 #4502

    โšก๏ธ Update pyyaml dependency to the latest version. This latest version fixes an issue which
    could result in a code execution vulnerability if code uses yaml.load in an unsafe manner
    on untrusted input.

    NOTE: StackStorm platform itself is not affected, because we already used yaml.safe_load
    everywhere.

    Only custom packs which use yaml.load with non trusted user input could potentially be
    affected. (improvement) #4510 #4552 #4554

    โšก๏ธ Update Orquesta to v0.4. #4551

    ๐Ÿ›  Fixed

    ๐Ÿ›  Fixed the packs.pack_install / !pack install {{ packs }} action-alias to not have
    redundant patterns. Previously this prevented it from being executed via
    st2 action-alias execute 'pack install xxx'. #4511

    Contributed by Nick Maludy (Encore Technologies)

    ๐Ÿ›  Fix datastore value encryption and make sure it also works correctly for unicode (non-ascii)
    values.

    Reported by @dswebbthg, @nickbaum. (bug fix) #4513 #4527 #4528

    ๐Ÿ›  Fix a bug with action positional parameter serialization used in local and remote script runner
    not working correctly with non-ascii (unicode) values.

    This would prevent actions such as core.sendmail which utilize positional parameters from
    working correctly when a unicode value was provided.

    Reported by @johandahlberg (bug fix) #4533

    ๐Ÿ›  Fix core.sendmail action so it specifies charset=UTF-8 in the Content-Type email
    header. This way it works correctly when an email subject and / or body contains unicode data.

    Reported by @johandahlberg (bug fix) #4533 4534

    ๐Ÿ›  Fix CLI st2 apikey load not being idempotent and API endpoint /api/v1/apikeys not
    honoring desired ID for the new record creation. #4542

    ๐Ÿ”’ Moved the lock from concurrency policies into the scheduler to fix a race condition when there
    โฑ are multiple scheduler instances scheduling execution for action with concurrency policies.
    #4481 (bug fix)

    โž• Add retries to scheduler to handle temporary hiccup in DB connection. Refactor scheduler
    service to return proper exit code when there is a failure. #4539 (bug fix)

    โšก๏ธ Update service setup code so we always ignore kombu library heartbeat_tick debug log
    messages.

    ๐ŸŒฒ Previously if DEBUG log level was set in service logging config file, but --debug
    service CLI flag / system.debug = True config option was not used, those messages were
    ๐ŸŒฒ still logged which caused a lot of noise which made actual useful log messages hard to find.
    (improvement) #4557