Skip to main content
Skip table of contents

Upgrade SignServer Helm Deployment

Helm offers a streamlined way to modify deployment parameters and upgrade to newer versions. The following sections provide steps needed to ensure a smooth upgrade process, from updating configuration parameters to upgrading to a new release version.

Update parameters for an existing release

To modify SignServer deployment parameters, you can use the helm upgrade command to update parameters for an existing release.

For example, if you initially deployed SignServer with the parameter services.proxyHttp.httpPort set to 8081, and now want to change it to 8888, you adjust the value in your chart's values file and run the helm upgrade command using the same values file and chart version.

Example

  1. Modify the property in your chart’s value file, for example, signserver-values.yaml:

    YAML 
    # ...
services:
  proxyHttp:
    httpPort: 8888
# ...

  2. Run the upgrade command:

    BASH 
    helm upgrade <deployment-name> -f signserver-values.yaml \
    oci://repo.keyfactor.com/charts/signserver --version <version>

Helm will identify the affected Kubernetes resources and redeploy them with the new configuration.

For more complex upgrades, you can use multiple values files, adding --set and --reuse-values flags, and so on. For more more, refer to the Helm Upgrade documentation.

Upgrade to a new release version

The following provides information on upgrading from your current version to a later version of SignServer.

Before upgrading to a new version of SignServer, review the SignServer Upgrade Notes for the version you plan to upgrade to, as well as any intermediate versions.

As of SignServer 7.6.0, SignServer container images are built with default allowlists. For more information on the allowlists, see Deploy-time Configuration.

Override Default Deploy Properties

To override the default properties in your deployments:

  1. Copy the default configuration /conf/signserver_deploy.properties.

  2. Modify the properties.

  3. Create a ConfigMap with your custom properties file:

CODE 
kubectl create configmap custom-signserver-deploy-properties --from-file=/path/to/signserver_deploy.properties

  1. Update your values.yaml to mount the custom deploy properties file into the SignServer container

CODE 
#values.yaml
volumes:
  - name: signserver-deploy-properties
    configMap:
      name: custom-signserver-deploy-properties 
volumeMounts:
  - name: signserver-deploy-properties
    mountPath: /opt/keyfactor/signserver-custom/conf/signserver_deploy.properties 
    subPath: signserver_deploy.properties

  1. Upgrade your deployment.

Upgrade Instructions

Make sure to always back up your database before starting the upgrade process. In case you need to roll back an upgrade, you can restore the database backup and re-deploy the previous Helm Chart version.

Update Helm Chart values files

Review the SignServer Upgrade Notes for any changes that might need to be introduced to your Helm chart's values files and update the files accordingly.

Upgrade to the new Helm Chart version

Use your Helm Chart values file with the new chart version to upgrade an SignServer deployment:

BASH 
helm upgrade <deployment-name> -f signserver-values.yaml \
    oci://repo.keyfactor.com/charts/signserver --version <new-version>
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close