Kestra Release Note - 0.10.0

This new release brings important new core features such as Blueprints, new Script plugins, integration of basic authentication, and a secret function making the Open Source Edition even more robust.

Features

Blueprints

Blueprints are a curated, organized, and searchable catalog of ready-to-use examples designed to help you kick-start your workflow.

It’s available as a new section on the left bar menu and directly within the editor view**. All blueprints are validated and documented so that they just work.

You can easily customize and integrate them into your new or existing flows with a single click on the “Use” button.

Check out the documentation.

Enterprise Edition users could write their own organization blueprints so they can share and grow a library of internal blueprints within teams.

Improved Support for Scripting

In this release, we revamped scripting tasks to bring more flexibility and control.
Each script task is now, by default, running in its own dedicated container.You can attach any Docker image you want if you need a specific one.
New tasks are available for Shell, Python, R, and Node.js:

• Script: to write and run ad-hoc scripts. It comes with a beforeCommands property to execute any instruction needed before running the main script (installing dependencies for example)

    id: script
    namespace: release
    
    tasks:
      - id: run_python
        type: io.kestra.plugin.scripts.python.Script
        beforeCommands:
          - pip install requests
        warningOnStdErr: false
        script: | 
          import requests
          import json
    
          response = requests.get("https://api.github.com")
          data = response.json()
          print(data)

• Command: to run arbitrary commands in a single task configuration. This task can be very powerful and associated with the WorkingDirectory task. For example, to clone a Git repository and then execute the corresponding scripts.

    id: command
    namespace: release
    
    tasks:
      - id: working
        type: io.kestra.core.tasks.flows.WorkingDirectory
        tasks:
    
          - id: clone_repo
            type: io.kestra.plugin.git.Clone
            url: https://github.com/your_repository
    
          - id: run_python
            type: io.kestra.plugin.scripts.python.Command
            beforeCommands:
              - pip install -r requirements.txt
        dockerOptions:
        	    image: ghcr.io/kestra-io/pydata:latest
            commands:
              - python main.py

• LocalFile: to create files in the local filesystem or to send files from the local filesystem to the internal storage. This task allows to uncouple inline scripts to their execution.

      id: "local-file"
      namespace: release
      tasks:
        - id: workingDir
          type: io.kestra.core.tasks.flows.WorkingDirectory
          tasks:
          - id: inputFiles
            type: io.kestra.core.tasks.storages.LocalFiles
            inputs:
              hello.txt: "Hello World"
              address.json: "{{ outputs.myTaskId.uri }}"
          - id: bash
            type: io.kestra.plugin.scripts.shell.Command
            commands:
              - cat hello.txt
      	- sed -n 's/.*"country":"\([^"]*\)".*/\1/p' address.json

It also allows to expose outputs to internal storage. In the following example, we create two files with Bash commands and expose those into Kestra internal storage with the outputs property LocalFiles

    id: "local-files"
    namespace: release
    
    tasks:
      - id: workingDir
        type: io.kestra.core.tasks.flows.WorkingDirectory
        tasks:
        - id: bash
          type: io.kestra.plugin.scripts.shell.Command
          commands:
            - mkdir -p sub/dir
            - echo "Hello from Bash" >> sub/dir/bash1.txt
            - echo "Hello from Bash" >> sub/dir/bash2.txt
        - id: outputFiles
          type: io.kestra.core.tasks.storages.LocalFiles
          outputs:
            - sub/**

Those tasks run by default on DOCKER but you can use the runner: PROCESS property to run it as a process on the Kestra host.

Note: the old scripting tasks w ill be deprecated, removed from the core and being retro compatible within the new plugins.

