La nouvelle version de Fatbuildr v2.0.0 est publiée, elle inclut de nombreuses nouvelles fonctionnalités majeures.

Parmi ces nouveautés, vous trouverez notamment :

Cette nouvelle version inclut également plusieurs corrections de bugs et des améliorations internes.

Voici le contenu complet de la note de version (en anglais) :

Added

  • web: add JWT token based authentication with RBAC policy for managing access permissions to the REST API and the HTML web endpoints (#21). Fatbuildr provides a default policy that can be overriden by site administrators.
  • Associate tasks to originating users (#79)
  • Automatic static analysis of RPM and Deb packages based on rpmlint and lintian after successful build (#16)
  • Add support of interactive build for RPM packages format (#61)
  • Add support of multiple sources for packages artifacts (#66)
  • Report Deb and RPM packages content after successful builds, with additional pbuilder hook and mock plugin respectively (#74)
  • Add possibility to purge tasks history and their workspaces directories with multiple configurable policies (#34)
  • Add support of plain files as additional sources in RPM packages (#86)
  • conf:
    • Add [tokens] section with settings to control generation and validation of JWT tokens.
    • Add policy and vendor_policy settings in [web] section to define path to RBAC policy definition file loaded by Fatbuildrweb.
    • Add [tasks] section with parameters to specify tasks workspaces location and tasks history purge policy.
  • polkit:
    • Add org.rackslab.Fatbuildr.manage-token action.
    • Add org.rackslab.Fatbuildr.build-as action.
    • Add org.rackslab.Fatbuildr.purge-history action.
  • dbus:
    • Add BuildAs method to org.rackslab.Fatbuildr.Instance object to submit build task with another user identity.
  • cli:
    • Add shell and env-shell operations to fatbuildrctl images command to open an interactive shell in a container running the image dedicated to a given format or in a build environment associated to a distribution (#18).
    • Add -d, --distribution option to fatbuildrctl images command to filter the container images or the build environments targeted by the operation.
    • Add -a, --architecture option to fatbuildrctl images command to limit the build environments targeted by the operation to a specific hardware architecture.
    • Add short option -f as an alternative to --format long option of fatbuildrctl images command.
    • Add fatbuildrctl tokens command to list, generate and save JWT tokens for HTTP REST API authentication in user’s tokens directory.
    • Add support for JWT token based authentication to Fatbuildrweb REST API.
    • Add support of HTTP/404 REST API response codes.
  • prefs: add optional tokens parameter in the prefs section for specifying the path of user’s tokens directory.
  • utils:
    • Add support of multiple sources archives in import-srcrpm.
    • Add support of plain files as RPM packages sources in import-srcrpm.
  • pkgs: add dependency on PyJWT python external library for managing JWT tokens.
  • docs:
    • Document tokens command in fatbuildrctl manpage.
    • Document tokens parameter in user’s preferences file in fatbuildrctl manpage.
    • Document new history purge subcommand in in fatbuildrctl manpage
    • Add section about API tokens in fatbuildrctl manpage.
    • Add section about Local sources and --sources option value format in fatbuildrctl manpage.
    • Add section about authentication in REST API reference page.
    • Mention new polkit actions org.rackslab.Fatbuildr.manage-token, org.rackslab.Fatbuildr.purge-history and org.rackslab.Fatbuildr.build-as with a special note for *-as actions.
    • Mention permission action required by all Fatbuildrweb REST API and HTML endpoints in references pages.
    • Document error object returned by REST API for denied permission.
    • Add section about policy configuration in Fatbuildrweb administration page.
    • Document system configuration new [tokens] section and new parameters in [web] section.
    • Document new purge parameter in [tasks] section.
    • Mention multiple sources support, static analysis, packages content listing, RBAC policy and JWT authentication in advanced features description.
    • Add page about packages source tree with all principles followed for various types of sources illustrated by new diagrams.
    • Mention HTTP/404 reponse codes in REST API when instance or task is unknown by fatbuildrd and when format, distribution, derivative, architecture or artifact is not found in registries.
    • Add page about tasks history purge capabilities with the various policies, the expected format of the limit value in configuration parameter and a quick howto setup regular automatic purge with a cronjob.
    • Add example cronjob for automatic regular tasks history purge.
    • Mention possibility to have additional plain files in the rpm subdirectoryof artifacts definitions repository.

