Ping Identity PT-AM-CPE Exam - Topic 2 Question 3 Discussion

Upgrading PingAM 8.0.2 is a complex process that involves updating binaries, modifying schemas in the configuration store, and potentially migrating scripts to the 'Next-Generation' scripting engine. To ensure that the system is not only 'running' but also 'production-ready,' a comprehensive testing phase is required.

According to the 'Post-Upgrade Tasks' and 'Best Practices for Upgrading' documentation:

A successful upgrade verification must cover two distinct categories of testing:

Functional Tests: These verify that the core features still work as intended. Can users log in? Do the authentication trees execute correctly? Are SAML assertions being generated? This ensures the 'Logic' of the identity platform is intact.

Non-Functional Tests: These are equally critical in an upgrade scenario. An upgrade can sometimes introduce performance regressions, change the way memory is utilized by the JVM, or alter the connection pool behavior to the CTS. Testing for performance, high availability (failover), security (vulnerability scanning), and monitoring ensures the system can handle production loads and meets the organization's Service Level Agreements (SLAs).

While setting version flags (Option D) might be a technical step in some internal processes, it does not 'ensure a successful upgrade' in the way that rigorous validation does. Running only functional tests (Option A) or only non-functional tests (Option C) leaves the environment vulnerable to either logic errors or system crashes. Thus, the verified best practice is to run both functional and non-functional tests (Option B) before redirecting production traffic to the upgraded instances.