0.3.0M8
๐ New Features
User Consent Flow
This new feature facilitates the implementation of user consent requirements (e.g. as mandated by the European Tangible Goods Directive) by enhancing the action state machine with a new state WAITING_FOR_CONFIRMATION
. Whenever a new deployment action is initiated (e.g. through a rollout or a manual assignment), it needs to be confirmed first before it enters the state RUNNING
. If the confirmation is rejected, the action continues to be in state WAITING_FOR_CONFIRMATION
until it is confirmed at a later point in time or cancelled. To accept or reject a pending confirmation, device implementors can use the Direct Device Integration API (DDI) or the Device Management Federation API (DMF). In case of DDI, a new "confirmationBase" resource has been introduced providing the information about pending confirmations and the associated updates. For DMF, a new "CONFIRM" message has been introduced, informing the target device about open confirmations.
In addition, a target device can also be set into an auto-confirm
state to indicate that all future actions of this device shall be confirmed automatically. This enables two use cases: Operators might want to disable the confirmation phase for specific test devices, whereas end-users might want to enable automatic updates and give their consent for all future updates (until revoked). The auto-confirm
state can either be set by target devices via DDI and DMF, or by operators via Management API and UI.
This feature was contributed by @dimitar-shterev, @strailov, @ramannas, and @herdt-michael in #1293
- Support user consent flow by @herdt-michael in #1293
Target Types
By default, all targets are compatible to all distribution sets. This means, every valid distribution set, that has the required software modules assigned, can be assigned for installation to all available targets. However, some targets might not support the content of the distribution set, but the assignment of it is possible with Eclipse hawkBit, nevertheless. To avoid such wrong assignments and for the sake of user guidance, it is possible to restrict the general compatibility using target types and define for presumably different types of targets the specific types of distribution sets that they are compatible with.
- Feature target type filter by @aktivk in #1197
- Feature target with target type in UI by @aktivk in #1178
- Feature - TargetType compatibility check by @singrob in #1180
- Implement target type CRUD UI operations by @vkandrotas in #1184
- Feature target type entity by @aktivk in #1162
Invalidation of Distribution Sets
Imagine following scenario: A new software update was distributed to many thousand devices using the auto assignment feature. After a few hundred devices have downloaded the update, a major issue within the software is detected and any further software rollout needs to be stopped immediately. The mass-canceling of running update actions can be achieved by invalidating the distribution set the major issue was detected on. The invalidation can be done either via the Management API or the UI.
- Introduce basic functionality for invalidation of distributionsets by @sebastian-firsching in #1179
- Feature invalidation of distribution sets [UI part] by @blomark in #1176
- Feature mass cancel running actions on ds invalidation by @Nkyn in #1177
Manually Trigger the Next Rollout Group
This new rollout feature gives you more flexibility in controlling the execution of your rollout groups. Typically, the cascaded execution of rollout groups is controlled by the so-called "trigger threshold". The trigger threshold specifies a percentage of target devices which have finished their installation of the assigned firmware update. When the trigger threshold is exceeded, the next rollout group will be executed.
There are cases, however, when the trigger threshold of a rollout group is never met, for example, if too many target devices are offline. As a consequence, the execution of your rollout, in particular the execution of the remaining rollout groups, might be stuck. To overcome this state, you can now manually trigger the next rollout group, without waiting for the trigger threshold to be reached. The new feature is offered as part of the Management API and Management UI.
- Trigger next rollout group - backend and management API implementation by @dimitar-shterev in #1294
Artifact Encryption
- Artifact Encryption plug point by @bogdan-bondar in #1202
Management API: New Resource Collection /rest/v1/actions
This new Management API feature provides read-only access to the collection of deployment actions via the context path "/rest/v1/actions". Furthermore, it allows you to filter this collection in a very flexible way by defining FIQL queries (request parameter 'q'). For example, you can define the following queries:
- Find all actions that match a certain action status (e.g. downloaded, finished, error, scheduled etc.).
