Digital.ai Release 10.2.x Release Notes

Digital.ai Release 10.2.1

Digital.ai Release 10.2.1 includes these notable new features:

Plugins are now stored in a database, not in the file system
The Plugin Manager supports cluster installations
GitOps-enabled version control is available in Tech Preview
NTLM support for proxies
Webhook event tasks
Stability and performance improvements

The complete list of improvements and bug fixes are described below.

Support Policy

Upgrade Instructions

See below for upgrade notes specific to this version. For detailed instructions on upgrading from earlier versions of Digital.ai Release, refer to Upgrade scenarios.

IMPORTANT Starting with release 10.2.1, plugins are stored in a database and no longer managed by moving files to different locations in the filesystem. This has implications for upgrading the product and installing and upgrading plugins. See below for more information.

Feature breakdown and version-specific upgrade instructions

Plugin Manager

The new Plugin Manager improves the tasks of installing and upgrading integration plugins. Refer to Plugin Manager for more information.

The following are changes to how plugins are installed and loaded by the system:

Plugins are no longer installed by copying files into directories -- they should be installed by using the Plugin Manager UI
The Plugin Manager UI is available in cluster mode and plugins are automatically distributed across nodes
Plugin directories on the server are managed by the Plugin Manager and should not be manipulated by hand.

Additional issues:

The hotfix directory is now split into hotfix/lib and hotfix/plugins
hotfix and ext directories are not managed by the Plugin Manager, and you must managed them manually
After installing or upgrading a plugin, you must restart all your servers
When installing a product upgrade, a new version of bundled plugins are automatically uploaded to the plugin database.

IMPORTANT Classpath entries for plugins have been removed from xlr-wrapper-linux.conf and xlr-wrapper-windows.conf. When using either the automated or manual procedure, you MUST manually edit these files to remove the plugins entry from the classpath. If you have custom entries in the wrapper files please make sure to not include any folders that contain plugins and plugin hotfixes.

If the product won't start and issues an error message that duplicate plugins are detected, you probably need to update the wrapper.conf file.

Troubleshooting with the Plugin Manager CLI

The Plugin Manager downloads plugin files from the database and places them into the file system of a server node. In case of misconfiguration, plugins can be deleted from the database by invoking the Plugin Manager CLI from the command line:

$ bin/plugin-manager-cli.sh

GitOps-enabled Version Control (Tech Preview)

GitOps-enabled version control brings the GitOps style of authoring, reviewing, and publishing content backed by version control to the Release UI.

This feature allows you to version and publish any folder content from the UI -- templates, variables, shared configuration, etc. -- and share it across folders and even separate Release instances. Internally, YAML code is stored in Git and therefore integrates seamlessly with code-centric workflows.

This feature is in Tech Preview for evaluation purposes and can be enabled in Feature settings.

For more information, refer to GitOps-enabled version control.

NTLM Proxy Authentication

The proxy configuration for HTTP servers now supports the NTLM authentication protocol.

This feature is available for the following plugins:

Agility plugin
BlackDuck plugin
CheckMarx plugin
SonarQube plugin
ServiceNow plugin
Octopus Deploy plugin
SonarCloud plugin
Git plugin
Jenkins plugin
Jira plugin
Nexus plugin
Fortify on Demand plugin

Webhook Event Tasks

The new Webhook event tasks feature makes it possible to listen passively (without polling) for outside events received on HTTP Endpoints for Webhooks.

The bundled task Webhook: Wait For Json Event allows you to listen for events and process them with scripts. It uses the same event mechanism as Webhook triggers.

It is also possible to create custom webhook tasks in a plugin. In synthetic.xml, extend the task type webhook.ReactiveTask to create a new webhook event task type and tailor it to your needs. This can eliminate the need for polling and requires the Digital.ai Release server to be reachable from the third-party webhook source.

For more information, please refer to Webhook event tasks.

Release with Delivery Insights

The Delivery Insights dashboard presents the Manifest View for individual application versions and for individual phases. The Manifest View lets you know more about the work items that are part of:

an application version in a phase
all the application versions in a phase

The Manifest View includes the following work item information:

work item ID
work item title
work item type
application, which the work item belongs to
date and time of last activity
status of the work item
and the number of changes (commits) in the work item

You can also download the manifest for a phase or a version (as a .csv file).

To view the Manifest View for a phase, click Manifest view next to the phase name in the Delivery Insights dashboard.
To view the Manifest View for an application's version, click Manifest view on the application version's card in the Delivery Insights dashboard.
In addition, a new Commits tab has been added to the Work Item Details Pane that shows the list of commits associated with the work item.

