Skip to content

8.3.0-alpha4

Pre-release
Pre-release
Compare
Choose a tag to compare
@megglos megglos released this 08 Aug 07:11
· 349 commits to main since this release
8.3.0-alpha4
22c13dc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Zeebe

Breaking Changes ❗

Docker - user

With the Zeebe 8.3.0-alpha4 release the default user the zeebe docker image runs with changed from root to 1000/zeebe. This was done in order to better comply with the OWASP recommendations on Docker Security

If you experience permission errors on your data or log volumes, you may need to make sure mounted volumes are writable by this user e.g. via setting fsGroup on k8s to 1000.

Docker - zbctl not included in the Docker image anymore

To reduce the amount of false-positive CVEs on scans of the zeebe docker image we decided to remove zbctl from it. We recommend you to install it locally.

Resources no longer available in the Deployment:CREATED event

Resources in the Deployment:CREATED event are no longer available. Custom Exporters using the resources from this event must be modified to get them from the Process:CREATED event for BPMN models and the DecisionRequirements:CREATED event for DMN models.

Change in monitoring endpoints

There were some changes to the monitoring endpoints of Zeebe, both for the gateway and the broker. All of these were existing redirects to the new endpoints, so their format is left unchanged; only the redirects have been removed.

You may have to change your Kubernetes health probes or metrics scraping endpoints to accomodate the new ones. Note that if you're deploying with the Helm charts, or are using Camunda Platform 8 SaaS, you do not need to do anything.

Broker

  • The /metrics endpoint is now /actuator/prometheus

Gateway

  • The /metrics endpoint is now /actuator/prometheus
  • The /health endpoint is now /actuator/health
  • The /startup endpoint is now /actuator/health/startup
  • The /live endpoint is now /actuator/health/liveness

Enhancements

Java Client

  • Stream jobs using job worker (#13473)
  • newModifyProcessInstanceCommand: complete command with single variable (#13460)
  • newThrowErrorCommand: complete command with single variable (#13458)
  • newFailCommand: complete command with single variable (#13456)
  • newBroadcastingSignalCommand: complete command with single variable (#13451)
  • newEvaluateDecisionCommand: complete command with single variable (#13449)
  • newPublishMessageCommand: complete command with single variable (#13447)
  • newCreateInstanceCommand: complete command with single variable (#13443)
  • Allow custom job worker executors (#13428)

Broker

  • Scheduled tasks should not block processing (#12302)

zbctl

  • Remove zbctl from 8.3 images going forward (#13024)

Misc

  • Validate user input before registering a worker to the job stream (#13465)
  • Implement ZeebeClient wrapper for the StreamJobs RPC (#13429)
  • Add and handle Process Deleting event (#13349)
  • Add a state to PersistedProcess (#13348)
  • Remove from PROCESS_INSTANCE_KEYS_BY_DEFINITION_KEY ColumnFamily (#13342)
  • Insert into the PROCESS_INSTANCE_KEYS_BY_DEFINITION_KEY ColumnFamily (#13341)
  • Add PROCESS_INSTANCE_KEYS_BY_DEFINITION_KEY ColumnFamily (#13340)
  • Add Resource Deleting intent (#13335)
  • As a Zeebe Java user, I want to complete a Job with a single variable (#13040)
  • Export number of buffered messages as metrics (#12975)
  • Add message definition extension elements (#12878)
  • Forcefully terminate a process instance (#12696)
  • Docker: Run the zeebe process with an unprivileged user by default (#12382)
  • Add gRPC job stream API (#11708)

Bug Fixes

Broker

  • Regression in deploying large payloads (#13233)

Misc

  • Release Dry fails because of unrecognized argument (#13715)
  • ZeebePartitionHealth repeatedly reports change of health status (#13650)
  • PartitionListeners are notified even if the transition is cancelled causing NPE (#13471)
  • Gateway readiness fails when tls enabled (#13431)
  • Cancel on-going remote stream registration on stream removal (#13061)
  • Error message truncation may be too strict (#13046)
  • Don't mutate state through JobBackoffChecker (#13041)
  • Zeebe should only log as JSON, if configured to do so (#12886)
  • ExceededBatchRecordSizeException: Can't append entry (#12007)

