Skip to main content
Version: Next

Update 8.4 to 8.5

The following sections explain which adjustments must be made to migrate from Camunda 8.4.x to 8.5.x for each component.

Helm chart

Breaking changes
  • The Camunda Helm chart v10.0.0 has major changes in the values file structure. Follow the upgrade steps for each component before starting the chart upgrade.
  • It's not possible to upgrade from v9.x.x to v10.0.0 or v10.0.1. Instead, upgrade directly to v10.0.2+.

Some keys in the values file have been changed in the Camunda Helm chart v10.0.0. For compatibility, the keys are deprecated in the Camunda release cycle 8.5 and will be removed in the Camunda 8.6 release (October 2024).

Follow the upgrade instructions to upgrade from Camunda Helm chart v9.x.x to Camunda Helm chart v10.x.x.

Zeebe

caution

There is a bug in Zeebe 8.5.4 which incorrectly flags snapshots as corrupted even when they're not. This can cause reduced availability as nodes fail to start correctly. As such, you should skip 8.5.4 and update directly from 8.5.3 to 8.5.5, or immediately to 8.5.5 if you're already on 8.5.4.

Note that there is no actual corruption or data loss, however.

Deprecated broker health checks

The broker health check routes have moved, and the old routes are now deprecated. Specifically, the following routes will return a status code of 301 and redirect you. See the table below about the new mappings:

Old routeNew route
http://{zeebe-broker-host}:9600/healthhttp://{zeebe-broker-host}:9600/actuator/health/status
http://{zeebe-broker-host}:9600/readyhttp://{zeebe-broker-host}:9600/actuator/health/readiness
http://{zeebe-broker-host}:9600/startuphttp://{zeebe-broker-host}:9600/actuator/health/startup

Please migrate to the new routes in your deployments. If you're using the official Helm charts, then you don't have to do anything here.

Management properties

The server.* configuration properties are now used to configure only the REST server. This means if you wish to modify the management server properties, you now have to prefix them with management.server.*.

note

Not all properties are supported on the management context, but most are - refer to the official Spring documentation for more details.

If you were setting any of the properties below, you will now have to change them as shown in the table:

Old propertyNew property
server.addressmanagement.server.address
server.hostmanagement.server.host
server.hostmanagement.server.port
server.ssl.enabledmanagement.server.ssl.enabled
server.ssl.certificatemanagement.server.ssl.certificate
server.ssl.certificate-private-keymanagement.server.ssl.certificate-private-key

Changes to exported records

The UserTask events like UserTask:CREATED don't export the string value properties candidateUsers and candidateGroups anymore. As a replacement, user task events now feature the string array properties candidateUsersList and candidateGroupsList. Custom exporters using these events must be modified accordingly.

Breaking Change

The values of the candidateUsers and candidateGroups properties in user task records are lost during an update from 8.4 to 8.5. There is no data migration that moves the values from candidateUsers and candidateGroups to candidateUsersList and candidateGroupsList since the Zeebe user tasks are only experimental in 8.4.

If you need the data on migrated user task instances, you can reactivate them using Process Instance Modification. This results in a UserTask:CANCELED event for the existing user task and a new UserTask:CREATED event with the candidateUsersList and candidateGroupsList filled based on what is configured in the process model.

Identity

Identity now uses the Keycloak frontend URL instead of the backend URL. This change may affect you if you have blocked the Keycloak frontend URL from other services (including Camunda applications), and can potentially impact Identity's functionality.

To avoid connectivity issues, ensure your Keycloak frontend URL is accessible by adjusting your network, firewall, or security settings as needed. This adjustment is crucial to maintain the integration with Keycloak and ensure compatibility.