Manual Schema Update May Be Required
These alter table steps should now automatically be handled by UpgradeShell.
Some columns have been resized. Due to a bug in the underlying schema management library, this resize may not automatically happen on Postgres. If necessary, manually resize the columns.
Manual Data Update May Be Required
Registry v2.0.0 introduced an internal flag to identify "automatic" groups, ie: those where Registry automatically manages the population. Groups created since this update will have the correct flag, however groups that existed prior to this update will have a NULL value in the relevant column. While in general most capabilities will work correctly, Identifier Assignment for CO Groups (a new capability introduced in Registry v3.3.0) may not correctly apply to CO Groups that were created prior to Registry v2.0.0. Ordinarily, this would be corrected as part of
upgradeVersion, however due to limitations of the framework this fix must be applied manually.
It is recommended that all deployments that were first established on a release earlier than v2.0.0, whether or not they plan on using Identifier Assignment for CO Groups, run the following SQL command:
Enrollment Flow Steps "Deny" and "Send Approval Notification" Removed
Registry v3.3.0 consolidates three Enrollment Flow Steps into the Approve step, eliminating the Deny and Send Approval Notification steps. Custom plugins that execute after Deny or Send Approval Notification should be updated to execute after Approve instead.
SSH Key Authenticator Plugin
SSH Key management has moved into an Authenticator Plugin. During the upgrade to v3.3.0, any CO that has SSH Keys attached to a CO Person will have an SSH Key Authenticator automatically instantiated, and existing keys will be attached to that Authenticator. COs that do not have any SSH Keys will need to instantiate an Authenticator before SSH keys can be managed.
SSH Keys are no longer managed directly from the CO Person Canvas, but are now available via the Authenticators link in the sidebar.
Authenticator Plugin Documentation
The guidance for when Authenticator Plugins should trigger provisioning has been corrected.
JobShell and Job Plugins
Registry v3.3.0 introduces Job Plugins, as executed by the Registry Job Shell. All existing deployments will likely need to update their cron configuration, as described in Registry Installation - Cron.
API User Changes
As of Registry v3.3.0, API Users are assigned to specific COs. Full information is available in the documentation, however the following changes should be noted:
- New API Users must be named with their CO as a prefix.
- Self selected passwords are no longer supported, instead randomly generated API Keys are used.
- Platform API Users are now created via the COmanage CO.
Existing API Users (those created prior to upgrade) will continue to function as is, and will be automatically assigned to the COmanage CO as Platform API Users (without being renamed). However any subsequent changes to existing API Users will require conformance with the new naming and API Key requirements. It is recommended that existing API Users be manually transitioned at a convenient time.
cm_users View Removed
cm_users database view has been removed. This view should not have been accessed by other applications.