Page Comparison

Image Removed

Image Added

Helm Value Changes

In ThreadFix 3.3, Kong PostgreSQL Subcharts now have the following structure changes:

Prior to ThreadFix 3.3:

echo "kong:
  postgresql:
    postgresqlPassword: $PG_PASSWORD
global:
  threadfix:
    licenseCMOverride: tf-license" > myValues/myValues.yaml

As of ThreadFix 3.3:

echo "kong:
  postgresql:
    auth:
      password: $PG_PASSWORD
global:
  threadfix:
    licenseCMOverride: tf-license" > myValues/myValues.yaml

Posgresql Updates

1. Set environment variables like below:
   

   Code Block
   export TF_RELEASE=$(helm ls | grep threadfix | awk '{ print $1}') export POSTGRESQL_PASSWORD=$(kubectl get secret ${TF_RELEASE}-postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode) export PG_ADMIN_PASSWORD=$(openssl rand -base64 32)

2. Export current helm values:
   

   Code Block
   helm get values $TF_RELEASE > myValues-3-2-0.yaml

3. Add the helm repo and update:
   

   Code Block
   helm repo add threadfix https://threadfix-downloads.s3-us-west-2.amazonaws.com/helm/ helm repo update

4. Delete postgresql:
   

   Code Block
   kubectl delete sts ${TF_RELEASE}-postgresql kubectl delete pvc data-${TF_RELEASE}-postgresql-0 kubectl delete secret ${TF_RELEASE}-postgresql

   
   

5. Upgrade with --no-hooks set:
   

   Code Block
   helm upgrade $TF_RELEASE denimgroup/threadfix -f myValues-3-2-0.yaml \ --set kong.postgresql.auth.password="$POSTGRESQL_PASSWORD" \ --set kong.postgresql.auth.postgresPassword="$PG_ADMIN_PASSWORD" \ --no-hooks

6. Manually run kong migrations:
   

   Code Block
   kubectl exec -it $(kubectl get pods -l 'app.kubernetes.io/name=kong,app.kubernetes.io/version=2.8' -o jsonpath='{ .items[].metadata.name }') -c wait-for-db -- kong migrations bootstrap

7. To confirm the upgrade was successful, echo the following TF_VERSION variable:
   

   Code Block
   TF_VERSION=$(helm ls --filter "$TF_RELEASE" | grep -o 'threadfix-[Az0-9\.\-]*' | sed 's|threadfix-||g') echo $TF_VERSION