Cycloid
Cycloid
  • Docs
  • Changelog
  • Feature requests
  • Support portal

Cycloid changelog

Changelog v6.10.189

v6.10.189
Changelog v6.10.189

Improvements

Service Catalog: Stacks can now be marked as unique, so a given stack is only ever instantiated once within the same organization, project, and environment.

Plugins: You can now pick a specific plugin version to install or upgrade to from the install/update panel, and updates move directly to your chosen version in a single step.

Plugins: Switch fields in plugin configuration now work reliably throughout install and update flows.

Organizations: Sidebar menus now keep a stable, consistent order across page refreshes and organization switches.

Organizations: Environment pagination in organization settings now keeps your selected page and page size as you navigate the list.

Roles: The navigation menu updates instantly when switching identity context, with no page refresh needed.

Navigation: The main sidebar scroll arrows now appear only when needed and work as clickable controls to scroll the menu up or down.

On-prem: Fonts and icons are now bundled with the application, so the interface renders fully on air-gapped or internet-restricted installations.

API · Components: Component configuration reads stay fast and reliable under heavy concurrent load.

Fixes

Navigation: Breadcrumb links now take you to their intended destination every time.

Navigation: Sidebar menu items stay clean and consistent when refreshing the page or switching organizations.

Authentication: When your session refreshes in one tab, other open tabs now prompt you to reload so you always stay in the right organization.

Credentials: The Credentials page stays stable as the list refreshes or paginates.

Organizations: With OIDC strict mode enabled, member and team edits are now correctly prevented, with accurate feedback in the UI.

Organizations: Creating a root organization on on-prem gives clear, immediate feedback when the action isn't allowed.

InfraView: A component's Outputs page loads cleanly, without error popups related to module resources.

Service Catalog: Refreshing a catalog repository whose branch was removed now shows a clear inline message instead of a 404.

StackForms: Slider widgets reliably keep the values you set when the form opens or re-renders.

StackForms: The slider-range integer field accepts only numbers and holds your typed value as you edit.

StackForms: Components with no configuration variables can now be upgraded smoothly, with the version selector and Save available.

API · StackForms: Legacy v1/v2 StackForms and bare condition syntax are fully supported again, so existing stacks keep loading and validating with no changes required.


Changelog v6.10.149

Changelog v6.10.149

Whats New?

Component Overview Simplified

The component overview has been redesigned to give you a clearer, at-a-glance picture of what's running and what to do next.

The new layout brings together the pipeline status, action cards for the most common next steps, and a combined activity feed that merges Cycloid events and pipeline runs into a single timeline, no more switching between views to understand what happened and when!

But of course, you can still switch between the new enhanced simplified deployment view and the former detailed view :)


Configurable Sidebar Menu Ordering

Plugin menu entries can now be ordered explicitly per organization. Administrators can pin entries to the top or arrange navigation to match the team's workflow, rather than relying on installation order.


Environment Type Management

Default organization environment types (Development, Preview, Production, Staging) can now be deleted. If your team uses a different naming convention, you can remove the defaults and replace them with your own. At least one environment type must remain at all times.


MORE on Changelog v6.10.149

Improvements

  • Environments: When updating an outdated component, the branch you are currently using is now pre-selected by default, no more manually reselecting it every time.

  • InfraView: Component outputs are now accessible to users with read-only permissions on external backends, with no write permissions required.

  • Plugins: Updating a plugin configuration no longer fails with a "changing plugin version is not supported" error.

  • Plugins: Switching organizations while viewing a plugin page now correctly opens the selected organization instead of bouncing back to the previous one.

  • API – Credentials: Credentials without an owner can now be created and updated, preventing pipeline failures when the original creator has been removed from the organization.

  • API – Appearances: A logo or favicon URL accepted at creation can now always be updated later on.

  • API – Components: Components stuck after a force-push on a catalog repository (e.g. after a rebase or commit squash) can now be updated to an existing version again.

Fixes

  • Roles: Default roles can now be cloned without triggering a validation error.

  • Project: The Projects breadcrumb link no longer returns a 404 when opened in a new tab.

  • Plugins: When a plugin widget fails to load, the actual error details from the backend are now shown instead of a generic unavailable message.


Changelog v6.10.132

v6.10.132
Changelog v6.10.132

Improvements

StackForms: You can now define repeatable fields in StackForms, making it possible to let users dynamically add and remove instances of the same input. Each entry renders independently with its own validation, and you can set minimum and maximum entry limits.

