Chapter 5. Fixed issues

The Cryostat release might include fixes for issues that were identified in earlier releases of Cryostat. Review each fixed issue note for a description of the issue and the subsequent fix.

Issues fixed in Cryostat 2.3.1

The following issues have been fixed in the Cryostat 2.3.1 release:

Stored credentials incorrectly match against target applications that require JMX authentication and integrate the Cryostat Agent

Typically, the Cryostat Agent is configured to expose a readonly HTTP API that Cryostat interacts with. The Cryostat Agent provides this HTTP API URL to Cryostat as a discovery plug-in implementation. If a target application has an embedded Cryostat Agent and Cryostat attempts to connect to the target over Java Management Extensions (JMX) rather than HTTP, a conflict might arise. In this situation, the stored credentials of the Agent might overlap and conflict with any stored credentials that are necessary for JMX authentication of the target application.

Before Cryostat 2.3.1, this conflict resulted in the wrong credentials being presented for JMX authentication, and Cryostat operations such as listing recordings or activating Automated Rules might fail. This issue could occur when the integrated Agent was configured with the property cryostat.agent.registration.prefer-jmx and the target application had JMX enabled. This issue could also occur when the integrated Agent was configured to register itself with an HTTP URL for discovery, which is the default behavior, but the target application instance was also discoverable by some other mechanism such as Kubernetes API discovery.

From Cryostat 2.3.1 onward, the Cryostat Agent uses a more specific and unique selector for identifying its credentials. This fix enables Cryostat to distinguish between the Agent’s credentials and any credentials necessary for JMX authentication.

CRYOSTAT_DISABLE_BUILTIN_DISCOVERY environment variable disables Custom Targets

Before Cryostat 2.3.1, when you set the CRYOSTAT_DISABLE_BUILTIN_DISCOVERY environment variable to True, this action also disabled Custom Targets functionality in addition to other built-in discovery mechanisms. The expected behavior is that the CRYOSTAT_DISABLE_BUILTIN_DISCOVERY environment variable disables all built-in discovery mechanisms except Custom Targets.

This issue is resolved in the Cryostat 2.3.1 release, which ensures that the Custom Targets functionality is always available, even if you set CRYOSTAT_DISABLE_BUILTIN_DISCOVERY environment variable to True.

Unable to log out of the Cryostat web application on OpenShift Container Platform 4.12 and later

Before Cryostat 2.3.1, when you clicked Logout to log out of the Cryostat web application, the logout operation failed for Cryostat instances that were deployed on OpenShift Container Platform 4.12 and later. The expected behavior is that the logout operation redirects you to the cluster OAuth login. Instead, the logout attempt failed and the following error message appeared:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://oauth-openshift.apps-crc.testing/logout. (Reason: CORS header 'Access-Control-Allow-Origin' missing). Status code: 200.

Creating automated rules through HTTP API fails for multipart/form-data submissions

Before Cryostat 2.3.1, when you attempted to create automated rules by using data submitted as a multipart/form-data media type through an HTTP API, an "HTTP 415" error occurred. This error occurred because Cryostat did not support the multipart/form-data media type.

From Cryostat 2.3.1 onward, Cryostat can create automated rules for data submitted through any of the following media types:

Deleting a namespace containing a Cryostat installation might freeze

Before Cryostat 2.3.1, when you attempted to delete a namespace on which a Cryostat instance was still installed, the deletion operation might freeze. This could occur if the Lock ConfigMap object was deleted before final cleanup actions were completed for the Cryostat or Cluster Cryostat custom resource (CR). The expected behavior is that the deletion operation succeeds and cleanup actions on any resources that were created for the Cryostat installation are complete.

This issue is resolved in the Cryostat 2.3.1 release in all cases except when the Cryostat Operator is part of the deleted namespace. In this situation, consider reinstalling the Cryostat Operator by using the default installation mode All namespaces on the cluster (default). The reinstalled Operator can then clean up any leftover state and allow your namespace to be deleted.

JMC probe template validation error

Before Cryostat 2.3.1, when you attempted to upload a probe template through the Events view in the Cryostat web console, the upload could fail with a validation error. This validation error resulted from issues when parsing method parameter content types that you can define in the probe template.

Unable to upload JMC probe templates after a failure

Before Cryostat 2.3.1, if a failure occurred when uploading a probe template, any further attempts to upload this template also failed with an HTTP 500 error. This issue occurred if you uploaded an invalid template that failed validation checks and you subsequently attempted to upload a valid version of the same template. In this situation, Cryostat did not alert you that a template with the same name already existed.

From Cryostat 2.3.1 onward, Cryostat displays an error message if you attempt to upload probe templates with duplicate file names.

Wrong port number in Agent configuration when publishing a JMX URL

Before Cryostat 2.3.1, if you configured the Cryostat Agent to register itself as reachable through JMX rather than HTTP, the publication URL in the Agent configuration did not contain the correct JMX port number.

Wrong text in warning modal for disabling a rule

Before Cryostat 2.3.1, when you disabled an automated rule in the Cryostat web console, the warning modal displayed the following incorrect text:

If you click Delete, the rule will be disabled.

From Cryostat 2.3.1 onward, the warning modal displays the following text:

If you click Disable, the rule will be disabled.

Topology view shows toggle icons in the wrong order

Before Cryostat 2.3.1, the Topology view of the Cryostat web console did not show toggle icons in the correct order when you toggled between graph mode and list mode.

From Cryostat 2.3.1 onward, the graph mode correctly shows the list mode icon, and the list mode correctly shows the graph mode icon.