For more information, see Release with delivery Insights.

Stability and Performance Improvements

Many changes have been made to improve the stability and performance of the Digital.ai Release server in this release. Most notable is the task execution scheduler's use of the database, making the system more resilient in multi-node setups.

OIDC Public Client Support

Support has been added for configuring public clients with OIDC in xl-release.conf.

If clientAuthMethod is set to 'none', the Release server will act as public client. Then clientSecret will not be required and can be removed from the configuration.

The property redirectUri is now optional and will be derived from the server.url property in the xl-release-server.conf file. If needed, it can still be overridden in the OIDC configuration.

xl {
  security {
    auth {
      providers {
        oidc {
          clientAuthMethod = "none"
          clientSecret = <not required now if clientAuthMethod is set as none>
          redirectUri = <optional and will be derived from server.url>
          ...
        }
      }
    }
  }
}

Other Configuration Changes

Remember-me token validity can now be configured, the default value is 30 days. For example:

xl {
    server {
        session {
            remember-me {
                tokenValidity = 30 days
            }
        }
    }
}

Other Support

Digital.ai Release v.10.2.1 is the last release that supports Internet Explorer 11.

Digital.ai Release Integrations

VSTS/TFS Plugin

Users can now specify build versions with Create Release Task.

Agility Integration Plugin

Using the Update Multiple Asset Status task one can now update multiple assets status for the following similar types:

Defect
Test
Task
Story

Functionality has been added to show the Asset Number and Token from the Data section in Output properties for the following tasks:

Check Issue
Create Asset
Create Issue
Update Multiple Asset Status

Hashicorp Vault Plugin

Output properties of ReadSecret now optionally display password variables.

Digital.ai Release 10.2.1 Bug Fixes

Bug fixes

[ENG-3831] - Fixed the As-code issue while exporting the tasks with slash "/" on name, which results in"/".
[ENG-5152] - Fixed the set_of_string field which used to lost when the template is applied/created through the CLI.
[ENG-5200] - Updated the user interface with the more precise format for Day, Week, and Month.
[ENG-5254] - Fixed: The same object (variable) value is modified from different threads.
[ENG-5345] - Find or Create Delivery task—Fixed an issue that prevented users from viewing the Pattern/Stage information on Find Or Create Delivery tasks.
[ENG-5409] - Fixed: Create Release task displays ReleaseId instead of Release Title.
[ENG-5464] - Fixed to pass multiline string parameter in Jenkins task.
[ENG-5508] - Fixed the server not shutdown issue via API.
[ENG-5631] - Fixed an issue that prevented Trigger creation when you import and apply an As Code YAML file that defines:
- a Release Template and a time-based Trigger—wherein the template's name starts with "Release" and the trigger references this template.
- a Release Template and an event-based Trigger—wherein the template's name starts with "Release" and the trigger references this template.
[ENG-5634] - Fixed: Password handling in script tasks is inconsistent when override of security is used.
[ENG-5719] - Fixed an issue that prevented the user from exporting the Release Audit Report.
[ENG-5840] - Fixed the Password field when becomes blank while starting release from Create Releaser task.
[ENG-6420] - Updated and fixed the ‘User Input’ task detail view UI from two inputs to one and variable field to show the previously added value.
[ENG-6436] - Removed unwanted encoding of user input, which made special characters look garbled in Jira tasks.
[ENG-6618] - Fixed the issue: ‘Create Release’ task displays the release ID instead of title for the Root level template.

Digital.ai Release 10.2.2

Kubernetes Operator-based Installation

Note: Helm Charts-based installer is no longer available for Digital.ai Release 10.2 and later.

Digital.ai Release 10.2.2 brings you a simple and sophisticated Kubernetes Operator-based installer to install Digital.ai Release on Amazon EKS, Azure AKS, and OpenShift on AWS clusters
You can download the new Kubernetes Operator-based installer from the Deploy/Release Software Distribution site
Once you download the installer Zip file, Digital.ai Release installation is as simple as adding a few configuration parameters and custom resource definitions to the installer files and running the installer

For more information about Kubernetes Operator-based installation, see Kubernetes Operator.

Digital.ai Release 10.2.2 Bug Fixes

Bug fixes

[ENG-5504] - Fixed the issue when a large number of environments are present, Deployment tile throws an exception
[ENG-7024] - Fixed the duplicate TaskPreconditionValidated deliveries by clearing the executionId on task.
[ENG-7072] - Fixed the issue of variables with DOT in the name, which is not supported when webhook events trigger.