Workers: Access to "Add Worker" button in Organization Settings is now permission-controlled. Organization administrators can decide exactly which roles can view and manage Workers.

API - StackForms: The backend schema now fully supports repeatable widget definitions, including nested entity validation, value normalization, and Terraform and Ansible configuration generation for dynamic field sets.

API - Workers: A new worker permission model (read and create) gives organization administrators granular control over worker access, so you can assign Workers visibility and management rights per role without touching other permissions.

Fixes

Environments: Environment colours now display correctly across the platform, in the inventory table, environment avatars, and the color picker when editing an environment.

StackForms: Required field validation now correctly respects visibility conditions at both field and group level. When a field or group is hidden by a condition, its dependencies are no longer incorrectly marked as required, so you won't be blocked by fields that aren't relevant to your current form state.

API - Logs: Internal log processing now reuses connections more efficiently, improving platform responsiveness and resource usage.

API - StackForms: Required field dependencies are no longer incorrectly enforced when their referencing field belongs to a hidden conditional group, completing the visibility-aware validation behaviour now consistent across both field-level and group-level conditions.

API - StackForms: StackForms condition evaluation now works correctly in the browser, ensuring conditional fields show and hide as expected across all form configurations.


Changelog v6.10.127

v6.10.127
Changelog v6.10.127

Improvements

API - Catalog: You can now create a component against a freshly pushed feature branch on the very first try. We added synchronous stack presence computation to the catalog refresh flow, so newly created catalog repositories have their branches indexed right away, so no more retrying because a branch "isn't found yet."

API - Stackforms: When you change a component's stack version through the configuration UI, the pipeline now refreshes automatically as part of applying the stackform. You'll no longer see a lingering "out of sync" state or need to click "Refresh pipeline" as a separate step.

API - Plugins: Plugins now move from "Installing" to "Installed" reliably, without you having to open the plugin to nudge the status along. The background check that refreshes plugin status now handles each organization independently, so one organization's hiccup no longer holds up the others.


Changelog v6.10.123

v6.10.123
Changelog v6.10.123

Improvements

  • Dashboard: The Dashboard menu item can now be hidden for users whose role doesn't include the corresponding menu permission.

  • Environments: When creating a component, the available stack list can now be filtered to show only stacks compatible with the cloud provider(s) configured on the environment, with an option to view all stacks if needed.

  • Plugins: Added support for table-style plugin widgets, allowing plugin data to be displayed in a structured table on the widget page.

  • API – API Keys: Added a configurable jwt-ttl server setting that lets administrators control how long authentication (JWT) tokens remain valid before re-authentication is required — useful for aligning session duration with internal security policies.

  • Authentication: Added a menu:dashboard permission action, giving administrators control over which roles can see the Dashboard.

  • API – StackForms: Added support for repeatable fields in Stack Forms, allowing stack maintainers to let users add multiple entries of a group of related fields (e.g. multiple subnets or rules) within a single form.

Fixes

  • Organizations: Fixed an issue where a misleading notification could appear alongside an error message when an organization deletion did not complete.

  • Pipeline view: Fixed a display issue where the pipeline graph on the component overview page appeared compressed when the component had pinned outputs.

  • Project: Fixed an issue where component statuses (e.g. Failed, Running) could fail to appear on the project and environment overview pages until manually navigating away and back.

  • Environments: Fixed an issue where using the search filter on the project overview page could display incorrect environment information, and improved search performance for projects with many environments.

  • Roles: Improved permission-based UI handling so organization-settings actions and pages are hidden for users whose role does not grant access to them.

  • StackForms: Fixed an issue where the "unsaved changes" warning could still appear briefly after changes had already been saved successfully.

  • StackForms: Fixed an issue where a field could be incorrectly required even though the field depending on it was hidden — required fields are now correctly enforced based on what's currently visible in the form.

  • StackForms: Fixed an issue causing keyboard and mouse input lag when editing stack forms with many conditional fields.

  • Plugins: Fixed an issue where a plugin's configured icon was not displayed, showing a default placeholder icon instead.

  • InfraImport: Removed the InfraImport feature and all related UI components.

  • API – Components: Fixed an issue where updating a pipeline that was not yet present in the underlying CI system would fail; the pipeline is now created automatically instead.

