Unique AI Documentation

2025.16 Infrastructure Changes

2 min read

Zitadel Upgrade to v2.63.9

Overview

This release upgrades Zitadel from v2.63.9, to fix security vulnerabilities. Link below to read more:

https://github.com/zitadel/zitadel/security/advisories/GHSA-67m4-8g4w-633q - Medium
https://github.com/zitadel/zitadel/security/advisories/GHSA-h3q7-347g-qwhf - High

Key Changes and Improvements

Bug Fixes

Upgrade Instructions

  1. Preparation

    • Take a backup of your current Zitadel instance if possible

    • Verify all external secrets are properly configured

  2. Configuration Update
    Update the image tag in your Zitadel configuration:

    yaml
    image:
  tag: v2.63.9

  3. Deployment

    • Apply the changes through your GitOps workflow (ArgoCD)

    • Monitor the deployment process

    • Verify all pods are green and running successfully

Important Considerations

  1. Database

    • No database migrations are required

    • Existing data will be preserved

    • Database schema remains compatible

  2. Authentication

    • All existing authentication flows will continue to work

    • Session tokens remain valid

    • OIDC configurations are preserved

  3. Monitoring

    • Monitor application logs for any issues

    • Check metrics for performance improvements

    • Verify all integrations are working as expected

Rollback Plan

In case of migration issues:

  1. Ensure the external secrets are properly configured

  2. Revert the image tag to v2.62.7

  3. Deploy this version again and ensure the pods are running successfully

  4. Update the image tag to the version closest to v2.62.7 (v2.62.8)

  5. Deploy this version and observe if migration was successful and pods are running successfully

  6. Keep updating and deploying the nearest version until you get to desired version (v2.63.9)

  7. Contact support if problems persist

Support

For any issues during or after the upgrade:

  • Check the Zitadel documentation

  • Review application logs

Web App Resiliency Improvements

The Unique web-app (>=3.2.0) chart now ships with more resilient and upgrade-friendly default setting. Refer to its changelog to learn more. The upgrade is voluntary but recommended if Kuberentes upgrades are planned as upgrades might get stuck with the older defaults.

Changes on Application environment

 

Change

Name

Value

Applications

Short Description

Added

ENABLE_DOWNLOAD_UPLOAD_FILES_AS_STREAM

"true"

Fallback value "false"

node-chat

This is used to migrate the report ‘Detailed User Interactions’ to upload to the storage service streaming data

This is used to migrate all the reports to download the report file from the storage service streaming data.

Added

ENABLE_UPLOAD_CHAT_INTERACTIONS_AS_STREAM

"true"

Fallback value "false"

node-chat

This is used to migrate the report ‘Chat Interactions’ to upload to the storage service streaming data

This changes the order of the data in the CSV file

Added

ENABLE_ANALYTICS_CHAT_DETAILED_INTERACTIONS_PRISMA_CURSOR

"true"

Fallback value "false"

node-chat

This is used to migrate the report ‘Detailed User Interactions’ to use cursor pagination when loading the data from the database

This changes the order of the data in the CSV file

Last updated