Jira Service Management 10.2.x アップグレード ノート
ここでは、Jira Service Management 10.2.x へのアップグレードに関する重要な注意事項について説明します。このリリースの新機能や改善の詳細については、次のページをご確認ください。
次のセクションにジャンプ:
次のセクションにジャンプ
2 段階認証による新しいログイン エクスペリエンス
To improve the security of the Jira login experience, we’ve added a second authentication layer. If you experience any issues with the new login process, you can switch to the legacy login experience by setting the JVM system property atlassian.authentication.legacy.mode to true.
データベースのパスワードをシークレット ストレージに安全に保管
We're now using the secret storage to secure the database password. After the upgrade, or during the zero-downtime upgrade (ZDU), we'll read the password from the dbconfig.xml file, encrypt it, store it in the secret storage and replace the password in the dbconfig.xml file with the placeholder: {ATL_SECURED}. If the password was previously stored in plaintext, you can expect the following logs:
main INFO [c.a.j.config.database.DatabaseConfigHandler] Secret Service is enabled
main INFO [c.a.j.config.database.DatabaseConfigHandler] Detected new password in the xml file, that hadn't been encrypted by Secret Service
main INFO [c.a.j.config.database.DatabaseConfigHandler] Trying to get password from xml and decrypt it with legacy Secret Store Provider
main INFO [c.a.j.config.database.DatabaseConfigHandler] Database password decryption not performed.
main INFO [c.a.j.config.database.DatabaseConfigHandler] Getting plaintext password from config, encrypting it and storing in Secret Service.
main INFO [c.a.j.config.database.DatabaseConfigHandler] Secret Service is enabled
main INFO [c.a.j.config.database.DatabaseConfigHandler] Storing encrypted database password in Secret Service
main INFO [c.a.j.config.database.DatabaseConfigHandler] Replacing the password in config with {ATL_SECURED}The dbconfig.xml file will contain: <password>{ATL_SECURED}</password>.
In case of a ZDU rollback, you need to edit the dbconfig.xml file on every node that was upgraded and change the password back to the plaintext password.
If the password is secured with the Secret Store Provider, the secret will be located in the secret storage, but we won’t replace the password in the dbconfig.xml file and we’ll use the secret store provider to encrypt and decrypt the password.
Starting from Jira 10.2.1:
- If the password is encrypted with the Secret Store Provider, the AES encryption, or a custom implementation, we'll decrypt the password, store it in the Secret Storage and replace the password in the
dbconfig.xmlfile with{ATL_SECURED}. - If the password is encrypted with the Secret Store Provider, the AWS Secrets Manager, or HashiCorp Vault, we'll keep it as the encryption method and won’t use the Secret Storage for handling the password.
Atlassian Package Scanner からの警告の無視
Atlassian Package Scanner verifies if there are no .jar files providing the same package, potentially with a different version. After you upgrade to Jira Software Data Center 10.2 or Jira Service Management Data Center 10.2, Atlassian Package Scanner will notify you about packages with the same content provided by different .jar files.
This is due to Embedded Crowd still migrating to the new version of the platform and still using password-cipher, while Jira has already moved to atlassian-secrets but still has to provide password-cipher for backwards compatibility. atlassian-secrets embeds password-cipher, which is why Atlassian Package Scanner notices them, but since the content is the same, the following warnings may be safely ignored (note the duplicated lines — those appear because the .jar files are placed both in /lib and atlassian-jira/WEB-INF/lib):
警告の全文には、スキャンされたファイルの正確な場所に関する詳細情報が記載されています。
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: atlassian-secrets-api-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.protocol' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.utils' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.cipher' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.protocol' with different versions. Files: password-cipher-base-1.4.0.jar and atlassian-secrets-store-5.0.4.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.utils' with different versions. Files: password-cipher-base-1.4.0.jar and atlassian-secrets-store-5.0.4.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: password-cipher-base-1.4.0.jar and atlassian-secrets-api-5.0.4.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.cipher' with different versions. Files: password-cipher-base-1.4.0.jar and atlassian-secrets-store-5.0.4.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: atlassian-secrets-api-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.protocol' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.utils' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.secrets.tomcat.cipher' with different versions. Files: atlassian-secrets-store-5.0.4.jar and password-cipher-base-1.4.0.jar
JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: password-cipher-api-1.4.0.jar and atlassian-secrets-api-5.0.4.jar警告の全文には、スキャンされたファイルの正確な場所に関する詳細情報が記載されています。
2024-10-17 09:31:28,389+0000 JIRA-Bootstrap WARN [o.twdata.pkgscanner.ExportPackageListBuilder] Package Scanner found duplicates for package 'com.atlassian.db.config.password' with different versions. Files: atlassian-secrets-api-5.0.4.jar and password-cipher-base-1.4.0.jar
'/tmp/jira/lib/atlassian-secrets-api-5.0.4.jar'
'/tmp/jira/lib/password-cipher-base-1.4.0.jar'
End of support announcements
このリリースではサポート対象プラットフォームへの変更はありません。
サポートされるプラットフォームの一覧については、「サポート対象のプラットフォーム」を参照してください。
過去のお知らせについては「サポート終了のお知らせ」をご確認ください。
アプリ開発者向けの情報
アプリに関するすべての重要な変更については、「Jira 10.2 への準備」を参照してください。
アップグレード手順
最新のバージョンにアップグレードするために、次の資料を活用できます。
- 利用可能なすべてのアップグレード方法およびアップグレード前の手順を含む完全なアップグレード手順について、「Jira アプリケーションのアップグレード」をご参照ください。
ご自身の環境に合わせたアップグレードをご検討の場合、[Jira 管理] > [アプリケーション] > [アップグレードを計画] をご確認ください。アップグレード先のバージョンの提案やアップグレード前のチェックの実行が行われ、詳細な手順を含むカスタムのアップグレード ガイドが提供されます。