Skip to content
This repository has been archived by the owner on Nov 17, 2023. It is now read-only.

DSF Upgrade From 0.6.0 to 0.7.0

Jump to bottom
Hauke Hund edited this page Jul 15, 2022 · 4 revisions

Upgrading from 0.6.0

Upgrading the DSF from 0.6.0 to 0.7.0 involves replacing process plugins and adding folders on the BPE machine as well as modifying both docker-compose.yml files and recreating the containers.

If you are upgrading from 0.5.5 please see the Upgrade from 0.5.5 to 0.6.0 guide first. If you are upgrading a test installation from a version older than 0.5.5 consider backing up your /opt/fhir and /opt/bpe directories and starting with a fresh installation.

Modify DSF FHIR Server Setup

  1. Preparation / Backup

    • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
      For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.7.0_upgrade

  2. Modify the DSF FHIR docker-compose.yml file, replace 0.6.0 with 0.7.0

    @@ -1,7 +1,7 @@
 version: '3.8'
 services:
   proxy:
-    image: ghcr.io/highmed/fhir_proxy:0.6.0
+    image: ghcr.io/highmed/fhir_proxy:0.7.0
     restart: on-failure
     ports:
       - 127.0.0.1:80:80
@@ -27,7 +27,7 @@ services:
       - app
 
   app:
-    image: ghcr.io/highmed/fhir:0.6.0
+    image: ghcr.io/highmed/fhir:0.7.0
     restart: on-failure
     healthcheck:
       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

  3. Upgrade the DSF FHIR containers
    From /opt/fhir execute

    docker-compose up -d && docker-compose logs -f

Modify DSF BPE Server Setup

  1. Preparation / Backup

    • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
      For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.7.0_upgrade

  2. Modify the DSF BPE docker-compose.yml file

    • NUM-CODEX (non HiGHmed) instance:
      Replace 0.6.0 with 0.7.0, update the process exclude config and add new GECCO validation related entries

      @@ -1,7 +1,7 @@
 version: '3.8'
 services:
   app:
-    image: ghcr.io/highmed/bpe:0.6.0
+    image: ghcr.io/highmed/bpe:0.7.0
     restart: on-failure
     healthcheck:
       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]
@@ -32,6 +32,9 @@ services:
       - type: bind
         source: ./last_event
         target: /opt/bpe/last_event
+      - type: bind
+        source: ./cache
+        target: /opt/bpe/cache
     environment:
       TZ: Europe/Berlin
       ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
@@ -45,12 +48,22 @@ services:
       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
       ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: |
-        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.4.1
-        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.4.1
+        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.6.0
+        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.6.0
 
       #TODO modify ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED for later process versions
       #TODO add process specific environment variables, see process documentation
 
+      # validation resoruces cache
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_PACKAGE_CACHEFOLDER: /opt/bpe/cache/Package
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_VALUESET_CACHEFOLDER: /opt/bpe/cache/ValueSet
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_STRUCTUREDEFINITION_CACHEFOLDER: /opt/bpe/cache/StructureDefinition
+
+      # terminology server authentication (using bpe client certificate)
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_VALUESET_EXPANSION_CLIENT_AUTHENTICATION_CERTIFICATE: /run/secrets/app_client_certificate.pem
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_VALUESET_EXPANSION_CLIENT_AUTHENTICATION_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_client_certificate_private_key.pem
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_VALUESET_EXPANSION_CLIENT_AUTHENTICATION_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+
       #DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_SERVER_BASE_URL: http://TODO_GECCO_FRIR_SERVER_FQDN/fhir
       DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_CRR_PUBLIC_KEY: /run/secrets/crr_public_key.pem
     networks:

    • HiGHmed instance:
      Replace 0.6.0 with 0.7.0, update the process exclude config and add new GECCO validation related entries

