\use-plugin{concourse-docs}

\release-version{5.2.0}

\note{feature,breaking}{
  \ghuser{ralekseenkov} has implemented generic credential caching for all
  credential managers!

  \bold{This replaces the Vault-only caching functionality.} To transition,
  you'll need to update the following flags.

  \list{
    \code{--vault-cache} is now \code{--secret-cache-enabled}
  }{
    \code{--vault-max-lease} is now \code{--secret-cache-duration}
  }

  As part of this change, credential managers now implement a simpler interface
  that will make it easier to look-up secrets in multiple paths.

  For more information, see \reference{creds}.

  To follow along with future planned improvements to credential management,
  check out \ghpr{21}{rfcs}.
}

\note{fix,breaking}{
  \ghuser{stigtermichiel} changed the short-flag for \code{fly builds --team}
  from \code{-t} from \code{-n} to make it consistent across \code{fly}.
  Consistency is key.
}

\note{feature}{
  A new \reference{team-pipeline-operator-role} has been added (thanks to
  \ghuser{tlwr} and \ghuser{paroxp}) which has more permissions than a
  \reference{team-viewer-role}{\code{viewer}} but less than a
  \reference{team-member-role}{\code{member}}. For an exhaustive comparison of
  capabilities, see the \reference{permission-matrix}.
}

\note{feature}{
  The \reference{web-node} can now be configured to enable
  \reference{audit-logs}{audit logs}, thanks to a PR by \ghuser{loghen41}!

  Auditing currently logs API calls to the default logger using flags to enable
  specific auditing groups.
}

\note{feature}{
  Like a phoenix from the ashes, the pipeline navigation sidebar has made its
  triumphant return. It was initially removed to focus our efforts on the
  dashboard as a navigation flow. We have concluded that one click is better
  than two.

  Expect more design/UX polish in future releases!
}

\note{feature}{
  \ghuser{itsdalmo} has introduced a new \reference{in-parallel-step} which can
  run steps in parallel with more control via additional config: \code{limit}
  which will limit the number of parallel steps, and \code{fail_fast} which
  will interrupt currently running steps and prevent scheduling pending steps.

  This sounds a lot like the \reference{aggregate-step}, only better in every
  way (e.g. it doesn't have a stupid name), so \reference{fly-set-pipeline}
  will now issue deprecation warnings for \code{aggregate:} usage.
}

\note{feature}{
  Added a tooltip to the pause toggle on the dashboard page and the pipeline
  page explaining why it might be disabled.
}

\note{feature}{
  \ghuser{hprotzek} added the ability to retain build logs for a specific time
  duration and/or build count. See \reference{job-build-log-retention} for more
  details.
}

\note{security}{
  We have restricted the SSH MAC algorithms used by the \reference{web-node} to
  a more secure set, overriding the Go defaults which allow weaker algorithms.
}

\note{feature}{
  Concourse is now compatible with
  \reference{credhub-credential-manager}{Credhub} v2.x (except for 2.1 due to a
  bug)! CredHub v1.9.x is still supported, too.
}

\note{feature}{
  Added ability set a name for the Concourse cluster which will be displayed on
  the dashboard page by setting \code{cluster-name} flag.
}

\note{feature}{
  \ghuser{cappyzawa} added a new `get-team` subcommand to `fly`. It allows you to
  retrieve a single team's config.
}

\note{feature}{
  \ghuser{rkoster} added a new flag \code{--external-garden-url} to allow use
  of a separately-managed Garden server as a worker.
}

\note{feature}{
  \ghuser{pivotal-kahin-ng} added a way of retaining the build history of a job
  when renaming it, by updating the job name and specifying its old name as
  \reference{job-old-name}. After the pipeline has been configured, the
  \code{old_name} field can be removed.
}

\note{fix}{
  We reduced the default concurrency settings for volume sweeping from 5 to 3
  as a way of reducing the stress that volume deletion ends up putting on the
  system in some cases.
}

\note{fix}{
  \ghuser{edtan} fixed a panic caused by running \code{concourse web} without a
  \code{--session-signing-key}.
}

\note{fix}{
  The Concourse API now returns \code{401 Unauthorized} when an expired/invalid
  token is used to access an endpoint which supports
  authenticated/unauthenticated views.

  Previously it would just return a 200 response with less data, as if you
  weren't logged in, which made the behavior somewhat ambiguous and made
  auto-relogin logic difficult to implement consistently.
}

\note{fix}{
  Fixed a bug with Dex CloudFoundry connector when the user is a member of many
  teams. Thanks to \ghuser{daniellavoie}!
}

\note{fix}{
  Fixed a bug where the user gets a "You are not authorized to view the details
  of this pipeline" while watching a build.
}

\note{fix}{
  Fixed a bug where aborting a started build prior to a \reference{web-node}
  re-attaching to it would result in an orphaned, still running, uncompleted
  build.

  Along the way, the general 'aborting' flow has been refactored and should fix
  up any oddities caused by aborting builds at...inopportune moments.
}

\note{fix}{
  \code{fly prune-worker --all-stalled} has been fixed to only return a warning
  if no stalled workers are found, instead of an error.
}

\note{fix}{
  \code{concourse quickstart} has been fixed to ignore the
  \code{--worker-tsa-worker-private-key} flag.
}

\note{fix}{
  \reference{fly-set-pipeline} with \code{--check-creds} flag no longer panics.
}

\note{fix}{
  Multiple groups in the same pipeline can no longer use the same name. An error
  is now raised if attempted.
}

\note{fix}{
  Fixed a bug where \code{fly execute --input} would hang indefinitely after
  uploading the input directory as a consequence of the web node stopping.
}