Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Release notes for Red Hat Developer Hub 1.6.0

Author: GitHub Actions

modules/release-notes/ref-release-notes-breaking-changes.adoc

@@ -4,6 +4,59 @@
 
 This section lists breaking changes in {product} {product-version}.
 
+[id="removed-functionality-rhidp-6215"]
+== The Topology-specific permission `topology.view.read` is removed
+
+Previously, the Topology plugin used `topology.view.read` permission to control access. Users were unable to configure Topology permissions using the RBAC UI. With this update, users can configure Kubernetes plugin permissions using the RBAC UI, which now governs the access to the Topology plugin. You can now use Kubernetes plugin permissions `kubernetes.clusters.read` and `kubernetes.resources.read` for the Topology plugin, as the topology-specific permission `topology.view.read` is removed. 
+
+If you are using a CSV permission file, update the following line:
+
+.Old topology permission definition
+[source,csv]
+----
+p, role:default/topology-viewer, topology.view.read, read, allow
+----
+
+.New topology permission definition
+[source,csv]
+----
+p, role:default/topology-viewer, kubernetes.clusters.read, read, allow
+p, role:default/topology-viewer, kubernetes.resources.read, read, allow
+----
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-6215[RHIDP-6215]
+
+[id="removed-functionality-rhidp-7365"]
+== Migration to the core Auditor service
+
+The Auditor format, including audit fields and event names, and IDs, has been updated to align with the new Auditor service conventions defined by the upstream Backstage Auditor Service. Filtering queries based on the old format may fail to work as expected.
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-7365[RHIDP-7365]
+
+[id="removed-functionality-rhidp-7373"]
+== {product} introduces the Backstage Audit Log Service
+
+{product} {product-version} introduces the Backstage Audit Log Service, which replaces the custom audit logging system. This is a significant structural and behavioral change to how audit events are generated and consumed.
+
+The key changes introduced by this transition include the following:
+
+* Audit logging is now delegated to Backstage plugins. Each plugin in Backstage is responsible for implementing and emitting its own audit events.
+
+* Audit event names, structure, and content may differ per plugin. Audit events are scoped and designed independently within each plugin using the standardized upstream mechanism, which automatically captures actor details and plugin context.
+
+* New Event Structure and Naming: Audit event names now follow Backstage’s conventions (for example, lowercase, kebab-case names), and include structured metadata such as `actionType`. Legacy {product-short} event names (for example, `ScaffolderTaskCreation`, `CatalogEntityDeletion`) are no longer used.
+
+* Enhanced Log Context: Each audit event includes the plugin context, making it easier to filter logs for specific functional areas. You can filter by the event IDs or metadata associated with that plugin. 
+
+
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-7373[RHIDP-7373]
+
 
-None.
 

modules/release-notes/ref-release-notes-deprecated-functionalities.adoc

@@ -4,6 +4,16 @@
 
 This section lists deprecated functionalities in {product} {product-version}.
 
+[id="deprecated-functionality-rhidp-6368"]
+== Deprecation of dynamic imports with `import(...)`
+
+The use of dynamic imports with `import(...)` has been deprecated and is no longer supported. The Backstage CLI supports native ESM in Node.js code, giving access to the importing of ESM-only packages. Therefore, you must now use `require(...)` as typeof `import(...)` when working with ESM or CommonJS packages.
+
+
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-6368[RHIDP-6368]
+
 
-None.
 

