Fix Readme
Abstract
The following document is the documentation for IBM Cloud Pak for Business Automation 21.0.2 IF004,
Including download and installation information and the list of APARs that are resolved in this interim fix.
Content
| Readme file for: | IBM Cloud Pak® for Business Automation |
|---|---|
| Product Release: | 21.0.2 |
| Update Name: | 21.0.2 IF004 |
| Fix ID: | 21.0.2-WS-CP4BA-IF004 |
| Publication Date: | 22 Oct 2021 |
| Last modified date: | 2 Nov 2021 |
Contents
Prerequisites and Supersedes
Components impacted
Prior to installation
Installing
Performing the necessary tasks after installation
Uninstalling
List of fixes
Known Limitations
Document change history
Components impacted
Prior to installation
Installing
Performing the necessary tasks after installation
Uninstalling
List of fixes
Known Limitations
Document change history
Prerequisites and Supersedes
- Upgrading the dependencies. If upgrading from an earlier version 20.0.3.x to 21.0.2-IF004, follow the steps described here in Knowledge Center to upgrade the dependencies: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=containers-upgrading-dependencies
- If using Business Automation Insight make sure to update IBM Automation Foundation to v1.2 channel.
Components impacted
- General
- Cloud Pak for Business Automation Operator
- Automation Document Processing
- Automation Decision Services
- Business Automation Application
- Business Automation Insights
- Business Automation Navigator
- Business Automation Studio
- Business Automation Workflow including Automation Workstream Services
- Enterprise Records
- FileNet Content Manager
- Operational Decision Management
- User Management Service
Prior to installation
If you have Cloud Pak for Business Automation 21.0.2 installed on a Kubernetes cluster that has access to the internet, then the deployment should be upgraded automatically with this interim fix. If you have 21.0.2 installed using air gap, you need to follow this readme to upgrade to the version of this interim fix.
The CP4BA Operator is automatically upgraded to the latest published interim fix when a new interim fix is published. After the CP4BA Operator is successfully upgraded the components that you have installed on your cluster will automatically be upgraded, unless you changed the Approval Strategy for CP4BA Operator from "Automatic" (default) to "Manual".
This upgrade behavior exists since interim fix 21.0.2-IF001 was deployed.
If you have Cloud Pak for Business Automation 21.0.1.x or older currently installed (for example 21.0.1-IF001) or if you have 21.0.2 installed using air gap, you can update the deployment to this interim fix by following the instruction below starting with the Installing section and the instructions in the Knowledge Center.
If you want to use this interim fix as a part of a new deployment, refer to IBM Documentation IBM Cloud Pak for Business Automation 21.0.x.
Installing
Step 1: Get access to the interim fix container images
You can access the container images in the IBM image registry with your IBMid. You should already have admin.registrykey secret and ibm-entitlement-key secret (if you have BAW and/or BAI installed) already created from the current deployment. If these secrets no longer exist, then follow the steps below to create them.
You can access the container images in the IBM image registry with your IBMid. You should already have admin.registrykey secret and ibm-entitlement-key secret (if you have BAW and/or BAI installed) already created from the current deployment. If these secrets no longer exist, then follow the steps below to create them.
Create a pull secret for the IBM Cloud Entitled Registry
- Log in to MyIBM Container Software Library with the IBMid and password that is associated with the entitled software.
- In the Container software library tile, click "View library" and then click "Copy key" to copy the entitlement key to the clipboard.
- Log in to your Kubernetes cluster and set the context to the project/namespace for your existing deployment.
- Create image pull secrets by running kubectl create secret commands below.
$ kubectl create secret docker-registry admin.registrykey --docker-server=cp.icr.io --docker-username=cp --docker-password="<API_KEY_GENERATED>" --docker-email=<USER_EMAIL>
$ kubectl create secret docker-registry ibm-entitlement-key --docker-server=cp.icr.io --docker-username=cp --docker-password="<API_KEY_GENERATED>" --docker-email=<USER_EMAIL>
Note: The "cp.icr.io" value for the docker-server parameter is the only registry domain name that contains the images. Use "cp" for the docker-username. The docker-email must be a valid email address (associated to your IBM ID). Make sure you are copying the Entitlement Key in the docker-password field within double quotation marks. - Take a note of the secret and the server values so that you can set them to the "pullSecrets" and "repository" parameters when you update the operator for your containers.
Step 2: Update the installed CP4BA operator
- Updating using the Operator Hub:
- To upgrade the CP4BA Operator to this interim fix version, follow the Upgrading the operator in Operator Hub section in IBM Documentation. Be sure to complete all the Upgrade steps in IBM Documentation and change the appVersion in the CR to "21.0.2" as documented in one of the steps here: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=upgrade-checking-version-deployment-type-license.
