Seqera Platform Enterprise v26.1
Significant integration, troubleshooting, and management improvements.
info
The legacy distribution endpoint at cr.seqera.io/private is deprecated. Only bug fixes for existing major releases will continue to be published there. New major releases of Seqera Platform are available from cr.seqera.io/enterprise. Seqera will provide updated credentials for the new endpoint — contact your Seqera representative if you need access.
Feature updates and improvements
Studios
- Improved Studios session management and stability.
- Updated Studios micromamba builds to use
conda/micromamba:v2and Wave 1.33.0. - Added
nameStrategyconfiguration option to Studios workspace settings. - Renamed Studios settings route from
data-studiostostudios. - Added ability to edit stopped Studios without restarting them.
- Container registry improvements:
- Configurable container repository path for custom image builds.
- Configurable container image naming strategy (default, tag prefix, image suffix, none).
- Studios work with Wine/XFCE/VNC (Windows compatible OS).
Compute environments
- Added separate head and worker pool support for Azure Batch compute environments in both Forge and manual modes.
- Added ability to disable a compute environment.
- Improved Seqera Compute integration.
- Improved compute environment form warning display with individual stacked alerts.
Azure
- Changed default Azure Batch job timeout to 7 days and exposed it as a new configuration item.
- Updated default Azure termination policy in compute environment creation form.
- Added VNet and subnet support for Azure Batch compute environments.
- Added support for separate managed identity client IDs for head and compute jobs in Azure Batch.
- Enabled Entra (service principal) credentials for Azure Batch Forge pool creation and Fusion v2.
AWS
- Added AWS credential modes with support for key-based and role-based access.
- Added AWS External ID support for role-based credentials.
GCP
- Added Workload Identity Federation (WIF) credential support for Google Batch and Google Cloud compute environments.
- Added support for network tagging in Google Batch.
- Added boot disk image selection for Google Batch compute environments.
- Added support for multiple machine types in Google Batch compute environments.
- Configurable retry behavior for tasks with null exit codes in Google Batch compute environments.
Pipelines
- Redesigned workflow notification email templates with updated styling.
- Added GitHub App manifest flow for credential creation.
- Improved clipboard UX in workflow details header.
- Updated schema radio control copy.
- Redesigned report preview modal header layout and modal.
- Registered Nextflow CLI as a static OIDC client for authorization code with PKCE flow.
- Enriched the
POST /trace/createresponse with platform metadata to reduce downstream API calls from Nextflow. (link needed)
Datasets
- Added preview support for linked (URL-referenced) dataset versions.
Data Explorer
- Added data lake support in Data Explorer.
- Added Molstar 3D viewer for PDB and CIF file preview.
- Added extensible view mode selection for JSON files in Data Explorer (JSON, IGV, and plain text).
- Updated Data Explorer to display non-native browser files as text when opened in a new tab.
- Added Fusion symlink resolution to the Data Explorer API.
- Increased the maximum data link name length to 512 characters.
Access control
- Added required description field to custom role creation.
- Exposed roles API endpoints in the OpenAPI specification.
- Added SSO domain-based redirect for the login guard.
Monitoring and observability
- Added real-time active user count display in the admin panel.
- Added workspace usage metrics.
- Added CSV export for audit logs v2 with configurable maximum record limit.
- Added audit event metadata (owner ID, workspace ID) to Studios audit events.
- Switched audit logs v2 to token-based pagination for improved performance.
- Added comprehensive audit logging for SSO lifecycle events.
- Migrated telemetry usage queries to use the audit logs v2 table.
- Updated the audit log cleaner to handle both v1 and v2 audit log tables.
- Added CSV export button to the admin audit logs v2 table.
- Added descriptions and documentation metadata to audit event types.
- Added audit event metadata to the remaining Studios session audit events.
- Added audit event metadata (owner ID, workspace ID) to all data link audit events.
- Added
target_namefield to the audit log v2 data model. - Renamed outdated audit event types to use consistent naming conventions.
- Deprecated the legacy
/admin/audit-logs(v1) endpoint. - Added target resource names to all audit event emission points.
- Refined audit log v2 target resource context labels in API, UI, and CSV export.
- Added a
TOWER_AUDIT_LOG_V2_WRITE_MODEsetting supportingv1,v2, anddualmodes. - Removed unused
instanceIdandinstanceNamecolumns from the audit log v2 table. - Updated the audit log v2 admin table to display resource names alongside target IDs.
- Added target organization, workspace, and user context to audit log v2 interfaces.
General
- Bumped Micronaut from 4.7.6 to 4.8.3.
- Improved admin workspace list toolbar responsiveness.
- Applied updated status icons across platform components.
- Redesigned page header layout with improved toolbar and breadcrumb integration.