      @@ -1,7 +1,7 @@
 version: '3.8'
 services:
   app:
-    image: ghcr.io/highmed/bpe:0.6.0
+    image: ghcr.io/highmed/bpe:0.7.0
     restart: on-failure
     healthcheck:
       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]
@@ -35,6 +35,9 @@ services:
       - type: bind
         source: ./psn
         target: /opt/bpe/psn
+      - type: bind
+        source: ./cache
+        target: /opt/bpe/cache
     environment:
       TZ: Europe/Berlin
       ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
@@ -51,12 +54,22 @@ services:
         highmedorg_computeFeasibility/0.6.0
         highmedorg_computeDataSharing/0.6.0
         highmedorg_updateAllowList/0.6.0
-        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.4.1
-        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.4.1
+        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.6.0
+        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.6.0
       
       #TODO modify ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED for later process versions
       #TODO add process specific environment variables, see process documentation
 
+      # validation resoruces cache
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_PACKAGE_CACHEFOLDER: /opt/bpe/cache/Package
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_VALUESET_CACHEFOLDER: /opt/bpe/cache/ValueSet
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_STRUCTUREDEFINITION_CACHEFOLDER: /opt/bpe/cache/StructureDefinition
+
+      # terminology server authentication (using bpe client certificate)
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_VALUESET_EXPANSION_CLIENT_AUTHENTICATION_CERTIFICATE: /run/secrets/app_client_certificate.pem
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_VALUESET_EXPANSION_CLIENT_AUTHENTICATION_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_client_certificate_private_key.pem
+      DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_VALIDATION_VALUESET_EXPANSION_CLIENT_AUTHENTICATION_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+
       #DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_GECCO_SERVER_BASE_URL: http://TODO_GECCO_FRIR_SERVER_FQDN/fhir
       DE_NETZWERK_UNIVERSITAETSMEDIZIN_CODEX_CRR_PUBLIC_KEY: /run/secrets/crr_public_key.pem
     networks:

      Note: The entry highmedorg_requestUpdateResources/... is no longer needed, since we do not recommend to deploy the dsf-bpe-process-update-resources-0.6.0.jar plugin anymore.

  3. Upgrade DSF Plugins and Process-Plugins

    • Process plugins in /opt/bpe/process:

      1. Replace codex-process-data-transfer-0.4.1.jar with codex-process-data-transfer-0.6.0.jar from the latest NUM-CODEX processes release

      Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

    • Plugins in '/opt/bpe/plugin' (HiGHmed instance only):

      1. If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.6.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.7.0.zip, see DSF release notes
      2. If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.6.0.jar with the new file from dsf-openehr-client-impl-0.7.0.zip, see DSF release notes

      Make sure the plugins in /opt/bpe/plugin are configured with chmod 440 and chown root:bpe.

  4. Create new cache folders and set owner and permissions
    From the /opt/bpe/ folder execute:

    sudo mkdir cache cache/Package cache/StructureDefinition cache/ValueSet
sudo chmod 0770 cache cache/*
sudo chown root:bpe cache cache/*

  5. Configure the new NUM-CODEX data transfer plugin as needed If the BPE can access the internet only via a corporate forwarding proxy you may need to configure additional environment variables for the process plugin. Please see the release notes and related documentation on how to configure a corporate proxy.

  6. Upgrade the DSF BPE containers
    From /opt/bpe execute

    docker-compose up -d && docker-compose logs -f

  7. Verify your upgrade:

    • Verify the DSF FHIR server is running in version 0.7.0. The log should contain a message:
      INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.7.0, [...]
    • Verify the DSF FHIR server started without errors
    • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
    • Verify the DSF BPE server is running in version 0.7.0. The log should contain a message:
      INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.7.0, [...]
    • Verify the DSF BPE server started without errors
    • Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.
    • Verify your install with a ping/pong test
      For a Task resource compatible with the 0.6.0 release of the ping process, see the Ping/Pong process wiki.
      Note: The Task resource for the ping 0.5.0 process does not work with the 0.6.0 release, multiple changes were made in addition to the new version number.
Clone this wiki locally