Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

If you’re upgrading from a version earlier than…

Then…

/wiki/spaces/TISpubdoc/pages/3348987912

Status
colourGreen
titleall
Version 4.36.0 MUST be installed before this version. Direct upgrades from earlier versions are not officially supported as this version requires automated upgrade steps to performed that are available only in 4.36.0.

Note that after installing this version, login by email/mobile takes longer than usual until new indexes are built. This should not take more than few minutes.

4.36.0

Status
colourGreen
titleall
Login to management user-interface and perform automated upgrade steps.

5.0.0

Status
colourRed
titleRPM
RPM installation is no longer supported, use docker instead.

4.25.0

Status
colourGreen
titleall
Optional: To enable Sentry error monitoring support, you need to add the Sentry parameters to configuration files.

Note that the default http.content-security-policy value has changed, if you have overridden it the new value is:

Code Block
http.content-security-policy=default-src 'self' 'unsafe-inline' 'unsafe-eval'; \
	font-src *; \
	frame-src *; \
	frame-ancestors 'self'; \
	img-src *; \
	report-uri /csp-report ; \
	style-src 'unsafe-inline' *;

4.21

Status
colourGreen
titleall
Optional: To enable Feature Flags support, you need to add the Unleash parameters to configuration files.

4.19

Status
colourRed
titlerpm
In order to upgrade Trivore ID cluster to version 4.19 or newer, it MUST be first upgraded to version 4.18. Version 4.18 brings some compatibility changes for cluster node ID handling and therefore upgrade from earlier releases to 4.19 is not possible.

  • First, perform normal upgrade procedure to version 4.18, one node at a time.

  • Second, perform normal upgrade procedure to version 4.19, one node at a time.

  • Third, login to the Trivore ID instance being upgraded and perform “Simplify Node ID values“ migration step.

Status
colourGreen
titleall
Note that version 4.19 requires MongoDB version 4.2 or later.

4.18

Status
colourBlue
titleDocker
This version has breaking changes for docker installation. Container now runs as user uid 5001 instead of root. Log and data volumes and their contents MUST be writable by this user. Adjust file and directory permissions when updating to this version.

Recommended commands to run before starting new container:

Code Block
chown -R 5001:5001 /var/lib/docker/volumes/<stack-name>_logs/_data
chown -R 5001:5001 /var/lib/docker/volumes/<stack-name>_data/_data

Status
colourBlue
titledocker
Additionally, conf volume has been removed. Migrate all configuration from oneportal.conf file to docker compose.yml file using environment variables. Remove conf volume definition from compose file and execute:

Code Block
docker volume rm <stack_name>_conf
docker volume rm trivore-id_conf

Status
colourBlue
titledocker
Additionally, environment varaible LDAP_ENABLED is now optional with default value of false. Other LDAP variables are not needed when LDAP is disabled.

New volume certs now exists if there is a need to configure locally trusted certificates. Usually not needed as Trivore ID image contains all needed trusted certificates by default.

Example certs volume in compose.yml:

Code Block
services:
  main:
    volumes:
      - certs:/deployments/trivore-id/conf/certs

volumes:
  certs:

4.16

Status
colourGreen
titleall
ONEP-2739: If the user manual strong authentication is enabled prior to Trivore ID 4.16 release, then before updating, the list of allowed strong identification documents should be noted. The list can be found on system preferences on a specific client related settings view. After the list of allowed documents have been noted, the update can be done.

After updating Trivore ID to version 4.16, for any namespaces that used the manual strong authentication feature, the namespace settings should be updated in terms of allowed strong identification documents. This can be done in the namespace settings, under the miscellaneous tab. Select all strong identification documents that were noted before updating and then save the namespace settings. Note that, if there were multiple namespaces using the manual strong authentication feature, then the process has to be repeated for all of them.

After the namespace settings has been updated, it can be verified that the namespace has the correct documents selected by going into the accounts view with the previously edited namespace as active, selecting a user account and then selecting the "Identify the person" item in the actions menu. A window should pop up with a list of allowed documents. If the correct documents are selectable in the window, the window can be closed. If not, then close the window, re-edit the namespace allowed documents and repeat the verification step.

/wiki/spaces/PORTAL1/pages/2503376952

Status
colourGreen
titleALL
ONEP-2450: For a brief moment during the update process, the cluster will diverge into two (nodes running older version of Apache Ignite and nodes running the updated version). During this time any scheduled tasks will be executed on both clusters. Therefore, it’s recommended to schedule the update so that it will not be done during an exact hour. Alternatively, hourly scheduled tasks may be turned of during the update process.

Status
colourGreen
titleALL
ONEP-2696: For Trivore ID instances using Suomi.fi strong identification, it is required that a migration script for strong identifications is run in MongoDB. The script will copy the latest user’s strong identification entries from a separate strong identification collection to the user, which is required by some views in the platform.

  • Download the scripts: currently located in private repository.

  • Running the update scripts:
    Copy the script to the server as file copy.js. Run the copy script with mongo {server-specific options} copy.js. It will print the IDs of modified users and their amount, as well as the number of found strong identification objects.

...