  • API – Organizations: Organizations with unused cloud or cost accounts can now be deleted successfully.

  • API – StackForms: Improved required-field validation in Stack Forms so that visibility conditions are correctly taken into account, complementing the related Console fix.

  • API – Plugin: Fixed an issue where plugin widget data requests could fail for environments with very short names.

  • API – Plugin: Fixed an issue where plugin widget data could fail to load or appear empty in certain configurations.

  • API – Plugin: Fixed an issue where a plugin's widget URLs could change after a plugin update, even when the widget configuration itself was unchanged. Plugin widget URLs now stay stable across version updates, keeping bookmarked and shared links valid.


Changelog v6.10.93

v6.10.93
Changelog v6.10.93

Improvements

  • Console – Plugins: Each line in the plugin logs viewer now shows a formatted timestamp. Clicking a timestamp updates the URL hash for deep-linking to that line, and hovering reveals a copy-link button — matching the existing behavior in build logs.

  • Console – Plugins: The plugin manager connection status indicator now displays as a colored dot with text instead of a tag, aligning with the design of the plugin registries table.

  • Console – Project: A link to the organization-level environment settings is now shown inside the project-level environment settings page, making it easier to reach the full environment configuration.

  • Console – Roles: The Sidebar sections have now the possibility to be hidden for users whose role does not include the corresponding menu permission.

  • Console – Service Catalog: A new "Stack Versioning" section in org settings lets admins configure glob include/exclude patterns (e.g. v*, release/*) to control which branches and tags are visible to end-users in the version picker. Org admins and stack maintainer team members always see all versions regardless of the patterns configured.

  • Console – StackForms: Dropdown widgets now support dynamic_search in widget configuration, enabling options to load on demand as the user types instead of fetching everything upfront. Previously selected values are preserved across searches. Designed for large datasets such as LDAP directories with millions of entries.

  • API – Authentication: Added menu permission actions, giving org admins control over which additional sidebar sections are visible to different roles.

  • API – Organizations: New batch permission check endpoint (POST /can_do/batch) resolves the user role once and evaluates up to 100 permission actions in a single request, instead of one API call per action. The legacy endpoint remains available for backward compatibility.

Fixes

  • Console – Authentication: Fixed a bug in the role editor where saving any unrelated permission change would silently overwrite the resource scope of unscoped rules with the resources from a scoped rule of the same action family, causing users to unexpectedly lose access to other projects.

  • Console – Credentials: Fixed a regression where credential names longer than ~36 characters were silently truncated when generating the canonical, causing uniqueness conflicts when saving credentials with similar long names.

  • Console – Environments: Fixed environment rename failing silently. It now calls the correct org-level endpoints.

  • Console – Environments: Fixed the project-page environment settings form staying blank after loading — data returned from the backend was not being applied to the form fields.

  • Console – Environments: The "Delete" button in project-level environment settings has been relabeled to "Remove from project" to accurately reflect that the action unlinks the environment from the project rather than deleting it at the org level.

  • Console – Organizations: Reduced page load latency and eliminated blank-page timeouts (up to 210s observed) caused by 30+ sequential permission checks on every page load. All permission checks on page entry are now batched into a single request, with results cached client-side for 2 minutes and deduplicated within the same navigation tick.

  • Console – Plugins: Fixed the plugin update button being a silent no-op — it was sending the currently-installed version ID to the backend instead of the new version ID, causing the backend to redeploy the same image already running.

  • Console – Plugins: Fixed the component plugin relations form sourcing its fields from the install configuration instead of each widget's declared relations.

  • Console – Plugins: When an iframe plugin widget's underlying plugin is not running, the widget now shows a proper unavailable fallback instead of rendering the raw error body inside the iframe.

  • Console – Roles: Fixed users with read-only or limited roles getting stuck on an inescapable "Access denied" page when opening the dashboard or org pages. Incidental 403 responses from non-critical calls (e.g. sidebar plugin widgets, cloud accounts) no longer trigger a full-app redirect.

  • Console – Roles: Buttons and actions the current user lacks permission to perform are now hidden rather than shown and failing with an permission denial on click.

  • Console – Service Catalog: When a catalog repository's default branch does not match the org-level stack version patterns, a non-blocking advisory warning is now shown to inform the maintainer that end-users may see no selectable version.

