Skip to content

Upgrading to v0.6.0

  • The kafka.topic.prefix configuration was renamed to dt.kafka.topic.prefix to prevent collisions with native Kafka properties (hyades/#1392).

  • Configuration names for task cron expressions and lock durations have changed (apiserver/#840). They now follow a consistent task.<task-name>.<config> scheme. Lock durations are now specified in ISO 8601 format instead of milliseconds. Example of name change:

    Before After
    task.cron.metrics.portfolio task.portfolio.metrics.update.cron
    task.metrics.portfolio.lockAtMostForInMillis task.portfolio.metrics.update.lock.max.duration
    task.metrics.portfolio.lockAtLeastForInMillis task.portfolio.metrics.update.lock.min.duration

  • The /api/v1/vulnerability/source/{source}/vuln/{vuln}/projects REST API endpoint now supports pagination (apiserver/#888). Like all other paginated endpoints, the page size defaults to 100. Clients currently expecting all items to be returned at once must be updated to deal with pagination.

  • The alpine. prefix was removed from Kafka processor properties of the API server (apiserver/#904). Example of name change:

    Before After
    alpine.kafka.processor.vuln.scan.result.processing.order kafka.processor.vuln.scan.result.processing.order

  • The endpoints deprecated in v4.x mentioned below were removed (apiserver/#910):

    Removed endpoint Replacement
    POST /api/v1/policy/{policyUuid}/tag/{tagName} POST /api/v1/tag/{name}/policy
    DELETE /api/v1/policy/{policyUuid}/tag/{tagName} DELETE /api/v1/tag/{name}/policy
    GET /api/v1/tag/{policyUuid} GET /api/v1/tag/policy/{uuid}
    GET /api/v1/bom/token/{uuid} GET /api/v1/event/token/{uuid}

  • The required PostgreSQL version has been raised from 11 to 13 (hyades/#1724). Lower versions may still work, but are no longer tested against.

  • User records in the database are consolidated from the separate LDAPUSER, MANAGEDUSER, and OIDCUSER tables, into a single USER table (apiserver/#1169). The new USER table enforces uniqueness of usernames. To prevent data loss, LDAPUSER and OIDCUSER records with conflicting usernames get their values suffixed with -CONFLICT-LDAP and -CONFLICT-OIDC respectively. Affected users cannot authenticate. Administrators are expected to resolve this by removing users or renaming them as desired. Note that this is an edge case and should not affect most deployments.

  • The metrics tables DEPENDENCYMETRICS, PORTFOLIOMETRICS, and PROJECTMETRICS are partitioned by date (apiserver/#1141). The migration procedure involves copying existing metrics data, thus requiring up to double the amount of storage for the duration of the migration. To reduce the amount of data being copied, consider temporarily reducing the metrics retention timespan in the administration panel under ConfigurationMaintenance. Only historic data falling within the configured retention duration gets migrated.

  • Database migrations have been integrated into the broader concept of initialization tasks. As a result, the following configuration properties were renamed:

    Before After
    database.run.migrations init.tasks.enabled
    database.run.migrations.only init.and.exit
    database.migration.url init.tasks.database.url
    database.migration.username init.tasks.database.username
    database.migration.password init.tasks.database.password