At least one Owner should be left in the Contract which contains more than one user.
User with tenants.membership.edit permission can grant/remove Tenant Admin’s permissions to/from the user. See API documentation for more information.
Contract and workspace Owners are able to add new role from the list of available roles and remove any role except Owner role from themselves.
contracts.devTeam.edit are removed from Contract Owner role. The Admin role is assigned automatically to all users, that currently have Owner role.
available_roles is not empty – it always will contain Contract Owner role (this item is pasted by API implicitly).
We implemented hint box which explains that JSONata is used as mapping languages and provides some minimale examples.
We provided more clear explanation for password requirements.
Service account was added for wiper. Several API endpoints allow performing a request with Service Account API-Key. The Wiper uses a Service Account credential for an API referring.
workspaces.workspace.finish_delete permission was introduced.
Now a Tenant can be created without utilizing domain certificates.
There are two new permission sets for the contract’s scope:
contracts.contract.editpermission is assigned to all of the contract owners during migration. It allows editing anything except the
available_roles. Otherwise, an appropriate error will appear.
contracts.contract.edit_avaialble_rolespermission allows editing anything in the contract, including the available roles.
To be able to rename the contract, click the Edit Contract Data button and the necessary form will appear.
The endpoint deletes the tenant only in case it does not contain any contracts.
An internal issue implemented for:
Please be aware that the introduced variables are allowed for editing/customizing during the platform’s life cycle. Nevertheless, it is required for running the gendry job once the changes have been made, and immediately restarting all the services that are using the login+password (the
Please note, do not use the underscore symbol
_in your login & password credentials. The
NGINXweb server fails to handle it correctly, as it is being transferred within the HTTP headers.
The environment variables are a combination of login & password pairs for such Service Accounts as the
handmaiden (tenant-operator) and
appdirect (integration service):
The tenant-operator (aka
handmaiden) is a special service that maintains ingresses to be aligned with tenants.
TENANT_OPERATOR_SERVICE_ACCOUNT_USERNAME variable should contain a login for the tenant-operator.
TENANT_OPERATOR_SERVICE_ACCOUNT_PASSWORD variable should contain (any string) a password. Can be generated by the following command
pwgen -ny 15.
The service account for
appdirect integration service. Different versions of this service are being used for:
APPDIRECT_SERVICE_ACCOUNT_USERNAME variable should contain a login for the
appdirect integration service.
APPDIRECT_SERVICE_ACCOUNT_PASSWORD variable should contain (any string) a password. Can be generated by the following command
pwgen -ny 15.
This is an internal issue that refers to query optimization for a Mongo-related database. It solves the following problem: the frontend was not able to load a list of tasks from the API due to significant excessive load on the MongoDB server.
Introduced a new method to store the custom certificates that are being provided for the tenants. From now on, the user can upload certificates for the tenant and provide them with a reference right in the tenant’s configuration.
A new environment variable
CERTIFICATE_STORE_ENCRYPTION_PASSWORD was added. It is a password that is used to generate a key for encrypting or decrypting a certificate. There are no restrictions or limitations on how to generate one.
The next symbols are considered as special
We introduced pagination in the logs panel.
The first incoming sample is set by default.