Release notes

New values added

Bonita Test Toolkit - Subscription editions

When working on complex, core, and critical automation projects it is critical to ensure the right business logic is applied. Secure your automation project with the new development suite component: the Bonita Test Toolkit.

This toolkit allows professional developers to write end-to-end or integration test scenarios for your automation project. It provides powerful methods to execute all the steps of a process and check the corresponding outputs (statuses, business data, tasks used)

It can be used in any IDE and can easily be integrated into a Continuous Integration.

For more information, go visit the dedicated new menu in the documentation web site.

Improvements

Runtime Health check endpoint - Subscription editions

A healthcheck endpoint has been added to Bonita Runtime to help you monitor the status of all engine layers, up to the database:

  • general status and connection type

  • uptime in seconds

  • platform state

  • platform version

  • platform node status started

  • days till license expiration

  • execution time in milliseconds

This end-point is available on the 'https://<yourruntime>/bonita/healthz' URL, the access being protected with Basic Auth authentication.

Credentials can be consulted here:

  • in the <BONITA>/server/conf/tomcat-users.xml file, in a Bonita Tomcat bundle

  • using monitoring credentials, when starting a Bonita Docker image

For more information, go visit the dedicated documentation page.

Those credentials MUST be changed.

Changing the Log level without restart

It is now possible to change the log level of Bonita Runtime without restarting it, thanks to Log4j2 (details available in the Technical updates chapter).

Functional changes

Engine HTTP APIs protected with Basic Auth

Previously, engine HTTP APIs were used to access Bonita Engine Java APIs directly through HTTP. starting with Bonita 2022.1, their access is protected with Basic Access authentication.

The configuration is different depending on the Bonita package:

  • In Bonita Tomcat bundle, HTTP APIs are active by default, and default credentials of client configuration using programmatic configuration are used. They can be changed in file <BONITA>/server/conf/tomcat-users.xml.

  • In Bonita Docker image, HTTP APIs are disabled by default, with http-api as the default username, and no default password. The password must be provided, otherwise the Docker container will refuse to start.

Prometheus monitoring active by default - Subscription editions

From Bonita 2022.1 on, the Prometheus metrics publisher is now active by default and can be disabled if needed.
Its access is now controlled with Basic Auth authentication to protect against DOS attacks.

This end-point is available on the 'https://<yourruntime>/bonita/healthz' URL, with the access protected with Basic Auth authentication.

These credentials can be consulted:

  • in the <BONITA>/server/conf/tomcat-users.xml file, in a Bonita Tomcat bundle

  • using monitoring credentials, when starting a Bonita Docker image

Those credentials MUST be changed.

Dynamic permissions authorization check is enabled by default - Subscription editions

Dynamic permissions authorization check is active by default for new Enterprise edition installations.
When updating to 2022.1, the existing activated access control mechanism will not be changed. A set of default dynamic rules are provided in Bonita Runtime. Go through them before creating custom ones for your application pages.

This change can have an impact when updating a project in Bonita Studio for which permissions have been neglected.

For example, if a non-admin user was allowed to perform REST requests intended for administrators only, having dynamic permissions activated by default will not allow this access anymore. Pages with "403 error" have been prepared for this case. You can troubleshoot these issues using Bonita Engine logs.

For Community users who update to 2022.1, dynamic permission authorization checks will not be executed anymore, even if the configuration stays unchanged. Obviously, you can develop a custom execution script or upgrade to Bonita Enterprise edition (as the configuration will not be changed by Bonita, it will be fully functional).

Connector Retry

When Bonita Engine fails to evaluate the output operations of a connector, the retry mechanism is not automatic. It is the platform administrator’s choice to re-execute the connector or not, based on the impact analysis. Go through the connector documentation for details about connector failure and replay.

Technical updates

Log4j2 Logger

Bonita Runtime now uses Log4j2 as its logger. One of the multitudes of advantages brought by this tool is the automatic reload of configuration files. There is no more need to restart Bonita Runtime to have the log level change effective. In the configuration file, the log level can be changed ON THE RUN and can be different for each package.

For example: By changing the log level of the org.bonitasoft package and setting it to DEBUG, more information will be provided in the terminal at the next connection.

More information on how to use it in Bonita Docker image here and in the bundle here.

If, in the previous version, you customized the logging.properties file, you should update log4j2-loggers.xml as described in the logger configuration documentation pages here and there.

A conversion table between logger levels in JUL and in Log4j2 is available here.

If you want to continue using the previous log format, the previous pattern is present in the log4j2-appenders.xml file but commented.

