Release 7.7.0
Release period: 2020-02-17 to 2020-02-27
This release includes the following issues:
- Correct import order for service instances and bindings
- Add/Edit Azure Blueprints on existing Landing Zones
- Free text service parameter
- Set default meshCustomer quotas via meshStack configuration
- Set Azure Blueprint assignment lock mode per landing zone
- Relaxed Azure Subscription Role Assignment reconciliation
- Multiple Blueprints per Azure Landing Zone
- Improved Footer & Terms Link configuration
- Platform Instances renamed to "meshPlatform"
- Improved Service Instance Sharing
Ticket Details
Correct import order for service instances and bindings
Audience: Operator
Component: meshfed
Description
When importing a batch of mesh objects containing projects and service instances/bindings the latter will now be created last to ensure the project exists.
Add/Edit Azure Blueprints on existing Landing Zones
Audience: Partner
Component: release-note
Description
Azure Blueprint fields can now be updated in existing Landing Zones. Furthermore additional blueprints can be added to existing Landing Zones. Updating existing Azure Blueprints must be done with extrem caution to avoid conflicts in Azure. Please keep in mind that meshStack won't remove assigned Azure Blueprints.
Free text service parameter
Audience: User
Component: release-note
Description
We provide users with the possibility to set free text parameters while creating or updating a service instance. A user can set such parameters via json format in the parameters field in the service dialog.
Set default meshCustomer quotas via meshStack configuration
Audience: Operator
Component: meshfed-api
Description
Operators can now configure the default meshCustomer quotas like the allowed number of meshProjects per meshCustomer via meshStack configuration.
How to use
Please consult the meshStack operator documentation for additional information.
Set Azure Blueprint assignment lock mode per landing zone
Audience: Operator, Partner
Description
Azure Blueprint assignment lock modes can now be configured via landing zone configuration for each Azure Blueprint. Previously it was only possible to set the lock mode per Azure meshTenant.
Relaxed Azure Subscription Role Assignment reconciliation
Audience: Operator
Component: replicator
Description
meshStack now allows role assignments to exist on Azure Subscriptions that are managed outside of meshStack. This is useful to create additional role assignments from Azure Blueprints or other Azure Services like DevOps Service Connections.
How to use
meshStack previously reconciled all subscription-level role assignments against the desired meshTenant state as derived from the meshPlatform and Landing Zone configuration. This lead to a problem if third-party services want to create additional role assignments. These role assignments were then deleted by meshStack during reconcilation. meshStack now ignores role assignments to principals that are not exclusively managed by meshStack (i.e. managed AAD groups) and thereby leaves third-party role assignments intact. This gives operators more control but also more responsibility to ensure now unwanted role assignments exist on managed subscriptions.
Multiple Blueprints per Azure Landing Zone
Audience: Partner
Component: meshfed
Description
It is now possible to assign multiple Azure Blueprints to a meshLandingZone.
Improved Footer & Terms Link configuration
Audience: Operator
Component: panel
Description
Operators can now configure meshPanel to disable the 'Terms and Conditions' link. This will hide link from the footer and will also hide it from the meshCustomer registration. Also added an option to hide the 'API' documentation link in the panel footer.
Platform Instances renamed to "meshPlatform"
Audience: User, Customer, Operator
Description
Consistent with the terminology of our meshObject API the meshPanel now consistently labels "Platform Instances" as "meshPlatforms".
Improved Service Instance Sharing
Audience: User
Component: release-note
Description
meshTenant bindings form other projects are now visible to the service sharing project. The sharing project is now enabled to create a service binding within a meshTenant of another project. This is possible if the user facilitating the sharing has access rights in respective projects.