Fix Readme
Abstract
The following document is the documentation for IBM Cloud Pak for Business Automation 21.0.1 IF006
Including download and installation information and the list of APARs that are resolved in this interim fix.
Content
| Readme file for: | IBM Cloud Pak® for Business Automation |
|---|---|
| Product Release: | 21.0.1 |
| Update Name: | 21.0.1 IF006 |
| Fix ID: | 21.0.1-WS-CP4BA-IF006 |
| Publication Date: | 29 Oct 2021 |
| Last modified date: | 29 Oct 2021 |
Contents
Prerequisites
Components impacted
Before installation
Installing
Performing the necessary tasks after installation
Uninstalling
List of fixes
Known Limitations
Document change history
Components impacted
Before installation
Installing
Performing the necessary tasks after installation
Uninstalling
List of fixes
Known Limitations
Document change history
Prerequisites and Supersedes
- Upgrading the dependencies. If upgrading from an earlier version 20.0.3.x to this interim fix, follow the steps described here in IBM Documentation to upgrade the dependencies: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=containers-upgrading-dependencies
Components impacted
- General
- Cloud Pak for Business Automation Operator
- Business Automation Application
- Automation Document Processing
- Automation Decision Services
- Business Automation Insights
- Business Automation Navigator
- Business Automation Studio
- Business Automation Workflow including Automation Workstream Services
- Enterprise Records
- FileNet Content Manager
- Operational Decision Management
- User Management Service
Before installation
If you have Cloud Pak for Business Automation 21.0.1 deployed on a Kubernetes cluster that has access to the internet, then your deployment should be upgraded automatically to this interim fix. This is a change in behavior starting with 21.0.1-IF005. In other words, when this interim fix is released and published, the CP4BA Operator will automatically be updated to the latest published interim fix. After the CP4BA Operator is successfully upgraded then the components that you have installed on your cluster will automatically be upgraded unless you changed the Approval Strategy for CP4BA Operator from "Automatic" (default) to "Manual".
Note: if you have 21.0.1 installed using air gap, you still need to follow this readme to upgrade to this interim fix as the upgrade will not occur automatically.
If you have Cloud Pak for Business Automation 20.0.3.x or older currently installed (e.g., 20.0.3-IF005 currently installed) or if you have 21.0.1 installed using air gap, you can update the deployment to this interim fix by following this readme starting with the Installing section and the instructions in the IBM Documentation.
If you want to use this interim fix as a part of a new deployment, refer to IBM Documentation IBM Cloud Pak for Business Automation 21.0.x.
Installing
Step 1: Get access to the interim fix container images
You can access the container images in the IBM image registry with your IBMid. You should already have admin.registrykey secret and ibm-entitlement-key secret (if you have BAW and/or BAI installed) already created from the current deployment. If these secrets no longer exist, then follow the steps below to create them.
You can access the container images in the IBM image registry with your IBMid. You should already have admin.registrykey secret and ibm-entitlement-key secret (if you have BAW and/or BAI installed) already created from the current deployment. If these secrets no longer exist, then follow the steps below to create them.
Create a pull secret for the IBM Cloud Entitled Registry
- Log in to MyIBM Container Software Library with the IBMid and password that is associated with the entitled software.
- In the Container software library tile, click "View library" and then click "Copy key" to copy the entitlement key to the clipboard.
- Log in to your Kubernetes cluster and set the context to the project/namespace for your existing deployment.
- Create image pull secrets by running kubectl create secret commands below. $ kubectl create secret docker-registry admin.registrykey --docker-server=cp.icr.io --docker-username=cp --docker-password="<API_KEY_GENERATED>" --docker-email=<USER_EMAIL> $ kubectl create secret docker-registry ibm-entitlement-key --docker-server=cp.icr.io --docker-username=cp --docker-password="<API_KEY_GENERATED>" --docker-email=<USER_EMAIL> Note: The "cp.icr.io" value for the docker-server parameter is the only registry domain name that contains the images. Use "cp" for the docker-username. The docker-email must be a valid email address (associated to your IBM ID). Make sure you are copying the Entitlement Key in the docker-password field within double quotation marks.
- Take a note of the secret and the server values so that you can set them to the "pullSecrets" and "repository" parameters when you update the operator for your containers.
