Jira Software 10.2.x アップグレード ノート
Here are some important notes on upgrading to Jira Software 10.2.x. For details of the new features and improvements in this release, see the Jira Software 10.2 release notes.
次のセクションにジャンプ
アップグレード ノート
2 段階認証による新しいログイン エクスペリエンス
To improve the security of the Jira login experience, we’ve added a second authentication layer. If you experience any issues with the new login process, you can switch to the legacy login experience by setting the JVM system property atlassian.authentication.legacy.mode to true.
データベースのパスワードをシークレット ストレージに安全に保管
We're now using the secret storage to secure the database password. After the upgrade, or during the zero-downtime upgrade (ZDU), we'll read the password from the dbconfig.xml file, encrypt it, store it in the secret storage and replace the password in the dbconfig.xml file with the placeholder: {ATL_SECURED}. If the password was previously stored in plaintext, you can expect the following logs:
main INFO [c.a.j.config.database.DatabaseConfigHandler] Secret Service is enabled
main INFO [c.a.j.config.database.DatabaseConfigHandler] Detected new password in the xml file, that hadn't been encrypted by Secret Service
main INFO [c.a.j.config.database.DatabaseConfigHandler] Trying to get password from xml and decrypt it with legacy Secret Store Provider
main INFO [c.a.j.config.database.DatabaseConfigHandler] Database password decryption not performed.
main INFO [c.a.j.config.database.DatabaseConfigHandler] Getting plaintext password from config, encrypting it and storing in Secret Service.
main INFO [c.a.j.config.database.DatabaseConfigHandler] Secret Service is enabled
main INFO [c.a.j.config.database.DatabaseConfigHandler] Storing encrypted database password in Secret Service
main INFO [c.a.j.config.database.DatabaseConfigHandler] Replacing the password in config with {ATL_SECURED}The dbconfig.xml file will contain: <password>{ATL_SECURED}</password>.
In case of a ZDU rollback, you need to edit the dbconfig.xml file on every node that was upgraded and change the password back to the plaintext password.
If the password is secured with the Secret Store Provider, the secret will be located in the secret storage, but we won’t replace the password in the dbconfig.xml file and we’ll use the secret store provider to encrypt and decrypt the password.
Starting from Jira 10.2.1:
- If the password is encrypted with the Secret Store Provider, the AES encryption, or a custom implementation, we'll decrypt the password, store it in the Secret Storage and replace the password in the
dbconfig.xmlfile with{ATL_SECURED}. - If the password is encrypted with the Secret Store Provider, the AWS Secrets Manager, or HashiCorp Vault, we'll keep it as the encryption method and won’t use the Secret Storage for handling the password.
Atlassian Package Scanner からの警告の無視
Atlassian Package Scanner verifies if there are no .jar files providing the same package, potentially with a different version. After you upgrade to Jira Software Data Center 10.2 or Jira Service Management Data Center 10.2, Atlassian Package Scanner will notify you about packages with the same content provided by different .jar files.
This is due to Embedded Crowd still migrating to the new version of the platform and still using password-cipher, while Jira has already moved to atlassian-secrets but still has to provide password-cipher for backwards compatibility. atlassian-secrets embeds password-cipher, which is why Atlassian Package Scanner notices them, but since the content is the same, the following warnings may be safely ignored (note the duplicated lines — those appear because the .jar files are placed both in /lib and atlassian-jira/WEB-INF/lib):
警告の全文には、スキャンされたファイルの正確な場所に関する詳細情報が記載されています。
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: atlassian-secrets-api-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.protocol' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.utils' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.cipher' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.protocol' with different versions. Files: password-cipher-base-1.4.0.jar and atlassian-secrets-store-5.0.4.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.utils' with different versions. Files: password-cipher-base-1.4.0.jar and atlassian-secrets-store-5.0.4.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: password-cipher-base-1.4.0.jar and atlassian-secrets-api-5.0.4.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.cipher' with different versions. Files: password-cipher-base-1.4.0.jar and atlassian-secrets-store-5.0.4.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: atlassian-secrets-api-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.protocol' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.utils' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.cipher' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: password-cipher-api-1.4.0.jar and atlassian-secrets-api-5.0.4.jar警告の全文には、スキャンされたファイルの正確な場所に関する詳細情報が記載されています。
2024-10-17 09:31:28,389+0000 JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: atlassian-secrets-api-5.0.4.jar and password-cipher-base-1.4.0.jar
'/tmp/jira/lib/atlassian-secrets-api-5.0.4.jar'
'/tmp/jira/lib/password-cipher-base-1.4.0.jar'
サポート対象プラットフォームの変更
There are no supported platforms changes in this Jira release. For more details, check out Supported platforms.
アプリ開発者向けの情報
See Preparing for Jira 10.2 for any important changes regarding apps.
アップグレード手順
Upgrading from Jira version 9.x.x?
- See Upgrading Jira applications for complete upgrade procedures, including all available upgrade methods and pre-upgrade steps.
- For a more tailored upgrade, go to Jira administration, then Applications, then Plan your upgrade. We’ll recommend a version to upgrade to, run pre-upgrade checks, and provide you with a custom upgrade guide with step-by-step instructions.