develop

docs/meshstack.identity-federation.md

@@ -269,9 +269,9 @@ Some common cloud IAM architectures require using different user account for tes
 
 <!--snippet:meshfed.platform#type-->
 
+
 <!--DOCUSAURUS_CODE_TABS-->
 <!--Dhall Type-->
-
 ```dhall
 let Platform =
       let Platform =
@@ -300,7 +300,6 @@ let Platform =
 
       in  Platform
 ```
-
 <!--END_DOCUSAURUS_CODE_TABS-->
 
 #### Looking up transformed euids
@@ -331,10 +330,8 @@ At the moment only AAD offers a choice of user lookup attributes. Platform Opera
 <!--snippet:mesh.replicator-->
 
 The following configuration options are available at `mesh.replicator`:
-
 <!--DOCUSAURUS_CODE_TABS-->
 <!--Dhall Type-->
-
 ```dhall
 let Replicator =
     {-
@@ -345,14 +342,13 @@ let Replicator =
     -}
       { aadUserLookupStrategy : Platform.Azure.AzureLookupStrategy }
 ```
-
 <!--END_DOCUSAURUS_CODE_TABS-->
 
 <!--snippet:replicator.platform.azure.AzureLookupStrategy#type-->
 
+
 <!--DOCUSAURUS_CODE_TABS-->
 <!--Dhall Type-->
-
 ```dhall
 let AzureLookupStrategy =
     {-
@@ -368,7 +364,6 @@ let AzureLookupStrategy =
     -}
       < UserByMailLookupStrategy | UserByUsernameLookupStrategy >
 ```
-
 <!--END_DOCUSAURUS_CODE_TABS-->
 
 ## Group Cleanup

docs/meshstack.identity-lookup.md

@@ -22,7 +22,7 @@ let IdentityLookup =
             Configure the identity provider to use as a source for identity lookup.
 
         deny-assigning-other-users:
-            Controls the behavior of self-service user invitations (e.g. meshWorkspace role assignments from meshPanel).
+            Controls the behavior of self-service user invitations (e.g. workspace role assignments from meshPanel).
             When true, users can only invite other users listed in the identity provider.
             When false, users can create invitations also for users not listed in the identity provider.
     -}
@@ -116,7 +116,7 @@ let example
     : AzureCreds
     = { aad-tenant = "devmeshcloud.onmicrosoft.com"
       , client-id = "f112f31-248a-4461-1269-0f13164acb95"
-      , client-secret = Secret.fromAnsible "client_secret"
+      , client-secret = Secret.fromTerraform "client_secret"
       , guestLookup = None AzureGuestDetection
       , euidSchemaExtensionUpdate = None AzureEuidExtensionSchema
       , euidUserAttributeUpdate = None AzureEuidUserAttribute
@@ -348,7 +348,7 @@ let example
     = { domain = "example.com"
       , customer-id = "customer-id"
       , service-account-credentials-b64 =
-          Secret.fromAnsible "gcp_credentials"
+          Secret.fromTerraform "gcp_credentials"
       }
 ```
 <!--END_DOCUSAURUS_CODE_TABS-->

docs/meshstack.workspace-group-sync.md

@@ -256,7 +256,7 @@ let example =
       The following example takes the 'cn' attribute and if the attribute matches the first rule,
       will assign whatever follows the "MESHCLOUD-ROLE-" as the value of the meshObject field. If the attribute matches
       the second rule, will assign the value "Platform Operator" and if none of the rules match, assigns the
-      value "Workspace Manager".
+      value "Workspace Member".
     -}
       { attribute = "cn"
       , postProcessor = None PostProcessor
@@ -267,7 +267,7 @@ let example =
           }
         ]
       , template = None Text
-      , otherwise = Some "Workspace Manager"
+      , otherwise = Some "Workspace Member"
       }
 ```
 <!--END_DOCUSAURUS_CODE_TABS-->
@@ -310,7 +310,7 @@ let GroupAttributesTransformations =
          The 'distinguished name' attribute key for a user entity in LDAP. This attribute value should match the users
          referred to in the 'members' attribute of the groupAttributesTransformations.
 
-      name, ownedByCustomer, displayName, egid
+      name, ownedByWorkspace, displayName, egid
          For each of these meshUser fields, specify which LDAP attribute should be transformed and assigned to the field.
 
