As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.

3.7.0 to 3.8.0 Upgrade Required Kong Changes

ThreadFix has upgraded Kong from version 2.8 to 3.6, in order to upgrade from ThreadFix 3.7.0 to 3.8.0 users must be aware of the required Kong changes detailed below.

Prior to beginning any upgrades or migration, ThreadFix strongly recommends users review the Upgrade & Migration Guidelines.

New Installation of Threadfix 3.8.0

  1. Begin with the ThreadFix installation setup instructions.

  2. As an additional prerequisite, a Kong ClusterRole must be created with the necessary permissions to access the cluster resources required by Kong. This ensures that Kong has the appropriate access rights to function properly within the cluster.

  3. Download the kong_clusterrole file provided here and update the placeholder <namespace> with your specific namespace where Threadfix will be installed.


  4. After updating the namespace in the file, execute the following command to create a ClusterRole named tf-kong and a ClusterRoleBinding to your namespace:

    kubectl apply -f kong_clusterrole.yaml
  5. Proceed with the Installation of Threadfix by following the installation instructions.

Upgrading to Threadfix 3.8.0

  1. Begin by following the Upgrade & Migration guides first, please read through the following pre-requisites before upgrading.

  2. As Kong has been upgraded to version 3.6, you will need to update your ClusterRole and ClusterRoleBinding as a pre-requisite before upgrading.

    Ensure you back up your existing ClusterRole and ClusterRoleBinding for Kong before making any changes. Save the output of the commands below into a secure location.

    kubectl get clusterole <cluster-role-name> -o yaml kubectl get clusterrolebinding <cluster-role-binding-name> -o yaml

    Note: You can use the following commands to list all your ClusterRole and ClusterRoleBinding resources:

    • kubectl get clusterrole

    • kubectl get clusterrolebinding

    From the lists, get the name of ClusterRole and ClusterRoleBinding that are related to Kong.

  3. Download the file provided below and make the following updates:

    1. Replace ClusterRole and ClusterRoleBinding names with the names used in your previous configuration.

    2. Update the placeholder <namespace> with the namespace where Threadfix is installed currently.


  4. Execute the following commands to update your ClusterRole and ClusterRoleBinding

    kubectl apply -f kong_clusterrole.yaml

     

  5. Proceed by following the following upgrade guide.

Reference Documentation

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.