  • API – Components: Fixed the component list returning zero results for users with a project-scoped custom role (e.g. a maintainer scoped to a single project). The query was filtering the project entitlement against the component canonical instead of the project canonical.

  • API – Environments: Fixed 403 errors on environment create, update, and delete for users with custom roles after the v6.10.29 env governance release. Custom roles holding the legacy organization:project:update permission now have that accepted as a backwards-compatible fallback on env mutation endpoints.

  • API – Members: Removing the last member of an organization no longer automatically triggers a full cascade deletion of the organization and all its resources. The organization must now be deleted explicitly, preventing Terraform destroy runs and other API consumers from silently wiping an entire org.

  • API – Plugins: Fixed an intermittent failure during plugin installation where the plugin manager could not unpack an image layer because containerd's garbage collector removed a blob mid-extraction. Previously the only workaround was restarting the plugin manager. The extraction process now holds a lease to prevent the GC from collecting blobs while they are in use.

  • API – Roles: Fixed role updates failing with a 422 error in organizations where admin rights are granted exclusively through teams. The anti-lockout guard was ignoring team-derived admin grants and blocking every role update. The guard now only runs when the role being updated itself grants organization admin.

  • API – Roles: Fixed an issue where a user with a role scoped to a specific project could create their own new projects, environments, and components outside of that scope.


Changelog v6.10.63

v6.10.63
Changelog v6.10.63

Improvements

  • Console – Dashboard: The onboarding checklist can now be hidden permanently, and its visibility is controlled by user permissions, so teams that don't need it won't see it cluttering their dashboard.

  • Console – Environments: Added a per-component plugin settings page, allowing you to configure plugin behaviour directly from the component view.

  • Console – Environments: Search on the project overview page is significantly faster, especially for projects with many environments.

  • API – Authentication: Introduced menu-level permissions (menu:security, menu:observability, menu:resources) giving administrators control over which navigation sections are visible to different roles. All default roles have these enabled, so existing setups are unaffected.

  • API – StackForms: Added a dynamic_search option to widget configuration, allowing large datasets to skip the initial upfront fetch. Useful for dropdowns with thousands of entries.

Fixes

  • Console – API Keys: Fixed a bug where API keys created in child organisations did not have an owner assigned, which could cause permission issues.

  • Console – Credentials: Resolved a performance issue causing Firefox to freeze when loading the credentials list in organisations with a large number of credentials.

  • Console – Pipeline view: Fixed an issue where the pipeline would not appear on the component overview page in projects with more than 100 pipelines.

  • Console – Pipeline view: Fixed build log line-number links navigating to the dashboard instead of scrolling to the relevant line in the current build.

  • Console – StackForms: Fixed per-variable conditions not working correctly, and resolved an editor crash that occurred when a form condition referenced another variable in the same form.

  • Console – Plugins: Fixed an issue where having multiple plugin widgets registered as side menu items caused console warnings and could affect navigation readability.

  • Console – Plugins: Fixed plugin widgets rendering blank. A sandboxing configuration introduced in a recent release was blocking the widget from accessing the storage and resources it needs to load.

  • API – Components: When a component's configuration is tied to a Git commit that no longer exists (e.g. after a branch was deleted and recreated), the system now falls back to the latest commit on the branch instead of returning an error.

  • API – Components: Fixed a bug where updating a component's use case was not correctly validated or applied during interpolation.

  • API – Service Catalog: Restore ($ .environment $) as a plain string so service catalog templates can use it in comparisons and pipes again (eq, ne, if, upper, ...). Environment governance (v6.10.29) had turned it into an object, breaking stacks that branch on the environment with "error rendering template". Per-environment variables and cloud accounts are now exposed under the new ($ .env_vars.<key> $) and ($ .env_providers.<provider>.<field> $) top-level keys (also aliased under the environment_ prefix).

  • API – StackForms: Fixed a regression where removing optional empty values from a form could cause stackform validation to fail.

  • API – StackForms: Fixed environment provider values not being correctly resolved during template interpolation.

  • API – Other: Fixed stack version branches so they only show branches where the stack's .cycloid.yml is actually present, preventing users from selecting an invalid branch.

  • API – Other: Fixed the getProjectEnvironments endpoint to correctly support component filters, enabling the frontend search performance improvement above.


