Skip to content

v1.21.0
Compare
Choose a tag to compare
@index-git index-git released this 06 Jul 14:18
· 387 commits to master since this release
v1.21.0
75a0578

Known issues

  • #887 New user workspaces are created for already existing users.
    • Fixed in v1.21.1.
  • #1022 Login not working in demo configuration with authentication
    • Fixed in v1.23.2.

Upgrade requirements

  • Change environment variable LAYMAN_CLIENT_VERSION: 
    LAYMAN_CLIENT_VERSION=v1.16.0
  • Rename environment variable OAUTH2_LIFERAY_SECRET to OAUTH2_CLIENT_SECRET.
  • Rename all environment variables OAUTH2_LIFERAY_SECRET<n> to OAUTH2_CLIENT<n>_SECRET. For example, variable OAUTH2_LIFERAY_SECRET4 becomes OAUTH2_CLIENT4_SECRET.
  • Rename all other OAUTH2_LIFERAY_<postfix> environment variables to OAUTH2_<postfix>. For example, variable OAUTH2_LIFERAY_AUTH_URL becomes OAUTH2_AUTH_URL.
  • If you are using environment variable OAUTH2_CALLBACK_URL, change only its URL path from /client/authn/oauth2-liferay/callback to /client/authn/oauth2-provider/callback. Keep protocol, domain, and port unchanged.
  • Stop using environment variable LAYMAN_AUTHN_OAUTH2_PROVIDERS, it has no effect to Layman anymore. There is exactly one OAuth2 provider Python module now, no need to set it.
  • Stop using environment variable FLASK_ENV, it has no effect to Layman anymore.
    • If you used environment variable FLASK_ENV with value development, add new environment variable FLASK_DEBUG: 
      FLASK_DEBUG=1
  • Stop using environment variable CSW_RECORD_URL, it has no effect to Layman anymore. Value is derived from variable CSW_PROXY_URL.
  • Stop using HTTP header AuthorizationIssUrl when authenticating by OAuth. The header has no effect to Layman anymore. There is exactly one OAuth2 provider now, no need to distinguish it. Now, the only distinguished HTTP header when authenticating by OAuth2 is Authorization header.
  • If you are running Layman with development settings (e.g. starting it with make start-dev)
    • change values of environment variables: 
      OAUTH2_CLIENT_ID=VECGuQb00tWt8HZNkA4cxu6dnoQD5pF6Up3daAoK
OAUTH2_CLIENT_SECRET=aY14rwkEKasNqBEZX8OnhpRk8lpHAfT7oKTlf4LriEK8oMZxhnGKcnt4bZ72pceNEl83B6LtBvhKr3BqBLFA80Pd6Ugav2rkc8bk7TE4LkaoB2qcBQmjiOiEpizsgZGx
OAUTH2_AUTH_URL=http://localhost:8083/o/authorize
OAUTH2_TOKEN_URL=http://wagtail:8000/o/token/
OAUTH2_INTROSPECTION_URL=http://wagtail:8000/o/introspect/
OAUTH2_INTROSPECTION_SUB_KEY=username
OAUTH2_USER_PROFILE_URL=http://wagtail:8000/profile
    • unset environment variable OAUTH2_SCOPE (previously OAUTH2_LIFERAY_SCOPE)
    • after usual dev upgrade commands run also 
      make wagtail-build
  • If your upgrade command ends with message Error response from daemon: invalid IP address in add-host: "host-gateway", try to uninstall Docker Engine completely and install it again with Docker Compose plugin (see e.g. manual for Centos). Then run upgrade command again.

Migrations and checks

Schema migrations

  • #528 Add new data type enum_wfs_wms_status and create new string column wfs_wms_status in publications table in prime DB schema.

Data migrations

  • #528 Fill column wfs_wms_status in publications table in prime DB schema. Set value AVAILABLE for each vector layer that is fully available in WFS and WMS and for each raster layer that is fully available in WMS. Set NOT_AVAILABLE for all other layers and null for all existing maps.
  • #520 Set MetadataURL for each layer in WFS and WMS workspace in GeoServer.

Changes

  • #769 New request GET Publications was added. It enables querying both layers and maps by single request.
  • #769 New key publication_type was added to responses of requests GET Publications, GET Layers, GET Workspace Layers, GET Maps, and GET Workspace Maps. Possible values of the key are layer and map.
  • #528 New key wfs_wms_status was added to layer items in responses of requests GET Layers, GET Workspace Layers, and GET Publications.
  • #520 New element MetadataURL was added for each layer to GetCapabilities response of WFS 2.0.0 and WMS 1.3.0. The element contains URL of CSW metadata record of the layer.
  • #800 Requests POST Workspace Layers and PATCH Workspace Layer support new parameter time_regex_format. Its value is later accessible in the new subkey wms.time.regex_format in responses of GET Workspace Layer and PATCH Workspace Layer requests.
  • #764, #860 Layman accepts new types of QML styles:
    • labels without symbology
    • point clustering
  • #857 Requests POST Workspace Layers and PATCH Workspace Layer accept host.docker.internal in external_table_uri parameter to reach localhost of host server.
  • #847 Fix publishing external table layers with @ character or other dangerous characters in the username or in the password.
  • #833 Make Timgen WMS requests more robust (handle WMS errors, delayed retry, add timestamp to each request).
  • #877 Use Docker Compose v2 (docker compose) in Makefile. As of now, all containers are named in the same way as previously. Old Makefile using Docker Compose v1 (docker-compose) is archived as Makefile_docker-compose_v1. It will be removed in the next minor release.
  • #815 Propagate LAYMAN_PROXY_SERVER_NAME value to GeoServer environment variable GEOSERVER_CSRF_WHITELIST.
  • #765 Remove Liferay from dev stack, use Wagtail CRX + Django OAuth Toolkit as new OAuth2 provider (authorization server).
  • Upgrade Python dependencies
    • flask 2.2.2 -> 2.3.2
    • redis 4.5.1 -> 4.5.4
    • owslib 0.27.2 -> 0.28.1
    • requests 2.28.1 -> 2.31.0
  • Upgrade Node.js Timgen dependencies
    • vite 3.2.5 -> 3.2.7
  • Document that temporal part of timeseries datetime dimension extracted by time_regex parameter is cut off, so the smallest possible unit of datetime dimension is one day.
Assets 2
Loading