You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
Next: Root
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
I am attempting to upgrade our Bamboo server from 5.2.5 to 6.3.0 but after I perform the install and start the service I'm getting a fatal error during the bamboo-home upgrade:
Task for build 51602 failed with exception: Unable to read cipher data for 0
2018-01-09 11:21:47,964 FATAL [16-UpgradeTaskBackgroundThread:pool-32-thread-1] [InstanceSecretStorage] Filesystem part of instance key is unavailable
2018-01-09 11:21:47,964 ERROR [16-UpgradeTaskBackgroundThread:pool-32-thread-1] [AbstractUpgradeManager] java.lang.IllegalArgumentException: Unable to read cipher data for 0
java.lang.IllegalArgumentException: Unable to read cipher data for 0
at com.atlassian.bamboo.crypto.instance.InstanceSecretStorage.readKeyAndIv(InstanceSecretStorage.java:59)
at com.atlassian.bamboo.crypto.instance.InstanceSecretStorage.getOrCreateCipherData(InstanceSecretStorage.java:103)
at com.atlassian.bamboo.crypto.instance.InstanceSecretStorage.getCipherData(InstanceSecretStorage.java:94)
at com.atlassian.bamboo.crypto.instance.InstanceSecretStorage.getKeyAndIv(InstanceSecretStorage.java:84)
at com.atlassian.bamboo.crypto.instance.InstanceCipherProvider.getKeyAndIv(InstanceCipherProvider.java:60)
at com.atlassian.bamboo.crypto.instance.InstanceCipherProvider.getCipher(InstanceCipherProvider.java:46)
at com.atlassian.bamboo.crypto.instance.InstanceCipherProvider.getEncryptor(InstanceCipherProvider.java:33)
at com.atlassian.bamboo.crypto.instance.SecretEncryptionServiceInternalImpl.encrypt(SecretEncryptionServiceInternalImpl.java:125)
at com.atlassian.bamboo.crypto.instance.SecretEncryptionServiceInternalImpl.encrypt(SecretEncryptionServiceInternalImpl.java:119)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)
at com.sun.proxy.$Proxy255.encrypt(Unknown Source)
at com.atlassian.bamboo.crypto.instance.SecretEncryptionServiceImpl.encrypt(SecretEncryptionServiceImpl.java:27)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)
at com.sun.proxy.$Proxy138.encrypt(Unknown Source)
at com.atlassian.bamboo.security.MigratingEncryptionService.encrypt(MigratingEncryptionService.java:21)
at com.atlassian.bamboo.upgrade.tasks.v5_16.UpgradeTask51602ReEncryptMailPassword.lambda$reencryptPassword$1(UpgradeTask51602ReEncryptMailPassword.java:47)
at java.util.Optional.ifPresent(Optional.java:159)
at com.atlassian.bamboo.upgrade.tasks.v5_16.UpgradeTask51602ReEncryptMailPassword.reencryptPassword(UpgradeTask51602ReEncryptMailPassword.java:46)
at com.atlassian.bamboo.upgrade.XpathXmlUpgrader.visit(XpathXmlUpgrader.java:83)
at com.atlassian.bamboo.upgrade.XpathXmlUpgrader.lambda$transform$1(XpathXmlUpgrader.java:63)
at java.util.Optional.map(Optional.java:215)
at com.atlassian.bamboo.upgrade.XpathXmlUpgrader.transform(XpathXmlUpgrader.java:63)
at com.atlassian.bamboo.upgrade.tasks.v5_16.UpgradeTask51602ReEncryptMailPassword.doUpgrade(UpgradeTask51602ReEncryptMailPassword.java:35)
at com.atlassian.bamboo.upgrade.AbstractUpgradeManager.runUpgradeTask(AbstractUpgradeManager.java:185)
at com.atlassian.bamboo.upgrade.UpgradeManagerImpl.doUpgrade(UpgradeManagerImpl.java:132)
at com.atlassian.bamboo.upgrade.UpgradeLauncher.lambda$upgradeAndStartBamboo$0(UpgradeLauncher.java:104)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at com.atlassian.bamboo.utils.BambooRunnables$1.run(BambooRunnables.java:48)
at com.atlassian.bamboo.security.ImpersonationHelper.runWith(ImpersonationHelper.java:26)
at com.atlassian.bamboo.security.ImpersonationHelper.runWithSystemAuthority(ImpersonationHelper.java:17)
at com.atlassian.bamboo.security.ImpersonationHelper$1.run(ImpersonationHelper.java:41)
at java.lang.Thread.run(Thread.java:745)
This is a Windows Server 2012 Installation that works fine pre upgrade.
EDIT: I have also verified that the correct users have ownership over the cipher file and that the Bandana query returns the two rows that it should
I believe you are running into the issue that was explained in this KB.
The solution is to correct the Security ACL (Right click > Properties > Security) on both the cipher directory and cipher key so that the user that's starting Bamboo has ownership:
- <BAMBOO-HOME>/xml-data/configuration/cipher/
- <BAMBOO-HOME>/xml-data/configuration/cipher/cipher.key_0
For a Windows Service running as the LOCAL SYSTEM user; ensure that the BUILT-IN\Administrators group has ownership.
I verified that the Built-in\administrators group is owner and has full permissions to both
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.