DAG task

Creating directed acyclic graphs, a common pattern in data orchestration, was already possible in Kestra by through Flow dependencies. With a brand new DAG task, it’s now even easier to do; directly between tasks at the Flow level.

id: magicDAG
namespace: dev
tasks:
  - id: dag
    type: io.kestra.core.tasks.flows.Dag
    tasks:
      - task:
          id: customers
          type: io.kestra.plugin.fs.http.Download
          uri: https://raw.githubusercontent.com/dbt-labs/jaffle_shop/main/seeds/raw_customers.csv
      - task:
          id: orders
          type: io.kestra.plugin.fs.http.Download
          uri: https://raw.githubusercontent.com/dbt-labs/jaffle_shop/main/seeds/raw_orders.csv
      - task:
          id: payments
          type: io.kestra.plugin.fs.http.Download
          uri: https://raw.githubusercontent.com/dbt-labs/jaffle_shop/main/seeds/raw_payments.csv
      - task:
          id: transform
          type: io.kestra.core.tasks.log.Log
          message: |
            Transforming data from: 
              {{outputs.customers.uri}}
              {{outputs.orders.uri}}
              {{outputs.payments.uri}}
        dependsOn:
          - customers
          - orders
          - payments

Label on executions

So far, it was only possible to add labels on a flow level by adjusting the workflow code. This release adds the ability to set custom labels for specific Executions.

Also, the labels added on a flow level will be automatically propagated to Execution labels.

For example you can add labels for “experiment” executions so you can retrieve them in the UI easily.

Basic Authentication

The community was asking about authentication in the open source to secure their instance in production. We heard you ! You can now add basic authentication to your Kestra instance with username/password values in the Kestra configuration.

server:
  basic-auth:
    enabled: true
    username: admin
    password: *****

Secret Function

We introduced a secret() function allowing to read base64 secret value from environment variables.

id: secret
namespace: release
tasks:
  - id: get_secret
    type: io.kestra.core.tasks.debugs.Return
    format: '{{ secret("my_secret")}}'

Worker Group

This release introduce worker groups, a ****set of workers that can be targeted specifically for a task execution or a polling trigger evaluation. For this, the task or the polling trigger must define the workerGroup.key property with the key of the worker group to target. A default worker group can also be configured at the namespace level.

Here are common use cases in which Worker Groups can be beneficial:

• Execute tasks and polling triggers on specific compute instances (e.g., a VM with a GPU and preconfigured CUDA drivers).
• Execute tasks and polling triggers on a worker with a specific Operating System (e.g., a Windows server).
• Restrict backend access to a set of workers (firewall rules, private networks, ...).
• Execute tasks and polling triggers close to a remote backend (region selection).

Here is how you can ensure that a task is executed only by specific worker instances:

id: gpuTask
namespace: dev
tasks:
  - id: hello
    type: io.kestra.core.tasks.log.Log
    message: |
      This task will be executed on a specific remote worker that has access to a GPU
    workerGroup:
    key: gpuWorkerGroupKey

Polling Triggers

We have made significant improvements to the Polling trigger in the latest version of Kestra to enhance performance, strengthen security measures, simplify maintenance, and clarify the system architecture.
In previous versions, the trigger evaluation process was directly handled by the Scheduler. This meant that both the Worker and the Scheduler potentially accessed external systems, leading to manage the security and scalability of two services.

From now on, The Scheduler delegates the evaluation of polling triggers to the Worker. This architectural change has several advantages. Firstly, it simplifies the overall system architecture by ensuring that only the Worker needs to interact with external systems. This separation of responsibilities streamlines the flow of data and improves the overall system performance.
By reducing the direct access of the Scheduler to external systems, we also minimize potential security vulnerabilities and fortify the protection of sensitive data.

Plugins

• New OpenAI Plugin : with a ChatCompletion task that, given a prompt, gets a response from an LLM using the OpenAI’s Chat Completions API. A CreateImage task that is given a prompt, creates an image.