modules/release-notes/ref-release-notes-fixed-issues.adoc

@@ -2,8 +2,66 @@
 [id="fixed-issues"]
 = Fixed issues
 
-This section lists issues fixed in {product} {product-version}.
+This section lists issues fixed in {product} {product-version} that have a significant impact on users.
+
+== Fixed issues in 1.6.0
+
+[id="bug-fix-rhidp-5731"]
+=== Updated the air-gapped installation guide for non-OpenShift platforms
+
+Previously, {product} documentation did not highlight the {product-short} installation using Helm Chart in fully and partially air-gapped environments on supported Kubernetes platforms.
+
+With this update, the documentation provides instructions for mirroring required container images, updating Helm values, and installing the chart, without relying on internet access.
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-5731[RHIDP-5731]
+
+
+[id="bug-fix-rhidp-6010"]
+=== Line wrapping enabled for long menu heading labels
+
+Previously, menu items with long text such as _Platform Engineer Services_ were cut off in the sidebar menu. With this update, line wrapping has been enabled for long menu heading labels, preventing the trimming and ensuring full text visibility.
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-6010[RHIDP-6010]
+
+
+[id="bug-fix-rhidp-6015"]
+=== Dynamic favicon configuration in `app-config.yaml` is not displayed on the login page
+
+Before this update, the app-config configuration `app.branding.iconLogo` was not applied as the favicon in the browser.
+
+This issue has been fixed, and the app-config configuration `app.branding.iconLogo` now correctly sets the favicon in the browser.
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-6015[RHIDP-6015]
+
+
+[id="bug-fix-rhidp-6042"]
+=== Floating Action Button (FAB) positioned in the 'Bottom-Left' slot on {product-short}
+
+Previously, the Floating Action Button (FAB) appeared over the navigation sidebar when the slot was set to 'bottom-left'. This placement obstructed access to navigation elements, potentially hindering user interaction.
+
+With this update, the FAB's position is adjusted to render adjacent to the navigation for the 'bottom-left' slot position. As a result, users can access navigation options without obstruction.
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-6042[RHIDP-6042]
+
+
+[id="bug-fix-rhidp-6448"]
+=== Manually added resolutions override resolutions added by `--suppress-native-package`
+
+Earlier, the `export-dynamic-plugin` command did not overwrite manually added resolutions, which could result in incorrect package dependencies in the exported dynamic plugin.
+
+With this update, the `package export-dynamic-plugin` overwrites manually added resolutions, ensuring backstage dependencies are hoisted and native dependencies are suppressed from the exported dynamic plugin.
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-6448[RHIDP-6448]
 
 
-None.
 

