From 48ae3903b81899c2ec866994266bbdc9c3ccbed1 Mon Sep 17 00:00:00 2001 From: Alejandro Acevedo Date: Fri, 23 May 2025 10:36:08 +0200 Subject: [PATCH 1/4] STAC-22752: Document displaNameField --- setup/security/authentication/oidc.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/setup/security/authentication/oidc.md b/setup/security/authentication/oidc.md index 048ecf526..3344f0a74 100644 --- a/setup/security/authentication/oidc.md +++ b/setup/security/authentication/oidc.md @@ -36,6 +36,7 @@ stackstate: scope: ["openid", "email"] jwtClaims: usernameField: email + displayNameField: name groupsField: groups customParameters: access_type: offline @@ -61,6 +62,7 @@ Follow the steps below to configure SUSE Observability to authenticate using OID * **customParameters** - Optional map of key/value pairs that are sent to the OIDC provider as custom request parameters. Some OIDC providers require extra request parameters not sent by default. * **jwtClaims** - * **usernameField** - The field in the OIDC user profile that should be used as the username. By default, this will be the `preferred_username`, however, many providers omit this field. A good alternative is `email`. + * **displayNameField** - The field in the OIDC user profile that should be used as the displayName. By default, this will be the `name`. * **groupsField** - The field from which SUSE Observability will read the role/group for a user. 2. In `authentication.yaml` - map user roles from OIDC to the correct SUSE Observability subjects using the `roles.guest`, `roles.powerUser`, `roles.admin` or `roles.platformAdmin` settings \(see the example above\). For details, see the [default SUSE Observability roles](../rbac/rbac_permissions.md#predefined-roles). More SUSE Observability roles can also be created, see the [RBAC documentation](../rbac/). 3. Store the file `authentication.yaml` together with the `values.yaml` file from the SUSE Observability installation instructions. From 9e51fd516e23bc16b366c8e32f93ab61192aa4c2 Mon Sep 17 00:00:00 2001 From: Alejandro Acevedo Date: Tue, 27 May 2025 11:23:11 +0200 Subject: [PATCH 2/4] STAC-22692: Add orhpaned pvc monitor to docs and add it to the ones that allow overrides --- use/alerting/k8s-override-monitor-arguments.md | 1 + use/alerting/kubernetes-monitors.md | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/use/alerting/k8s-override-monitor-arguments.md b/use/alerting/k8s-override-monitor-arguments.md index fa89209b9..5c48713e1 100644 --- a/use/alerting/k8s-override-monitor-arguments.md +++ b/use/alerting/k8s-override-monitor-arguments.md @@ -61,6 +61,7 @@ The full annotation then would look like * [Node Memory Pressure](/use/alerting/kubernetes-monitors.md#node-memory-pressure) * [Node PID Pressure](/use/alerting/kubernetes-monitors.md#node-pid-pressure) * [Node Readiness](/use/alerting/kubernetes-monitors.md#node-readiness) +* [Orphaned Persistent Volumes](/use/alerting/kubernetes-monitors.md#orphaned-persistent-volumes) (Only the `enabled` property) * [Out of memory for containers](/use/alerting/kubernetes-monitors.md#out-of-memory-for-containers) ## Build an override for a custom monitor diff --git a/use/alerting/kubernetes-monitors.md b/use/alerting/kubernetes-monitors.md index f45845804..631d9efe2 100644 --- a/use/alerting/kubernetes-monitors.md +++ b/use/alerting/kubernetes-monitors.md @@ -77,6 +77,10 @@ Allows [Override Monitor arguments](/use/alerting/k8s-override-monitor-arguments Check if the Node is up and running as expected. Allows [Override Monitor arguments](/use/alerting/k8s-override-monitor-arguments.md) +### Orphaned Persistent Volumes +Verify that no persistent volumes are orphaned. An orphaned persistent volume is a persistent volume that is not associated with a persistent volume claim. An orphaned persistent volume can be a security risk, as it may contain sensitive data that is not being used. An orphaned persistent volume can also be a waste of resources, as it is not being used. +Allows [Override Monitor arguments](/use/alerting/k8s-override-monitor-arguments.md) but only the `enabled` property + ### Out of memory for containers It is important to ensure that the containers running in your Kubernetes cluster have enough memory to function properly. Out-of-memory (OOM) conditions can cause containers to crash or become unresponsive, leading to restarts and potential data loss. From 3c0b04e62d44852a5bc1dda12863ceffe8cf44ce Mon Sep 17 00:00:00 2001 From: Daniel Barra Date: Tue, 3 Jun 2025 14:31:28 -0300 Subject: [PATCH 3/4] STAC-22794: Add release notes 2.3.4 release --- SUMMARY.md | 1 + setup/release-notes/v2.3.4.md | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 setup/release-notes/v2.3.4.md diff --git a/SUMMARY.md b/SUMMARY.md index f10e1c95b..e2ffde4c5 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -147,6 +147,7 @@ * [v2.3.1 - 17/Mar/2025](setup/release-notes/v2.3.1.md) * [v2.3.2 - 22/Apr/2025](setup/release-notes/v2.3.2.md) * [v2.3.3 - 07/May/2025](setup/release-notes/v2.3.3.md) + * [v2.3.4 - 04/Jun/2025](setup/release-notes/v2.3.4.md) * [Upgrade SUSE Observability](setup/upgrade-stackstate/README.md) * [Migration from StackState](setup/upgrade-stackstate/migrate-from-6.md) * [Steps to upgrade](setup/upgrade-stackstate/steps-to-upgrade.md) diff --git a/setup/release-notes/v2.3.4.md b/setup/release-notes/v2.3.4.md new file mode 100644 index 000000000..325f3ed64 --- /dev/null +++ b/setup/release-notes/v2.3.4.md @@ -0,0 +1,25 @@ +--- +description: SUSE Observability Self-hosted +--- + +# v2.3.4 - 04/Jun/2025 + +## Release Notes: SUSE Observability Helm Chart v2.3.4 + +### New Features & Enhancements + +* **Elasticsearch Liveness Probe Timeout:** The `livenessProbe` timeout for Elasticsearch has been increased. +* **ClickHouse Installation on OpenShift:** Documentation has been added to guide users on how to install ClickHouse (one of the supported databases) on OpenShift. +* **Improved Trace Filtering:** The trace filtering functionality in the Traces UI has been enhanced. Attribute filters now select traces where at least one span within the trace matches all of the specified attributes. +* **Inclusion of Traces Without Root Spans:** Traces that lack a root span are now included in trace query results. This addresses scenarios where the root span might be missing due to timeouts, network connectivity issues, or misconfigurations of an OTel exporter. +* **Breaking Change: OpsGenie Notification Channel API:** The OpsGenie Notification Channel API now enforces strict enum matching for requests and responses, ensuring greater consistency in API interactions. +* **PostgreSQL Protocol Metrics:** New metrics have been added for PostgreSQL protocol latency and throughput. + +### Bug Fixes + +* **Derived State Monitor Editing:** Fixed an issue that prevented correct editing of `componentTypes` for the derived state monitor function. +* **Topology Overflow Display:** The overview page now correctly displays a topology overflow message instead of an unexpected error page in the event of an overflow. + +## Agent Bug Fixes + +* **Agent Startup on Older Kernels:** Resolved an issue where the agent failed to start on kernels older than 5.8 due to a "bpf\_probe\_read not found" error. \ No newline at end of file From ee051a2a889fb392f12cb812fd8ba86e2d85e114 Mon Sep 17 00:00:00 2001 From: Daniel Barra Date: Wed, 4 Jun 2025 09:21:16 -0300 Subject: [PATCH 4/4] STAC22794: Fix unnecessary slash request on PR --- setup/release-notes/v2.3.4.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/release-notes/v2.3.4.md b/setup/release-notes/v2.3.4.md index 325f3ed64..db89a7c73 100644 --- a/setup/release-notes/v2.3.4.md +++ b/setup/release-notes/v2.3.4.md @@ -22,4 +22,4 @@ description: SUSE Observability Self-hosted ## Agent Bug Fixes -* **Agent Startup on Older Kernels:** Resolved an issue where the agent failed to start on kernels older than 5.8 due to a "bpf\_probe\_read not found" error. \ No newline at end of file +* **Agent Startup on Older Kernels:** Resolved an issue where the agent failed to start on kernels older than 5.8 due to a "bpf_probe_read not found" error. \ No newline at end of file