All Changes

• core: add a TimeBetweenCondition condition (Ludovic DEHON)
• core: date filtering on the homepage dashboard (#1293) (YannC)
• core: rename Worker task to WorkingDirectory (#1401) (Loïc Mathieu)
• ui: keep editor view preference persisted (#1416) (yuri)
• core: add taskrunValue props on state (Ludovic DEHON)
• ui: paginate outputs (#1471) (YannC)
• core: introduce queue consumer group (#1421) (Loïc Mathieu)
• core: add regexp on replace filter (Ludovic DEHON)
• core: introduce blueprint gallery (#1475) #1475 (brian-mulier-p)
• core: introduce worker group (#1456) #1456 (Loïc Mathieu)
• ui: renaming flow gallery to blueprints (#1518) #1518 (Anna Geller)
• core: introduce Dag task (#1463) #1463 (YannC)
• ui: add breadcrumb on blueprints page (#1548) #1548 (brian-mulier-p)
• ui: better no-user handling #1555 (brian.mulier)
• ui: updated guided tour flow (#1558) #1558 (YannC)
• ui: show execution labels (#1544) #1544 (yuri)
• ui: add labels filter on flow and executions (#1527) #1527 (yuri)
• core: run polling triggers on the worker (#1179) #1179 (Loïc Mathieu)
• tasks: add total on Counts tasks (Ludovic DEHON)
• ui: default template in flow creation + some cleanup #1554 (brian.mulier)
• ui: blueprint enhancement (#1543) #1543 (brian-mulier-p)
• core: allow to resume a paused execution (#1523) #1523 (Loïc Mathieu)
• core: bulk enable flows (#1553) #1553 (YannC)
• core: add flow labels to execution labels (#1559) #1559 (Loïc Mathieu)
• ui: add labels to new execution (#1602) #1602 (YannC)
• webserver: expose execution usage (#1605) #1605 (Loïc Mathieu)
• ui: create setting for logs display (#1619) #1619 (YannC)
• core: remove the execution state from the scheduler (#1588) #1588 (Loïc Mathieu)
• ui: add a slack button on error message (#1649) (brian-mulier-p)
• disable seqscan on Postgres #1552 (Loïc Mathieu)
• ui: link to execution api (#1625) #1625 (brian-mulier-p)
• core: add an AI plugin category (#1689) #1689 (Loïc Mathieu)
• core: trigger worker group #1658 (Loïc Mathieu)
• core: secret function from environment (#1685) (brian-mulier-p)
• ui: dependencies tab for namespaces (#1513) #1513 (YannC)
• webserver: add basic authentication (#1680) #1680 (Loïc Mathieu)
• core: introduce LocalFiles task (#1621) #1621 (Loïc Mathieu)
• docker: use latest image (Ludovic DEHON)
• docker: add basic auth disabled by default (#1719) #1719 (Anna Geller)
• docker: introduce new scripting plugin (Ludovic DEHON)
• ui: change task icon (Ludovic DEHON)

