v4.2 Release Notes
Acknowledgments
Accessibility
Open OnDemand v4.2 includes many accessibility improvements across the dashboard and core applications. These include:
Additional support for keyboard navigation
Improved labeling for form items and icons
Additional regions and landmarks
Improved announcement and focus handling on automatically updating pages
Contrast improvements for links and buttons
Improved alerting experience with screen readers
A VPAT has been created for version 4.2 which outlines the compliance of Open OnDemand with the WCAG AA standard. Changes in version 4.2 ensure that immutable aspects of OnDemand are accessible by default, but do not account for customizations configured on individual instances. An individual instance should be reviewed separately for compliance, but we recommend specifically checking the following configurations that are directly related to WCAG guidelines.
Ensure
show_all_apps_linkis set to true to satisfy 2.4.5 Multiple Ways
This page acts as a searchable site map to all the enabled apps on your system. In addition to enabling the link in the navbar, it may be helpful to call attention and link to it in your homepage welcome message.
The default value has been changed from false to true in v4.2. Ensure that your custom configuration does not override this default.
The
show_all_apps_linkconfiguration can be set through the environment variableSHOW_ALL_APPS_LINKor in your ondemand.d/*.yml files.
Operating System Support
Open OnDemand version 4.2 adds support for Debian 13 and Ubuntu 26.04.
Open OnDemand version 4.2 drops support for Ubuntu 22.04.
Dependency Updates
This release updates the following dependencies:
Passenger 6.1.2
NGINX 1.28.0
ondemand-dex 2.45.1
Ubuntu and Debian repository signing change
Debian and Ubuntu repositories are now signed using a SHA512 key rather than the previous SHA1 key.
Using the OnDemand release packages will result in the correct key being used.
If not using OnDemand's release packages, the DEB-GPG-KEY-ondemand-SHA512 should be downloaded and used by the OnDemand repository's signed-by.
curl -fsSL https://apt.osc.edu/ondemand/DEB-GPG-KEY-ondemand-SHA512 | gpg --dearmor -o /etc/apt/keyrings/ondemand-web.gpg
source /etc/os-release
echo "deb [signed-by=/etc/apt/keyrings/ondemand-web.gpg] https://apt.osc.edu/ondemand/4.2/web/apt $VERSION_CODENAME main" > /etc/apt/sources.list.d/ondemand-web.list
Behavior Changes
Active Jobs Extended Details Panel Opens to the Side
In order to make the Active Jobs table accessible to screen readers, the mechanism for viewing the extended details of a job has been changed. Instead of opening the panel inside the table, it now opens either above or beside, allowing table navigation to proceed normally.
Interactive App Popovers Persist Under Hover and Focus
The app preview popovers shown in the 'Interactive Apps' list now open when focus lands on the trigger. The popovers will remain open as long as hover or focus remains within the trigger or popover content, allowing users to click links inside the popover.
Workflows Now Provide OOD_WORKFLOW_SYNC_KEY to Launchers
It was previously difficult to synchronize launchers within a workflow and pass data between launchers
without overwriting the data on each run. The introduction of the OOD_WORKFLOW_SYNC_KEY environment
variable fixes this by providing a unique alphanumeric value for each run of a workflow, which launchers
can include in file and directory names when reading or writing data. The feature can be enabled for
individual workflows upon creation or by editing an existing workflow. See the updated Project Manager Tutorial
for additional details and strategies for using OOD_WORKFLOW_SYNC_KEY in your workflows.
Edit Links No Longer Appear when Downloads are Disabled
For users with the download_enabled configuration set to false, the files app and
project directory tables will no longer serve 'Edit' links to files. This prevents users from opening the file editor
and copying the file contents, effectively downloading the file. With this change, disabling downloads will prevent
users from exporting the contents of any files, while still being able to execute certain files in predefined contexts,
like batch connect apps or templated projects.
Upgrade Instructions
Warning
Update the development and/or test instances of OnDemand installed at your center before you modify the production instance.
Warning
We have tested the upgrade from version 4.1.4 to version 4.2.0 at OSC's Open OnDemand instance.
Update Open OnDemand repository.
sudo yum install -y https://yum.osc.edu/ondemand/4.2/ondemand-release-web-4.2-1.el8.noarch.rpm
sudo yum install -y https://yum.osc.edu/ondemand/4.2/ondemand-release-web-4.2-1.el9.noarch.rpm
sudo yum install -y https://yum.osc.edu/ondemand/4.2/ondemand-release-web-4.2-1.el9.noarch.rpm
wget -O /tmp/ondemand-release-web_4.2.0-noble_all.deb https://apt.osc.edu/ondemand/4.2/ondemand-release-web_4.2.0-noble_all.deb sudo apt install /tmp/ondemand-release-web_4.2.0-noble_all.deb sudo apt update
wget -O /tmp/ondemand-release-web_4.2.0-bookworm_all.deb https://apt.osc.edu/ondemand/4.2/ondemand-release-web_4.2.0-bookworm_all.deb sudo apt install /tmp/ondemand-release-web_4.2.0-bookworm_all.deb sudo apt update
sudo dnf install -y https://yum.osc.edu/ondemand/4.2/ondemand-release-web-4.2-1.amzn2023.noarch.rpm
Update Open OnDemand.
sudo yum clean all sudo yum update ondemand
sudo apt-get --only-upgrade install ondemand
(Dex users only) Update the
ondemand-dexpackage.sudo yum update ondemand-dex
sudo apt-get --only-upgrade install ondemand-dex
Update Apache configuration and restart Apache.
sudo /opt/ood/ood-portal-generator/sbin/update_ood_portalsudo systemctl try-restart httpd
sudo systemctl try-restart apache2
sudo systemctl try-restart httpd
(Dex users only) Restart the
ondemand-dexservice.sudo systemctl try-restart ondemand-dex.service
(SELinux users only) Update SELinux policies.
Force all PUNs to restart.
sudo /opt/ood/nginx_stage/sbin/nginx_stage nginx_clean -f