Skip to main content

Upgrade

Upgrading the GitGuardian application#

The GitGuardian application can be updated through the admin console in the "Version History" tab. First, you need to check for updates. This can be done manually or automatically. Then, you can deploy a newer version by clicking the "Deploy" button.
You can find more information on the KOTS documentation.

Upgrade page

caution

During upgrades, workers are stopped but new commits are still queued and will be processed after the upgrade. Upgrades do not stop the dashboard, but they introduce a temporary delay in message processing and alerting.
We advise running upgrades during a low-traffic period.

Required versions#

KOTS Admin Portal will show some versions as "Required".

Required version

If you have several versions to upgrade, you'll have to upgrade to each required version between your current version and your target version.

After each deployment, you should wait for the application to be fully upgraded. To that extent, you can monitor pods' status and wait for all pods to be live and all jobs to be completed.

watch kubetcl get po -n <namespace>

The application is restarted when all pods are in the running status:
Pods status

Upgrading KOTS#

KOTS also needs to be upgraded.

To check the KOTS plugin version, run the following command:

kubectl kots version

If there is an update available, follow the instructions and run this command:

curl https://kots.io/install | bash

Then, you will need to upgrade the kots application running in the cluster:

kubectl kots admin-console upgrade -n <namespace>

Upgrading Embedded Database to PostgreSQL 13#

Starting version 2023.03.0, GitGuardian Self-Hosted with the embedded database now uses PostgreSQL 13. If you use an external database, PostgreSQL 13 is also the recommended version. An upgrade should be planned and executed with your Database Management team.

The data from your PostgreSQL 11 database will be dumped and restored on a new volume attached to the PostgreSQL 13 container. This requires extra storage but will allow rollback.

Before upgrading to GitGuardian 2023.03.0#

  • If you are not using GitGuardian 2023.02.1, please upgrade to this version and wait for the upgrade to complete and the application to be ready.

  • Check that you have enough space on your persistent volume to store the PostgreSQL 13 version of the data.

kubectl exec -it deployment/postgresql -- df -h

The amount of space used by /backup and /var/lib/postgresql/data/pgdata should leave enough space to restore a new copy of the database, equivalent to the space used by /var/lib/postgresql/data/pgdata. If it's not the case, you may need to resize the persistent volume or delete the data in /var/lib/postgresql/data/pgdata after the backup. Please contact support in such a case.

  • Back up your database. The backup will be restored on PostgreSQL 13.
export PGPASS=$(kubectl get secrets postgresql -o jsonpath="{.data.\.pgpass}" | base64 -d | cut -f 5 -d \:)kubectl exec -it deployment/postgresql -- env PGPASSWORD=$PGPASS /usr/bin/pg_dump -Cc -U ggadmin prm > dump_pg11.sql

Proceeding to the upgrade#

  • In the Admin Console, edit the configuration to check the "All steps required for PostgreSQL 13 migration have been completed" checkbox and save the configuration. Without this step, you will not be allowed to install GitGuardian 2023.03.0 and beyond with embedded PostgreSQL.

  • You can now upgrade to GitGuardian 2023.03 and beyond. The upgrade will download the PostgreSQL 13 image in place of 11 and use it automatically.

Note that this action will create downtime as the database will not be able to read PostgreSQL 11 files until you restore the backup.

  • Scale down your application:
kubectl scale deploy gitguardian-app --replicas=0kubectl scale deploy gitguardian-beat --replicas=0kubectl scale deploy gitguardian-email --replicas=0kubectl scale deploy gitguardian-long-tasks --replicas=0kubectl scale deploy gitguardian-scanner --replicas=0kubectl scale deploy gitguardian-worker --replicas=0
  • Restore the dump
export PGPASS=$(kubectl get secrets postgresql -o jsonpath="{.data.\.pgpass}" | base64 -d | cut -f 5 -d \:)
kubectl exec -it deployment/postgresql -- env PGPASSWORD=$PGPASS psql -U ggadmin < dump_pg11.sql
  • Scale up the application back to your original settings (modify replicas in accordance)
kubectl scale deploy gitguardian-app --replicas=2kubectl scale deploy gitguardian-beat --replicas=1kubectl scale deploy gitguardian-email --replicas=2kubectl scale deploy gitguardian-long-tasks --replicas=2kubectl scale deploy gitguardian-scanner --replicas=2kubectl scale deploy gitguardian-worker --replicas=2
  • Run migrations from the new application
kubectl exec -it deploy/gitguardian-app — python manage.py migrate

Note that you can also use the "redeploy" feature of Kots Admin Console to restore your application replica sets in their configured state and run migrations.

Congratulations, you completed the upgrade!