Version 2.7.1
Features Changed
Updated VS Code to version 1.89.1.
Reduction of noise in logging for session manager, secrets manager and training portal, with additional more specific logging on what each is doing.
Bugs Fixed
If a
SecretCopier
contained multiple rules and a namespace was matched by a rule which was in a terminating state, the attempt to create the secret in that namespace would fail but not be caught. This meant that any rules which followed that rule were not being applied on that pass and would only be applied some time later after the terminating namespace had finally been deleted. To reduce chance of this occuring, a namespace which is not in the active state will be skipped for matching. Also, any unexpected exception will be explicitly caught and logged rather than being propogated back to the caller.In the most recent Fedora base image used by workshop images the
nc
package was changed so as to refer toncat
, breaking workshops which were used to thenetcat
package variant being used. Thenc
alias has been reverted to usenetcat
by installingnetcat
package instead ofnc
. Thencat
package is also installed if want newer variant ofnc
, but you will need to use thencat
command explicitly.If the cluster DNS server was slow to start resolving DNS names after a new node was started, the session manager could fail on startup and enter crash loop back off state. To remedy both session manager and secrets manager now ensure DNS is able to resolve cluster control plane DNS name before starting up. Startup probes have also been added to these two operators.
If the cluster DNS didn’t return a FQDN for the
kubernetes.default.svc
when queried by that name, the value of theCLUSTER_DOMAIN
variable provided to the workshop sessions would be incorrect. This was occuring when Educates was installed into some versions of a virtual cluster. When the returned host name is not a FQDN, thencluster.local
will now be used.Workshop session dashboard configuration could not in some cases be overridden from inside of the workshop session by modifying the injected workshop definition. This included not being able to change workshop/terminal layout and whether the dashboard tabs for the editor and console were displayed.
The builtin Google Analytics integration was broken due to the
TrainingPortal
Content Security Policy (CSP) directives declaring outdated sources. The CSPs now allow for*.google-analytics.com
and*.googletagmanager.com
to be referenced.The
CSRF_ALLOWED_ORIGINS
setting for theTrainingPortal
Django backend was breaking CSRF verification for anyTrainingPortal
with a customPORTAL_HOSTNAME
configured. We now use thePORTAL_HOSTNAME
as allowed CSRF origin and only fall back to the previous implementation if no custom hostname was provided.The workshop title in the dropdown TOC of the workshop instructions was not being populated with the workshop title from the workshop definition when the Hugo renderer was being used.
If a workshop session had not been registered by the session manager within 30 seconds of creation and a workshop allocation was pending, the workshop allocation would not progress properly to the allocated state and any request objects associated with the workshop session would not be created. From the perspective of a workshop user the session would still appear to work as the workshop dashboard would still be accessible, but request objects would be missing. Timeout for workshop session registration has been increased to 45 seconds. Because default overall startup timeout is 60 seconds, cannot really increase this much further. Will continue to monitor the situation and see if other changes are needed, including increasing startup timeout to 90 seconds and timeout for workshop session registration with the operator to 60 seconds.
If text followed a clickable action and the
cascade
option was used, the subsequent clickable action would not be automatically triggered. It would work okay if the next clickable action immediately followed the first. This was broken when the cascade mechanim was extended to all clickable actions and not just examiner clickable actions.When using
SecretExporter
andSecretImporter
together, if the source secret did not exist at the time these resources were created, then it would take up to sixty seconds after the source secret was created before it was copied to the target namespace, rather than being copied immediately.When using
request.objects
and the Kubernetes resource failed client side validation even before attempt to create it on the server, the error was not being caught properly. Details of the error were still captured in the session manager logs, but the details of what failed were not captured in the status message of theWorkshopAllocation
resource, nor was the status of the resource updated to “Failed”.The pod security polices (obsolete Kubernetes versions) and security context constraints (OpenShift) resources created for a workshop environment were not being set as being owned by the workshop namespace. This meant these resources were not being deleted automatically when the workshop environment and workshop namespace were deleted.