Puppet Enterprise 2021.1.0 7.6.1 (32-bit)

What's new in this version:

Enhancements:
Customize value report estimates:
- You can now customize the low, med, and high time-freed estimates provided by the PE value report by specifying any of the value_report_* parameters in the PE Console node group in the puppet_enterprise::profile::console class.
- Add a custom disclaimer banner to the console
- You can optionally add a custom disclaimer banner to the console login page. To add a banner, see Create a custom login disclaimer.
- Configure and view password complexity requirements in the console
- There are configurable password complexity requirements that local users see when creating a new password. For example, "Usernames must be at least {0} characters long." To configure the password complexity options, see Password complexity parameters.

Re-download CRL on a regular interval:
- You can now configure the new parameter crl_refresh_interval to enable puppet agent to re-download its CRL on a regular interval. Use the console to configure the interval in the PE Agent group, in the puppet_enterprise::profile::agent class, and enter a duration (e.g. 60m) for Value.
- Remove staging directory status for memory, disk usage, and timeout error improvements
- The status output of the file sync storage service (specifically at the debug level), no longer reports the staging directory’s status. This staging information removal reduces timeout errors in the logs, removes heavy disk usage created by the endpoint, and preserves memory if there are many long-running status checks in the Puppet Server.
- Exclude events from usage endpoint response
- In the /usage endpoint, the new events parameter allows you to specify whether to include or exclude event activity information from the response. If set to exclude, the endpoint only returns information about node counts.

Avoid spam during patching:
- The patching task and plan now log fact generation, rather than echoing Uploading facts. This change reduces spam from servers with a large amount of facts.
- Changes to defaults
- The environment timeout settings introduced in 2019.8.3 have been updated to simplify defaults. When you enable Code Manager, environment_timeout is now set to 5m, clearing short-lived environments 5 minutes from when they were last used. The environment_timeout_mode parameter has been removed, and the timeout countdown on environments now always begins from their last use.

Platform support:
- This version adds support for these platforms

Agent:
- Fedora 32

Deprecations and removals:
- Configuration settings deprecated
- The following configuration setting names are deprecated in favor of new terminology
- The previous setting names are available for backwards compatibly, but you should upgrade to the newer setting names at your earliest convenience

Resolved issues:
- Upgrade failed with cryptic errors if agent_version was configured for your infrastructure pe_repo class
- If you configured the agent_version parameter for the pe_repo class that matches your infrastructure nodes, upgrade could fail with a timeout error when the installer attempted to download a non-default agent version. The installer now warns you to remove the agent_version parameter if applicable.
- Upgrade with versioned deploys caused Puppet Server crash
- If versioned_deploys was enabled when upgrading to version 2019.8.6 or 2021.1, then the Puppet Server crashed

Compiler upgrade failed with client certnames defined:
- Existing settings for client certnames could cause upgrade to fail on compilers, typically with the error Value does not match schema: {:client-certnames disallowed-key}.

Compiler upgrade failed with no-op configured:
- Upgrade failed on compilers running in no-op mode. Upgrade now proceeds on infrastructure nodes regardless of their no-op configuration.
- Installing Windows agents with the .msi package failed with a non-default INSTALLDIR
- When installing Windows agents with the .msi package, if you specified a non-default installation directory, agent files were nonetheless installed at the default location, and the installation command failed when attempting to locate files in the specified INSTALLDIR.
- Patching failed on Windows nodes with non-default agent location
- On Windows nodes, if the Puppet agent was installed to a location other than the default C: drive, the patching task or plan failed with the error No such file or directory.
- Patching failed on Windows nodes when run during a fact generation
- The patching task and plan failed on Windows nodes if run during fact generation. Patching and fact generation processes, which share a lock file, now wait for each other to finish before proceeding.
- File sync failed to copy symlinks if versioned deploys was enabled
- If you enabled versioned deploys, then the file sync client failed to copy symlinks and incorrectly copied the symlinks' targets instead. This copy failure crashed the Puppet Server.

Backup failed with an error about the stockpile directory:
- The puppet-backup create command failed under certain conditions with an error that the /opt/puppetlabs/server/data/puppetdb/stockpile directory was inaccessible. That directory is now excluded from backup.

Console reboot task failed:
- Rebooting a node using the reboot task in the console failed due to the removal of win32 gems in Puppet 7. The reboot module packaged with PE has been updated to version 4.0.2, which resolves this issue.

Removed Pantomime dependency in the orchestrator:
- The version of pantomime in the orchestrator had a third party vulnerability (tika-core). Because of the vulnerability, pantomime usage was removed from the orchestrator, but pantomime still existed in the orchestration-services build. The dependency has now been completely removed.
- Injection attack vulnerability in csv exports
- There was a vulnerability in the console where .csv files could contain malicious user input when exported. The values =, +, -, and @ are now prohibited at the beginning of cells to prevent an injection attack.
- License page in the console timed out
- Some large queries run by the License page caused the page to have trouble loading and timeout