コンテンツにスキップ

2.23.0

Release Notes#

This release is a standard Lagoon release. There are changes that teams managing their own Lagoon installations (core and remote) may need to be aware of.

Upgrades#

Self-managed Lagoon installs may need to be aware of these changes in lagoon-core:

Broker update to RabbitMQ 3.13#

This release of Lagoon includes an update to RabbitMQ 3.13 in #3849 - which has necessitated a small modification to the feature flag enabler (to ignore experimental plugins like Khepri, that are known to have issues). As long as the upgrade runs in order successfully, the plugin should remain disabled.

KEYCLOAK_ADMIN_API_CLIENT_SECRET#

In #3841 a new client was added to the Master realm in Keycloak to allow the API to configure Keycloak. This will remove the need for an admin user/password to be used, so MFA can be set on the admin account (AFTER the upgrade!!). The charts will autocreate and configure the secret if none is provided.

Platform-X roles can be set within Lagoon instead of Keycloak#

In #3840, this release introduced the ability to set platform-X roles via the lagoon CLI/API instead of directly within Keycloak.

Deprecations#

Self-managed Lagoon installs may need to be aware of these changes in lagoon-remote:

Node sysctl daemonset replaces init containers for OpenSearch and Elasticsearch#

In build-deploy-tool#395 a future release of the build deploy tool will remove the init containers from OpenSearch & Elasticsearch deployments that are used to set the necessary sysctl settings. This daemonset, when enabled in lagoon-remote, runs once on node startup to ensure the correct setting is in place for all future deployments. Ideally, the necessary configuration should be performed at the Infrastructure provisioning, in which case this daemonset is not required.