- Find all actions that were spawned by a certain rollout.
- Find all actions that failed with a certain status code.
- Find all actions that refer to a certain distribution set.
So far, the collection of deployment actions could only be accessed for a specific target device ("action history"). With this new API, you can retrieve the data that is relevant for your specific scenario and feed it into your own custom UIs (e.g. dashboards) to monitor and troubleshoot your firmware updates.
- Add resource collection /rest/v1/actions to Management REST API by @stefbehl in #1299
- Management API: Allow to filter actions by last status code by @stefbehl in #1311
- Add new endpoint for single action by @strailov in #1316
DDI-API: InstalledBase
Installed Base is a new feature which extends the DDI API with the "installedBase" endpoint that behaves similar to "deploymentBase" but instead of providing the latest on-going assignment, it provides the latest installed Distribution Set information. It can be used in multiple scenarios of a factory reset, device sync, etc.
DMF-API: Optional ControllerAttributes in THING_CREATED
The "attributeUpdate" property provides the attributes of the thing, for details see UPDATE_ATTRIBUTES message. This property is optional.
{
"name": "String",
"attributeUpdate": {
"attributes": {
"exampleKey1" : "exampleValue1",
"exampleKey2" : "exampleValue2"
},
"mode": "String"
}
}
- Optional controller attributes for THING_CREATED by @bogdan-bondar in #1154
UI Deep-Linking for Targets and Target Quicklinks in Management UI
To improve the usability of the Management UI of Eclipse Hawkbit, the target list views that are displayed on the Rollout and Target Filter views provide target quicklinks which take a user back to the Deployment view and, at the same time, select a specific target. This is useful if a user wants to take closer look at a certain target which is listed for a rollout group or target filter. By clicking the target quicklink, the user is taken back to the Deployment view and is immediately presented with the details of that specific target, in particular its action history.
The quicklinks are based on a new target deep-linking concept.
Example: <hawkbit-server-url>/UI/#!deployment/target=<target_id>
- UI deep-linking for targets by @bogdan-bondar in #1230
- Provide target quicklinks from Target Filters and Rollout views to Deployment view by @stefbehl in #1270
Support for Action Status Codes
This new feature enables targets to optionally include a status code into their action status feedback messages that are sent to Eclipse Hawkbit. The feature is supported via DDI and DMF. Annotating action status entries with status code simplifies the troubleshooting of software updates, e.g. by detecting error clusters matching a specific status code.
- Introduce action status scoped custom code by @herdt-michael in #1277
- Introduce action status scoped custom code - part 2 by @stefbehl in #1281
- Adding last action status code in view Rolloutgroup targets by @blomark in #1295
- Management API: Allow to filter actions by last status code by @stefbehl in #1311
- Management API: Expose lastStatusCode property of action entities by @stefbehl in #1313
Management UI: Enhanced List Sorting
Various lists which are displayed in the different views of the Management UI can be sorted now by using the sorting controls that are exposed via the table columns. This is in particular useful for lists displaying many items. For example, a user might want to sort the targets of a rollout group based on their software update status to bring those targets with status 'Error' to the top of the list.
โ ๏ธ Required Migrations
๐๐ป Improvements
- Feature/remove junit5 leftovers by @floruschbaschan in #1097
- Execute rollouts and auto assignments in the correct user context by @stefbehl in #1100
- UI error handling refactoring by @bogdan-bondar in #1106
- Refactoring TargetFilterQueryManagement by @herdt-michael in #1108
- Refactor AutoAssignExecutor to improve the extensibility by @herdt-michael in #1110
- ManagementApi: Action does not have property containing rollout name by @stefbehl in #1116
- Simplified JpaRolloutManagement, moved rollout handling logic to JpaRolloutHandler by @a-sayyed in #1094
- Injectable UI target data suppliers by @bogdan-bondar in #1123
- UI Remote events dispatch event by @bogdan-bondar in #1129
- Set DdiActionFeedback ID deprecated by @floruschbaschan in #1091
- Added userinfo endpoint to validate basic auth by @aktivk in #1131
- Feature/handle amqp fatal errors by @ramannas in #1111
- Make RSQL visitor pluggable via a managed bean by @stefbehl in #1145
- View-scoped event listeners by @bogdan-bondar in #1134
- Set key of DistributionSetType and SoftwareModuleType required by @floruschbaschan in #1140
- Replace NoCountPagingRepository by interface with dedicated findAllWithoutCount by @dobleralex in #1146
- Align target queries to only use specifications by @dobleralex in #1148
- Feature/enforce hash validation for uploads by @singrob in #1158
- Colour property in Mgmt API response for DS/SM type by @Nkyn in #1174
- Test: max DS Types per TargetType by @Nkyn in #1175
- README: add mention to Hara and hara-ddiclient by @diegorondini in #1173
- README.md: Add rauc-hawkbit-updater to the list of clients supporting hawkBit by @ejoerns in #1181
- Docu for target type endpoints in Target API by @Nkyn in #1185
- Ensure a '.' character is allowed to be used in target filter query for metadata key and attribute name by @blomark in #1186
- Support keywords in queries by @Nkyn in #1193
- Specification and BaseRepositotyProvider improvements by @dobleralex in #1182
- Added Insufficient Permissions UI error extractor by @bogdan-bondar in #1196
- Adapt UI for target type compatibility check by @singrob in #1189
- Remove mysql_user and update documentation by @mgilroy in #1139
- Add target type to docu by @Nkyn in #1199
- Use an empty AMQP Message body instead of a null value by @floruschbaschan in #1200
- Same origin x-frame-options header security config by @bogdan-bondar in #1207
- Make entity object of event optional by @StefanKlt in #1209
- Add license header for Bosch.IO 2022 by @Nkyn in #1221
- Make JpaControllerManagement inheritable by @singrob in #1227
- Updated migration guide to include deprecated property by @bogdan-bondar in #1225
- Feature/fix sonar warnings by @vigier in #1226
- Feature/speedup quota tests by @a-sayyed in #1125
- Optimize UI queries by @bogdan-bondar in #1234
- Extend event for entity events by @herdt-michael in #1250
- Improved debug logs for autoassignment by @bogdan-bondar in #1253
- Avoid using RegexRequestMatcher due to [CVE-2022-22978] by @herdt-michael in #1258
- Improve target management by @herdt-michael in #1260
- Calculate target count asynchronously by @bogdan-bondar in #1263
- Provide API for auto assignment check for specific device by @herdt-michael in #1262
- Introduce new tenant configuration events by @herdt-michael in #1059
- PopUp dialog for canceling queued uploads by @singrob in #1112
- Consider Target Fields when validating RSQL filters by @stefbehl in #1121
- Publish target assign event by @herdt-michael in #1136
- Support case-insensitive RSQL expressions /target filters by @stefbehl in #1137
- Provide API for auto assignment check for specific device by @herdt-michael in #1262
- Calculate target count asynchronously by @bogdan-bondar in #1263
- Make custom target filter table expandable by @herdt-michael in #1267
- Cors config adaptation by @bogdan-bondar in #1272
- Dmf batch support changes by @dimitar-shterev in #1273
- Adapt cancel flow by @herdt-michael in #1274
- Added assignment quota error UI extractor by @bogdan-bondar in #1278
- Send DMF batch message on thing_created event #1284