Maintenance

  • Automatically merge backport PRs (#13666)
  • Snyk monitoring wrong Docker images for stable releases (#13645)
  • Mark PR as stale after 1 month (#13601)
  • Define actor names for new remote stream actors (#13281)
  • Use a fixed length segment descriptor (#13240)
  • Align with Docker base image best practices (#13214)
  • Reduce container CVE maintenance effort (#12959)
  • Update Elasticsearch client to 8.7 (#12859)
  • Make dashboard UIDs human-readable (#12601)
  • Switch custom AwsSignHttpRequestInterceptor in Opensearch exporter to library (#12427)
  • Register ClientStreamConsumer adapters for every gRPC stream observer (#12390)
  • Implement ClientStreamConsumer adapter to forward jobs to gRPC clients (#12389)
  • Investigate usage of client in gateway (#11799)
  • Integrate end-to-end job stream lifecycle management (#11710)
  • ARM64 CI Jobs frequently fail due to connection resets (#11590)

Merged Pull Requests

  • Remove process instance keys from PROCESS_INSTANCE_KEY_BY_DEFINITION_KEY ColumnFamily (#13376)

Operate

🚀 New Features

  • backend: Update schema to support DELETE_DECISION_DEFINITION (#5035)
  • backend: resource based permissions for SaaS (#4965)
  • try active tab polling (#4940)
  • backend: change treePath data type and queries for flow node instances (#4993)
  • backend: Endpoint to search decision instances (#4893)
  • backend: default tenantId during migration (#4877)
  • backend: Endpoint to get decision requirements xml (#4868)
  • backend: add tenantId fields to indices... (#4869)
  • backend: replace ES BulkRequest with interface BatchRequest (#4702)
  • backend: Endpoint to search and filter decision requirements (#4826)
  • backend: Endpoint to get decision instance by id (#4849)

💊 Bugfixes

  • docker: run as non-root by default (#5020)
  • use carbon link for external href links (#5028)
  • security: Replace default-src csp header with more specific ones (#5033)
  • backend: Operate importer and archiver are not initialized (#5000)
  • backend: ClassCastException in post importer (#5008)
  • deps: update dependency mobx to v6.10.0 (#4944)
  • deps: update dependency sass to v1.64.0 (#4954)
  • deps: update dependency @camunda/camunda-composite-components to v0.0.42 (#4947)
  • backend: Field parentKey missing in proces instance endpoint (#4934)
  • backend: Public API sequence-flows returns max 10 results (#4941)
  • deps: update dependency @carbon/elements to v11.25.1 (#4907)
  • deps: update dependency sass to v1.63.6 (#4912)
  • backend: fix the exception in post importer (#4879)

