Documentation Nexus IQ Server 1.16

Our documentation site has moved. For the most current version, please see http://help.sonatype.com

5.4. Upgrading the CLM Server

As the Sonatype CLM Server is the central element of the Sonatype CLM suite of products, it is often referred to synonymously as Sonatype CLM. The latest version of the Sonatype CLM Server can be downloaded from the Sonatype support site.

The instructions below cover general upgrading instructions. However, depending on the version you are upgrading from, there may be additional steps needed to complete your unique upgrade path. Please review these accordingly.

Finally, before starting any upgrade, always start by checking our compatibility matrix, Knowledge Base article, and making a backup.

[Tip]

Before attempting an upgrade, it’s best to review all upgrade instructions provided for your current version, as well as any versions that followed.

Upgrade Instructions
  1. Determine your upgrade path.
  2. Stop the Sonatype CLM Server
  3. Perform a backup
  4. Make a copy of sonatype-clm-server/config.yml
  5. Copy the new installation bundle into installation folder
  6. Extract the bundle
  7. Apply all modifications from the backup config.yml to the new config.yml file including e.g. server ports
  8. Update any startup scripts as needed
  9. Start the Sonatype CLM Server
[Note]

Before upgrading we highly recommend reviewing the CLM Server Backup Instructions section above.

5.4.1. Upgrade Paths

It’s common for users to upgrade to the latest version from a variety of previous versions. This can present issues in trying to present a clear update path.

We’ve isolated instructions for upgrading from each previous version. However, if you’ve been using Sonatype CLM for awhile, it’s not a bad idea to review instructions for previous versions you may have used.

Upgrading from Sonatype CLM 1.9x or Later

There are no additional steps needed for users of Sonatype CLM 1.9x or higher. Please follow the standard upgrade instructions.

Upgrading from Sonatype CLM 1.8x

The biggest change affecting an upgrade from version 1.8x is related to the enforcement that all applications must have a parent organization. Within the interface any applications without an organization were identified as follows:

figs/web/release-notes-appwithoutorg-1-8-ui.png

Figure 5.4. Application Without Organization v.1.8 UI


However, as of Sonatype CLM 1.9x and higher, this is no longer permitted, and will prevent the Sonatype CLM Server from starting. Prior to upgrading, make sure all applications have been assigned an organization. For more information on organization, please see the Organization and Application Management section of the Policy Management chapter.

[Tip]

If you have been a user of Sonatype CLM prior to version 1.8x, you may want to verify you’ve followed those previous upgrade instructions. This is especially true for those related to configuration (config.yml) changes.

Upgrading from Sonatype CLM 1.7x and 1.6x::

There are two critical changes that will affect any users upgrading from version 1.7x.

Config.yml Change

The introduction of the security administration features require that a specific line be added to your current config file, under the loggers: area.

"org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter": INFO

After adding, your config should look like this:

loggers:
    "eu.medsea.mimeutil.MimeUtil2": INFO
    "org.apache.http": INFO
    "org.eclipse.jetty": INFO
    "org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter": INFO
[Warning]

Failure to add this line to your config.yml file will result in credentials being published to the Sonatype CLM log file and is considered insecure.

Parent Organization Requirement

For those users of Sonatype CLM between, and including, 1.6x and 1.8x, applications were permitted to exist without a parent organization. Within the interface any applications without an organization were identified as follows:

figs/web/release-notes-app-no-org-1-7-ui.png

Figure 5.5. Application Without Organization v.1.7 and Earlier UI


However, as of Sonatype CLM 1.9x and higher, this is no longer permitted, and will prevent the Sonatype CLM Server from starting. Prior to upgrading, make sure all applications have been assigned an organization. For more information on organization, please see the Organization and Application Management section of the Policy Management chapter.

Upgrading from Sonatype CLM 1.5x or Earlier

Prior to Sonatype CLM 1.5x there was no way to manage policy globally. This meant each application needed to have its own policy. As of Sonatype CLM 1.6x and the added functionality of organizations, policies could be created at the organization level, and then inherited by any applications attached to that organization.

At this time, there is not a direct path from this version of Sonatype CLM to the latest version. This does not exclude the ability to upgrade, but it will require more steps than is typical upgrades. To best assist with your upgrade, we recommend contacting Sonatype CLM Support support team by email support@sonatype.com or file a request

[Note]

In addition to this upgrade, they can also assist with migrating policies from an application to an organization.