Release notes for Red Hat Developer Hub 1.6.0

GitHub Actions · jmagak · commit e6224db84e83 · 2025-05-05T18:41:12.000+02:00
diff --git a/modules/release-notes/ref-release-notes-deprecated-functionalities.adoc b/modules/release-notes/ref-release-notes-deprecated-functionalities.adoc
@@ -7,9 +7,9 @@ This section lists deprecated functionalities in {product} {product-version}.
 [id="deprecated-functionality-rhidp-6215"]
 == The Topology-specific permission `topology.view.read` is removed
 
-Previously, the Topology plugin used `topology.view.read` permission to control access. Users were unable to configure Topology permissions via RBAC UI. With this update, users can configure Kubernetes plugin permissions via RBAC UI that now governs the access to Topology plugin. You can now use Kubernetes plugin permissions `kubernetes.clusters.read` and `kubernetes.resources.read` for Topology plugin, as topology-specific permission `topology.view.read` is removed. 
+Previously, the Topology plugin used `topology.view.read` permission to control access. Users were unable to configure Topology permissions using the RBAC UI. With this update, users can configure Kubernetes plugin permissions  using the RBAC UI, which now governs the access to the Topology plugin. You can now use Kubernetes plugin permissions `kubernetes.clusters.read` and `kubernetes.resources.read` for the Topology plugin, as the topology-specific permission `topology.view.read` is removed. 
 
-If you are using csv permission file, update the following line:
+If you are using a CSV permission file, update the following line:
 
 .Old topology permission definition
 [source,csv]
@@ -28,5 +28,16 @@ p, role:default/topology-viewer, kubernetes.resources.read, read, allow
 .Additional resources
 * link:https://issues.redhat.com/browse/RHIDP-6215[RHIDP-6215]
 
+[id="deprecated-functionality-rhidp-6368"]
+== Deprecation of dynamic imports with `import(...)`
+
+The use of dynamic imports with `import(...)` has been deprecated and is no longer supported. The Backstage CLI supports native ESM in Node.js code, giving access to the importing of ESM-only packages. Therefore, you must now use `require(...)` as typeof `import(...)` when working with ESM or CommonJS packages.
+
+
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-6368[RHIDP-6368]
+
 
 
diff --git a/modules/release-notes/ref-release-notes-fixed-issues.adoc b/modules/release-notes/ref-release-notes-fixed-issues.adoc
@@ -6,6 +6,18 @@ This section lists issues fixed in {product} {product-version} that have a signi
 
 == Fixed issues in 1.6.0
 
+[id="bug-fix-rhidp-6015"]
+=== Dynamic favicon configuration in `app-config.yaml` is not displayed on the login page
+
+Before this update, the app-config configuration `app.branding.iconLogo` was not applied as the favicon in the browser.
+
+This issue has been fixed, and the app-config configuration `app.branding.iconLogo` now correctly sets the favicon in the browser.
+
+
+.Additional resources
+* link:https://issues.redhat.com/browse/RHIDP-6015[RHIDP-6015]
+
+
 [id="bug-fix-rhidp-6042"]
 === Floating Action Button (FAB) positioned in the &#39;Bottom-Left&#39; slot on {product-short}
 
@@ -21,7 +33,7 @@ With this update, the FAB&#39;s position is adjusted to render adjacent to the n
 [id="bug-fix-rhidp-6448"]
 === Manually added resolutions override resolutions added by `--suppress-native-package`
 
-Previously, manually added resolutions were not overwritten by the package export-dynamic-plugin command. This could lead to incorrect package dependencies in the exported dynamic plugin.
+Earlier, the `export-dynamic-plugin` command did not overwrite manually added resolutions, which could result in incorrect package dependencies in the exported dynamic plugin.
 
 With this update, the `package export-dynamic-plugin` overwrites manually added resolutions, ensuring backstage dependencies are hoisted and native dependencies are suppressed from the exported dynamic plugin.
 
diff --git a/modules/release-notes/ref-release-notes-new-features.adoc b/modules/release-notes/ref-release-notes-new-features.adoc
@@ -4,6 +4,48 @@
 
 This section highlights new features in {product} {product-version}.
 
+[id="feature-rhidp-3597"]
+== OpenTelemetry metrics support added to the Keycloak backend plugin
+
+With this update, the Keycloak backend plugin supports OpenTelemetry metrics, which monitors fetch operations and diagnoses potential issues.
+
+The available counters include the following:
+
+`backend_keycloak_fetch_task_failure_count_total`: Counts fetch task failures where no data was returned due to an error.​
+
+`backend_keycloak_fetch_data_batch_failure_count_total`: Counts partial data batch failures. Even if some batches fail, the plugin continues fetching others.​
+
+These counters include the `taskInstanceId` label, which uniquely identifies each scheduled fetch task, and allows you to trace failures back to individual task executions.
+
+Example configuration:
+
+```text
+backend_keycloak_fetch_data_batch_failure_count_total{taskInstanceId=&#34;df040f82-2e80-44bd-83b0-06a984ca05ba&#34;} 1
+```
+
+You can export metrics using any OpenTelemetry-compatible backend, such as **Prometheus**.
+
+
+[id="enhancement-rhidp-5987"]
+== Updated RBAC and Bulk Import plugins
+
+{product} {product-version} introduces an enhancement to the RBAC and Bulk Import plugins, enabling users to utilize Backstage&#39;s new Auditor service. The key features include: ​
+
+* Audit log format update: 
+
+The audit log format has been updated to align with the new Auditor service conventions. Audit fields and event identifiers have been updated. Filtering queries based on the old format may no longer function as expected.​
+
+* Backend Plugin API integration: 
+
+The audit log is now backed by the `@backstage/backend-plugin-api` package.​
+
+* Audit events Grouping: 
+
+The Bulk Import backend plugin emits audit events for various operations, with the events are grouped logically by `eventId`.​
+
+
+
+
 [id="feature-rhidp-6253"]
 == {product-short} community plugins updated to Backstage 1.36
 
@@ -12,10 +54,15 @@ The {product-short} community plugins have been updated to Backstage version 1.3
 [id="feature-rhidp-6269"]
 == Added a new RBAC conditional rule `IS_OWNER` to RBAC plugin
 
-{product} has introduced a new RBAC conditional rule `IS_OWNER` that allows administrators to grant limited access to the RBAC plugin. This enhancement allows administrators to assign ownership to roles and control their team&#39;s access. Therefore, users can assign ownership to roles, which can be used to conditionally filter roles, permission policies, and conditional policies. 
+{product} introduces a new RBAC conditional rule, `IS_OWNER`, that allows administrators to assign ownership to roles and control access to the RBAC plugin. This enhancement enables more granular access control by allowing ownership-based filtering of roles, permission policies, and conditional policies.
 
 This enhancement removes the resource type from the `policy.entity.create` permission, preventing conditional rules from being applied to the permission. You can update all permission policies that utilize the resource type `policy-entity` with the action `create` (for example `role:default/some_role, policy-entity, create, allow` to `role:default/some_role, policy.entity.create, create, allow`) to prevent degradation in the future.
 
 
+[id="enhancement-rhidp-6882"]
+== Default OIDC sign-in resolver updated
+
+With this update, the default resolver for OIDC sign-in is set to `oidcSubClaimMatchingKeycloakUserId` to enhance security. This resolver is now also available as a configurable option under the sign-in resolver settings.
+
 
 
