Updating 3.X ThreadFix License

Owned by Eric Cuevas (Unlicensed)
Last updated: Jun 14, 2022 by Daniel ColonVersion comment
2 min read

You will learn

How to change a ThreadFix license with Kubernetes.

Prerequisites

Audience: IT Professional
Difficulty: Intermediate
Time needed: Approximately 10 minutes
Tools required: See Pre-requisites list below

Pre-requisites list:

  • ThreadFix instance running in Kubernetes

  • kubectl access to Kubernetes cluster

  • Helm version greater than 3.2

Enter the following commands on a command line to perform the described action.

There are two ways to apply a license to ThreadFix running in Kubernetes, through a Kubernetes secret or a Helm value. Follow the appropriate section for the current installation method. If unsure of which method is currently being used, run the following command.

helm get values $(helm ls | grep threadfix | awk '{print $1}') | grep -E '^"?threadfix\.license' >> /dev/null && echo 'Helm Value' || echo 'Kubernetes Secret'

Kubernetes Secret

Follow this section if managing a ThreadFix license with a manually created Kubernetes Secret.

  1. Copy the new ThreadFix license to the current working directory with the name threadfix.license.

  2. Get the current ThreadFix license secret name.

    TF_LICENSE_SECRET=$(kubectl get deploy -l app.kubernetes.io/name=auth,app.kubernetes.io/part-of=threadfix -o jsonpath='{ .items[].spec.template.spec.volumes[?(@.name=="tf-license")].secret.secretName }')

     

  3. Backup the current ThreadFix license.

    kubectl get secret $TF_LICENSE_SECRET -o go-template='{{ index .data "threadfix.license" }}' | base64 -d > threadfix.license.bak

     

  4. Remove the current license from the Kubernetes cluster.

     

  5. Create a new license secret.

     

  6. Restart all ThreadFix containers.

Helm Value

Use this method if managing the ThreadFix license from the user’s values file.

  1. Get the Helm release name for the ThreadFix instance.

     

  2. Get the current installed version of ThreadFix.

     

  3. Export the currently installed Helm values.

     

  4. Backup values to a separate file.

     

  5. Add the new license to currentValues.yaml by performing the following:

    1. Open the currentValues.yaml file with a text editor.

    2. Navigate to the item named "threadfix.license".

    3. Replace the lines after "threadfix.license" with the content of the new ThreadFix license.

      1. Indentation is important for this file to render correctly. Ensure that the new content adheres to the same indentation as the previous item.

    4. Save this file.

  6. Update the ThreadFix Helm installation.

    If not using 'denimgroup/threadfix' as the chart name, this value must be changed to the location of the ThreadFix chart. Use helm search repo threadfix to find the correct chart name.

  7. If the new license does not apply after a few minutes, restart ThreadFix deployments.

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.