All the patch releases are backward compatible. To upgrade to a newer patch release, please download the installer from TanzuNet and follow the regular installation steps for upgrade.
We introduced the explict SSO configuration as a breaking change in the v1.1.x release. We enable SSO by default and we require
sso.secretName to be set to the name of the SSO secret you would like to use. Read more about Configure Single Sign-On (SSO).
In all the 1.0.x versions, SSO is enabled implicitly when a Kubernetes secret called
sso-credentials is found in the same namespace. This can lead to the security risk of exposing API portal instances to unauthorized users if the SSO secret was accidentally (or maliciously) deleted.
Due to the SSO behavioral change, you will need to download the latest 1.1.x version and update your existing values file with SSO related properties during the installation process.
If you currently have SSO enabled with your v1.0.x deployments of API portal for VMware Tanzu, you will need to add the following properties to your existing values file:
sso: enabled: true # Optional, but recommended for explicitness secretName: sso-credentials
For Carvel users: SSO secret name was configured under
apiPortalServer.sso.secretName property in API portal v1.0.x releases. Make sure to move
sso.secretName to top level when upgrading to API portal 1.1.x releases.
If you currently don't have SSO enabled, you will need to add the following property to your existing values file:
sso: enabled: false
With the values file updated, you may now follow the same installation as before.