BPA Release Notes v4.1.2 Patch 7
Available Languages
Upgrading to BPA v4.1.2 Patch 7
To upgrade to BPA v4.1.2 Patch 7:
Due to vulnerability issues, the MongoDB image has been upgraded. Since mongo-init is a job and helm upgrade is not supported, the mongo-init pod must be deleted before the patch upgrade.
- Delete the mongo-init pod using the following
commands.
kubectl get pod -n bpa-ns -o wide \| grep mongo-init kubectl delete pod \<mongo-init-xxxxxx\> -n bpa-ns - After deleting mongo-init, refer to the Patch Upgrade section of the BPA Installation Guide for more information about patch updates.
Resolved Issues
The following are resolved defects as part of Patch 7 release:
| Defect Tracking ID | Description |
|---|---|
| DAA-91480 | The issue of the purge process only working for Workflows and not for other applications has been resolved by updating the conditions to return a proper response. |
| DAA-90990 | The previous vulnerability issues in Mongosh have been resolved by upgrading Mongo shell from v506 to v507. |
| DAA-90878 | Errors occurring when deleting an API Key by selecting the Delete icon has been resolved by including one key in the payload. |
| DAA-90018 | Previously, the BPA Adapter’s query parameter was not able to save the key field name. The issue has been resolved by updating the functionality to allow the key field name in the query parameters. |
| DAA-89862 | Previously, the loading process failed when Administrators clicked view and claim task. The issue has been resolved by fixing a bug in the UserTask payload. |
| DAA-89754, DAA-89613, DAA-84854 | Users previously received a “session expiry” prompt while active,
resulting in unexpected logouts even after clicking
Continue. The issue has been resolved by fixing
calculation errors in corner cases and ensuring that the token is only
refreshed after the timeout period. Note: To fix this issue in the custom micro-services, the jwt_token must be used from the sessionStorage instead of the localStorage. |
| DAA-89584 | Previously, during the template distribution from the master vManage to other vManage instances, a duplicate GR1(Group) tag was added when a GR tag was already present in the template name. The issue has been resolved by incrementing the same GR tag to the next number instead of adding a new GR tag. |
| DAA-88969 | In previous versions of BPA, the OS Upgrade Workflow Retry Logic failed to update the default version in vManage and mark the order as complete. The issue has been resolved by updating the default version variable when the Cross-Site Request Forgery token issue is observed. |
| DAA-88778 | Previously, when users attempted to log in and log out of BPA, they were redirected to incorrect URLs. The issue has been fixed by passing the administration flag correctly when the source matches and ensuring handle group uniqueness. |
| DAA-87879 | Previously, users experienced sporadic accessibility issues when using bookmarked URLs without logging in. The issue has been resolved by adding logic to refresh the login page to avoid invalid redirection. |
| DAA-87822 | Previously, the Next Generation (Next-Gen) Service Catalog Orders page lagged when orders contained more data in the milestones section. This issue has been resolved by excluding fields that are not needed in the Orders Grid page and making an API call available when a catalog item is selected. |
| DAA-87532 | Previously, users were unable to fetch heavy log files with the kubectl command. This issue has been resolved by enabling the containerd logs. |
| DAA-85007 | Previously, when manually cancelling incomplete jobs at the application level, a forced cancellation occurred, leaving the order state unchanged and failing to roll back or delete the associated Distributor devices. The issue has been resolved by introducing an error-handling task. |
| DAA-85003 | Previously, BPA failed to detect an incorrect CSV format, including columns that were merged incorrectly, resulting in the activation flag being misread as false. The issue has been resolved by validating the CSV format when uploading and displaying error messages to prevent inactive job states. |
| DAA-84222 | Previously, the crypto method in the credential handling script was deprecated. The issue has been resolved by adding the new crypto method to avoid security concerns. |
| DAA-83034 | Previously, user profiles were not created in the BPA Portal due to an empty email address from the Terminal Access Controller Access-Control System Profile. The issue has been fixed by creating dummy email IDs if no email is available in the response. Additionally, email pattern validation has been updated in the UI and API. |
| DAA-82449 | Previously, users would set up devices without verifying that they were in controller mode, which could result in incorrect configurations. The issue has been resolved by introducing an alert message. |
| DAA-80340 | Previously BPA incurred OAuth configuration issues. These issues have been resolved by providing plugin updates, a “config.json” file reconfiguration, and coordination with Customer Account and Product Management Teams. |
| DAA-92291 | Previously, the Secure Shell key issue in the case controller report did not generate an error message. This issue has been resolved by displaying the execution status as “Failed” along with the corresponding reasoning. |
| DAA-84221 | Previously, during BPA Installation, the auth-service Lightweight
Directory Access Protocol (LDAP) implementation imported an outdated
library posing a security risk. This issue has been resolved by
replacing “passport-ldapauth” with “passport-custom and ldapts
package”. Note: In the in ldap auth “config.json” file, “old entry searchBase->”searchBase”: “ou=Cisco Users,dc=cisco,dc=com” has been replaced with “new searchBase ->”searchBase”: “ou=Employees,ou=Cisco Users,dc=cisco,dc=com”. |
Known Issues
There are no known issues to report as part of this release.
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
02-Jul-2025
|
Initial Release |
Feedback