openshift-docs/modules/migration-mtc-release-notes-1-8.adoc

// Module included in the following assemblies:
//
// * migration_toolkit_for_containers/release_notes/mtc-release-notes-1-8.adoc
:_mod-docs-content-type: REFERENCE
[id="migration-mtc-release-notes-1-8_{context}"]
= {mtc-full} 1.8.0 release notes

[id="resolved-issues-1-8_{context}"]
== Resolved issues

{mtc-first} 1.8.0 has the following resolved issues:

.Indirect migration is stuck on backup stage

In previous releases, an indirect migration became stuck at the backup stage, due to `InvalidImageName` error.
(link:https://bugzilla.redhat.com/show_bug.cgi?id=2233097[(BZ#2233097)])

.PodVolumeRestore remain In Progress keeping the migration stuck at Stage Restore

In previous releases, on performing an indirect migration, the migration became stuck at the `Stage Restore` step, waiting for the `podvolumerestore` to be completed. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2233868[(BZ#2233868)])

.Migrated application unable to pull image from internal registry on target cluster

In previous releases, on migrating an application to the target cluster, the migrated application failed to pull the image from the internal image registry resulting in an `application failure`. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2233103[(BZ#2233103)])

.Migration failing on Azure due to authorization issue

In previous releases, on an Azure cluster, when backing up to Azure storage, the migration failed at the `Backup` stage. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2238974[(BZ#2238974)])

[id="known-issues-1-8_{context}"]
== Known issues

{mtc-short} 1.8.0 has the following known issues:

.Ansible Operator is broken when {VirtProductName} is installed

There is a bug in the `python3-openshift` package that installing {VirtProductName} exposes, with an exception `ValueError: too many values to unpack` returned during the task. {mtc-short} 1.8.4 has implemented a workaround. Updating to {mtc-short} 1.8.4 means you are no longer affected by this issue. link:https://issues.redhat.com/browse/OCPBUGS-38116[(OCPBUGS-38116)]


.Old Restic pods are not getting removed on upgrading {mtc-short} 1.7.x -> 1.8.x

In this release, on upgrading the {mtc-short} Operator from 1.7.x to 1.8.x, the old Restic pods are not being removed. Therefore after the upgrade, both Restic and node-agent pods are visible in the namespace. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2236829[(BZ#2236829)])

.Migrated builder pod fails to push to image registry

In this release, on migrating an application including a `BuildConfig` from a source to target cluster, builder pod results in `error`, failing to push the image to the image registry. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2234781[(BZ#2234781)])

.[UI] CA bundle file field is not properly cleared

In this release, after enabling `Require SSL verification` and adding content to the CA bundle file for an MCG NooBaa bucket in MigStorage, the connection fails as expected. However, when reverting these changes by removing the CA bundle content and clearing `Require SSL verification`, the connection still fails. The issue is only resolved by deleting and re-adding the repository. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2240052[(BZ#2240052)])


.Backup phase fails after setting custom CA replication repository

In ({mtc-short}), after editing the replication repository, adding a custom CA certificate, successfully connecting the repository, and triggering a migration, a failure occurs during the backup phase.

This issue is resolved in {mtc-short} 1.8.2.


.CVE-2023-26136: tough-cookie package before 4.1.3 are vulnerable to Prototype Pollution

Versions before 4.1.3 of the `tough-cookie` package, used in {mtc-short}, are vulnerable to prototype pollution. This vulnerability occurs because CookieJar does not handle cookies properly when the value of the `rejectPublicSuffixes` is set to `false`.

This issue is resolved in {mtc-short} 1.8.2.

For more details, see link:https://access.redhat.com/security/cve/cve-2023-26136[(CVE-2023-26136)]


.CVE-2022-25883 openshift-migration-ui-container: nodejs-semver: Regular expression denial of service

In previous releases of ({mtc-short}), versions of the `semver` package before 7.5.2, used in {mtc-short}, are vulnerable to Regular Expression Denial of Service (ReDoS) from the function `newRange`, when untrusted user data is provided as a range.

This issue is resolved in {mtc-short} 1.8.2.

For more details, see link:https://access.redhat.com/security/cve/cve-2022-25883[(CVE-2022-25883)]


[id="technical-changes-1-8_{context}"]
== Technical changes

This release has the following technical changes:

* Migration from {product-title} 3 to {product-title} 4 requires a legacy {mtc-full} Operator and {mtc-full} 1.7.x.
* Migration from {mtc-short} 1.7.x to {mtc-short} 1.8.x is not supported.
* You must use {mtc-short} 1.7.x to migrate anything with a source of {product-title} 4.9 or earlier.
** {mtc-short} 1.7.x must be used on both source and destination.
* {mtc-first} 1.8.x only supports migrations from {product-title} 4.10 or later to {product-title} 4.10 or later. For migrations only involving cluster versions 4.10 and later, either 1.7.x or 1.8.x might be used. However, but it must be the same {mtc-short} 1.Y.z on both source and destination.
** Migration from source {mtc-short} 1.7.x to destination {mtc-short} 1.8.x is unsupported.
** Migration from source {mtc-short} 1.8.x to destination {mtc-short} 1.7.x is unsupported.
** Migration from source {mtc-short} 1.7.x to destination {mtc-short} 1.7.x is supported.
** Migration from source {mtc-short} 1.8.x to destination {mtc-short} 1.8.x is supported.
* {mtc-short} 1.8.x by default installs OADP 1.2.x.
* Upgrading from {mtc-short} 1.7.x to {mtc-short} 1.8.0, requires manually changing the OADP channel to 1.2. If this is not done, the upgrade of the Operator fails.