Skip to main content

Seqera Enterprise v26.1

Seqera Platform Enterprise version 26.1 introduces Co-Scientist for Enterprise, broader cloud credential support (AWS role-based access, Azure Entra service principal, GCP Workload Identity Federation), Nextflow data lineage in pipeline runs and Data Explorer, and a redesigned audit log experience with CSV export.

Highlights

info

The legacy distribution endpoint at cr.seqera.io/private is deprecated. Only bug fixes for existing major releases will continue to be published there. New major releases of Seqera Platform are available from cr.seqera.io/enterprise. Seqera will provide updated credentials for the new endpoint — contact your Seqera representative if you need access.

Feature updates and improvements

Co-Scientist

Studios

  • Enabled Studios on all workspaces by default. See the Upgrade guide for more information.
  • Added workspace setting for default Studios session collaboration.
  • Added multi-stage builds and Wave v1.33.0 support for custom Studios containers.
  • Added nameStrategy configuration option to Studios workspace settings.
  • Added ability to edit the settings of stopped Studios.
  • Container registry improvements, including:
    • Configurable container repository path for custom image builds.
    • Configurable container image naming strategy (default, tag prefix, image suffix, none).
  • Added new environment variables. See Data features for the full descriptions and defaults:
    • SSH settings:
      • Allowed workspaces
      • Enable key management
      • Limit SSH connections to authenticated sessions via key fingerprint
      • Custom SSH server domain
      • Custom connection string display port
    • Custom Studio images:
      • Disallowed image repositories
      • Image naming strategy
      • Wave build status checks
    • Default privacy settings (private vs. collaborative by default)
    • Studios displayed per page
    • Feature manifest URL for version compatibility checks
    • Per workspace startup metrics & retention policy

Compute environments

  • Added ability to disable a compute environment.
  • Improved compute environment form warning display with individual stacked alerts.
  • Added m8gn, m8gb, c8id, m8id, r8id, x8aedz, g7e, p6-b300 instance families to NVMe list.
  • Added new environment variable. See Configuration overview for the full descriptions and defaults:

Azure

  • Added separate head and worker pool support for Azure Batch compute environments in both Forge and manual modes.
  • Changed default Azure Batch job timeout to 7 days and exposed it as a new configuration item.
  • Updated default Azure termination policy in compute environment creation form.
  • Added VNet and subnet support for Azure Batch compute environments.
  • Added support for separate managed identity client IDs and resource IDs for head and compute jobs in Azure Batch.
  • Enabled Entra service principal credentials for Azure Batch Forge pool creation and Fusion v2.

AWS

  • Added AWS credential modes with support for key-based and role-based access.
  • Added AWS External ID support for role-based credentials.

GCP

  • Added Workload Identity Federation (WIF) credential support for Google Batch and Google Cloud compute environments.
  • Added support for network tagging in Google Batch.
  • Added boot disk image selection for Google Batch compute environments.
  • Added support for multiple machine types in Google Batch compute environments.
  • Added configurable retry behavior for tasks with null exit codes in Google Batch compute environments.

Pipelines

  • Redesigned workflow notification email templates with updated styling.
  • Added GitHub App manifest flow for credential creation.
  • Improved clipboard UX in workflow details header.
  • Redesigned report preview modal header layout and modal.
  • Registered Nextflow CLI as a static OIDC client for authorization code with PKCE flow.
  • Enriched the POST /trace/create response with platform metadata to reduce downstream API calls from Nextflow.

Datasets

  • Added preview for linked (URL-referenced) datasets.

Data Explorer

  • Added IGV for genomic data visualization.
  • Added Molstar 3D viewer for molecular data visualization.
  • Added extensible view mode selection for JSON files in Data Explorer (JSON, IGV, and plain text).
  • Added auto-detection for IGV-renderable files (.bam, .bed, etc.).
  • Updated Data Explorer to display non-native browser files as text when opened in a new tab.
  • Added Fusion symlink resolution to the Data Explorer API.
  • Increased the maximum data link name length to 512 characters.

Access control

  • Added required description field to custom role creation.
  • Exposed roles API endpoints in the OpenAPI specification.
  • Added SSO domain-based redirect for the login guard.

Monitoring and observability

Admin panel

  • Added real-time active user count display.
  • Added workspace usage metrics.