Fixed

  • Static analysis errors reported by ruff tool with a simple initial configuration (#75).
  • Properly remove deprecated source RPM packages from repository after a successful build (#58).
  • Compiler -Wunused-result warnings with binary wrappers (#70).
  • cli:
    • Avoid hazardous handling of unsupported errors, as a basis for better error management.
    • Handle unknown distribution error in server pipeline (#71)
    • Handle connection error to HTTP URI with readable error message (#10)
    • Print clear error if YAML artifact definition is not found
  • daemon: avoid global hazardous catch of all RuntimeErrors and restrict handling to supported FatbuildrRuntimeError, as a basis for better error management.
  • Avoid removal of tilde from version extracted in source tarball filename when submitted during build through HTTP REST API (#81).
  • Remove useless imports
  • images:
    • Fix fatbuildr user and group with host UID/GID in deb format container image due to possible conflicts with other installed Debian sid packages (#83)
    • Add missing shebang in derivatives pbuilder hook
  • docs: Fix prescript token names in artifact definition reference.

Changed

  • Merge queue and archives directories into a common workspaces directory (#88)
  • cli:
    • Transform images command options --create, --update, --create-envs and --update-envs into an operation positional argument with the corresponding possible values create, update, env-create, env-update.
    • Replace fatbuildrctl {patches,build} command options --source-dir and --source-version by generic option --sources.
    • Replace fatbuildrctl archives by fatbuildrctl history command to avoid confusion with the notion of source archives (#87)
  • artifacts:
    • Rename YAML artifact definition file from meta.yml to artifact.yml. The old name is still supported but the user is warned with a deprecation notice (#73).
    • Replace tarball option by source or sources, depending on the number of archive sources.
    • Modify format of versions, derivatives and checksums keys to support optional multiple sources for packages artifacts.
    • The RPM spec file token {{ source }} is replaced by {{ sources }} to declare possibly multiple sources.
  • conf:
    • Replaced queue and archives parameters in [dirs] section of system configuration by workspaces parameter in [tasks] section.
    • Bump Fedora release from 37 to 38 in rpm and osi container images (#96).
  • dbus: Replace Archives() by History() method in org.rackslab.Fatbuildr.Instance object to avoid confusion with the notion of source archives.
  • web:
    • Build tasks are submitted to fatbuildrd with original requesting user’s identity when fatbuildrd runs with another user (typically fatbuildr system user) so the tasks are properly associated to the original user.
    • Return HTTP/404 with clear error message when instance or task is unknown by fatbuildrd and when format, distribution, derivative, architecture or artifact is not found in registries (#64).
    • Introduce new array of SourceArchive objects in the properties of Task JSON objects for build tasks.
    • Modify optional source archives filename multipart build requests to support sending of multiples sources.
  • docs:
    • Convert APT sources file in quickstart guide from one-line format to Deb822-style format (#72)
    • Modify artifact definition reference documentation with changes introduced to support packages artifacts with multiple sources and many examples to cover most cases.
    • Modify REST API reference with changes introduced to support packages artifacts with multiple sources.
    • Replace options --source-dir and --source-version by --sources in fatbuildrctl manpage.
    • Modify system configuration reference to mention replacement of queue and archives in [dirs] section by common workspaces parameter in [tasks] section.
    • Update example outputs with new common workspaces directory to match new default paths.
    • Replace notion of archives by history to designate the list of terminated tasks.
    • Update support fedora release in quickstart guide to 37 and 38. Also update example instance file to mention fedora 38 instead of fedora 36.
  • Rename fatbuildr.web module to fatbuildr.procotols.http.server for more proximity with fatbuildr.procotols.http.client code.
  • pkgs:
    • Adapt artifact definitions and packaging code for fatbuildr and its dependencies to new format defined for multiple sources support.
    • Replace fatbuildr prescript with a supplementary source for bootstrap.
    • Bump dasbus dependency to latest version 1.7 (#67).
  • examples: Change hello package artifact definition to new format defined for multiple sources support.

Removed

  • pkgs: removed support of Fedora 36
  • docs: removed mention of Fedora 36 in quickstart guide

Plus de détails sur le logiciel Fatbuildr sont disponibles dans sa page de description complète. Vous pouvez également découvrir les fonctionnalités avancées de la solution.

Envie d’essayer ? Suivez le guide de démarrage !

Liens utiles :