- Replacing self-managed SonarQube with Sonarcloud by @blomark in #1286
- Specify explicit branch name for sonar by @bogdan-bondar in #1289
- Adapted resources to reflect switch to sonarcloud by @blomark in #1290
- Add type name to mgmt api responses by @StefanKlt in #1298
- Docs: switch to goldmark markdown handler by @diegorondini in #1304
- Unify search behaviour in Mgmt UI by @strailov in #1319
- Make exposed CORS headers configurable by @herdt-michael in #1322
- Expose total groups in rollout json representation in mgmt API by @strailov in #1330
- Management API: Rollout collection to correctly expose totalTargetsPerStatus property by @stefbehl in #1332
- Introduce GitHub action to execute vulnerability scan using Trivy by @herdt-michael in #1333
- Management API: Expose forceTime and startAt fields in rollout representation by @strailov in #1336
- Scan only latest image and library vulnerabilities by @herdt-michael in #1339
- README: update Hara section by @diegorondini in #1343
- Management API: Full representation of rollout group must expose totalTargetsPerStatus property by @stefbehl in #1345
๐ Bugs fixed
- Fix the creation of the Usage Report by @herdt-michael in #1101
- Fix error for downloading soft deleted artifact binary by @StefanKlt in #1102
- Fix output folder for REST docu tests by @Nkyn in #1109
- Fix CANCEL_REJECTED action status icon by @herdt-michael in #1115
- Fix test name in order to get executed by surefire by @floruschbaschan in #1117
- Remove wrong license header by @floruschbaschan in #1127
- Fix sonar/repository for target type by @bogdan-bondar in #1169
- Fix null pointer exception in rsql target field validation test by @bogdan-bondar in #1172
- Fix API doc tests in regard to target type compatibility by @Nkyn in #1191
- fixed compatibility check bug by @singrob in #1198
- Fix DistributionSet Tag API docs by @Nkyn in #1219
- Fix installedBase link in DDI base resource by @Nkyn in #1232
- Fix overdue timestamp calculation permission by @bogdan-bondar in #1235
- Fix VirtualPropertyResolverTest by @StefanKlt in #1269
- Make DdiActionFeedback#time value an optional property by @herdt-michael in #1283
- Add db migration script of action status code for POSTRESQL databases by @herdt-michael in #1291
- Exclude soft deleted entities from findByRsql result for all entities by @StefanKlt in #1297
- Fix Sonar issue in AbstractAmqpIntegrationTest by @stefbehl in #1301
- Fix website build with recent Hugo by @diegorondini in #1302
- Docs: fix sandbox URL by @diegorondini in #1303
- Make attributes layout horizonthal scroll bar visible by @strailov in #1308
- Fix compile error in test by @StefanKlt in #1310
- Fix several typos by @zyga in #1314
- Fix markdown formatting of some documentation tables by @zyga in #1315
- Removed the tenant from the username by @ramannas in #1324
- jpa/tests: fix flaky findMessagesByActionStatusId test by @MartB in #1325
- Fix sub entity attribute formatting by @herdt-michael in #1326
- Fix the wildcard search and add additional junit on software module by @ramannas in #1327
- Fix issues in rollout creation dialog by @herdt-michael in #1329
- Fix software module /distribution set creation based on soft-deleted type by @strailov in #1335
- Fix circular rollout dependencies by @herdt-michael in #1337
- Fix typo in permission docs by @dcd-arnold in #1338
- Add validation for deployment groups and rollouts by @strailov in #1341
- Fix CANCEL_REJECTED dmf behaviour by @strailov in #1346
- Fix Spring config of RSQLUtilityTest by @stefbehl in #1351
โฌ๏ธ Version Upgrades
- Migration to JUnit5 as default test runtime by @schabdo in #1082
- Upgrade Vaadin to 8.12.3 by @bogdan-bondar in #1089
- Removed flyway downgrade by @ramannas in #1114
- Dependency upgrades by @bogdan-bondar in #1170
- Vaadin security upgrade to 8.14.1 by @bogdan-bondar in #1188
- Update jsoup by @bogdan-bondar in #1276
- Feature/java11 build by @floruschbaschan in #1280
- Upgraded few dependencies (json, netty-all, logback, jackson-bom) by @ramannas in #1296
- Upgrade to Spring Boot 2.7.8, Spring Framework 5.3.25, and Spring Cloud 2021.0.5 by @stefbehl in #1320