modules/release-notes/ref-release-notes-new-features.adoc

@@ -1,8 +1,159 @@
-:_content-type: REFERENCE
-[id="new-features"]
-= New features
-
-This section highlights new features in {product} {product-version}.
-
-None.
-
+:_content-type: REFERENCE
+[id="new-features"]
+= New features
+
+This section highlights new features in {product} {product-version}.
+
+[id="feature-rhidp-3597"]
+== OpenTelemetry metrics support added to the Keycloak backend plugin
+
+With this update, the Keycloak backend plugin supports OpenTelemetry metrics, which monitors fetch operations and diagnoses potential issues.
+
+The available counters include the following:
+
+* `backend_keycloak_fetch_task_failure_count_total`: Counts fetch task failures where no data was returned due to an error.​
+
+*  `backend_keycloak_fetch_data_batch_failure_count_total`: Counts partial data batch failures. Even if some batches fail, the plugin continues fetching others.​
+
+These counters include the `taskInstanceId` label, which uniquely identifies each scheduled fetch task, and allows you to trace failures back to individual task executions.
+
+Example configuration:
+
+```text
+backend_keycloak_fetch_data_batch_failure_count_total{taskInstanceId="df040f82-2e80-44bd-83b0-06a984ca05ba"} 1
+```
+
+You can export metrics using any OpenTelemetry-compatible backend, such as **Prometheus**.
+
+
+[id="enhancement-rhidp-5039"]
+== Enhanced session duration control and refresh token cookie policy
+
+With this update, the maximum age of the refresh token cookie has been reduced to 400 days to align with the modern web browser policies. Additionally, a new configurable field, `sessionDuration`, has been introduced in the supported authentication providers. This allows administrators to specify custom user session durations, enabling better control over session timeouts and enforced logouts.
+
+For more information, see link:https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.5/html-single/authentication_in_red_hat_developer_hub/index#idm140459408106672[Authentication in {product}].
+
+[id="enhancement-rhidp-5987"]
+== Updated Auditor Service
+
+{product} {product-version} introduces an enhancement to the RBAC and Bulk Import plugins, enabling users to utilize Backstage's new Auditor service. The key features include: ​
+
+* Audit log format update: 
+
+The audit log format has been updated to align with the new Auditor service conventions. Audit fields and event identifiers have been updated. Filtering queries based on the old format may no longer function as expected.​
+
+* Backend Plugin API integration: 
+
+The audit log is now backed by the `@backstage/backend-plugin-api` package.​
+
+* Audit events Grouping: 
+
+The Bulk Import backend plugin emits audit events for various operations, with the events are grouped logically by `eventId`.​
+
+
+
+
+[id="feature-rhidp-6158"]
+== Renamed `Create` to `Self-service`
+
+The term `Create` has been renamed to `Self-service` across key UI areas to better align with the self-service functionality provided through the Backstage scaffolder, enhancing clarity for users.
+
+This change applies to the following areas:
+
+* Sidebar navigation
+* Global header
+* Catalog page
+* Scaffolder page
+
+[id="enhancement-rhidp-6173"]
+== Simplify Operator-backed deployments on OpenShift with automatic `baseUrl` configuration
+
+Previously, deploying {product-short} using the Operator required manually configuring the `baseUrl` settings in the custom app-config ConfigMap.
+
+With this update, the Operator can now automatically compute the default application URL based on the OpenShift cluster ingress domain and the custom Route settings in the `Backstage` Custom Resource. It will then populate this as the default `baseUrl` in the app-config ConfigMap that it generates for the {product-short} instance. This functionality is specific to OpenShift. The Operator fills the following fields in the default app-config ConfigMap: `app.baseUrl`, `backend.baseUrl`, and `backend.cors.origin`. As a result, this eliminates the need to manually set such values for most Operator-backed deployments on OpenShift, though you can still override these settings in your custom app-config ConfigMap.
+
+[id="enhancement-rhidp-6184"]
+== New sidebar item visibility configuration
+
+{product} now supports a clean and flexible way to hide sidebar items using a new enabled key in the sidebar menu configuration. If set to false, the specified sidebar item will no longer appear in the UI, while maintaining full backward compatibility with existing configurations. 
+
+Example configuration:
+[source,yaml]
+----
+dynamicPlugins:
+  frontend:
+    default.main-menu-items:
+      menuItems:
+        default.home:
+          title: Home
+          icon: home
+          enabled: false
+        default.list:
+          title: References
+          icon: bookmarks
+        default.my-group:
+          parent: default.list
+        default.learning-path:
+          parent: default.list
+          title: ''     
+        default.homepage:
+          title: HomePage 123
+          icon: home
+          enabled: false
+        default.create:
+          title: Create
+          icon: add
+          parent: default.homepage
+----
+
+You can now also toggle visibility of core sidebar elements like the logo, search, settings, and administration as shown:
+
+[source,yaml]
+----
+app:
+  sidebar:
+    search: false           # hides sidebar search
+    logo: false             # hides sidebar logo
+    settings: false         # hides settings item
+    administration: false   # hides administration item
+----
+
+[id="feature-rhidp-6253"]
+== {product-short} community plugins updated to Backstage 1.36
+
+The {product-short} community plugins have been updated to Backstage version 1.36.
+
+[id="feature-rhidp-6269"]
+== Added a new RBAC conditional rule `IS_OWNER` to RBAC plugin
+
+{product} introduces a new RBAC conditional rule, `IS_OWNER`, that allows administrators to assign ownership to roles and control access to the RBAC plugin. This enhancement enables more granular access control by allowing ownership-based filtering of roles, permission policies, and conditional policies.
+
+This enhancement removes the resource type from the `policy.entity.create` permission, preventing conditional rules from being applied to the permission. You can update all permission policies that utilize the resource type `policy-entity` with the action `create` (for example `role:default/some_role, policy-entity, create, allow` to `role:default/some_role, policy.entity.create, create, allow`) to prevent degradation in the future.
+
+
+[id="feature-rhidp-6555"]
+== Support for high availability in {aks-brand-name} 
+
+{product} now supports high availability setups in {aks-brand-name} ({aks-short}). This enhancement allows the deployment to scale beyond a single replica, ensuring the application remains operational and accessible even in the event of failures or disruptions.
+
+For more information, see link:https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.5/html-single/configuring_red_hat_developer_hub/index#HighAvailability[_Configuring high availability in Red Hat Developer Hub_].
+
+[id="feature-rhidp-6764"]
+== Added `@backstage/plugin-scaffolder-backend-module-github` plugin for {product-short}
+
+{product} now supports the `@backstage/plugin-scaffolder-backend-module-github` plugin, enabling GitHub Actions within software templates. With this integration, you can securely create and manage repositories, open pull requests, trigger GitHub Actions workflows, and more, all directly from the software template. This plugin empowers users to automate GitHub interactions and workflows with ease.
+
+[id="enhancement-rhidp-6882"]
+== Default OIDC sign-in resolver updated
+
+With this update, the default resolver for OIDC sign-in is set to `oidcSubClaimMatchingKeycloakUserId` to enhance security. This resolver is now also available as a configurable option under the sign-in resolver settings.
+
+[id="feature-rhidp-7424"]
+== New dynamic plugin for Kubernetes scaffolder actions
+
+With this update, {product-short} introduces the @backstage-community/plugin-scaffolder-backend-module-kubernetes plugin as a dynamic plugin, enabling Backstage template actions for Kubernetes. Currently, it includes the create-namespace action. This dynamic plugin is disabled by default. 
+
+For more information, see link:https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.5/html-single/dynamic_plugins_reference/index#red-hat-supported-plugins[{company-name} supported plugins]. 
+
+
+

modules/release-notes/ref-release-notes-technology-preview.adoc

@@ -13,5 +13,4 @@ See: link:https://access.redhat.com/support/offerings/techpreview/[Technology Pr
 ====
 
 
-None.
-
+None.