STAC-22794: Add release notes 2.3.4 release

STAC-22794: Add release notes 2.3.4 release

Author: dmbarrasuse

SUMMARY.md

@@ -147,6 +147,7 @@
   * [v2.3.1 - 17/Mar/2025](setup/release-notes/v2.3.1.md)
   * [v2.3.2 - 22/Apr/2025](setup/release-notes/v2.3.2.md)
   * [v2.3.3 - 07/May/2025](setup/release-notes/v2.3.3.md)
+  * [v2.3.4 - 04/Jun/2025](setup/release-notes/v2.3.4.md)
 * [Upgrade SUSE Observability](setup/upgrade-stackstate/README.md)
   * [Migration from StackState](setup/upgrade-stackstate/migrate-from-6.md)
   * [Steps to upgrade](setup/upgrade-stackstate/steps-to-upgrade.md)

setup/release-notes/v2.3.4.md

@@ -0,0 +1,25 @@
+---
+description: SUSE Observability Self-hosted
+---
+
+# v2.3.4 - 04/Jun/2025
+
+## Release Notes: SUSE Observability Helm Chart v2.3.4
+
+### New Features & Enhancements
+
+* **Elasticsearch Liveness Probe Timeout:** The `livenessProbe` timeout for Elasticsearch has been increased.
+* **ClickHouse Installation on OpenShift:** Documentation has been added to guide users on how to install ClickHouse (one of the supported databases) on OpenShift.
+* **Improved Trace Filtering:** The trace filtering functionality in the Traces UI has been enhanced. Attribute filters now select traces where at least one span within the trace matches all of the specified attributes.
+* **Inclusion of Traces Without Root Spans:** Traces that lack a root span are now included in trace query results. This addresses scenarios where the root span might be missing due to timeouts, network connectivity issues, or misconfigurations of an OTel exporter.
+* **Breaking Change: OpsGenie Notification Channel API:** The OpsGenie Notification Channel API now enforces strict enum matching for requests and responses, ensuring greater consistency in API interactions.
+* **PostgreSQL Protocol Metrics:** New metrics have been added for PostgreSQL protocol latency and throughput.
+
+### Bug Fixes
+
+* **Derived State Monitor Editing:** Fixed an issue that prevented correct editing of `componentTypes` for the derived state monitor function.
+* **Topology Overflow Display:** The overview page now correctly displays a topology overflow message instead of an unexpected error page in the event of an overflow.
+
+## Agent Bug Fixes
+
+* **Agent Startup on Older Kernels:** Resolved an issue where the agent failed to start on kernels older than 5.8 due to a "bpf_probe_read not found" error.

setup/security/authentication/oidc.md

@@ -36,6 +36,7 @@ stackstate:
       scope: ["openid", "email"]
       jwtClaims:
         usernameField: email
+        displayNameField: name
         groupsField: groups
       customParameters:
         access_type: offline
@@ -61,6 +62,7 @@ Follow the steps below to configure SUSE Observability to authenticate using OID
    * **customParameters** - Optional map of key/value pairs that are sent to the OIDC provider as custom request parameters. Some OIDC providers require extra request parameters not sent by default.
    * **jwtClaims** -
      * **usernameField** - The field in the OIDC user profile that should be used as the username. By default, this will be the `preferred_username`, however, many providers omit this field. A good alternative is `email`.
+     * **displayNameField** - The field in the OIDC user profile that should be used as the displayName. By default, this will be the `name`.
      * **groupsField** - The field from which SUSE Observability will read the role/group for a user.
 2. In `authentication.yaml` - map user roles from OIDC to the correct SUSE Observability subjects using the `roles.guest`, `roles.powerUser`, `roles.admin` or `roles.platformAdmin` settings \(see the example above\). For details, see the [default SUSE Observability roles](../rbac/rbac_permissions.md#predefined-roles). More SUSE Observability roles can also be created, see the [RBAC documentation](../rbac/).
 3. Store the file `authentication.yaml` together with the `values.yaml` file from the SUSE Observability installation instructions.

use/alerting/k8s-override-monitor-arguments.md

@@ -61,6 +61,7 @@ The full annotation then would look like
 * [Node Memory Pressure](/use/alerting/kubernetes-monitors.md#node-memory-pressure)
 * [Node PID Pressure](/use/alerting/kubernetes-monitors.md#node-pid-pressure)
 * [Node Readiness](/use/alerting/kubernetes-monitors.md#node-readiness)
+* [Orphaned Persistent Volumes](/use/alerting/kubernetes-monitors.md#orphaned-persistent-volumes) (Only the `enabled` property)
 * [Out of memory for containers](/use/alerting/kubernetes-monitors.md#out-of-memory-for-containers)
 
 ## Build an override for a custom monitor

use/alerting/kubernetes-monitors.md

@@ -77,6 +77,10 @@ Allows [Override Monitor arguments](/use/alerting/k8s-override-monitor-arguments
 Check if the Node is up and running as expected.
 Allows [Override Monitor arguments](/use/alerting/k8s-override-monitor-arguments.md)
 
+### Orphaned Persistent Volumes
+Verify that no persistent volumes are orphaned. An orphaned persistent volume is a persistent volume that is not associated with a persistent volume claim. An orphaned persistent volume can be a security risk, as it may contain sensitive data that is not being used. An orphaned persistent volume can also be a waste of resources, as it is not being used.
+Allows [Override Monitor arguments](/use/alerting/k8s-override-monitor-arguments.md) but only the `enabled` property
+
 ### Out of memory for containers
 
 It is important to ensure that the containers running in your Kubernetes cluster have enough memory to function properly. Out-of-memory (OOM) conditions can cause containers to crash or become unresponsive, leading to restarts and potential data loss.