Mender server deviceauth propagate issue

I’m hosting an open source mender-server and since the update to 3.1.0 (at least I think it is since then) I have some issues in my setup and I hope you can help me out.

When a new device comes online, it does not get recognized by the server at all:

  • I brought up a not pre-authorized device, it was not shown under pending devices
  • I pre-authorized a device, brought it online, it did not come online once connected to the server the first time

After digging around bit, I found this post and tried it out.

docker exec $(docker ps -q -n 1 -f 'name=device-auth') /usr/bin/deviceauth propagate-inventory 
docker exec $(docker ps -q -n 1 -f 'name=device-auth') /usr/bin/deviceauth propagate-inventory-id-data
docker exec $(docker ps -q -n 1 -f 'name=device-auth') /usr/bin/deviceauth propagate-inventory-statuses

The moment I executed the 3 command, the pending devices showed up and the pre-authorized device appeared in the device list. Everything looked correct.

Then I tried to accept the pending device, the status of device in the webinterface startet toggeling between accepted and pending (very fast).
After running deviceauth propagate-inventory-statuses the status flickering stopped and the device was accepted and everything is as it should be.

Unfortunately this behavior remains, I re-pulled the containers, restarted the server and the service, nothing helped. It seems like my setup has something broken and I have no idea what it could be.

I also tried the deviceauth maintenance --decommissioning-cleanup, the issue remains.

I tried to create a backup, migrated to an entirely fresh server instance, restored the backup (worked very smooth), but the issue remains also in the new instance.

So I guess the issue comes with the database data.
Any ideas how to figure out whats the issue in the database content?

Might there some miss-configuration in the prod.yaml?

Since this is quiet a blocker right now, I really would appreciate any hint helping find a solution.