Digital.ai Release 10.2.3

Kubernetes Operator-based Installation

With Release 10.2.3, the Kubernetes Operator offers the following enhancements:

Kubernetes Operator supports migration of Helm-based installation to Operator-based installation. You can upgrade Release 10.0/10.1 versions installed using Helm Charts to Release 10.2 on AWS EKS and OpenShift on AWS clusters.
You can configure OIDC authentication using Keycloak on your Kubernetes Operator-based installation. For more information, see Using Keycloak on Kubernetes Operator-based Deployment.
You can download the XL-CLI binaries from the Software Distribution site.

Bug fixes

[ENG-7296] - Fixed the As Code Apply failure issue for Custom Script task when the Synthetic Property is set as Empty.
[ENG-7282] - Fixed Trigger failure that caused serialization error in cluster mode.
[ENG-7186] - Fixed the issue where RolesApi#getRole()property did not return the exact role name.
[ENG-7175] - Increased release column width on release groups.

Digital.ai Release 10.2.4 Bug Fixes

Bug fixes

[ENG-6862] - Fixed the unfunctional Pop-Up menus (Help and Setting) on a Windows machine
[ENG-7142] - Fixed the issue of the Actor crashing in a task inside the group which is scheduled to start, but the group is not started.
[ENG-7196] - Fixed the issue of displaying all folders when creating a new release.
[ENG-7281] - Fixed the issue of Git servers that do not support atomic pushes which are not handled.
[ENG-7412] - Fixed the Custom logo alignment in the Email Notifications Footer.
[ENG-7487] - Fixed the resolved usernames when showing the Roles page by removing the LDAP data search.
[ENG-7537] - Fixed the issue where Restricting os.path module for Jython script.
[ENG-7586] - Fixed the issue by processing the variable changes correctly.
[ENG-7627] - Fixed the issue of Tooltip number which is not visible in the release tile.
[ENG-7700] - Fixing the issue of application in XLR which does not appear in the Deployment Attribute.

Digital.ai Release 10.2.5 Bug Fixes

Bug fixes

[ENG-7659] - Fixed the issue REOPEN & ESCALATE = Jython not truly patched for XLR 9.8, 10.0.
[ENG-7730] - Resolved the As-code generated dashboards that are not resolving filters on all tiles.
[FI-845] - Fixed the issue of Folder and Global password variable which was not working with failure handler in place for a task.

Digital.ai Release 10.2.6 Bug Fixes

Bug fixes

[ENG-7980] - Fixed the broken Jython patch for issues 2618 and 2894.

Digital.ai Release 10.2.7 Bug Fixes

Bug fixes

[ENG-8052] - Fixed an issue for unknown ConfigurationItem property xlrelease.Attachment.release.

Digital.ai Release 10.2.8 Bug Fixes

Bug fixes

FI-912 - Fixed an issue with the Release CLI that caused problems with template export/import.
FI-917 - Fixed an issue with fetching the global variables (missing global variable exception) during the Wait for JSON Event task.

Digital.ai Release 10.2.9 Bug Fixes

Bug fixes

[ENG-8434] - The non-BaseScript task, notification task, and so on are no longer removed from the job queue when you abort such tasks using the Task Manager. An error is logged instead when you abort such tasks using the Task Manager.
[ENG-8468] - Changed the datatype for job id field to address the INT limit issue.
[FI-745] - Fixed the trigger consistency issue in clustered environment.
[FI-893] - Fixed a permission issue (with Reactive Tasks) that prevented users from updating release variables.
[FI-943] - Fixed the "java.io.FilePermission" "/root/.postgresql/postgresql.crt" "read" reporting pool error.
[FI-963] - Digital.ai Deploy and Release are not susceptible to log4j vulnerability. Though Digital.ai Deploy and Release were bundled with log4j-to-slf4j and log4j-api files, these JAR files cannot be exploited. While neither these files nor Digital.ai Deploy and Release are susceptible to attack due to this log4j vulnerability, some threat detection systems may flag these files. To avoid any such false positive threat indications in future, the latest log4j library files (interface and supporting third party libraries) were bundled with both Digital.ai Release and Deploy. For more information, see Log4j Vulnerability to Zero-Day Exploit and Digital.ai Release and Deploy.

