Test and move from Solr 8.X to Solr 9.X #9260
Comments
|
@carlsonp hi! Thanks for pointing this out. As I said, Solr moves quickly! Again if you're interested in making a pull request, you might be able to follow the pattern of Solr upgrades in previous PRs: |
|
Not sizing this for now. Hoping we can help @carlsonp make a pull request. 😄 Please let us know! Please note that this issue and PR are related:
This might be somewhat easy to test by bumping the Solr version in dataverse-ansible (@donsizemore would know). |
|
Migration away from Solr |
|
@carlsonp makes sense. Would you be able to email a list of Solr CVEs your tool is picking for Solr 8.11.1 (the version we use currently) to security@dataverse.org? |
|
Grooming:
|
mreekie
added
the
D: Payara 6 Upgrade
|
@pdurbin I just heard from our security group about my brand-new private Dataverse instances. Per Solr's security page https://solr.apache.org/security.html we're not realistically vulnerable to the CVEs in question, but I opened https://github.com/IQSS/dataverse-security/issues/79 in response to the newer CVE. |
This is complete. |
|
|
Sized as 33 |
Update all Solr references from 8.11.1 to 9.3.0 and make sure you can spin up containers. schema.xml was copied from solr-9.3.0/server/solr/configsets/_default/conf/managed-schema.xml (Note managed-schema.xml as there is no schema.xml upstream.) solrconfig.xml was copied from solr-9.3.0/server/solr/configsets/_default/conf/solrconfig.xml API tests will fail, of course, because we have not yet added our Dataverse-specific config. We'll be moving it from these files and then deleting them: conf/solr/8.11.1/schema.xml conf/solr/8.11.1/solrconfig.xml
In an earlier commit, a vanilla 9.3.0/schema.xml was added. Now we add the Dataverse-specific fields we need. We also delete the old 8.11.1/schema.xml file.
Note that even with these tweaks there are still errors. The current error is "possible analysis error".
"To improve security, XSLTResponseWriter has been moved to the scripting Module instead of shipping as part of Solr core. This module needs to be enabled explicitly." -- https://github.com/apache/solr/blob/main/solr/solr-ref-guide/modules/upgrade-notes/pages/major-changes-in-solr-9.adoc See also https://stackoverflow.com/questions/74118537/solr-9-org-apache-solr-common-solrexceptionorg-apache-solr-common-solrexcepti
|
@carlsonp I finally made a PR! Please come back! ❤️ It's even containerized!!!11! 😄 🚀 🎉 |
Conflicts: downloads/download.sh scripts/vagrant/setup.sh
|
Awesome! :D |
We don't need the scripting module anymore.
Overview of the Feature Request
Solr
8.X, specifically,8.11.2according to this page: "is the last release in the 8.x series." This means it likely won't be receiving any more updates, features, or patches. This also may have implications from a security perspective. The Dataverse Solr schema and major changes should be reviewed and tested.9.XWhat kind of user is the feature intended for?
Sysadmin and developers
What inspired the request?
What existing behavior do you want changed?
Any brand new behavior do you want to add to Dataverse?
Any related open or closed issues to this feature request?
The text was updated successfully, but these errors were encountered: