RELEASE NOTES
24 October 2024
COMUNITY PLATFORM
New features and enhancements available on the ComUnity Platform.
SUPPORT FOR 3RD PARTY SERVICES - AZURE FUNCTION APPS:
An extensible ComUnity Platform foundation for 3rd Party Cloud Services, starting with support for Azure Function Apps.
- ComUnity observability libraries integrated to Azure Function Apps within .NET projects.
- Model changes and deployment scripts to enable individual function selection during deployment in both QA and production environments.
OBSERVABILITY
Core Alerting Framework
An integrated event, alerting and notification framework within the ComUnity Platform Observability service.
- New core alerting framework integrating events and alerts from the core observability stack (based on Open Telemetry).
- Added support for data structure designs related to alerts and notifications.
ENHANCEMENTS
These enhancements are designed to support a wider set of use cases in the digital platform ecosystem.
- Exemplars in Open Telemetry: Exemplars enhance the ComUnity Platform’s observability by linking metrics with detailed trace data, enabling faster and more precise identification and resolution of performance issues in real-time.
- Deploy Promitor: Promitor simplifies Azure monitoring by seamlessly exposing Azure resource metrics to Prometheus, enhancing observability across cloud infrastructure for the ComUnity Platform.
SECURITY
Secure Access Enhancement
The “Secure Access Enhancement” feature is a comprehensive update to the ComUnity Platform security posture, addressing key vulnerabilities and strengthening user authentication and data handling processes.
- Authorization bypass opportunities eliminated by enforcing strict authorization checks, particularly addressing the exploitation of the OData expand functionality.
- A secure file upload mechanism, restricting uploads to authenticated users and limiting file types to prevent malicious content from compromising system integrity. Key components of this enhancement include the implementation of a media type whitelist for file uploads, a new user role specifically designed for file sharing responsibilities, and the requirement for two-factor authentication to add an extra layer of security for user accounts with upload capabilities. This feature also delineates file access permissions into two categories — private files and others — to provide a clear and controlled file-sharing environment within the system.
- A robust logging of all file upload attempts has been incorporated and authorization checks implemented to create an audit trail for enhanced monitoring and incident response.
- Updated documentation and training materials are provided to ensure that system administrators and application admins are fully equipped to manage these new security controls effectively.
PLATFORM TOOLKIT
New features and enhancements available on the ComUnity Platform Toolkit.
OBSERVABILITY
Core Alerting Framework
New metrics and notifications integrated in Observability.
- New core alerting framework including the design and review of alerting within the Toolkit user interface, ensuring that users can easily manage and interact with alerts.
- Integrated alerting for key infrastructure metrics, allowing real-time monitoring and notifications.
Figure 1: Platform Toolkit Notification Hub showing list of latest notifications.
Figure 2: Platform Toolkit Notification Center showing new event management interface.
- Integrated observability features in the Configuration Hub and Toolkit Application, improving user interaction with observability configuration data.
Figure 3: Platform Toolkit Configuration Hub for management of event and notification settings.
Tooltips and Contextual Help:
Dynamic tooltips added throughout Toolkit and linked to contextual online help.
Figure 4: Platform Toolkit showing enhanced tooltips and links to contextual online help.
Azure Function Apps:
A scalable foundation for Azure Function Apps has been added with templates and services to support development of Azure Function Application Integration into the Platform Toolkit.
- Project template for Azure Function Apps to streamline the creation and deployment process.
Figure 5: New interface for creation and management of project related Azure Function Applications.
Figure 6: Deploy Azure Functions directly from Platform Toolkit
Figure 7: Manage Azure Function App settings directly within the Platform Toolkit/Config Hub.
- Deployment Scripts for Azure Function Apps: scripts that enable individual functions to be selected and deployed across both QA and production environments.
Figure 8: Management of Azure Function App deployment scripts within Platform Toolkit.
MAJOR BUG FIXES
New metrics and notifications integrated in Observability.
- HTTPS Issue with OTEL Collector: Resolved issues preventing HTTPS connections with the Open Telemetry Collector.
- Android Observability Issues: Fixed various bugs affecting observability tools on Android devices.
- Toolkit Errors: Corrected errors occurring within the Platform Toolkit during team creation and updates.
- Inconsistent UI Designs: Addressed issues with mismatched designs across different Platform Toolkit application screens.
- Too Many Requests from Jaeger: Resolved error where Jaeger sent too many requests, causing performance issues.