What’s New in Beaker 0.16?¶

External tasks¶

In this release, recipe tasks have been de-coupled from the task library. It is now possible to specify tasks in a recipe using an external URL without any corresponding task in Beaker’s task library.

Note that this feature requires support on the harness side for fetching and unpacking tasks from arbitrary URLs. This release only covers the server support necessary for external tasks. At this time, Beah has not been updated to support external tasks.

When a recipe refers to a task in the task library by name, the XML exposed to the harness includes an <rpm/> element describing the RPM from the task library. This behaviour remains unchanged from previous releases.

<task name="/distribution/reservesys">
  <rpm name="beaker-core-tasks-distribution-reservesys"
       path="/mnt/tests/distribution/reservesys" />
  ...
</task>

The server now also accepts tasks containing a <fetch/> element, which describes an external location for the task’s source code. In this case the task need not exist in Beaker’s task library. The <fetch/> element is included in the XML exposed to the harness, so that it can fetch and unpack the task before running it.

<task name="/distribution/reservesys">
  <fetch url="https://github.com/beaker-project/beaker-core-tasks/archive/master.tgz#reservesys"/>
  ...
</task>

Each recipe task now tracks its name and version independently of the task library. For external tasks, the harness can populate the name and version in the recipe results (see PATCH /recipes/(recipe_id)/tasks/(task_id)/). For tasks from the task library, the scheduler populates the version at the start of the recipe.

Refer to the beakerdev:proposal-external-tasks design proposal for more background information.

(Contributed by Bill Peck and Dan Callaghan in #%s1057459, #%s576304)

Configurable quiescent period for system power¶

Each system now has a configurable “quiescent period”, measured in seconds. Beaker will ensure that consecutive power commands for a system are delayed by this amount of time. This feature can be used when a system’s power supply cannot tolerate rapid cycling.

System owners can set the quiescent period on the Power Config tab of the system page. The default is 5 seconds, which matches the hardcoded delay during reboot commands in previous Beaker versions.

(Contributed by Raymond Mancy in #%s867761)

“View” permission in system access policies¶

System access policies have a new permission, “view”, which controls who can see the system in Beaker’s inventory. This replaces the previous “Secret” flag for systems, giving finer grained control over visibility. The default for new systems is to grant “view” permission to everybody.

(Contributed by Dan Callaghan)

Password hashes use a more secure, salted form¶

Beaker account passwords are now stored in a more secure form, using PBKDF2 with SHA512 HMAC and a unique random salt per user. The password storage implementation is provided by the passlib library. Existing password hashes will be automatically upgraded to the new format when the user next logs in.

Previously Beaker stored an unsalted SHA1 hash of each password. The documentation advised against using password authentication in production environments because of the potential for passwords to be cracked if the password hashes were leaked. With this enhancement, Beaker’s password authentication is now considered suitable for production use.

(Contributed by Dan Callaghan in #%s994751)

Task updates¶

Version 3.4-4 of the /distribution/reservesys task has been released, with one enhancement: the MOTD and notification email now refer to the Beaker user preferences page for the system root password, as a hint to new users. (Contributed by Dan Callaghan in #%s950640)

The /distribution/utils/dummy task is now published on the Beaker web site. This is a trivial task which does nothing and passes immediately. It can be used in multi-host testing, to align tasks in different recipes across the recipe set. (#%s1054651)

Bug fixes and minor enhancements¶

A number of other smaller fixes and enhancements to Beaker are included in this release.

• #%s1012389: Beaker administrators can now update the name and expiry time for existing retention tags. (Contributed by Dan Callaghan)
• #%s958357: The scheduler now emits a Graphite counter beaker.counters.recipes_submitted for the number of recipes submitted. (Contributed by Dan Callaghan)
• #%s1044934: The Beaker server now avoids leaving stale yum metadata in the task library when a task is downgraded. (Contributed by Amit Saha)
• #%s874191: A new kickstart metadata variable no_updates disables the Updates repo during Fedora installations. (Contributed by Dan Callaghan)
• #%s1067924: Beaker no longer adds quotes to kernel options containing shell metacharacters. (Contributed by Dan Callaghan)
• #%s1066122: Tasks which have not started yet no longer occupy extra vertical space for no reason in the recipe results display. (Contributed by Nick Coghlan)
• #%s1062469: The command_queue.status database column is now indexed, which improves the performance of the command queue polling loop. (Contributed by Dan Callaghan)
• The SQL queries which beakerd uses to produce recipe queue metrics are now more efficient and will place less load on the database server. (Contributed by Raymond Mancy)
• #%s1027516: The beaker-repo-update command no longer runs createrepo if the harness packages have not changed, making its operation substantially faster in some circumstances. (Contributed by Dan Callaghan)
• #%s999056: When cloning a job, tasks with no parameters no longer include a superfluous <params/> element in the cloned XML. (Contributed by Dan Callaghan)
• #%s1072133: The watchdog time remaining is now displayed correctly on the recipe page for values larger than 10 hours. (Contributed by Dan Callaghan)
• #%s1067243: If the authentication settings for the lab controller daemons are incorrect, the daemons will now report an error when they are started, instead of starting and then failing to work properly. (Contributed by Dan Callaghan)
• #%s1071389: Fixed a regression in the lab controller daemons’ handling of network failures during XML-RPC requests on Python 2.6. (Contributed by Dan Callaghan)
• #%s580118: The bkr client now prints an error message instead of an uncaught exception when the user’s Kerberos ticket has expired. (Contributed by Dan Callaghan)
• #%s1058152, #%s1058156: Argument handling and error reporting for the beaker-create-kickstart server command has been improved to handle more corner cases. (Contributed by Raymond Mancy)
• #%s1028302: The virtualization workflow documentation referred to an example job XML definition, but the XML was missing. This has now been filled in. (Contributed by Amit Saha)
• #%s994644: The documentation about adding systems to Beaker has been expanded to cover install options, including some recommendations for setting ksdevice on systems which have EFI firmware and multiple NICs. (Contributed by Dan Callaghan)
• Long options are now displayed correctly (using two hyphens rather than an en-dash) in the HTML version of the Beaker man pages. (Contributed by Raymond Mancy)

Version 4.60 of the rhts test development and execution library has also been released, with the following fixes:

• #%s1072299: The AVC checking logic in rhts-test-env now supports suppressing AVC checks for an individual result within a task. (Contributed by Jan Stancek)
• #%s1066714: The rhts-devel script for building task RPMs no longer leaks temporary build directories in /mnt/testarea. (Contributed by Amit Saha)

Maintenance updates¶

The following fixes have been included in Beaker 0.16 maintenance updates.