Hello Neo4j folks !
User of Neo4j enterprise version 4.4.31 with a startup license.
Cluster of 3 nodes, deployed with HELM in Kubernetes (using mode=CORE)
I'm trying to perform an upgrade of the system database, as requested by upgradeStatus()
call dbms.upgradeStatus();
+-------------------------------------------------------------------------------------------------------------------------+
| status | description | resolution |
+-------------------------------------------------------------------------------------------------------------------------+
| "REQUIRES_UPGRADE" | "The sub-graph is supported, but is an older version and requires upgrade" | "CALL dbms.upgrade()" |
+-------------------------------------------------------------------------------------------------------------------------+
but it fails with this issue
CALL dbms.upgrade();
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| status | upgradeResult |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| "REQUIRES_UPGRADE" | "Failed: [security-privileges] Found multiple nodes with label: 'Privilege', property name: 'action' and property value: 'index' while only one was expected." |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
The security logs shows me this:
2024-03-21 01:40:08.038+0000 INFO Upgrading component 'security-privileges' with version 2 and status REQUIRES_UPGRADE to latest version
2024-03-21 01:40:08.038+0000 DEBUG Upgrading security graph to latest version
I tried to lookup the Github code of community, but I couldn't find how the "security-privileges" component end up doing this error, I think it might be an enterprise feature and the code is not in github ?
What I have tried so far:
- REVOKE "INDEX-MANAGEMENT" on all our users but the admin one.
- Get rid of the architect user who also had index management
- Confirm multiple times in "show privileges" that there was no duplicate of privileges using index management
- I've been googling a lot about the error but couldn't find anything about it (zero)
- Tried getting help on discord in the #error channel but figured in might be best to post it here ?
- (edit) This morning I've tried deleting completely all our custom roles and keep only the admin one, same issue.
I am unsure about for how long this "upgradeStatus()" recommendation to upgrade has been there, might have been a while.
Any idea how to fix this ?
Is this a bug in the security-privileges component in it's "upgradeToCurrent" method ?
I'm running out of ideas.
Thanks a lot :)