Environments & Cloud Accounts

New Feature
v6.10.29
Environments & Cloud Accounts

Until now, environments in Cycloid were a per-project concern. Each project created, named, and managed its own. That worked, but it meant no shared catalog, no org-level visibility, and no way for a platform team to define a deployment target once and make it available everywhere. Today, we're changing that with the release of org-level Environments and Cloud Accounts.

This isn't just a UX improvement, it's a fundamental shift in how your organization governs its deployment landscape!

❓The "Why": From free-for-all to structured governance

Environments and Cloud Accounts now live at the organization level, defined once by your platform team and shared everywhere. Projects no longer create environments locally; they pick from the org-wide catalog instead:

  • Single source of truth: One prod-eu environment — complete with its AWS credentials, region variables, and IaC state backend — shared across every project that needs it.

  • Real governance: Org admins control what exists. Projects simply link from the catalog — they can no longer create, rename, or delete environments locally.

  • No more credential roulette: Cloud credentials are scoped to a Cloud Account entity and linked to an environment. End users select the environment they have access to — they never need to touch the credential layer directly.

  • Simpler StackForms: Variables and credentials inherit from the environment automatically, so stack authors don't have to ask users to configure things that the platform already knows.

💡 From platform teams to end users: the full picture

  • The Platform Team Handoff: Your platform team defines prod-eu, staging-eu, and dev once, with the right AWS credentials and region variables pre-baked. Every new project your developers spin up can link those environments in seconds — no setup, no credential hunting.

  • Multi-Project Credentials: Attach your AWS account to prod-eu once. Any pipeline or StackForm in any project linked to that environment can reference the credentials via Cycloid's templating system — no raw access keys scattered across your config files.

  • Ephemeral PR Environments: Create a custom ephemeral environment type for per-PR deployments. Stack authors can branch their pipeline logic on environment_type to use lighter-weight behaviour automatically for short-lived envs.

  • FinOps Without the Setup Tax: Enable FinOps & GreenOps directly on your Cloud Account. Cost and carbon data starts flowing into your Cloud Cost Management dashboards without any separate account configuration.

  • Terraform-Managed Foundations: Use the cycloidio/cycloid Terraform provider (v0.7.0+) to declare your entire environment catalog as code. One terraform apply provisions your org's full environment structure, reproducibly.

✨ What’s the full feature breakdown?

  • Org-level Environment catalog: Create and manage all environments from Org Settings → Foundations → Environments. Projects link from the catalog — they can no longer create, rename, or delete environments locally.

  • Cloud Accounts: Connect AWS, GCP, Azure, or custom key-value credential sets at the org level and attach them to one or more environments. Each environment can hold credentials for multiple providers simultaneously.

  • Environment Types: Four built-in types (production, staging, development, preview) ship with every org. Add custom types — like qa or ephemeral — when your classification needs go further. The type flows into StackForms and pipelines as the environment_type variable.

  • Environment Variables: Pre-set key-value variables (including secrets) directly on an environment. Region codes, feature toggles, internal URLs — set once, inherited by every component inside.

  • IaC State Management overrides: Configure a dedicated Terraform state backend per environment, overriding the org-level default where you need it.

  • CLI & Terraform support: Full cy environment, cy cloud-account, and cy environment-type commands, plus Terraform resources, for teams who manage infrastructure as code.

🚀 Ready to set it up?

If you were already using Cycloid, your existing environments have been migrated automatically to the org-level catalog — no action needed. Org admins can reclassify any environment from its settings page if the inferred type doesn't fit.

For new orgs or a fresh setup, the cookbook walks you through the full flow in minutes.

👉 Dive into the Environments & Cloud Accounts documentation today!


MORE on Changelog v6.10.29

ADDED

  • Environments: Component outputs are now surfaced as prominent call-to-actions on the component overview — stacks show direct links to what was just deployed or created

  • StackForms: Forms can now conditionally show or hide groups, fields, and dropdown options based on the current user's identity, team membership, and role

CHANGED

  • Components: Component setup has been split into dedicated pages for a clearer configuration experience

  • Plugins: The logs viewer now auto-scrolls to the latest entries; manual scroll position is respected

FIXED

  • StackForms: Fixed an error when saving a form with a required dropdown field using label/value mapping

  • StackForms: Resolved an issue where components using JWT-based external backend tokens were created with an unresolved <no value> placeholder instead of the correct token.

  • Docker: Container images now support arbitrary non-root UIDs, fixing permission errors on OpenShift and restricted Kubernetes environments