# Stork 1.17.0 Release Notes, June 12, 2024 Welcome to Stork 1.17.0, another development release. The changes introduced in this version are: 1. **Shared network management**: The work of enabling shared networks management is in progress. In this release, the ability to edit existing networks was added [#1370, #1371]. Adding new networks and deleting existing ones is coming soon, as well as more advanced editing. 2. **Statistics**: We fixed an inconsistency in the shared network utilization display between the utilization presented in the UI and the information returned by the metrics endpoint. The server's metrics endpoint no longer returns delayed statistics [#1214]. The subnet-id labels are now always included in the Prometheus statistics [#1323]. 3. **Security**: It is now possible to disable new machine registrations via the UI: there is a new section on the settings page. This can prevent a potential attack vector [#1339]. The server no longer reveals the agent token when the ping call via REST API is invalid, thus closing this attack vector. The risk was minimal, however, because it required a valid server token first [#1340]. 4. **LDAP**: The bind user domain name (DN) and the root DN can now be specified separately in the LDAP hook. Thanks to Robin Berger for the patch [#1325]. 5. **UI improvements**: Invalid URLs now get redirected to the home page, rather than displaying an empty page [#1355, #1308]. A misplaced help tip was fixed [#1305]. 6. **Bug fixes**: The filtering on various views (hosts, leases, subnets, machines, etc.) is now much more consistent and many related bugs are now fixed [#1304, #1261, #1265]. A bug was fixed that caused the password change to fail if certain characters were present [#1275]. We fixed a bug that could cause a Stork server to crash if the BIND 9 process were detected, but the Stork agent failed to fetch its data over the RNDC protocol due to insufficient permissions or other connectivity problems [#1381]. We fixed a server crash that occurred when a few commands were sent to Kea at once and some of them (but not all) failed. Stork incorrectly handled this situation while generating an error event [#1394]. The GRPC certificates are now verified by the Stork agent when starting. This prevents the agent from starting and running in a useless state if it is not able to establish a connection to the server [#1352]. The reservations list now shows all reservations, including those without any IP addresses reserved [#1337]. We fixed the schema of the server URL in the installation script, which was always HTTP, even if the server was configured with SSL [#1342]. We fixed a problem with improper redirecting after login. If a non-logged-in user entered any page other than the root page, Stork would get stuck on the login page after signing in [#1355]. 7. **Build improvements**: We fixed a problem with the login screen after a PrimeNG update [#1407]. golang was upgraded to 1.22.3 [#1380]. The CI workflow was improved to better handle AWS spot instances [#1401]. A database schema was updated; in the future it will be used for host migration [#1318, #1359]. Storybook-addon-mock, a developer dependency, was updated [#1359]. We fixed a problem that occurred when gems installed by rake couldn't find a JSON dependency [#1351]. 8. **Documentation**: A security policy document was added [#1276]. 9. **Testing**: We merged unit tests for a problem fixed in an earlier Stork release [#1344]. Please see this link for known issues: https://gitlab.isc.org/isc-projects/stork/-/wikis/Known-issues. ## Incompatible Changes There are no incompatible changes in this release. ## Release Model Stork has bi-monthly development releases. We encourage users to test the development releases and report back their findings on the stork-users mailing list, available at https://lists.isc.org/mailman/listinfo/stork-users, or report bugs at https://gitlab.isc.org/isc-projects/stork/-/issues/. This text references issue numbers. For more details, visit the Stork GitLab page at https://gitlab.isc.org/isc-projects/stork/-/issues. ## License Stork is released under the Mozilla Public License, version 2.0. https://www.mozilla.org/en-US/MPL/2.0 ## Download The easiest way to install the software is to use native deb or RPM packages. They can be downloaded from: https://cloudsmith.io/~isc/repos/stork/ The Stork source and PGP signature for this release may be downloaded from: https://downloads.isc.org/isc/stork The signature was generated with the ISC code-signing key, which is available at: https://www.isc.org/pgpkey ISC provides documentation in the Stork Administrator Reference Manual (ARM). It is available on ReadTheDocs.io at https://stork.readthedocs.io/en/latest/, and in source form in [the doc/ directory](https://gitlab.isc.org/isc-projects/stork/-/tree/master/doc). We ask users of this software to please let us know how it worked for you and what operating system you tested on. Feel free to share your feedback on the stork-users mailing list (https://lists.isc.org/mailman/listinfo/stork-users). We would also like to hear whether the documentation is adequate and accurate. Please open tickets in the Stork GitLab project for bugs, documentation omissions and errors, and enhancement requests. We want to hear from you even if everything worked. ## Support Free best-effort support is provided by our user community via a mailing list. Information on all public email lists is available at https://www.isc.org/mailinglists/. If you have any comments or questions about working with Stork, please share them to the stork-users list (https://lists.isc.org/mailman/listinfo/stork-users). Bugs and feature requests may be submitted via GitLab at https://gitlab.isc.org/isc-projects/stork/issues. ## Changes The following summarizes changes and important upgrades since the previous Stork release, version 1.16.0. * 418 [bug] slawek Added support for big numbers in the statistics introduced in Kea 2.5.3. Added a new Kea checker to notify about degraded or missing capabilities to gather the statistics for the previous Kea versions. (Gitlab #1193) * 417 [doc] tomek The security policy document is now available as a separate document. (Gitlab #1276) * 416 [sec] marcin Added a new setting to disable registering new machines in the Stork server. (Gitlab #1339) * 415 [build] slawek Fixed the security vulnerabilities reported by the Github Dependabot and updated dependencies including Go 1.22.4, Angular 17.3.8, PrimeNG 17.17.0, GoSwagger v0.31.0, OpenAPI Generator 7.6.0 and several Python and Ruby packages. (Gitlab #1380) * 414 [bug] slawek Fixed inconsistency between the utilization presented in the UI and returned by the metrics endpoint. The server's metrics endpoint no longer returns delayed statistics. (Gitlab #1214) * 413 [func] piotrek Reworked filtering on hosts' reservations page. Separate filters are now available in the hosts' table header. Applied filters are stored in the session storage of the web browser. (Gitlab #1265) * 412 [func] marcin Implemented a form for updating shared network parameters. (Gitlab #1370) * 411 [bug] piotrek Fixed a bug in UI of the password change form. The problem was when user provided New password containing special characters e.g. +. Even though New password and Confirm password where identical, form validation was failing and user could not submit New password change form. Similar issues could be experienced when New user account was being created or existing user account being edited by an admin. The issue there was also fixed. (Gitlab #1275) * 410 [func] slawek Refactored the IP reservation and host tables to associate the reservation data with particular daemons that store them. Fixed a bug causing duplication of the client class section on the host page. (Gitlab #1318) * 409 [bug] slawek Fixed a bug that may cause a Stork server crash if the BIND 9 process was detected but the Stork agent failed to fetch its data over RNDC protocol due to insufficient permissions or other connectivity problems. (Gitlab #1381) * 408 [bug] slawek Fixed a server crash that occurred when a few commands were sent to Kea at once and some of them (but not all) failed. Stork incorrectly handled this case while generating an error event. (Gitlab #1394) * 407 [func] slawek Added new labels for subnet metrics exported to Prometheus to always include subnet ID. (Gitlab #1323) * 406 [func] slawek Added validation of the existing GRPC certificates before running the agent. This prevents the agent from starting if it is not able to establish a connection to the server. (Gitlab #1352) * 405 [func] ! robin.berger, slawek Separated the bind user domain name (DN) from the root DN used to log in users. (Gitlab #1325) * 404 [sec] slawek The server no longer reveals the correct agent token when the token specified in the ping call via REST API is invalid. Previously, this endpoint could be used to discover a valid agent token. However, the risk was minimal because it required hijacking the server token first. (Gitlab #1340) * 403 [bug] slawek Fixed not showing the hostname-only reservations (reservations without assigned IP addresses) on the list while the filter was set. (Gitlab #1337) * 402 [bug] slawek Fixed the scheme of the server URL in the installation script, which was always HTTP, even if the server was configured with SSL. (Gitlab #1342) * 401 [build] marcin Upgraded storybook-addon-mock to version 5.0.0. Existing stories failed to run with the older version. (Gitlab #1359) * 400 [bug] piotrek Fixed a bug in Stork UI with displaying help tooltips on smaller displays. Sometimes the header and part of the help tooltip was not visible. Now, the whole help tooltip is visible for all screen sizes. (Gitlab #1305) * 399 [bug] slawek Fixed a problem with improper redirecting after login. If the non-logged user entered any subpage rather than the root page, it was stuck on the login page after signing in. (Gitlab #1355) Thank you again to everyone who assisted us in making this release possible. We look forward to receiving your feedback.