       tags:
@@ -319,7 +319,7 @@ let GroupAttributesTransformations =
     -}
       { membersAttribute : Text
       , name : AttributeTransformation
-      , ownedByCustomer : AttributeTransformation
+      , ownedByWorkspace : AttributeTransformation
       , displayName : AttributeTransformation
       , egid : AttributeTransformation
       , tags : List TagMapping
@@ -392,7 +392,7 @@ let example
               { attribute = "cn"
               , postProcessor = Some PostProcessor.LOWERCASE
               }
-        , ownedByCustomer =
+        , ownedByWorkspace =
             AttributeTransformation.Regex
               { attribute = "cn"
               , postProcessor = None PostProcessor
@@ -439,7 +439,7 @@ let example
                 }
               ]
             , template = None Text
-            , otherwise = Some "Workspace Manager"
+            , otherwise = Some "Workspace Member"
             }
       }
 ```
@@ -491,7 +491,7 @@ let example
             Secret.Raw "EXTERNAL_IDENTITYCONNECTOR_MESH_API_PASSWORD"
         , authorities =
           [ Authority.EXTERNAL_MESH_OBJECT_IMPORT
-          , Authority.CUSTOMEROWNER_ASSIGN
+          , Authority.WORKSPACEOWNER_ASSIGN
           ]
         }
       }

website/blog/2024-11-28-Release-0.md

@@ -0,0 +1,82 @@
+---
+author: meshcloud
+title: Release 2024.51.0
+---
+
+Release period: 2024-11-20 to 2024-11-28
+
+This release includes the following issues:
+* Slow performance when moving tenants
+* Missing Partner Employee Permissions
+* Manage Workspace Users from the Admin Area
+* Deprecation of meshStack resource inventory
+* Workspace Role Recertification Reminders
+* Extend meshObject API with meshWorkspaceGroupBindings
+* meshObject API meshWorkspaceUserBinding status codes changes
+<!--truncate-->
+
+## Ticket Details
+### Slow performance when moving tenants
+**Audience:** Partner<br>
+
+#### Description
+This improves the performance of the tenant move wizard.
+The tenant move wizard loaded a lot of data in the background. In environments with a lot of
+projects and tenants this could lead to very slow behavior. This is now fixed.
+
+### Missing Partner Employee Permissions
+**Audience:** Partner<br>
+
+#### Description
+Due to a permissions issue, the Partner Employee role was no longer able to see and manage payment 
+methods in the Partner area. The permissions have been adjusted and the issue has been resolved.
+
+### Manage Workspace Users from the Admin Area
+**Audience:** Partner<br>
+
+#### Description
+Now you are be able to manage users directly from the admin area. This includes assigning, deleting, and changing roles, 
+as well as setting expiration dates, all without needing to assign yourself to this specific workspace. Note that this 
+functionality is available only to users with Partner Admin or Partner Employee roles.
+
+### Deprecation of meshStack resource inventory
+**Audience:** User<br>
+
+#### Description
+meshStack previously supported the inventory of Virtual Machines on OpenStack, accessible in the Admin Area
+under Resources > Platforms. This feature has now been fully deprecated and removed from meshStack.
+
+### Workspace Role Recertification Reminders
+**Audience:** User<br>
+
+#### Description
+To help you manage role recertification more easily, we have introduced a pop-up window that appears after logging in, 
+if your own or team member roles of any workspace you manage, expire. A banner is also shown on the workspace control plane 
+that reminds users about expiring workspace accesses. This helps you manage roles proactively and prevent any loss 
+of access.
+
+### Extend meshObject API with meshWorkspaceGroupBindings
+**Audience:** Partner, Operator<br>
+
+#### Description
+The meshObject API was extended to support the creation, deletion and
+retrieval of meshWorkspaceGroupBindings via the imperative meshObject API
+endpoints (as opposed to the declarative meshObject API endpoints).
+
+#### How to use
+The documentation for the new API endpoints is available in our meshObject
+API documentation, below the meshProjectGroupBinding. For now, this
+functionality is only available for API users, and not for API keys. Support
+for API keys will be available in the future.
+
+### meshObject API meshWorkspaceUserBinding status codes changes
+**Audience:** Partner<br>
+
+#### Description
+With this change, we have updated the HTTP response status codes for the
+newly introduced meshObject API meshWorkspaceUserBindings endpoints to align
+them with the behavior of other API endpoints. The POST
+/api/meshobjects/meshworkspacebindings/userbindings endpoint now returns a
+201 status code when creating a new meshWorkspaceUserBinding. If you're
+already using this API endpoint, please update your status code check to 201.
+

website/sidebars.json

@@ -51,7 +51,6 @@
       "administration.platforms",
       "administration.landing-zones",
       "administration.building-blocks",
-      "administration.inventory",
       "administration.service-brokers",
       "administration.analytics",
       "administration.emergency-users",
@@ -91,8 +90,7 @@
     "Microsoft Azure": [
       "meshstack.azure.index",
       "meshstack.azure.landing-zones",
-      "meshstack.azure.metering",
-      "meshstack.azure.inventory"
+      "meshstack.azure.metering"
     ],
     "Google Cloud Platform": [
       "meshstack.gcp.index",
@@ -119,8 +117,7 @@
     ],
     "OpenStack": [
       "meshstack.openstack.index",
-      "meshstack.openstack.metering",
-      "meshstack.openstack.inventory"
+      "meshstack.openstack.metering"
     ],
     "OSB Services": [
       "meshstack.meshmarketplace.index",

website/static/api/api_index.html

@@ -549,12 +549,12 @@ <h3 id="_index">Index</h3>
 
 {
   "_links" : {
-    "metadata" : {
-      "href" : "https://mesh-backend-url/api/metadata"
-    },
     "meshobjects" : {
       "href" : "https://mesh-backend-url/api/meshobjects"
     },
+    "metadata" : {
+      "href" : "https://mesh-backend-url/api/metadata"
+    },
     "self" : {
       "href" : "https://mesh-backend-url/api"
     }
@@ -566,7 +566,7 @@ <h3 id="_index">Index</h3>
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2024-11-06 13:33:16 UTC
+Last updated 2024-11-28 07:09:15 UTC
 </div>
 </div>
 </body>

website/static/api/api_key_login.html

@@ -591,7 +591,7 @@ <h3 id="api_key_login">API Key Login</h3>
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2024-11-06 13:33:16 UTC
+Last updated 2024-11-28 07:09:15 UTC
 </div>
 </div>
 </body>

website/static/api/api_keys.html

@@ -477,7 +477,7 @@ <h3 id="api_keys">API Keys</h3>
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2024-11-06 13:33:16 UTC
+Last updated 2024-11-28 07:09:15 UTC
 </div>
 </div>
 </body>

website/static/api/common_data_formats.html

@@ -542,7 +542,7 @@ <h3 id="tags">Tags</h3>
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2024-11-06 13:33:16 UTC
+Last updated 2024-11-28 07:09:15 UTC
 </div>
 </div>
 </body>