Bug Fixes

• core: input with duplicate name should throw a violation (Loïc Mathieu)
• ui: invalid taskedit default value (Ludovic DEHON)
• ui: this on TreeTaskNode prevent display topologies (#1465) (YannC)
• core: use correct group on execution usage metrics (Ludovic DEHON)
• core: fix TimeBetweenConditionTest (Ludovic DEHON)
• ui: remove usage of this in template (#1470) (YannC)
• core: keep coherent group type (Ludovic DEHON)
• ui: editor combined is not horizontal on refresh (Ludovic DEHON)
• core: update flow when passing flow-path on command line (Ludovic DEHON)
• ui: added markdown table css (#1490) (Ravi raj)
• jdbc-mysql: execution full text search was missing a field (#1504) #1504 (brian-mulier-p)
• ui: corrected translations (#1506) #1506 (Anna Geller)
• core: use api to generate blueprint graph (Ludovic DEHON)
• ui: topology bug fix (#1512) #1512 (YannC)
• ui: reduce blueprints search api call (#1521) #1521 (brian-mulier-p)
• cli: configure Flyway to allow future migrations (#1510) #1510 (Loïc Mathieu)
• ui: blueprints descriptions as markdown (#1526) #1526 (brian-mulier-p)
• core: yaml duplicate key error (#1514) #1514 (YannC)
• core: bad align in doc metrics #1535 (Loïc Mathieu)
• core: prevent freeze with large logs (#1433) #1433 (YannC)
• ui: kill must be button not a status (#1531) #1531 (Loïc Mathieu)
• core: remove definitions from the Task class (#1536) #1536 (Loïc Mathieu)
• ui: After flow creation, good tab is displayed #1542 (YannC)
• ui: Hide chart if not executions found #1542 (YannC)
• ui: fix query issue in home component #1549 (YannC)
• ui: Removed error & warning from LowCodeEditor component #1541 (YannC)
• core: lazy load thread stack trace as it's very costly #1550 (Loïc Mathieu)
• tests: added retries to some flaky tests (brian.mulier)
• core: Worker needs to be introspected as we retrieve it programmatively #1565 (Loïc Mathieu)
• ui: reverse logs in flow page #1570 (YannC)
• tasks: prevent double log on failed tasks (Ludovic DEHON)
• ui: Flow Overview is refreshed correctly #1576 (YannC)
• ui: topology display longest task duration (#1574) #1574 (YannC)
• cli: WorkerCommand NPE when no worker group #1589 (Loïc Mathieu)
• ui: native links to handle blueprint detail open in a new tab (#1575) #1575 (brian-mulier-p)
• core: wrong JavaDoc (#1591) #1591 (Loïc Mathieu)
• ui: No more blueprint-title overlap in editor view #1597 (brian.mulier)
• ui: plugins are now all visible in blueprints browser (brian.mulier)
• ui: guided tour failed after save (#1586) #1586 (YannC)
• ui: restart fix translation #1569 (YannC)
• ui: faster log display (#1560) #1560 (YannC)
• ui: now showing error message if there is a server error of any kind #1601 (brian.mulier)
• ui: Blueprints restore url #1609 (brian.mulier)
• ui: pagination number are not properly restore (Ludovic DEHON)
• ui: blueprint layout adjust (Ludovic DEHON)
• ui: No more loading top bar on flow editor input #1614 (brian.mulier)
• ui: blueprint responsive layout (Ludovic DEHON)
• ui: promote form in low-code-editor #1628 (brian.mulier)
• webserver: blueprint topology for uninstalled plugins (#1627) #1627 (brian-mulier-p)
• ui: logs in gantt display correctly (#1615) #1615 (YannC)
• ui: swap arrow icon in loglist #1624 (YannC)
• test: retrying test #1624 (YannC)
• ui: topology does not load when no viewType is defined (#1623) #1623 (YannC)
• core: flow-parsing after task defaults injection throws ConstraintViolations instead of IllegalArgument #1617 (brian.mulier)
• ui: Update whole taskObject in TaskEditor (#1631) #1631 (YannC)
• ui: use good url in loadgraph api call (#1635) #1635 (YannC)
• webserver: validate flow splits flows only on new lines triple hyphens (brian.mulier)
• test: fix hourly test (#1652) (YannC)
• core: remove JsonIgnore causing build to fail (brian.mulier)
• merge WorkerTask and WorkerTaskTrigger (#1604) #1604 (Loïc Mathieu)
• ui: boolean inputs as switch instead of checkbox #1655 (brian.mulier)
• ui: better type detection for documentation in editor (#1653) #1653 (YannC)
• core: revert dailyExecutionStatistics prop name change (#1660) #1660 (YannC)
• doc: multiple condition example (#1665) #1665 (YannC)
• core: improve memory scheduler #1663 (Loïc Mathieu)
• tests: fix flaky test on ExecutionControllerTest.findByFlowId (brian.mulier)
• ui: prevent recursive flow calls (#1646) #1646 (YannC)
• ui: better label input (#1642) #1642 (YannC)
• core: conditions logo #1673 (brian.mulier)
• cli: no delete by default for namespace update cli command #1666 (brian.mulier)
• core: opens java.util and java.io to workaround issues with some libraries (#1669) #1669 (Loïc Mathieu)
• core: small perf improvements (#1626) #1626 (Loïc Mathieu)
• ui: unsaved popup show even after saving (#1651) #1651 (YannC)
• ui: validate the label filter input (#1672) #1672 (yuri)
• ui: revert change orientation button on topology (#1677) #1677 (brian-mulier-p)
• webserver: new logo on api documentation (Ludovic DEHON)
• webserver: validate flow splits flows only on new lines triple hyphens #1643 (brian.mulier)
• ui: Use button instead of copy on standalone Blueprints browser #1643 (brian.mulier)
• core: slow flow listeners startup (#1657) #1657 (Loïc Mathieu)
• core: non-required inputs must be null if not defined (#1674) #1674 (brian-mulier-p)
• ui: display flow triggers on a tab (#1551) #1551 (YannC)
• ui: subflows in loglist don't display button (#1692) #1692 (brian-mulier-p)
• ui: copy flow works again #1696 (brian.mulier)
• ui: disabled triggers tab on flow if it doesn't contain one (#1700) #1700 (brian-mulier-p)
• core: add missing example for th Dag task (#1710) #1710 (Loïc Mathieu)
• ui: execution topology tab should be read-only (#1712) #1712 (brian-mulier-p)
• webserver: allow unauthenticated access to monitoring endpoints (#1708) #1708 (Loïc Mathieu)
• core: secrets env var prefix changed from "SECRETS_" to "SECRET_" (#1717) #1717 (brian-mulier-p)
• ui: expand / collapse all button in logs are based on if taskruns are opened or not (#1714) #1714 (brian-mulier-p)
• ui: cannot swap tasks for dag tasks (#1718) #1718 (brian-mulier-p)
• core: LocalFiles log message (#1720) #1720 (Anna Geller)