The Tomcat bundle does not log anymore in the console but only in bonita.log file. It can be changed in log4j2-appenders.xml

Enterprise Docker image

Docker image is now focused on the RUN phase, with environment preparation being handled as on-premise installations. This means that the database schema and the associated user will not be created when starting the Docker image. The database has to be created before the Docker image starts. NOTE: We provide pre-configured database images with included schema and users on Bonitasoft Docker Hub.

LDAP Synchronizer is now out of Bonita Docker image and is available as an independent Docker image ready for download from quay.io as detailed in the documentation.

Robustness and self-recovery capabilities were added to the data source to overcome network lags.

Folder structure inside Bonita Docker images has been simplified: instead of having /opt/bonita/BonitaCommunity-2022.1 or /opt/bonita/BonitaSubscription-2022.1, we now simply have /opt/bonita.

If you have scripts using the former folder structure, please update them.

To ensure a smooth and intuitive Bonita Runtime configuration experience, environment properties and configuration variables naming have been reviewed.

The following environment properties were removed:

  • ENSURE_DB_CHECK_AND_CREATION

  • DB_DROP_EXISTING

  • BIZ_DB_DROP_EXISTING

  • DB_ADMIN_USER

  • DB_ADMIN_PASS

To rationalize the Bonita configuration variables, some properties have been renamed:

  • REST_API_DYN_AUTH_CHECKS flag is replaced by BONITA_RUNTIME_AUTHORIZATION_DYNAMICCHECK_ENABLED. See the dedicated section for details.

Also, to make the Bonita Docker image configuration easier, new environment variables have been added:

  • HTTP_API_USERNAME

  • HTTP_API_PASSWORD

  • JMX_REMOTE_ACCESS

  • REMOTE_IP_VALVE_ENABLED

  • ACCESSLOGS_STDOUT_ENABLED

  • ACCESSLOGS_FILES_ENABLED

  • ACCESSLOGS_PATH

  • ACCESSLOGS_PATH_APPEND_HOSTNAME

  • ACCESSLOGS_MAX_DAYS

  • HTTP_MAX_THREADS

Feature deprecations and removals

SVN

The SVN feature is now deprecated. We recommend that you migrate your repositories to a GIT repository. This documentation page describes how to migrate an SVN repository to Github.

REST API

  • Deprecated: filter page using the isHidden attribute on the api API/portal/page. That field is not used anymore and is always false. Bonita Runtime produces a warning log if the filter is set and ignores it.

  • Removed: the ReportingAPI is removed as well as its associated engine API.

Multi-Tenancy

The tenant creation method has been deprecated following our 2021.1 decision to deprecate the Multi-Tenants architecture.

Bug fixes

Fixes in Bonita 2022.1-u1 (2022-05-03)

Fixes in Bonita Studio (including Bonita UI Designer)

  • STUDIO-4187 - The evaluate dialog cannot be resized, some fields can be hidden which make the feature unusable

  • STUDIO-4279 - Use H2 driver on setup tool instead of server folder of distrib

  • STUDIO-4296 - Start after install fails to validate license

  • STUDIO-4297 - [Expression editor] Invalid Constant expression type resolution

  • STUDIO-4305 - "Save" label is disabled when it should not

  • STUDIO-4309 - After generating a pdf from the documentation, some symbols cannot be displayed

Fixes in Bonita Runtime (including Bonita Applications)

  • RUNTIME-755 - [PERF] Accessing the case list takes minutes

  • RUNTIME-1003 - [Security] Update several dependencies for 2022.1-u1

Fixes in Bonita 2022.1 (2022-03-30)

For the users of Bonita Community edition, Bonita 2022.1 also comes with all the bug fixes released in the Maintenance versions of Bonita 2021.2.
You can access the list by checking the "What’s new in Bonita 2021.2" page, in the "Bug fixes" section.

Fixes in Bonita Runtime (including Bonita native Applications)

  • RUNTIME-178 - Case deletion throws 500 instead of 404 when the case does not exist

  • RUNTIME-477 - Case overview does not paginate attached document list

  • RUNTIME-814 - [Security] Update several dependencies

  • RUNTIME-885 - [Security] Issue with authorization mechanism

Known issues

Bonita Studio

  • Windows environments only: Launching Bonita Studio in any of the Subscription version with the installer (.exe file) leads to a minor issue on license management:
    Even if you provide the license in the installer, once the installation is done, Bonita Studio opens and asks for the license again.
    You will have the impression that the license is not valid, or not taken into account. This is not the case:

    • Cancel the modal window asking you for the license

    • In your File explorer, go to the folder where Bonita has been installed and launch BonitaStudioSubscription.exe

It will work just fine.

  • The Run As JUnit test action for Groovy REST API Extension project is broken (Eclipse issue)