What's new in Semaphore UI 2.14

Тable of contents #

• Features

  • Write activity and task logs to a file (PRO)
    Keep a persistent record of all activity logs by saving them directly to a file. Available in the PRO version.
    Learn more »

  • API tokens page
    You don’t need to use cURL to create API token anymore.
    Learn more »

  • View raw task logs
    You can now access the unprocessed, raw log output for any task — perfect for debugging.
    Learn more »

  • Clear project and runner cache
    Free up space and start fresh by manually clearing the cache for projects and runners.
    Learn more »

  • Override branch in templates and tasks
    Flexibly switch branches without editing your entire template — just override it per task or template.
    Learn more »

  • New environment variable for OIDC provider configuration
    A new environment variable has been added to simplify OIDC provider setup and integration.
    Learn more »

  • New temporary directory sturcture
    We’ve improved the structure of temporary directories to provide better isolation and make them easier to understand.
    Learn more »

  • Ability to add external (LDAP and OIDC) users manually
    You can now add LDAP and OIDC users to Semaphore before they log in for the first time.
    Learn more »

  • Default values for Survey variables
    You can now set default values for survey variables, making it easier to prefill common inputs during task runs.
    Learn more »

  • TLS support for SMTP server connections
    Semaphore now supports secure TLS connections when sending emails through an SMTP server.
    Learn more »

  • Configurable Ansible playbook verbosity levels
    You can now select the desired verbosity level when running Ansible playbook tasks, helping with debugging and troubleshooting.
    Learn more »

  • Chroot support and task running as different user
    Semaphore can now execute tasks inside a chroot environment and under a specified user, improving security and isolation.
    Learn more »

  • Bitbucket Webhook authentication support
    Integrations can now be configured using Bitbucket webhook authentication.
    Learn more »

  • Schedules timezone settings
    Semaphore no longer uses the system timezone. Instead, you can now explicitly set a timezone for schedules.
    Learn more »

• Bugfixes

---

Features #

Write activity and task logs to a file (PRO) #

Semaphore Pro now supports writing the activity and task logs to a file. To enable this, add the following configuration to your config.json:

{
  "log": {
    "events": {
      "enabled": true,
      "logger": {
        "filename": "./events.log"
      }
    },
    "task": {
      "enabled": true,
      "logger": {
        "filename": "./tasks.log"
      }
    }
  }
}

Or you can do this using following environment variables:

export SEMAPHORE_EVENT_LOG_ENABLED=True
export SEMAPHORE_EVENT_LOG_PATH=./tasks.log
export SEMAPHORE_TASK_LOG_ENABLED=True
export SEMAPHORE_TASK_LOG_PATH=./tasks.log

Each line in the file follows this format:

2024-01-03 12:00:34 user=234234 object=template action=delete ...

File logging also supports rotation. More details are available in the documentation.

API tokens page #

View raw task logs #

You can now open the raw log of a task by clicking the RAW LOG button in the bottom-right corner of the task log window.

Clear project and runner cache #

Semaphore now gives you more control over cache management.

Previously, unused cache was automatically cleared when you removed templates or projects. However, in some cases, leftover cache could remain and be stored indefinitely.

With the new Clear Cache feature, you can manually clean up:

• Cache for a specific project
• Cache for a project runner
• All cache for a runner
• Or even the entire Semaphore server cache

This helps free up disk space, improve performance, and keep your environment tidy.

Override branch in templates and tasks #

You can now override the default branch of the source repository in the template settings.

Alternatively, enable the option Prompt for branch on execution to choose the branch each time you run a task.

New environment variable for OIDC provider configuration #

We’ve introduced a new environment variable: SEMAPHORE_OIDC_PROVIDERS for configuring OpenID Connect (OIDC) providers.

This is especially useful when running Semaphore inside a Docker container.

The variable must contain valid JSON in the following format:

SEMAPHORE_OIDC_PROVIDERS='{
  "github": {
    "client_id": "***",
    "client_secret": "***"
    // additional fields...
  }
}'

New temporary directory sturcture #

We’ve improved the temporary directory structure by introducing per-project directories. Now, each project has its own dedicated folder under the tmp_path directory.

This change makes it easier to manage and clean up cache when a project is removed.

Additionally, the inventory directory for templates now follows a clear naming format, such as: tmp_path/project_0/repository_1_template_2_inventory_3 This structure helps avoid cloning the inventory repository on every task execution, improving performance and reducing redundancy.

Ability to add external (LDAP and OIDC) users manually #

You can now add LDAP and OIDC users to Semaphore before they log in for the first time.

This allows you to configure their permissions and assign them to projects in advance.

You need admin rights to add a user through the web interface (checkbox External), or you can use the CLI with the --external flag:

semaphore user add \
  --external \
  --login john \
  --name John \
  --email [email protected] \
  --password=changeme

Default values for Survey variables #

You can now set default values for survey variables, making it easier to prefill common inputs during task runs.

TLS support for SMTP server connections #

Semaphore now supports secure TLS connections when sending emails through an SMTP server. Configuration example:

{
  "email_alert": true,
  "email_sender": "[email protected]",
  "email_host": "smtp.example.com",
  "email_username": "user123",
  "email_password": "changeme",
  "email_tls": true,
  "email_port": "587",
  "email_tls_min_version": "1.1" // optional (default 1.2)
}

Configurable Ansible playbook verbosity levels #

You can now select the desired verbosity level when running Ansible playbook tasks, helping with debugging and troubleshooting.

Chroot support and task running as different user #

Semaphore can now execute tasks inside a chroot environment and under a specified user, improving security and isolation. Configuration example:

{
  "process": {
    "chroot": "/opt/semaphore/chroot",
    "user": "semrun"
  }
}

Environment variables example:

SEMAPHORE_PROCESS_CHROOT=/opt/semaphore/chroot
SEMAPHORE_PROCESS_USER=semrun

Bitbucket Webhook authentication support #

Integrations can now be configured using Bitbucket webhook authentication.

Schedules timezone settings #

Semaphore no longer uses the system timezone. Instead, you can now explicitly set a timezone for schedules with using following configuration option:

{
  "schedule": {
    "timezone": "Asia/Calcutta"
  }
}

Or with using following environment variable:

SEMAPHORE_SCHEDULE_TIMEZONE=Asia/Calcutta

Bugfixes #

• Use UTC timezone consistently across the application.
• Avoid cloning the inventory repository on every task run.
• Terraform task checkboxes now work correctly.
• Weekday checkboxes in Schedule now work correctly.
• Restored the ability to set descriptions for templates.