Digital.ai Release 10.2.10 Bug Fixes

Bug fixes

[ENG-8302] - Fixed an issue that prevented a release (that was created from a global template) from inheriting folder permissions.
[ENG-8545] - Fixed—You can now use variables in the Watchers field of release tasks.
[ENG-8812] - Digital.ai Deploy and Release are not susceptible to log4j vulnerability. Though Digital.ai Deploy and Release were bundled with log4j-to-slf4j and log4j-api files, these JAR files cannot be exploited. While neither these files nor Digital.ai Deploy and Release are susceptible to attack due to this log4j vulnerability, some threat detection systems may flag these files. To avoid any such false positive threat indications in future, the latest log4j library files (interface and supporting third party libraries) were bundled with both Digital.ai Release and Deploy. For more information, see this article.
[ENG-8952] - Fixed the missing index on XLR_FOLDER_VARIABLES (FOLDER_CI_UID).
[ENG-9015] - Fixed the incorrect Digital.ai Release component version in one of the database tables the XL_VERSION table.

Important: If you are upgrading from one of the following Digital.ai Release versions, you must only upgrade to the latest patch release available for the version of Release you are upgrading to. For example, if you are on Digital.ai Release version 10.0.9 and planning to upgrade to the 10.3 version, you should upgrade to 10.3.8 or later versions of the 10.3 release. Here's the list of Release versions that are affected due this bug: Digital.ai Release 9.7.18, 9.7.19, 9.7.20, 10.0.7, 10.0.8, 10.0.9, 10.0.10, 10.1.6, 10.1.7, 10.1.8, and 10.1.9. The fix for the bug is available on these versions: Digital.ai Release 9.7.21, 10.0.11, 10.1.10, 10.2.10, 10.3.8, and 22.0.1.

Digital.ai Release 10.2.11 Bug Fixes

Bug fixes

ENG-9080 — Fixed an issue where the cluster data was not properly persisted in the database.
FI-859 — Fixed an issue with Folder variable mapping in the Release properties that prevented users from selecting variables under the Run automated tasks as user field.

Digital.ai Release 10.2.13 Bug Fixes

Bug Fixes and Field Incidents

Note: There is no Release version 10.2.12.

FI-1018 - Fixed an issue with the Create Release task where the changes to the variable properties (label, description, required Flag) of the release template were not reflecting correctly.
ENG-9397 - Fixed an issue where we were unable to apply YAML with the value provider in CRT variables.
ENG-9180 - Fixed an issue with the task-transition permission by removing it from Release Owners. Earlier this permission was available by default. Now it has to be configured.

Digital.ai Release 10.2.14 Bug Fixes

Bug Fixes and Field Incidents

D-20588 - Fixed an issue with the notification e-mail, which was not getting triggered when your e-mail address is inputted using the Assigned To field via release_variable task. Note that, only Username must be used to assign tasks

Digital.ai Release 10.2.15 Bug Fixes

Bug Fixes and Field Incidents—10.2.15

D-20318 - Fixed the issue for the CVEs that were detected in the latest Release Docker distribution.
D-20645 - Fixed the issue where multiple API calls were made to access the variables in the user-input task.
D-20706 - Fixed the issue where importing java classes in jython script tasks was not possible.
D-20761 - Fixed the issue with the script task, which was unable to instantiate a condition subclass.

Digital.ai Release 10.2.16 Bug Fixes

Bug Fixes and Field Incidents—10.2.16

D-21088 - Issue with the "Watchers" user drop-down list in Task modal—the search text entered to search for a user was also added as a watcher when you select a user using the mouse, which is now fixed.
D-21131 - Fixed an issue with the Attributes Rail—on clicking the Delete icon (not the button itself, but trash icon), the Edit Attributes modal opens up.

Digital.ai Release 10.2.17 Bug Fixes

Bug Fixes and Field Incidents—10.2.17

D-20582 - Fixed the issue that prevented multiline text from being displayed in Output properties of a task.
D-21101 - Script tasks, if immediately preceded by a Gate task, fail to read the comments added to the Script task at runtime. This is now fixed.
D-21120 - Fixed an issue with the Webhook:Json webhook task that generates wrong authorization token.
D-21470 - When you import an already exported template from one instance to another, it breaks the folder. It is because the passwords are encrypted with different encryption key. The issue is now fixed.
D-21400 - When a valid Okta user, who is not assigned to the Digital.ai Release application in Okta, tries to login, an indefinite redirect loop occurs. This issue is now fixed.
D-21573 - You cannot export an excel report from a release that is completed and archived. This issue is now fixed.
D-21886 - After upgrading to 22.0.1, the dependencies that existed in Gate tasks before the upgrade are not available. These Gate tasks display the status as Not Found even when their status is In Progress. This issue is now fixed.