Audit logs v2: new capabilities

  • Added CSV export from the admin audit logs v2 table, with a configurable maximum record limit.
  • Switched to token-based pagination for improved performance.
  • Added comprehensive logging for SSO lifecycle events.
  • Added descriptions and documentation metadata to audit event types, and renamed outdated event types for consistency.

Audit logs v2: richer event context

  • Added owner ID and workspace ID metadata to Studios session audit events and to all data link audit events.
  • Added target organization, workspace, and user context to audit log v2 interfaces.
  • Added a target_name field to the data model and surfaced target resource names across event emission points, the admin table, the API, the UI, and CSV exports.

Audit logs v2: migration and cleanup

  • Migrated telemetry usage queries to the v2 table.
  • Updated the audit log cleaner to handle both v1 and v2 tables.
  • Removed unused instanceId and instanceName columns from the v2 table.

Environment variables

General

  • Bumped Micronaut from 4.7.6 to 4.8.3.
  • Improved admin workspace list toolbar responsiveness.
  • Applied updated status icons across platform components.
  • Redesigned page header layout with improved toolbar and breadcrumb integration.
  • Added automatic breadcrumb navigation to page headers.
  • Updated delete workspace confirmation modal text to clarify the impact of deletion.
  • Removed the dynamic resource labels feature toggle (feature is now always active).

Bug fixes

Studios

  • Added workspace existence check before creating Studios workspace settings.
  • Added validation of Git repository configuration files when creating a Studio.
  • Fixed broken navigation from Studio details page for private Studios.
  • Updated R-IDE to respect compute environment and Studio-specific environment variables.
  • Fixed CSP header empty directive.

Compute environments

  • Fixed Google Batch machine type migration to be portable across MySQL and MariaDB.
  • Removed hardcoded prediction model configuration from AWS Cloud platform provider.
  • Fixed metering event handling to batch events when more than 100 events are received, preventing silent data loss.
  • Removed default terminateAsync implementation to enforce explicit provider implementations.
  • Propagated AWS Forge disposal failures instead of silently swallowing exceptions.
  • Pinned google-cloud-storage to a compatible version to fix NoClassDefFoundError on GCS data link access.
  • Returned an actionable error message when an Azure Batch pool is missing during job submission.
  • Propagated GCP Forge disposal failures instead of silently ignoring resource deletion errors.
  • Enabled cloud cache for Kubernetes compute environments with local PVC paths.

Pipelines

  • Fixed pipeline implicit default version resolution.
  • Removed logs from AI debug button URL to prevent URI too large errors.
  • Replaced document.write with client-side form submission in GitHub App manifest flow to fix Firefox blank page issue.
  • Made workflow job cancellation idempotent to prevent 500 errors on concurrent cancel requests.
  • Fixed parallel requests to pipeline info in the launch form.

Datasets

  • Fixed LazyInitializationException in avatar resolution during dataset creation.
  • Fixed dataset name field to apply input normalization (spaces converted to underscores).
  • Fixed column order preservation in dataset preview for TSV files.

Data Explorer

  • Fixed IGV MIME type detection in Data Explorer.

Monitoring and observability

  • Fixed dashboard drop-down scrolling and character overflow.
  • Fixed task logging to use populated taskId instead of empty id.
  • Fixed user_sign_in audit events to correctly populate the actor field with the signing user's ID.

General

  • Fixed side navigation width not updating in Safari when toggling the collapsed state.
  • Fixed credits banner appearing during page load.
  • Fixed oversized icon on the forbidden access page.

Upgrade notes

Breaking changes

Audit log versions in 26.1

Seqera Platform Enterprise 26.1 introduces the audit log v2 schema as a breaking change for direct database consumers and custom ETL jobs. See the Upgrade guide for guidance.

Azure Batch Ubuntu 24.04 and AppArmor

The ubuntu-hpc image in Azure Batch now defaults to Ubuntu 24.04, whose kernel and AppArmor policy block the unprivileged user namespaces and FUSE mounts Fusion needs. Running Fusion on Ubuntu 24.04+ pools therefore requires an AppArmor profile that permits Fusion mounts to be loaded on every node, plus a matching --security-opt on each task container. This requires installing the AppArmor profile on the pool nodes. See Azure Batch AppArmor.

Forge compute environments

Seqera Platform handles everything automatically. No action required.

Manual compute environments

When Fusion is enabled and the pool's image SKU is 2404 or higher, Seqera Platform automatically appends the options below to the generated Nextflow configuration:

process.containerOptions = '--security-opt apparmor=seqera-fusionfs-container'

On this Page