Important Upgrade Notes
Review these upgrade notes and follow any instructions when upgrading ID installations.
Some notes apply only to certain installation environments:
RPM - applies only to RPM package managed installations
DOCKER - applies only to Docker based installations
all - applies to all installations
If you’re upgrading from a version earlier than… | Then… |
|---|---|
5.0 | RPM RPM installation is no longer supported, use docker instead. |
4.25 | all Optional: To enable Sentry error monitoring support, you need to add the Sentry parameters to configuration files. Note that the default http.content-security-policy=default-src 'self' 'unsafe-inline' 'unsafe-eval'; \
font-src *; \
frame-src *; \
frame-ancestors 'self'; \
img-src *; \
report-uri /csp-report ; \
style-src 'unsafe-inline' *; |
4.21 | all Optional: To enable Feature Flags support, you need to add the Unleash parameters to configuration files. |
rpm In order to upgrade Trivore ID cluster to version 4.19 or newer, it MUST be first upgraded to version 4.18. Version 4.18 brings some compatibility changes for cluster node ID handling and therefore upgrade from earlier releases to 4.19 is not possible.
| |
all Note that version 4.19 requires MongoDB version 4.2 or later. | |
Docker This version has breaking changes for docker installation. Container now runs as user uid 5001 instead of root. Log and data volumes and their contents MUST be writable by this user. Adjust file and directory permissions when updating to this version. Recommended commands to run before starting new container: chown -R 5001:5001 /var/lib/docker/volumes/<stack-name>_logs/_data
chown -R 5001:5001 /var/lib/docker/volumes/<stack-name>_data/_data | |
docker Additionally, docker volume rm <stack_name>_conf
docker volume rm trivore-id_conf | |
docker Additionally, environment varaible New volume Example certs volume in | |
all ONEP-2739: If the user manual strong authentication is enabled prior to Trivore ID 4.16 release, then before updating, the list of allowed strong identification documents should be noted. The list can be found on system preferences on a specific client related settings view. After the list of allowed documents have been noted, the update can be done. After updating Trivore ID to version 4.16, for any namespaces that used the manual strong authentication feature, the namespace settings should be updated in terms of allowed strong identification documents. This can be done in the namespace settings, under the miscellaneous tab. Select all strong identification documents that were noted before updating and then save the namespace settings. Note that, if there were multiple namespaces using the manual strong authentication feature, then the process has to be repeated for all of them. After the namespace settings has been updated, it can be verified that the namespace has the correct documents selected by going into the accounts view with the previously edited namespace as active, selecting a user account and then selecting the "Identify the person" item in the actions menu. A window should pop up with a list of allowed documents. If the correct documents are selectable in the window, the window can be closed. If not, then close the window, re-edit the namespace allowed documents and repeat the verification step. | |
ALL ONEP-2450: For a brief moment during the update process, the cluster will diverge into two (nodes running older version of Apache Ignite and nodes running the updated version). During this time any scheduled tasks will be executed on both clusters. Therefore, it’s recommended to schedule the update so that it will not be done during an exact hour. Alternatively, hourly scheduled tasks may be turned of during the update process. | |
ALL ONEP-2696: For Trivore ID instances using Suomi.fi strong identification, it is required that a migration script for strong identifications is run in MongoDB. The script will copy the latest user’s strong identification entries from a separate strong identification collection to the user, which is required by some views in the platform.
|