Before upgrading, please take into account we have extended the XML schema for Products and Libraries and this may cause old Product and Library XMLs generated with versions of IriusRisk < 2.0.0 to be non-compatible with versions >= 2.0.0. Products and Libraries managed within the tool when embarking on the upgrade will be automatically migrated.
Below you can find instructions for upgrading to IriusRisk v2.
We strongly encourage testing this firstly on a pre-production instance so that you may ensure the component migrations are executed as expected and that any other customisations you have made to the main questionnaire still function as expected.
The most significant change in version 2 is components are now explicitly defined, and users are encouraged to build their threat models using the diagrammatic architectural view. To this end, the main questionnaire can now be disabled through the settings, so that users are immediately taken to the diagram tab after onboarding a new product.
This workflow can be see here:
What this means for upgrading is that all custom components that you have defined will automatically be migrated into the new “Component Definition” format. If you do not wish the main questionnaire to be displayed to users, then you may disable it by unchecking the option: Settings -> User Interface -> Show main questionnaire
Upgrading your OnPrem instance to IriusRisk 2.0.0.
Perform a backup of the database.
Docker based deployments.
Version 2.0.0 requires the following variables to be included in the docker compose file:
Update your docker-compose.yml file and change the docker image for the tomcat container
Then execute the command:$ docker-compose down && docker-compose pull && docker-compose up -d
WAR based deployments.
Do a database backup.
Copy the old WAR file as a backup (to rollback in case you need it).
If you’re using a war file deployed in your Tomcat container server, you can download version 2.0.0 from:
Deploy this WAR file in the Tomcat webapps directory.
With this new release, there are several migrations that will run against the database during the first startup. This means the startup process can take some time. If you would like to check progress you can view the logs with the command:
If you are using docker, execute:
$ docker logs -f iriusrisk-tomcat8
If you are using native tomcat, check your catalina log file to see the progress of the upgrade.
When you log into the application for the first time, you’ll see that all the components have now been migrated to a new Configuration Tab named Component Definitions, please check that the components in this section are correct.
If you experience any problems upgrading, please provide as much information as possible to email@example.com
You can provide the tomcat logs (in docker: $ docker logs iriusrisk-tomcat8 > tomcatlog.txt), the output of the command $ curl -LI youririusriskinstance.com, and any other useful information obtained whilst you were upgrading.
Once you have deployed the new WAR file or the new docker containers, on the first start-up, IriusRisk will execute several migrations of the database to support new features, improve speed or space. Depending on what version you're migrating from and the current size of your database, these migrations can take up to 6+ hours of processing time, so please do not cancel the process and be patient.
If this process is interrupted, you can start it again from scratch but it would then require a new database restore with the production database.
Important v2.0.0 changes that require configuration.
In version 2.0.0 we have given precedence to diagrammatically constructing threat models and this means the Main Questionnaire has become largely redundant. All components in the Main Questionnaire have been removed and transferred to Component Definitions, consequently, if you are not using a custom Main Questionnaire you will encounter a blank questionnaire after migrating.
To avoid this, please manually disable the Main Questionnaire by unchecking the following configuration option:
If something within the upgrade process fails and you wish to revert back to your previous version (1.12.1) this is achieved by doing the following:
Restore the database backup.
Docker based deployment.
Modify the docker compose file to point to the previous image: image: continuumsecurity/iriusrisk-prod:tomcat8-prod
WAR based deployment.
Deploy the previous version's WAR file instead of v2.0.0: https://s3-eu-west-1.amazonaws.com/iriusrisk/4d76d6f8ff4196e97139ae78eb5329e7baa9006b/iriusrisk.war