The latest version of the release notes can be found on the website.
We want to thank all contributors that made this release possible. The
"pre-initialization" feature was developed in cooperation with UCLouvain and NPL
Markets. We would also like to thank AWS for contributing an initial version of
the ECS backend. See the support page if your organization wants to sponsor a
specific feature in ShinyProxy.
-
update to JDK 17
-
update to Spring Boot 3.2
-
add support for pre-initializing containers (see docs)
-
add support for sharing a container among multiple users (see docs)
-
add support for autoscaling number of pre-initializer or shared containers (see docs)
-
add AWS ECS backend, for running containers on AWS ECS Fargate, (see backend docs and app docs )
-
add option to show notification (a.k.a message of the day) to all users (see docs), contributed by @ziyunxiao
-
allow to use request and response objects in templates (e.g. to check the status code), see example
-
replace in-memory caches by Caffeine library to reduce chance of memory leaks
-
cache whether a user is an admin
-
cache the maximum number of instances a user can start
-
cache proxyId for common endpoints
-
cache (app) favicons and logos
-
various performance improvements
-
support YAML array notation in
proxy.kubernetes.image-pull-secretsproperty -
allow configuring OpenID connect JWKS algorithm (see docs)
-
allow to use the (decoded) OpenID access token in SpEL (see docs)
-
allow to use the JSON response returned by the authentication webservice in SpEL (see docs)
-
allow to use groups when using webservice authentication (see docs)
-
allow to use custom name for container names (see docs: Docker, Docker Swarm and Kubernetes)
-
use proxyId instead of containerId in service name on Kubernetes
-
allow to configure time to wait before Docker swarm service is ready (see docs)
-
replace Docker library by an up to date version
-
update Docker library to be compatible with recent Docker releases
-
add option to control cache headers sent by an app (see docs)
-
add option to control the maximum number of running apps per app or in total (see docs)
-
add cache headers to ShinyProxy assets (CSS and JS files)
-
send userid and groups as HTTP headers (see docs)
-
add option to send custom attributes as HTTP headers (see docs)
-
allow apps to link to an (external) page/url instead of starting a container (see docs)
-
check if app has crashed on websocket connection error
-
add authorized versions of
kubernetes-pod-patches,kubernetes-additional-manifestsandkubernetes-additional-persistent-manifests, allowing to control when these properties are applied (see docs) -
improve Proxy status API endpoint
-
add support for specifying a (different) favicon per app (see docs)
-
add options to specify width, height, style and CSS class of app logos (see docs)
-
drop social authentication, use the OpenID backend instead
-
drop keycloak authentication, use the OpenID backend instead
-
in the parameter form, do not reset values for other (default) parameters when changing a (default) parameter (but only if the resulting combination is allowed)
-
add log message to "auth-success" page to ease debugging when the redirect does not work
-
the
authFailedmetric is now increased when the/auth-erroris shown to a user (e.g. after a login using OIDC failed) -
collect the spec id in the
startFailed(Prometheus) metrics (see updated dashboard) -
add (Prometheus) metric for crashed apps (see updated dashboard)
-
OpenID: extract roles claim from user-info, in addition to extracting it from the ID token
-
OpenID: log all claims from ID token and user-info, even if no
roles-claimis specified -
the leader election of ShinyProxy now only runs on ShinyProxy replicas that are running the latest version. This allows to implement more advanced features.
-
implement container-dns when using Kubernetes
-
allow apps to override the mail-to-address (see docs)
-
allow to override the subject of the support email (see docs)
-
allow specifying
docker-useroption for apps (works with Docker and Docker swarm) -
allow specifying
docker-ipcoption for apps (works with Docker) -
allow specifying
docker-runtimeoption for apps (works with Docker only) -
allow specifying
docker-device-requestsfor apps (works with Docker only) -
allow redirecting the user to the first available app (see docs), contributed by @nickmelis
-
allow redirecting the user to the only app available app (see docs), contributed by @nickmelis
-
Fix: loading favicon when using context-path
-
Fix: automatically add context-path to path in
proxy.landing-page -
Fix: counter metrics when using multiple replicas
-
Fix: correctly collect logs when using Docker Swarm
-
Fix: delay release of Docker port, in order to prevent issues when the Docker daemon does not release the port immediately
-
Fix: report correct app id in report issue e-mail
-
Fix: cleanup WebSocket handles when WebSocket connection is closed or app is stopped (caused a memory leak in specific circumstances)
-
Fix: parse Kubernetes events when pod runs in a different namespace
-
Fix: prevent NPE in
KubernetesManifestsRemoverwith certain CRDs -
Fix: do not expose
logoUrlproperty of spec in API -
Fix: log warning when ShinyProxy cannot access the logs of a Kubernetes pod
-
Fix: make
track-app-urlwork with non-absolute URLs -
Fix: validation when creating new app instance (in switch instances modal)
-
Note: when using Prometheus
for Usage Statistics, you have
to update the configuration: change the
propertymanagement.metrics.export.prometheus.enabled: true
tomanagement.prometheus.metrics.export.enabled: trueA typical configuration should be changed from:
proxy: # ... usage-stats-url: micrometer management: metrics: export: prometheus: enabled: true # ...
to
proxy: # ... usage-stats-url: micrometer management: prometheus: metrics: export: enabled: true # ...
-
Note: when using Redis for session or app persistence (e.g. when using the
ShinyProxy Operator),
you have to update the Redis configuration:- move all properties from
spring.redistospring.data.redis - change
spring.redis.ssl: truetospring.data.redis.ssl.enabled: true - the internal data format of (Spring) session information has changed and is
incompatible with the new format. Clear the database or use a different
redis database (i.e. changing or addingspring.data.redis.database
(default is 0))
A typical Redis session configuration should be changed from:
spring: session: store-type: redis redis: host: redis password: ${REDIS_PASSWORD} ssl: true # this config implicitly uses database 0
to:
spring: session: store-type: redis data: redis: host: redis password: ${REDIS_PASSWORD} database: 1 ssl: enabled: true
- move all properties from