diff --git a/.github/workflows/build-packaging.yml b/.github/workflows/build-packaging.yml index 6e0e3d20c1..267ac7ea05 100644 --- a/.github/workflows/build-packaging.yml +++ b/.github/workflows/build-packaging.yml @@ -353,8 +353,8 @@ jobs: jfrog rt dl ${{github.event.inputs.PSWI_SMPE_AZWE_ARTIFACTORY_PATH}}/AZWE002*.zip --flat=true .pax/AZWE002.zip jfrog rt dl ${{github.event.inputs.PSWI_SMPE_ARTIFACTORY_PATH}}/zowe-smpe-*.zip --flat=true .pax/zowe-smpe.zip - - name: '[SMPE Pax 4] Build PSWI' + id: pswi if: env.INPUTS_BUILD_PSWI == 'true' timeout-minutes: 60 run: | @@ -367,6 +367,14 @@ jobs: ZZOW_SSH_PORT: ${{ secrets.SSH_MARIST_ALLSYS_PORT }} VERSION: ${{ env.P_VERSION }} + - name: Store PSWI folder + uses: actions/upload-artifact@v4 + if: env.INPUTS_BUILD_PSWI == 'true' && failure() + with: + name: pswi-folder + path: | + pswi/** + - name: '[K8S] Build Kubernetes' timeout-minutes: 10 if: env.INPUTS_BUILD_KUBERNETES == 'true' diff --git a/.github/workflows/cicd-test.yml b/.github/workflows/cicd-test.yml index 3231c9ff92..2df637d7ec 100644 --- a/.github/workflows/cicd-test.yml +++ b/.github/workflows/cicd-test.yml @@ -1,4 +1,11 @@ name: Zowe CICD Integration Tests + +permissions: + contents: write + issues: write + pull-requests: write + statuses: write + on: workflow_dispatch: inputs: diff --git a/.github/workflows/pswi-zowe-config-test.yml b/.github/workflows/pswi-zowe-config-test.yml new file mode 100644 index 0000000000..0d25066436 --- /dev/null +++ b/.github/workflows/pswi-zowe-config-test.yml @@ -0,0 +1,60 @@ +name: PSWI zowe.yaml sync check + +permissions: + id-token: write + issues: write + pull-requests: write + contents: write + +on: + push: + branches: + - v3.x/staging + pull_request: + types: [opened, synchronize] + workflow_dispatch: + +jobs: + test-pswi-zowe-yaml: + runs-on: ubuntu-latest + steps: + + - name: '[Prep 1] Checkout' + uses: actions/checkout@v4 + + # Taken from shared-actions/prepare-workflow + - name: 'export github username and email' + run: | + git config --global user.name ${{ github.actor }} + echo ${{ github.actor }} + git config --global user.email dummy-email@email.com + shell: bash + + - name: '[PSI-LOCK] Lock marist servers to build PSWI' + uses: zowe-actions/shared-actions/lock-resource@main + with: + lock-repository: ${{ github.repository }} + github-token: ${{ secrets.GITHUB_TOKEN }} + lock-resource-name: zowe-psi-build-zzow07-lock + lock-avg-retry-interval: 30 + + - name: 'Test ZWECONF workflow' + id: zweconf + timeout-minutes: 30 + run: | + cd pswi + ./ZWECONF_test.sh + env: + ZOSMF_USER: ${{ secrets.ZOWE_PSWI_BUILD_USR }} + ZOSMF_PASS: ${{ secrets.ZOWE_PSWI_BUILD_PASSWD }} + ZZOW_SSH_PORT: ${{ secrets.SSH_MARIST_ALLSYS_PORT }} + + - name: Store test output + uses: actions/upload-artifact@v4 + if: steps.zweconf.outcome != '' && failure() + with: + name: zweconf_test + path: | + pswi/**.txt + pswi/zowe_.yaml + pswi/ZWECONF1/** diff --git a/CHANGELOG.md b/CHANGELOG.md index f7a2370de2..b2c4502bd5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,10 @@ All notable changes to the Zowe Installer will be documented in this file. - `zowe.yaml` changed its default z/OSMF Service ID definition from `zosmf` to `ibmzosmf`, which may impact Zowe Clients. For more information on this change, please see the API Mediation Layer's 3.0.0 Breaking Changes. +### New features and enhancements +- Enhancement: Added explanation to possible error message when checking z/OSMF setting. [#3956](https://github.com/zowe/zowe-install-packaging/pull/3956) +- Enhancement: New plugin identifier added to list of plugins and `allowedPlugins.json` for the new V3 Desktop in Angular 18. [#3984](https://github.com/zowe/zowe-install-packaging/pull/3984) + ## `2.17.0` diff --git a/README.md b/README.md index 6b389b95fd..29203e277b 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# zowe-install-packaging +# zowe-install-packaging This repository includes Zowe installation script and pipelines to build Zowe. diff --git a/bin/commands/internal/start/prepare/index.sh b/bin/commands/internal/start/prepare/index.sh index 3b3ef25b1a..1d3ac1faea 100644 --- a/bin/commands/internal/start/prepare/index.sh +++ b/bin/commands/internal/start/prepare/index.sh @@ -144,9 +144,13 @@ global_validate() { if [ -n "${ZOSMF_HOST}" -a -n "${ZOSMF_PORT}" ]; then if [[ ${ZWE_ENABLED_COMPONENTS} == *"discovery"* ]]; then validate_this "validate_zosmf_host_and_port \"${ZOSMF_HOST}\" \"${ZOSMF_PORT}\" 2>&1" "zwe-internal-start-prepare,global_validate:${LINENO}" + else + if [ "${ZWE_components_gateway_apiml_security_auth_provider}" = "zosmf" ]; then + let "ZWE_PRIVATE_ERRORS_FOUND=${ZWE_PRIVATE_OLD_ERRORS_FOUND}+1" + print_error "Using z/OSMF as 'components.gateway.apiml.security.auth.provider' is not possible: discovery is disabled." + print_formatted_info "ZWELS" "zwe-internal-start-prepare,global_validate:${LINENO}" "Zosmf validation failed" + fi fi - elif [ "${ZWE_components_zaas_apiml_security_auth_provider}" = "zosmf" ]; then - validate_this "validate_zosmf_as_auth_provider \"${ZOSMF_HOST}\" \"${ZOSMF_PORT}\" \"${ZWE_components_zaas_apiml_security_auth_provider}\" 2>&1" "zwe-internal-start-prepare,global_validate:${LINENO}" fi check_runtime_validation_result "zwe-internal-start-prepare,global_validate:${LINENO}" diff --git a/bin/commands/internal/start/prepare/index.ts b/bin/commands/internal/start/prepare/index.ts index b70b4f10ae..08feceb953 100644 --- a/bin/commands/internal/start/prepare/index.ts +++ b/bin/commands/internal/start/prepare/index.ts @@ -3,9 +3,9 @@ under the terms of the Eclipse Public License v2.0 which accompanies this distribution, and is available at https://www.eclipse.org/legal/epl-v20.html - + SPDX-License-Identifier: EPL-2.0 - + Copyright Contributors to the Zowe Project. */ @@ -75,7 +75,7 @@ function prepareLogDirectory() { if (logDir) { os.mkdir(logDir, 0o750); if (!fs.isDirectoryWritable(logDir)) { - common.printFormattedError("ZWELS", "zwe-internal-start-prepare,prepare_log_directory", `ZWEL0141E: User $(get_user_id) does not have write permission on ${logDir}.`); + common.printFormattedError("ZWELS", "zwe-internal-start-prepare,prepare_log_directory", `ZWEL0141E: User ${user} does not have write permission on ${logDir}.`); std.exit(141); } } @@ -172,12 +172,10 @@ function globalValidate(enabledComponents:string[]): void { privateErrors++; common.printFormattedError('ZWELS', "zwe-internal-start-prepare,global_validate", "Zosmf validation failed"); } - } else if (std.getenv('ZWE_components_zaas_apiml_security_auth_provider') == "zosmf") { - let zosmfOk = zosmf.validateZosmfAsAuthProvider(zosmfHost, zosmfPort, 'zosmf'); - if (!zosmfOk) { + } else if (std.getenv('ZWE_components_gateway_apiml_security_auth_provider') == "zosmf") { privateErrors++; + common.printError("Using z/OSMF as 'components.gateway.apiml.security.auth.provider' is not possible: discovery is disabled."); common.printFormattedError('ZWELS', "zwe-internal-start-prepare,global_validate", "Zosmf validation failed"); - } } } @@ -195,7 +193,7 @@ function validateComponents(enabledComponents:string[]): any { common.printFormattedInfo("ZWELS", "zwe-internal-start-prepare,validate_components", "process