🧹 Chore

  • update Zeebe and Identity to 8.3.0-alpha4 (#5063)
  • carbonize modification info banner (#5030)
  • change batch action toolbar cancel button name (#5037)
  • lazy load all pages (#5048)
  • fix failing e2e test (#5047)
  • change operations panel empty message (#5039)
  • remove running operation background color (#5013)
  • carbonize general notifications (#4992)
  • convert metadata popover to carbon (#5012)
  • deps: bump org.apache.maven.plugins:maven-surefire-plugin (#4975)
  • update node
  • deps: update dependency node to v18.17.0 (#4943)
  • deps: update dependency @playwright/test to v1.36.2 (master) (#4901)
  • deps: bump version.micrometer from 1.11.1 to 1.11.2 (#4974)
  • carbonize applying modifications overlay (#4988)
  • add missing carbon component tests (#4982)
  • update diagram button sizes (#5004)
  • enable login button when fields are empty (#4999)
  • deps: update dependency @testing-library/jest-dom to v5.17.0 (#4939)
  • update carbon versions (#5001)
  • display version in app header (#4976)
  • update docker base images (#4996)
  • separate processes and decisions panel position storage (#4962)
  • improve styles for dashboard bottom panels (#4959)
  • copy and adjust tests (#4957)
  • render correct data for child nodes (#4911)
  • pom: update Spring Boot to fix CVE-2023-34034 (#4970)
  • convert modification badges to carbon (#4956)
  • convert modification badges to carbon (#4956)
  • use carbon statistic overlays for pid page (#4955)
  • migrate modification dropdown to carbon (#4958)
  • convert process instance diagram component to carbon (#4946)
  • deps: bump unboundid-ldapsdk from 6.0.8 to 6.0.9 (#4814)
  • deps: bump commons-codec from 1.15 to 1.16.0 (#4816)
  • deps: bump mockito-core from 5.3.1 to 5.4.0 (#4833)
  • convert detail page notifications to carbon (#4952)
  • add incidents banner (#4950)
  • update frontend URL routing (#4935)
  • add empty error states (#4917)
  • add skeletons (#4918)
  • render parent items reusing instances bar (#4885)
  • migrate tests to github actions (#4865)
  • deps: update dependency testcafe to v3 (#4924)
  • deps: update dependency zeebe-node to v8.2.5 (master) (#4904)
  • deps: update hashicorp/vault-action action to v2.7.3 (#4905)
  • deps: update all non-major dependencies (#4899)
  • deps: update dependency monaco-editor to v0.40.0 (#4902)
  • deps: update dependency prettier to v3 (master) (#4921)
  • ci: remove zeebe containers + switch nodepool (#4923)
  • auth setup for playwright e2e tests (#4830)
  • add partially expandable data table and render mock data (#4881)
  • add e2e docs to readme (#4897)
  • renovate: fix branch name for renovate
  • enable Renovate on stable branch, enable hadolint on Dockerfile (#4890)
  • Create backport-action (#4883)
  • convert metric panel to carbon (#4878)
  • convert dashboard layout to carbon (#4876)
  • carbonize drd diagram (#4838)
  • convert drd panel to carbon (#4837)
  • setup playwright e2e tests and adjust login page tests (#4781)
  • convert forbidden pages to carbon (#4829)
  • update CHANGELOG.md

Tasklist

🚀 New Features

  • be-302-identity (#3266)
  • abstract Identity Setup for SSO Profile and OAuth + ProcessReader Adaptation (#3256)
  • readme - update Readme with env variables (#3233)
  • Implement start process with form API integration (#3219)
  • Change ProcessResponse fields (#3184)
  • Fetch and render start form (#3168)
  • update internal start process endpoint and tests (#3169)

💊 Bugfixes

  • Refine jacoco plugin (#3251)
  • fixing billing tab (#3235)
  • Fix makefile and docker for entity up (#3232)
  • deps: update dependency mobx-react-lite to v4 (#3218)
  • deps: update all non-major dependencies (#3192)
  • Be 2402 flakyfix index - make GraphQL Call "sync" (Integration Test) (#3216)
  • deps: update dependency @carbon/elements to v11.25.0 (#3187)
  • deps: update dependency @carbon/react to v1.33.0 (#3188)
  • deps: update all non-major dependencies (#3177)

🧹 Chore

  • Bump form-js (#3262)
  • Processes Page Tests Added (#3242)
  • increase identity test coverage (#3243)
  • Test Coverage Increased for form-js task tests (#3228)
  • deps: update hashicorp/vault-action digest to cb841f2 (#3223)
  • deps: update dependency @types/react to v18.2.15 (#3222)
  • Revert Playwright update
  • deps: update dependency @playwright/test to v1.36.0 (#3207)
  • CI workflow improvements (#3212)
  • adding extra parameter to preview-env (#3217)
  • deps: update dependency monaco-editor to v0.40.0 (#3191)
  • deps: update actions/add-to-project digest to 36f5795 (#3196)
  • deps: update hashicorp/vault-action digest to 65d7a12 (#3197)
  • deps: update enricomi/publish-unit-test-result-action action to v2.8.0 (#3198)
  • form-js-integration: update snapshot (#3194)
  • migrate main Jenkins build pipeline to GHA for master (#2816)
  • Variables Test Refactored with POM (#3183)
  • deps: update dependency prettier to v3 (#3171)
  • deps: update hashicorp/vault-action digest to 65d7a12 (#3181)
  • update add_to_hto_project.yml (#3185)
  • Public Start Form Tests Refactored with POM (#3178)
  • Task Panel Tests refactored with POM (#3170)
  • Task Details Tests refactored with POM (#3165)
  • update CHANGELOG.md

