3.3.1 to 3.3.3 Upgrade Required Helm Value & Kafka Changes

Owned by Daniel Colon
Last updated: Oct 12, 2023
2 min read

In order to upgrade from ThreadFix 3.3.1 to 3.3.3 users must be aware of required Helm Value & Kafka Changes detailed below.

Prior to beginning any upgrades or migration, ThreadFix strongly recommends users review the Upgrade & Migration Guidelines.

Prerequisites

Audience: IT Professional
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: See Pre-requisites list below

Pre-requisites list

  • ThreadFix instance running in Kubernetes

  • kubectl access to Kubernetes cluster

  • Helm version greater than 3.5

Upgrading

Enter the following commands on a command line to perform the described action.

  1. Add the Denim Group Helm repository if not present:

    helm repo add denimgroup https://threadfix-downloads.s3-us-west-2.amazonaws.com/helm/

     

  2. Backup the ThreadFix instance by following the Backup & Restore guide.

  3. Get the Helm release name for the ThreadFix instance.

    TF_RELEASE=$(helm ls | grep threadfix | awk '{print $1}')

     

  4. Get the current installed version of ThreadFix.

    TF_VERSION=$(helm ls --filter "$TF_RELEASE" | grep -o 'threadfix-[Az0-9\.\-]*' | sed 's|threadfix-||g')

     

  5. ThreadFix automatically generates internal credentials if not explicitly provided. If not already done so, save these in a secure location for recovery purposes.

    1. Network properties:

    2. Database password:

    3. Postgres password:

    4. ESAPI encryption keys:

       

  6. Pull the latest chart from Denim Group's Helm repository for ThreadFix.

     

  7. Check the latest available version.

     

  8. Review the release notes prior to upgrading. Not all upgrade paths are supported.

  9. (Optional) If changes to the charts values are required:

    1. Export the currently installed Helm values.

    2. Make necessary changes to the myValues.yaml file.

    3. Pass the modified values file in the the helm upgrade command with -f myValues.yaml.

  10. Add the following:

     

  11. Upgrade ThreadFix with Helm (include -f myValues.yaml if modifying installation values).

     

  12. Follow the Upgrade Validation Checklist to validate the ThreadFix upgrade has completed successfully. If there are any issues, users may rollback to the previous state with:

    If rolling back a failed upgrade, the user may have to restore the database from backup depending on the status of the database migration. Follow Backup & Restore for more information.

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.