As the Sonatype CLM Server is the central element of the Sonatype CLM suite of products, it is often referred to synonymously as Sonatype CLM. The latest version of the Sonatype CLM Server can be downloaded from the Sonatype support site.
The instructions below cover general upgrading instructions. However, depending on the version you are upgrading from, there may be additional steps needed to complete your unique upgrade path. Please review these accordingly.
Finally, before starting any upgrade, always start by checking our compatibility matrix, Knowledge Base article, and making a backup.
Before attempting an upgrade, it’s best to review all upgrade instructions provided for your current version, as well as any versions that followed. |
Before upgrading we highly recommend reviewing the CLM Server Backup Instructions section above. |
It’s common for users to upgrade to the latest version from a variety of previous versions. This can present issues in trying to present a clear update path.
We’ve isolated instructions for upgrading from each previous version. However, if you’ve been using Sonatype CLM for awhile, it’s not a bad idea to review instructions for previous versions you may have used.
There are no additional steps needed for users of Sonatype CLM 1.9x or higher. Please follow the standard upgrade instructions.
The biggest change affecting an upgrade from version 1.8x is related to the enforcement that all applications must have a parent organization. Within the interface any applications without an organization were identified as follows:
However, as of Sonatype CLM 1.9x and higher, this is no longer permitted, and will prevent the Sonatype CLM Server from starting. Prior to upgrading, make sure all applications have been assigned an organization. For more information on organization, please see the Organization and Application Management section of the Policy Management chapter.
If you have been a user of Sonatype CLM prior to version 1.8x, you may want to verify you’ve followed those previous upgrade instructions. This is especially true for those related to configuration (config.yml) changes. |
There are two critical changes that will affect any users upgrading from version 1.7x.
The introduction of the security administration features require that a specific line be added to your current config file, under the loggers: area.
"org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter": INFO
After adding, your config should look like this:
loggers: "eu.medsea.mimeutil.MimeUtil2": INFO "org.apache.http": INFO "org.eclipse.jetty": INFO "org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter": INFO
Failure to add this line to your config.yml file will result in credentials being published to the Sonatype CLM log file and is considered insecure. |
For those users of Sonatype CLM between, and including, 1.6x and 1.8x, applications were permitted to exist without a parent organization. Within the interface any applications without an organization were identified as follows:
However, as of Sonatype CLM 1.9x and higher, this is no longer permitted, and will prevent the Sonatype CLM Server from starting. Prior to upgrading, make sure all applications have been assigned an organization. For more information on organization, please see the Organization and Application Management section of the Policy Management chapter.
Prior to Sonatype CLM 1.5x there was no way to manage policy globally. This meant each application needed to have its own policy. As of Sonatype CLM 1.6x and the added functionality of organizations, policies could be created at the organization level, and then inherited by any applications attached to that organization.
At this time, there is not a direct path from this version of Sonatype CLM to the latest version. This does not exclude the ability to upgrade, but it will require more steps than is typical upgrades. To best assist with your upgrade, we recommend contacting Sonatype CLM Support support team by email support@sonatype.com or file a request
In addition to this upgrade, they can also assist with migrating policies from an application to an organization. |
Terms of Service Privacy Policy
Copyright ©
2008-present, Sonatype Inc. All rights reserved. Includes the
third-party code listed here. Sonatype and Sonatype Nexus are trademarks
of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache
Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation.
All other trademarks are the property of their respective owners.
Sonatype Headquarters - 8161
Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8251 Greensboro Drive #610, McLean, VA
22102
Australia Office - 5 Martin Place, Level 14, Sydney 2000, NSW, Australia