Step 2: Update the installed CP4BA operator
- Updating using the Operator Hub:
- To upgrade the CP4BA Operator to 21.0.1-IF006, simply follow the Upgrading the operator in Operator Hub section in IBM Documentation. Be sure to complete all the Upgrade steps in IBM Documentation and change the appVersion in the CR to "21.0.1" as documented in one of the steps here: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=upgrade-checking-version-deployment-type-license.
- Updating using deployment script:
- The deployment script resides in the Container Application Software for Enterprises (CASE) package: ibm-cp-automation-3.0.6.tgz. To download the CASE package, go to https://github.com/IBM/cloud-pak/raw/master/repo/case/ibm-cp-automation-3.0.6.tgz
- Then follow the instructions in IBM Documentation here: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=operator-upgrading-by-running-script
- Updating using air gap:
- Follow the instructions in IBM Documentation here: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=environment-installing-cloud-pak-catalog-operator-instance and replace the CASE package with the
CASE package for this interim fix, which is ibm-cp-automation-3.0.6.tgz - Make sure you use the same bastion host that was previously used to deploy
- Follow the instructions in IBM Documentation here: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=environment-installing-cloud-pak-catalog-operator-instance and replace the CASE package with the
Performing the necessary tasks after installation
For more information, see IBM Cloud Pak for Business Automation 21.0.x.
Uninstalling
For more information, see IBM Cloud Pak for Business Automation 21.0.x.
List of Fixes
APARs are listed in tables, columns are defined as follows:
| Column title | Column description |
| APAR | The defect number |
| Title | A short description of the defect |
| Sec. | A mark indicates a defect related to security |
| Cont. | A mark indicates a defect specific to the cloud pak integration of the component |
| B.I. | A mark indicates the fix has a business impact. Details are found in the title column or the APAR document |
- General
- Cloud Pak for Business Automation Operator
- Business Automation Application
- Automation Document Processing
- Automation Decision Services
- Business Automation Insights
- Business Automation Navigator
- Business Automation Studio
- Business Automation WorkflowBusiness Automation Workflow including Automation Workstream Services
- Enterprise Records
- FileNet Content Manager
- Operational Decision Management
- User Management Service
General
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A |
IBM Cloud Pak for Business Automation delivers container images include many operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly.
Fixes for these libraries have been included to address:
CVE-2016-0706, CVE-2016-0714, CVE-2016-0762, CVE-2016-0763, CVE-2016-3092, CVE-2016-3674, CVE-2016-5007, CVE-2016-5018, CVE-2016-5388, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2016-8745, CVE-2016-9878, CVE-2017-12617, CVE-2017-15095, CVE-2017-17485, CVE-2017-5645, CVE-2017-5647, CVE-2017-5648, CVE-2017-5664, CVE-2017-7525, CVE-2017-7674, CVE-2017-7957, CVE-2017-8046, CVE-2018-11307, CVE-2018-1196, CVE-2018-12022, CVE-2018-12023, CVE-2018-1270, CVE-2018-1271, CVE-2018-1272, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-1553, CVE-2018-15756, CVE-2018-1683, CVE-2018-17199, CVE-2018-1851, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-25011, CVE-2018-5968, CVE-2018-7489, CVE-2018-8014, CVE-2018-8034, CVE-2019-10172, CVE-2019-10746, CVE-2019-10795, CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, CVE-2019-14439, CVE-2019-20330, CVE-2019-20633, CVE-2019-4304, CVE-2019-4305, CVE-2019-4663, CVE-2019-7614, CVE-2019-7619, CVE-2020-10969, CVE-2020-11984, CVE-2020-11993, CVE-2020-13434, CVE-2020-13543, CVE-2020-13584, CVE-2020-14343, CVE-2020-14344, CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14360, CVE-2020-14361, CVE-2020-14362, CVE-2020-14363, CVE-2020-15358, CVE-2020-24025, CVE-2020-24330, CVE-2020-24331, CVE-2020-24332, CVE-2020-25648, CVE-2020-25658, CVE-2020-25712, CVE-2020-26217, CVE-2020-26258, CVE-2020-26259, CVE-2020-27783, CVE-2020-28477, CVE-2020-28498, CVE-2020-29363, CVE-2020-35490, CVE-2020-35491, CVE-2020-35653, CVE-2020-35654, CVE-2020-35655, CVE-2020-36328, CVE-2020-36329, CVE-2020-4303, CVE-2020-4304, CVE-2020-4590, CVE-2020-5421, CVE-2020-7009, CVE-2020-7014, CVE-2020-7019, CVE-2020-7020, CVE-2020-7021, CVE-2020-7774, CVE-2020-7788, CVE-2020-7789, CVE-2020-8286, CVE-2020-8840, CVE-2020-8927, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548, CVE-2020-9948, CVE-2020-9951, CVE-2020-9983, CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826, CVE-2021-20066, CVE-2021-20305, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351, CVE-2021-22112, CVE-2021-22134, CVE-2021-22135, CVE-2021-22137, CVE-2021-22144, CVE-2021-22147, CVE-2021-23364, CVE-2021-23368, CVE-2021-23382, CVE-2021-23386, CVE-2021-23406, CVE-2021-2341, CVE-2021-23424, CVE-2021-23436, CVE-2021-23440, CVE-2021-2369, CVE-2021-2388, CVE-2021-24033, CVE-2021-25287, CVE-2021-25288, CVE-2021-25289, CVE-2021-25290, CVE-2021-25291, CVE-2021-25292, CVE-2021-25293, CVE-2021-26691, CVE-2021-26987, CVE-2021-27219, CVE-2021-27515, CVE-2021-27921, CVE-2021-27922, CVE-2021-27923, CVE-2021-28092, CVE-2021-28675, CVE-2021-28676, CVE-2021-28677, CVE-2021-28678, CVE-2021-28918, CVE-2021-29059, CVE-2021-29060, CVE-2021-29418, CVE-2021-29469, CVE-2021-29505, CVE-2021-30661, CVE-2021-32640, CVE-2021-32838, CVE-2021-33623, CVE-2021-3449, CVE-2021-3450, CVE-2021-35565, CVE-2021-35588, CVE-2021-3664, CVE-2021-3749, CVE-2021-3757, CVE-2021-37713, CVE-2021-3777, CVE-2021-3803, CVE-2021-3820, CVE-2021-38593, CVE-2021-39227, CVE-2021-40438, CVE-2021-41182, CVE-2021-41183, CVE-2021-41184, CVE-2021-42740, PRISMA-2021-0010, PRISMA-2021-0015, PRISMA-2021-0020, PRISMA-2021-0034, PRISMA-2021-0138
Previous interim fixes will have included fixes which are also addressed with this interim fix. Consult the Related links section for readmes of previous interim fixes, at the bottom of this document.
|
X | X |
Cloud Pak for Automation Operator
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Business Automation Application
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Automation Document Processing
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A | X | X |
Automation Decision Services
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Business Automation Insights
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Business Automation Navigator
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Business Automation Studio
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Business Automation Workflow including Automation Workstream Services
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63803 | SECURITY APAR CVE-2021-29835 - IBM BUSINESS AUTOMATION WORKFLOW IS VULNERABLE TO REFLECTED CROSS-SITE SCRIPTING | X | X |
Enterprise Records
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
FileNet Content Manager
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Operational Decision Management
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| RS03806 | A DECISION TABLE CANNOT BE EDITED IN ENTERPRISE CONSOLE |
User Management Service
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| N/A | N/A |
Known Limitations
| Operational Decision Manager |
When you install the Operational Decision Manager 21.0.1 IF006 in Demo mode, Decision Center server definitions are not set correctly.
As a consequence, it is not possible to deploy pre-populated projects to the Decision Server console or to run simulations. To fix the problem:
Note: icp4adeploy is the default name of a Demo installation.
|
For additional information, see the support page Cloud Pak for Business Automation Known Limitations
Document change history
Related Information
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS2JQC","label":"IBM Cloud Pak for Automation"},"ARM Category":[{"code":"a8m0z0000001gWWAAY","label":"CloudPak4Automation Platform"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"21.0.1"}]
Was this topic helpful?
Document Information
Modified date:
29 October 2021
UID
ibm16493831