Identity

🚀 New Features

  • expose SDK method to retrieve tenants assigned to a token (#1962)
  • retrieve tenants assigned to a token (#1961)
  • expose batch authorization update method in SDK (#1963)
  • implement tenant post endpoint (#1878)
  • retrieve resources for given organization ID (#1837)
  • add support for connecting to Keycloak v21 (#1830)
  • add sdk support for resource authorization creation (#1823)
  • support retrieving resource authorizations for token + orgId in the SDK (#1827)
  • identity supports creating resource authorizations for saas (#1818)
  • retrieve resource authorizations for orgid and user token (#1816)
  • auth0 profile implemetation (#1791)
  • support logging to file (#1789)
  • use http only cookies (#1749)

💊 Bugfixes

  • management-api/pom.xml to reduce vulnerabilities (#1953)
  • prevent userdetailsservice auto configuration (#1941)
  • set timeout on long running jobs (#1940)
  • use correct structure for uses with reuseable workflow (#1933)
  • clean the version tag to make it compatible with a docker tag (#1932)
  • set permissions for auth step in saas release workflow (#1931)
  • allow developer role to manage resource authorizations (#1921)
  • update dependency dev.failsafe:failsafe to v3.3.2 (#1912)
  • management-api/pom.xml to reduce vulnerabilities (#1899)
  • increase max header size to support larger JWT tokens (#1907)
  • allow PUT verb for CORS request (#1890)
  • check organisation access when retrieving authorizations for a given userId (#1881)
  • implement CORS configuration (#1889)
  • alter permission check on resource type call (#1886)
  • run apt update prior to installing in e2e action (#1879)
  • adding k8s service yaml for identity (#1876)
  • consider organization id when creating resources (#1874)
  • management-api/pom.xml to reduce vulnerabilities (#1814)
  • update dependency styled-components to v5.3.11 (#1825)
  • update dependency i18next-browser-languagedetector to v7.0.2 (#1824)
  • update dependency react-i18next to v12.2.2 (#1804)
  • update dependency styled-components to v5.3.10 (#1780)
  • update dependency axios to v1.3.6 (#1775)
  • compatibility matrix workflow various fixes (#1768)
  • update dependency io.micrometer:micrometer-registry-prometheus to v1.10.6 (#1758)
  • update dependency i18next to v22.4.15 (#1757)
  • update dependency axios to v1.3.5 (#1756)
  • update dependency org.postgresql:postgresql to v42.6.0 (#1737)

