November 24, 2021

The Arvados team is pleased to announce Arvados 2.3.1. This release features server side support for checking metadata properties against a vocabulary, and a number of bug fixes. We recommend that new and existing installations of 2.3.0 or earlier upgrade to 2.3.1. See Upgrading Arvados for upgrade instructions.

New Features

#17944

Object properties can now be optionally checked during create an update operations against a metadata vocabulary. The vocabulary lists formal identifiers and human-readable aliases for metadata keys and values. Metadata which is not valid in the vocabulary configuration will be rejected with an error message explaining what is wrong. For more information, see the Metadata vocabulary section of the admin documentation.

#16817

New configuration option Users.ActivatedUsersAreVisibleToOthers. When enabled, new users will be visible to other users by default, instead of hidden from other users by default. Based on feedback, this option is also now enabled by default.

#16957

arvados-cwl-runner now checks if a workflow has a circular dependency and reports an error before start, instead of failing with “workflow deadlocked”.

Bug Fixes

#18346

In a LoginCluster federation, satellite clusters will no longer forward requests to the login cluster when the request is authorized with a token that was issued by the satellite cluster. This prevents a situation from forming where the login cluster connects back to the satellite to attempt to validate the token, creating a queue of pending requests and ultimately making the both clusters unresponsive.

In addition, the arv-mount process started by crunch-run will no longer connect to the websockets server (this was introduced in 2.3.0 as an unintentional side effect of another change).

#18183

When a user account is deactivated, Arvados will now explicitly revoke their tokens as well.

#17962

Improved error handling in arv-copy when copying one item fails while copying a project.

#18339

Sweeping trashed objects is now controlled by arvados-controller, which will acquire an advisory lock before starting a trash sweep process. This prevents multiple trash sweep operations from running at once.

#18298

When using the LSF dispatcher, if a container is submitted that cannot ever run (e.g. due to unsatisfiable hardware requirements) the error will now be detected and logged.

#12859

Fixes file descriptor leak in Keepstore using the filesystem-backed driver and clients hang up before the operation is completed.

#18316

Fix bug when mounting a collection by uuid. Arv-mount will no longer attempt to save the collection (resulting in an error) when the file is opened and then closed on read-only mounts.

#18215

Workbench 2 now selects specific fields to be returned by updates (such as changing the name) so that the API server does not unnecessarily send large fields such as manifest_text.

#17635

Add preserve_version option to the arvados.collection.Collection.save() and save_new() methods in the Python SDK.

#18340

Deleting role and filter groups will now delete them immediately instead of marking them as “trashed”. This fixes a bug where role groups would linger and continue to grant unintended permissions.

#18363

Clarify that properties marked as Protected: true under Collections.ManagedProperties can be set if not already defined, but once set cannot be changed except by admins (documentation update only).

#18376

Change how the Keepstore filesystem driver reads the list of keep blocks from the filesystem during an “index” request to avoid an NFS timeout.

#18285

Fix the incorrect “Unknown hint” warning from arvados-cwl-runner when using Arvados extensions.

#18387

Crunch-run now reports the correct version number.

#18336

Pin upper version of httplib2 in Python SDK to avoid version conflict.

#18309

Adjust dependency on faraday Ruby gem for compatability between tools.

#18318

Update nokogiri Ruby gem for CVE-2021-41098. (Note: Arvados only supports CRuby, so we do not believe it is affected by this CVE).