Child pages
  • Grouper InCommon Trusted Access Platform package versioning
Skip to end of metadata
Go to start of metadata

Here is the InCommon Trusted Access Platform docker README

Three versions of packages

  1. One version back with latest patches
    1. In March 2019, this is 2.3.0 with latest patches
    2. Use this if you want a stable version of grouper where no enhancements will be added
    3. Security patches will be available
    4. Important low risk bug fix patches will be available
  2. Latest version with stable patches
    1. In March 2019, this is 2.4.0 with latest stable patches
    2. Use this if you want Grouper with latest low risk enhancements
    3. Security patches will be available
    4. Bug fix patches will be available
    5. "Stable" patches are defined as patches which have been implemented in production by several institutions, or which have been released without complaint for several weeks
      1. InCommon Trusted Access Platform instrumentation helps know if releases are being used
    6. Unstable patches are referred to as "canary" or "test" or "rc" patches (release candidate)
  3. Latest version with all patches
    1. In March 2019, this is 2.4.0 with all patches
    2. Use this for non production environments
    3. Use this if you are a Grouper developer
    4. Use this if you need a canary patch and are willing to test and take some risk that there could be a problem

Grouper package version e.g. 2.4.0-a97-u41-w11-p16  (a=api patch level, u=ui patch level, w=web service patch level, p=pspng patch level)

Grouper package schedule / announcements

If there are new patches available they are either released immediately or at the longest weekly at the discretion of the packaging team.  

When a build is performed after a patch, the packaging team can let the developer put the build announcement in the announcement email of the fix/enhancement to grouper-users.

If the developer doesn’t do that, the packaging team will send a note to grouper-users to announce the new package

Installing security patches

When there is a security issue you should install that patch (and all patch dependencies of that patch).  Security issues are communicated via the grouper-users or grouper-announce mail list

Keeping up with the latest

Generally you do not need to keep each grouper component at the same patch level.  Consider this while deciding on your patching strategy.

If you want to take advantage of the latest Grouper features, you can periodically roll out the container with updated patches.  This has the most utility with the UI since patches frequently add enhancements and fix issues with the UI, and the UI has more flexibility than the WS for introducing risk since the WS is used for application access and could bring down apps if there is a problem.  If you are having a problem with PSPNG, then installing those patches will help too.  Loader patches can also be low risk and important.

Some of the downsides of keeping up with the latest is new UI features could conflict with your internal documentation of the UI if users see new features or buttons.  New features could also introduce problems.

  • No labels