🧹 Chore

  • update dependency @types/react to v18.2.17 (#1964)
  • update testcontainers-java monorepo to v1.18.3 (#1958)
  • update dependency cypress to v12.17.2 (#1951)
  • update spring boot to v3.1.2 (#1954)
  • update dependency msw to v1.2.3 (#1952)
  • update slackapi/slack-github-action action to v1.24.0 (#1947)
  • update dependency sass to v1.64.0 (#1949)
  • update spring boot to v3.1.1 (#1948)
  • add missed operator to toleration (#1946)
  • update react-router monorepo (#1945)
  • update react monorepo (#1944)
  • update dependency org.springframework.security:spring-security-test to v6.1.2 (#1942)
  • update dependency @testing-library/jest-dom to v5.17.0 (#1943)
  • update hashicorp/vault-action action to v2.7.3 (#1934)
  • update dependency tsconfig-paths-webpack-plugin to v4.1.0 (#1939)
  • implement prod deployment (#1937)
  • update dependency cypress to v12.17.1 (#1935)
  • update jest monorepo (#1925)
  • update babel monorepo to v7.22.9 (#1924)
  • add int k8s config (#1908)
  • update hashicorp/vault-action action to v2.7.2 (#1923)
  • update postgres docker tag to v15.3 (#1919)
  • update babel monorepo (#1922)
  • update korthout/backport-action action to v1.3.1 (#1918)
  • update dependency kustomize to v5.1.0 (#1916)
  • update hashicorp/vault-action action to v2.7.0 (#1917)
  • update dependency cypress to v12.16.0 (#1914)
  • update dependency com.github.eirslett:frontend-maven-plugin to v1.13.4 (#1913)
  • add stage to lint dockerfile (#1904)
  • update maven docker tag to v3.9.3 (#1911)
  • update dependency com.puppycrawl.tools:checkstyle to v10.12.1 (#1909)
  • update dependency sass to v1.63.6 (#1910)
  • update dependency testcafe to v2.6.2 (#1896)
  • remove not needed large_client_header_buffers again (#1906)
  • update dependency org.springframework.security:spring-security-test to v6.1.1 (#1897)
  • increase large_client_header_buffers to 16k (#1902)
  • add Preview Environments for Identity (#1877)
  • update dependency sass to v1.63.4 (#1895)
  • update dependency org.codehaus.mojo:flatten-maven-plugin to v1.5.0 (#1893)
  • update dependency org.springframework.security:spring-security-test to v6.1.0 (#1894)
  • update dependency @testing-library/dom to v8.20.1 (#1891)
  • update dependency cypress to v12.14.0 (#1892)
  • update react-router monorepo (#1849)
  • update alpine:3.18.2 docker digest to 25fad2a (#1883)
  • affinity rules to spread the identity pods in different Nodes (#1888)
  • update alpine docker tag to v3.18.2 (#1882)
  • update dependency msw to v1.2.2 (#1875)
  • set identity env vars for dev cluster (#1865)
  • add ingress setup for dev environment (#1863)
  • fix saas-registry image path (#1864)
  • update babel monorepo to v7.22.5 (#1861)
  • fix SaaS deployment gha (#1862)
  • refactor gha of SaaS image build & deployment (#1856)
  • rename idecity-ci gha output name (#1854)
  • github workflow for deploying identity to SaaS dev (#1852)
  • add kustomize config under .ci (#1834)
  • update dependency org.codehaus.mojo:build-helper-maven-plugin to v3.4.0 (#1850)
  • update dependency org.apache.maven.plugins:maven-source-plugin to v3.3.0 (#1839)
  • update dependency cypress to v12.13.0 (#1829)
  • update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.3.0 (#1838)
  • update dependency org.apache.maven.plugins:maven-assembly-plugin to v3.6.0 (#1833)
  • fix issue sync workflow for app token retrieval (#1836)
  • add a workflow to make public copies of the issues (#1832)
  • update babel monorepo (#1826)
  • update dependency @types/jest to v29.5.2 (#1828)
  • update maven docker tag to v3.9.2 (#1820)
  • update react-router monorepo (#1822)
  • update alpine:3.18.0 docker digest to c0669ef (#1808)
  • update dependency com.puppycrawl.tools:checkstyle to v10.12.0 (#1806)
  • update dependency cypress to v12.12.0 (#1807)
  • update alpine docker tag to v3.18.0 (#1805)
  • update react-router monorepo (#1798)
  • update dependency sass to v1.62.1 (#1795)
  • update dependency @types/react-transition-group to v4.4.6 (#1800)
  • update dependency msw to v1 (#1533)
  • update junit5 monorepo (#1796)
  • update babel monorepo (#1794)
  • update react-router monorepo (#1781)
  • update dependency prettier to v2.8.8 (#1782)
  • fix dockerfile and file logging config (#1792)
  • update dependency sass to v1.62.0 (#1777)
  • update dependency testcafe to v2.5.0 (#1778)
  • update dependency eslint to v8.39.0 (#1776)
  • update dependency cypress to v12.10.0 (#1759)
  • update spring boot to v3.0.6 (#1772)
  • update dependency org.springframework.security:spring-security-test to v6.0.3 (#1769)
  • update dependency @types/react to v18.0.38 (#1764)
  • update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.2.2 (#1765)
  • update dependency @types/jest to v29.5.1 (#1761)
  • allow compatibility check to run against a given branch (#1747)
  • update maven docker tag to v3.9.1 (#1755)
  • update dependency eslint-import-resolver-typescript to v3.5.5 (#1754)
  • update dependency @types/react to v18.0.35 (#1753)
  • update babel monorepo to v7.21.4 (#1752)
  • update typescript-eslint monorepo to v5.58.0 (#1735)
  • update dependency org.codehaus.mojo:flatten-maven-plugin to v1.4.1 (#1736)
Assets 24
Loading