Documentation

• core: improve documentation of the LocalFiles task (#1716) #1716 (Loïc Mathieu)

Code Refactoring

• core: remove duplication on the plugin doc generation (Ludovic DEHON)
• ui: topology component naming (#1453) (brian-mulier-p)
• ui: EditorView topology refactoring (#1488) (YannC)
• core: remove flow from WorkerTrigger (Ludovic DEHON)
• ui: blueprints split in multiple components (#1598) #1598 (brian-mulier-p)
• core: flow usage (#1585) #1585 (YannC)

Tests

• core: fix some flaky test (Ludovic DEHON)
• core: fix a flaky test (Ludovic DEHON)
• core: add a test for multiple condition and standard one (Ludovic DEHON)
• core: fix failing multiple condition test (Ludovic DEHON)
• core: flaky test on logs (#1580) #1580 (brian-mulier-p)
• core: fix a flaky test (Ludovic DEHON)
• core: fix falling test on scheduler (Ludovic DEHON)
• core: fix some flaky test (Ludovic DEHON)
• webserver: falling unit test (Ludovic DEHON)
• core: fix falling test (Ludovic DEHON)

Chores

• version: update snapshot version 'v0.10.0-SNAPSHOT (Ludovic DEHON)
• deps: update all javascript deps (Ludovic DEHON)
• core: remove most of compilation warning (Ludovic DEHON)
• test: remove gradle retry and add unit retry for flaky test #1522 (Ludovic DEHON)
• build: tune gradle defaults (#1537) #1537 (yuri)
• version: update snapshot version 'v0.9.6-SNAPSHOT'. (YannC)
• deps: update all js deps (Ludovic DEHON)
• deps: update java dependencies (Ludovic DEHON)
• deps-dev: bump sass from 1.63.5 to 1.63.6 in /ui #1582 (dependabot[bot])
• deps-dev: bump @vue/test-utils from 2.3.2 to 2.4.0 in /ui #1583 (dependabot[bot])
• build: build JavaDoc on PR (#1593) #1593 (Loïc Mathieu)
• docker: introduce OpenAI plugin (#1686) #1686 (Loïc Mathieu)
• docs: fix plugin on README (#1690) #1690 (Pranav Nagarajan)
• version: update to version 'v0.10.0'. (Ludovic DEHON)

Commits

• 57569bf: chore(github) : add a blueprint issue template (#1539) (Anna Geller)
• 57a67d4: Merge branch 'release' into develop (YannC)
• 9367ef3: feat(ui+webserver): Blueprint tags filtered by query on blueprints (#1667) (brian-mulier-p) #1667
• 97fbc93: feat/editor-validation-feedback-rework (#1662) (brian-mulier-p) #1662
• ed80eb5: fix/non-b64-secrets-prevent-crash (#1711) (brian-mulier-p) #1711