Upgrading to a newer patch release
All the patch releases are backward compatible. To upgrade to a newer patch release, please download the installer from the Broadcom Support portal and follow the regular installation steps for upgrade.
Migrating from v1.2.x to v1.3.x
If you currently have HA enabled with SSO and you rely on Geode for session sharing, you will need to change your setup due to discontinued maintenance for Apache Geode. You can choose between using session affinity routing or configuring a Redis server for session store. Read more about Configure session affinity or about Configure session store (SSO).
Migrating from v1.0.x to v1.1.x
We introduced the explicit SSO configuration as a breaking change in the v1.1.x release. We enable SSO by default and we require sso.secretName to be set to the name of the SSO secret you would like to use. Read more about Configure Single Sign-On (SSO).
In all the 1.0.x versions, SSO is enabled implicitly when a Kubernetes secret called sso-credentials is found in the same namespace. This can lead to the security risk of exposing API portal instances to unauthorized users if the SSO secret was accidentally (or maliciously) deleted.
Update existing values file
Due to the SSO behavioral change, you will need to download the latest 1.1.x version and update your existing values file with SSO related properties during the installation process.
Upgrade SSO enabled instances
If you currently have SSO enabled with your v1.0.x deployments of API portal for VMware Tanzu, you will need to add the following properties to your existing values file:
sso:
enabled: true # Optional, but recommended for explicitness
secretName: sso-credentials
For Carvel users: SSO secret name was configured under apiPortalServer.sso.secretName property in API portal v1.0.x releases. Make sure to move sso.secretName to top level when upgrading to API portal 1.1.x releases.
Upgrade SSO deactivated instances
If you currently don't have SSO activated, you will need to add the following property to your existing values file:
sso:
enabled: false
Follow the installation steps
With the values file updated, you may now follow the same installation as before.
