Release Notes - Version 1.19.0

Release Date: April 28, 2026

🎉 Highlights

This release delivers Okta Single Sign-On authentication, automatic AMD GPU detection in containers, and stronger resource governance controls. Users can now sign in with their Okta credentials through a secure server-side flow, with per-environment feature flag support for phased rollouts. Containers automatically detect and configure AMD ROCm hardware at startup, eliminating manual setup for GPU-accelerated workloads. Administrators gain new controls over per-team storage quotas and workload limits, and the platform has been strengthened with a Python 3.10 runtime upgrade and a Django security patch.

🚀 New features

🔐 Okta Single Sign-On

Users can now authenticate through Okta using a secure server-side authorization code exchange, improving security by keeping tokens server-side rather than exposing them in the browser. SSO can be enabled or disabled independently for each deployment environment, allowing phased rollouts across development, staging, and production.

What's included:

Okta SSO login using server-side code exchange (OAuth 2.0 best practices)
Per-environment feature flag for controlled rollout
Okta UAT configuration applied to the OSSCI environment

🖥️ AMD GPU detection in containers

Containers now automatically detect AMD GPUs at startup and configure the environment accordingly, so GPU-accelerated workloads run without manual setup.

What's included:

ROCm device detection runs automatically when a container starts
Plexus environment variables are persisted inside containers, making them available to all running jobs
Eliminates manual configuration steps for teams running AMD GPU workloads

📊 Resource governance enhancements

Administrators gain finer control over how teams consume shared platform resources, with new per-team limits on both storage and active workloads.

What's included:

New team_storage_size field in team-queue limits enables per-team storage quotas
Queue configuration now enforces a maximum number of concurrent workloads per team, ensuring fair distribution across multi-tenant deployments
A new is_customer_use flag on queues distinguishes customer-facing queues from internal ones

🔍 User invitation lookup

A new API endpoint (find-user-invitation) allows platform administrators to look up a user's existing invitation record directly, without additional manual lookups.

🔧 Improvements

Python 3.10 upgrade: The platform runtime has been upgraded from Python 3.8.13 to 3.10.20, bringing language improvements, better performance, and extended security support
Shared memory allocation: The /dev/shm shared memory size is now tuned to fit queue resource constraints, reducing the risk of memory-related failures in containerized workloads
Distributed workload fields: The num_replicas and num_nodes fields have been harmonized across the codebase for consistent naming and behaviour when specifying distributed jobs

🐛 Bug fixes

Fixed workload cancellation triggering unnecessary job status lookups, improving reliability under high load
Fixed group name filtering in the team list view on the DRF browsable API
Fixed the invitation expiry async task to correctly save the invitation record when it expires

🔒 Security

Django upgrade: Django upgraded from 4.2.29 to 4.2.30, incorporating the latest security patches

🧪 Testing

Migrated the test framework from the legacy nose runner to pytest and pytest-django, modernizing testing infrastructure and improving compatibility with current Python tooling

🗑️ Removals

Removed legacy code related to the Unipath library, reducing unused dependencies

← Back to What's New | Previous Release (v1.18.0) →