Mar 16, 2021
by Tomaz Muraus and @blag
Today we are announcing StackStorm v3.4.1, a bug fix release which fixes a security issue which has been uncovered recently.
The issue affects anyone who is running StackStorm under Python 3 and doesn’t have a system locale / encoding which is used for StackStorm service processes (st2api, st2actionrunner, etc.) set to UTF-8. Under such conditions, if StackStorm receives a payload with unicode characters which also results in the payload being logged, StackStorm process would go into an infinite-loop trying to decode that payload. This would cause the affected service to have a high CPU utilization and also service log file to grow either until the process is killed or all the available disk space is exhausted (basically result in a DoS).
If you are running StackStorm under Python 3, you are strongly encouraged to upgrade to this release.
For more details, please see the sections below.
Post will be updated with CVE ID once it’s assigned.
Mar 4, 2021
by @blag and Amanda McGuinness of Ammeon Solutions
It has been more than 4 months since our previous v3.3.0 release and we’re super excited about this one!
After Extreme Networks Open-Sourced the EWC Enterprise code last year, this was the most requested and waited release by our Community. In StackStorm v3.4.0 all these goodies have been finally integrated! Besides that, Python 2 Deprecation had happened and many other changes, fixes, and improvements were shipped in v3.4.0.
Let’s get into the details below.
Nov 30, 2020
by Eugen Cusmaunsa (@armab)
Hello Automation folks!
We would like to quickly update StackStorm community about the project progress, releases, plans and roadmap. Here is the overview.
Nov 16, 2020
By Amanda McGuinness of Ammeon Solutions
Python 2 reached end-of-life on 1st January 2020. It served us for a long time, but today Python 2 pulls the project down as more packages drop python 2 support, making maintenance hard. Having to keep the codebase py2-compatible means we can’t take advantage of modern Python 3 features. Removing Python 2 support and relying on Python 3 only is the required thing to do and now it’s finally time!
Nov 9, 2020
We’d like to inform our community about the UK Infrastructure Automation Meetup that’ll take place on Thursday, Nov 12, 06:00 PM GMT (10:00 AM US Pacific Time).
UK evening or US morning time we welcome everyone to join!
Oct 22, 2020
by Nick Maludy (@nmaludy) and @blag
The StackStorm project is pleased to announce that the latest version of StackStorm, v3.3.0, is now publicly available! It has been approximately 5 months since our v3.2.0 release and we are releasing a new version containing important features and bug fixes that move the project forward.
With this release we’re driving toward several project goals on the StackStorm roadmap. Each of the goals in this release is focused on providing better maintainability and ease of long-term support for the project. Reducing maintenance burden on the development team allows us to put more effort into features.
So, what changed?
By Amanda McGuinness of Ammeon Solutions
We’re very excited to announce that Ansible roles to deploy StackStorm have been promoted to new major version 2.0.0!
There has been a lot of activity recently on the ansible-st2 repository, with 4 releases in the last couple of months. Ansible can now be used to deploy StackStorm on more modern operating systems and with newer third-party applications.
August 3rd, 2020
The 2020 ChatOps User Survey is here! This is your chance to submit your feedback on using ChatOps with StackStorm – what we get right, what we get wrong, and what we need to focus on.
We will use this feedback to chart the development roadmap for ChatOps, whether that means leaving st2chatops as-is, or focusing on supporting more chat providers, deeper feature support for specific providers, improving ChatOps integration with the rest of StackStorm (RBAC for ChatOps!), or even rewriting the entire thing on top of Errbot or OpsDroid.
Your feedback is valuable to us, especially now that all of StackStorm is open source, since it will allow us to cater our efforts towards what matters the most to you. Are you running ChatOps as a hubot plugin to your own hubot instance? Have you extended ChatOps to use your own chat provider? Are you running a different ChatOps service? Do you want to use machine learning driven artificial intelligence to securely empower natural language understanding and disrupt established technology while creating a digital transformation and revolutionizing paradigms in the cloud on the blockchain? We want to hear from you!
Please take a few minutes out of your day to fill out 2020 ChatOps User Survey and/or leave us a kind note or some words of encouragement. The survey will close at noon (PDT) on August 31st, so leave your feedback soon!
The survey is here:
Once you’re finished, you can also help us out by sponsoring the StackStorm project and contributing code.
Jun 12, 2020
by StackStorm Team
In recent news Extreme Networks open-sourced EWC and contributed all previously “enterprise only” features to the StackStorm project operating under the Linux Foundation.
This is very exciting news for the project’s future and its users. It also means that StackStorm’s destiny now rides on the shoulders of the community along with organizations that rely on it in their production infrastructure and benefit from the project’s unique event-driven-automation and automated remediation capabilities.READ MORE…
May 27, 2020
After acquiring the StackStorm product and the amazing StackStorm team in 2017 from Brocade, Extreme Networks has been a large contributor (if not the largest contributor) to the StackStorm project, even donating the code and transferring the StackStorm trademarks to the Linux Foundation last year. Continuing that tradition, Extreme Networks announced today that they were donated their enterprise extensions of StackStorm (previously StackStorm Enterprise) to the Linux Foundation! The contribution includes the Extreme Workflow Composer (EWC), the graphical workflow editor, as well as their LDAP, RBAC, and SSO plugins. With these contributions, adopting StackStorm in your organization has never been easier!
Now that all parts of StackStorm are open source, you can expect a better installation and configuration experience in future releases, and a lower barrier to entry for users who are just getting started with automating tasks. The authentication and authorization plugins will enable better security and integration with your existing mechanisms, and now that the workflow composer is open source, StackStorm’s user interface will be more integrated and streamlined. It will soon be possible for anybody to create and modify Orquesta workflows entirely with their web browser!
And if you know any frontend developers who would enjoy working on a React app with an existing and excited userbase, please have them stop by and say hi! We need support from the StackStorm community now more than ever, to help integrate and improve the product, but also to help package all of the new code up for end users, to provide migrations paths for users to the new open source releases, and to integrate the EWC documentation into the StackStorm documentation. There’s plenty of work to go around, so please pitch in and help out!
We’re very excited about this big update. It’s a huge change for the project and our community. We hope it’ll help even more organizations to improve their automation with no more barriers to contribute back to StackStorm Open Source under the Linux Foundation neutral home!
In the meantime, please tweet your gratitude to Extreme Networks for their contribution!