- Updating using deployment script:
- The deployment script resides in the Container Application Software for Enterprises (CASE) package: ibm-cp-automation-3.1.4.tgz. To download the CASE package, go to https://github.com/IBM/cloud-pak/raw/master/repo/case/ibm-cp-automation-3.1.4.tgz
- Then follow the instructions in IBM Documentation here: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=operator-upgrading-by-running-script
- Updating using air gap:
- Follow the instructions in IBM Documentation here: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=operator-upgrading-in-air-gap-environment and replace the CASE package with the
CASE package for this interim fix, which is ibm-cp-automation-3.1.4.tgz - Make sure you use the same bastion host that was previously used to deploy
- Follow the instructions in IBM Documentation here: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=operator-upgrading-in-air-gap-environment and replace the CASE package with the
Performing the necessary tasks after installation
For more information, see IBM Cloud Pak for Business Automation 21.0.x.
Uninstalling
For more information, see IBM Cloud Pak for Business Automation 21.0.x.
List of Fixes
APARs are listed in tables, columns are defined as follows:
| Column title | Column description |
| APAR | The defect number |
| Title | A short description of the defect |
| Sec. | A mark indicates a defect related to security |
| Cont. | A mark indicates a defect specific to the cloud pak integration of the component |
| B.I. | A mark indicates the fix has a business impact. Details are found in the title column or the APAR document |
- General
- Cloud Pak for Business Automation Operator
- Automation Document Processing
- Automation Decision Services
- Business Automation Application
- Business Automation Insights
- Business Automation Navigator
- Business Automation Studio
- Business Automation Workflow including Automation Workstream Services
- Enterprise Records
- FileNet Content Manager
- Operational Decision Management
- User Management Service
General
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A |
Cloud Pak for Business Automation delivers container images which include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly.
This interim fix includes fixes for these libraries to address:
CVE-2020-25648, CVE-2020-25658, CVE-2021-23440, CVE-2021-28458, CVE-2021-32796, CVE-2021-3820, PRISMA-2021-0034
Previous interim fixes will have included fixes which are also addressed with this interim fixes. Consult the Related links section for readmes of previous interim fixes, at the bottom of this document.
|
X | X |
Cloud Pak for Business Automation Operator
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A |
N/A
|
Automation Document Processing
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR64168 | DIFFERENCES IN EXTRACTION RESULTS BETWEEN DESIGNER AND RUNTIME | X | X | |
| JR64256 | DRAG AND DROPPING AN EXISTING DOCUMENT CAUSES FILE TO UPLOAD AGAIN | X | X | |
| JR64257 | PROJECT DEPLOYMENT FAILS WHEN THERE ARE MORE THAN NINE NAME COLLISIONS | X | X | |
| JR64258 | BATCH APP CONFIGURATOR DOES NOT HANDLE PROJECTS DEPLOYED WITH ERROR STATE | X | X |
Automation Decision Services
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Business Automation Application
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Business Automation Insights
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR64194 | [CP4BA][BAI] BPC should be created if shared_external secret is provided | X |
Business Automation Navigator
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A |
N/A
|
Business Automation Studio
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63929 | UNABLE TO CREATE A CASE FEATURES ENABLED PROJECT IF IT HAS A USER THAT INCLUDES A COMMA IN THE USER PRINCIPAL NAME |
Business Automation Workflow including Automation Workstream Services
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| SECURITY APAR CVE-2021-29835 - IBM BUSINESS AUTOMATION WORKFLOW AND IBM BUSINESS PROCESS MANAGER ARE VULNERABLE TO REFLECTED CROSS-SITE SCRIPTING | X | |||
| JR64059 | SECURITY VULNERABILITY - CVE-2021-29878 - CASE BUILDER IN WORKFLOW CENTER IS VULNERABLE TO CROSS SITE SCRIPTING | X | ||
| UNABLE TO CREATE A CASE FEATURES ENABLED PROJECT IF IT HAS A USER THAT INCLUDES A COMMA IN THE USER PRINCIPAL NAME | ||||
| UNABLE TO CREATE WORKSTREAMS IN IBM WORKPLACE |
Enterprise Records
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
|
N/A
|
N/A
|
FileNet Content Manager
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Operational Decision Management
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| RS03806 |
A DECISION TABLE CANNOT BE EDITED IN ENTERPRISE CONSOLE
|
User Management Service
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63604 | THE LDAP GROUP FILTER IS NOT APPLIED |
Known Limitations
For additional information, see the support page Cloud Pak for Business Automation Known Limitations
Document change history
Related Information
[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS2JQC","label":"IBM Cloud Pak for Automation"},"ARM Category":[{"code":"a8m0z0000001gWWAAY","label":"CloudPak4Automation Platform"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
02 November 2021
UID
ibm16493739