- Added automatic breadcrumb navigation to page headers.
- Updated delete workspace confirmation modal text to clarify the impact of deletion.
- Removed the unused Containers page.
- Removed the dynamic resource labels feature toggle (feature is now always active).
New environment variables in 26.1
The following environment variables are new or changed in 26.1. See the Configuration overview for the full descriptions and defaults:
TOWER_DATA_STUDIO_ALLOWED_WORKSPACES— control which workspaces have Studios enabled.TOWER_AUDIT_LOG_V2_WRITE_MODE— switch between v1, v2, and dual-write audit log tables.TOWER_AUDIT_LOG_V2_CSV_EXPORT_MAX_LOGS— cap the number of records in a CSV export.TOWER_AUDIT_LOG_V2_PRE_POST_CHANGE_ENABLED— capture pre/post change state images.TOWER_CRON_AUDIT_LOG_CLEAN_UP_*— tune the audit log cleanup cron job.TOWER_COMPUTE_ENV_CLEANUP_*— tune the cron job that transitions compute environments stuck inCREATINGorDELETINGstates.- New Studios family variables for default lifespan, privacy default, list page size, feature manifest URL, Connect iframe scoping, Wave build status checks, disallowed registries, and startup metrics. See Data features.
Bug fixes
Studios
- Added workspace existence check before creating Studios workspace settings.
- Fixed R-IDE icon styling.
- Added validation of git repository configuration files when creating a Studio.
- Fixed broken navigation from Studio details page for private Studios.
Compute environments
- Fixed Google Batch machine type migration to be portable across MySQL and MariaDB.
- Removed hardcoded prediction model configuration from AWS Cloud platform provider.
- Fixed metering event handling to batch events when more than 100 events are received, preventing silent data loss.
- Removed default
terminateAsyncimplementation to enforce explicit provider implementations. - Fixed Workload Identity Federation (WIF) log retrieval by setting the project ID on the Cloud Logging client.
- Fixed WIF log retrieval by resolving GCP project numbers to project names for Cloud Logging filters.
- Fixed WIF credential context propagation for log retrieval and data link operations.
- Propagated AWS Forge disposal failures instead of silently swallowing exceptions.
- Pinned
google-cloud-storageto a compatible version to fixNoClassDefFoundErroron GCS data link access. - Returned an actionable error message when an Azure Batch pool is missing during job submission.
- Propagated GCP Forge disposal failures instead of silently ignoring resource deletion errors.
- Enabled cloud cache for Kubernetes compute environments with local PVC paths.
- Reverted unintended cloud cache change for Kubernetes compute environments.
Pipelines
- Fixed pipeline implicit default version resolution.
- Removed logs from AI debug button URL to prevent URI too large errors.
- Replaced
document.writewith client-side form submission in GitHub App manifest flow to fix Firefox blank page issue. - Made workflow job cancellation idempotent to prevent 500 errors on concurrent cancel requests.
- Fixed parallel requests to pipeline info in the launch form.
Datasets
- Fixed
LazyInitializationExceptionin avatar resolution during dataset creation. - Fixed dataset name field to apply input normalization (spaces converted to underscores).
- Fixed column order preservation in dataset preview for TSV files.
Data Explorer
- Fixed IGV MIME type detection in Data Explorer.
Access control
- Fixed refresh token JWT secret configuration for enterprise deployments.
- Hardened the Auth0 OAuth2 flow with retries against
ResponseClosedExceptionerrors. - Fixed
auth0org_idcolumn naming to align with Hibernate naming strategy. - Fixed erroneous
@QueryValueannotations on SSO controller path variables causing 404 errors. - Fixed
@PermissionRequiredinterceptor binding with@Typeannotation. - Fixed
@JWTAuthRequiredinterceptor binding with@Typeannotation to prevent silent bypass.
Monitoring and observability
- Fixed dashboard drop-down scrolling and character overflow.
- Fixed task logging to use populated
taskIdinstead of emptyid. - Fixed
user_sign_inaudit events to correctly populate the actor field with the signing user's ID.
General
- Fixed side navigation width not updating in Safari when toggling the collapsed state.
- Fixed credits banner appearing during page load.
- Fixed oversized icon on the forbidden access page.
Upgrade notes
No breaking changes. Standard upgrade procedure applies.
Configuration changes
-
TOWER_AUDIT_LOG_V2_ENABLEDandTOWER_AUDIT_LOG_V2_WRITE_MODEadded as configuration options.TOWER_AUDIT_LOG_V2_WRITE_MODE: Turns on the v2 Audit Log for parallel writes with v1 Audit Log.TOWER_AUDIT_LOG_V2_ENABLED: Turns on or off the v2 Audit Log view from the Admin Panel.
Database migrations
Database migrations run automatically during upgrade. No manual steps required.