component validations ..."); const componentEnvironments = {}; - + // reset error counter let privateErrors = 0; std.setenv('ZWE_PRIVATE_ERRORS_FOUND','0'); @@ -244,7 +242,7 @@ function validateComponents(enabledComponents:string[]): any { } } }); - + std.setenv('ZWE_PRIVATE_ERRORS_FOUND', ''+privateErrors); varlib.checkRuntimeValidationResult("zwe-internal-start-prepare,validate_components"); @@ -259,8 +257,8 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str const zwePrivateWorkspaceEnvDir = std.getenv('ZWE_PRIVATE_WORKSPACE_ENV_DIR'); const zweCliParameterHaInstance = std.getenv('ZWE_CLI_PARAMETER_HA_INSTANCE'); - - + + enabledComponents.forEach((componentId: string)=> { common.printFormattedTrace("ZWELS", "zwe-internal-start-prepare,configure_components", `- checking ${componentId}`); const componentDir = component.findComponentDirectory(componentId); @@ -312,7 +310,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str common.printFormattedError("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentApimlStaticDefinitions failure`); } // - generic app framework plugin - success=component.processComponentAppfwPlugin(componentDir); + success=component.processComponentAppfwPlugin(componentDir); if (success) { common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentAppfwPlugin success`); } else { @@ -326,7 +324,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str } else { common.printFormattedError("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentZaasSharedLibs failure`); } - + // - gateway shared lib success=component.processComponentGatewaySharedLibs(componentDir); if (success) { @@ -362,13 +360,13 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str const result = shell.execOutSync('sh', '-c', `. ${runtimeDirectory}/bin/libs/configmgr-index.sh && cd ${componentDir} && . ${fullPath} ; export rc=$? ; export -p`); common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} configure ended with rc=${result.rc}`); - + if (result.rc==0) { const exportContent = varlib.getEnvironmentExports(result.out); if (exportContent) { const rc = xplatform.storeFileUTF8(`${zwePrivateWorkspaceEnvDir}/${componentName}/.${zweCliParameterHaInstance}.env`, xplatform.AUTO_DETECT, exportContent); if (!rc) { - + } else { // set permission for the component environment snapshot shell.execSync('chmod', `700`, `"${zwePrivateWorkspaceEnvDir}/${componentName}/.${zweCliParameterHaInstance}.env"`); @@ -396,7 +394,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str } } }); - + common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", "component configurations are successful"); } @@ -462,7 +460,7 @@ export function execute() { config.sanitizeHaInstanceId(); common.printFormattedInfo("ZWELS", "zwe-internal-start-prepare", `starting Zowe instance ${std.getenv('ZWE_CLI_PARAMETER_HA_INSTANCE')} with ${cliParameterConfig} ...`); - // extra preparations for running in container + // extra preparations for running in container // this is running in containers if (runInContainer == 'true') { prepareRunningInContainer(); diff --git a/bin/commands/migrate/for/kubernetes/index.sh b/bin/commands/migrate/for/kubernetes/index.sh index 0987017672..c31bbbb04e 100644 --- a/bin/commands/migrate/for/kubernetes/index.sh +++ b/bin/commands/migrate/for/kubernetes/index.sh @@ -204,7 +204,7 @@ done update_zowe_yaml "${temp_dir}/zowe.yaml" "zowe.externalPort" "${ZWE_CLI_PARAMETER_EXTERNAL_PORT}" update_zowe_yaml "${temp_dir}/zowe.yaml" "components.gateway.port" "7554" -update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.port" "7563" +update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.port" "7558" update_zowe_yaml "${temp_dir}/zowe.yaml" "components.discovery.port" "7553" update_zowe_yaml "${temp_dir}/zowe.yaml" "components.api-catalog.port" "7552" update_zowe_yaml "${temp_dir}/zowe.yaml" "components.caching-service.port" "7555" @@ -220,13 +220,13 @@ update_zowe_yaml "${temp_dir}/zowe.yaml" "components.explorer-jes.enabled" "true update_zowe_yaml "${temp_dir}/zowe.yaml" "components.explorer-mvs.enabled" "true" update_zowe_yaml "${temp_dir}/zowe.yaml" "components.explorer-uss.enabled" "true" -update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.apiml.security.x509.externalMapperUrl" "" -update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.apiml.security.authorization.endpoint.url" "" -zaas_auth_provider=$(read_yaml "${temp_dir}/zowe.yaml" ".components.zaas.apiml.security.authorization.endpoint.provider") +update_zowe_yaml "${temp_dir}/zowe.yaml" "components.gateway.apiml.security.x509.externalMapperUrl" "" +update_zowe_yaml "${temp_dir}/zowe.yaml" "components.gateway.apiml.security.authorization.endpoint.url" "" +zaas_auth_provider=$(read_yaml "${temp_dir}/zowe.yaml" ".components.gateway.apiml.security.authorization.endpoint.provider") if [ "${zaas_auth_provider}" != "" ]; then print_message "Zowe APIML ZAAS authorization provider is suggested to be empty when running in Kubernetes. 'native' is not supported off Z platform." fi -update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.apiml.security.authorization.endpoint.provider" "" +update_zowe_yaml "${temp_dir}/zowe.yaml" "components.gateway.apiml.security.authorization.endpoint.provider" "" update_zowe_yaml "${temp_dir}/zowe.yaml" "components.discovery.replicas" "1" update_zowe_yaml "${temp_dir}/zowe.yaml" "components.caching-service.storage.mode" "" diff --git a/bin/libs/zosmf.sh b/bin/libs/zosmf.sh index 116f66c65e..84477c3699 100644 --- a/bin/libs/zosmf.sh +++ b/bin/libs/zosmf.sh @@ -49,16 +49,3 @@ validate_zosmf_host_and_port() { print_message "Successfully checked z/OS MF is available on 'https://${zosmf_host}:${zosmf_port}/zosmf/info'" fi } - -validate_zosmf_as_auth_provider() { - zosmf_host="${1}" - zosmf_port="${2}" - auth_provider="${3}" - - if [ -n "${zosmf_host}" -a -n "${zosmf_port}" ]; then - if [ "${auth_provider}" = "zosmf" ]; then - print_error "z/OSMF is not configured. Using z/OSMF as authentication provider is not supported." - return 1 - fi - fi -} diff --git a/bin/libs/zosmf.ts b/bin/libs/zosmf.ts index 949c0eddf6..9e05a98be0 100644 --- a/bin/libs/zosmf.ts +++ b/bin/libs/zosmf.ts @@ -47,14 +47,3 @@ export function validateZosmfHostAndPort(zosmfHost: string, zosmfPort: number): } return zosmfCheckPassed; } - -//TODO isnt this completely backwards? -export function validateZosmfAsAuthProvider(zosmfHost: string, zosmfPort: number, authProvider: string): boolean { - if (zosmfHost && zosmfPort) { - if (authProvider == 'zosmf') { - common.printError("z/OSMF is not configured. Using z/OSMF as authentication provider is not supported."); - return true; - } - } - return false; -} diff --git a/containers/base-jdk/ubi/Dockerfile b/containers/base-jdk/ubi/Dockerfile index b87b254888..14a2d3f4de 100644 --- a/containers/base-jdk/ubi/Dockerfile +++ b/containers/base-jdk/ubi/Dockerfile @@ -9,23 +9,23 @@ # Copyright Contributors to the Zowe Project. ####################################################################### -FROM zowe-docker-release.jfrog.io/ompzowe/base:latest-ubi +FROM zowe-docker-release.jfrog.io/ompzowe/base:3-ubi ################################## # labels LABEL name="Zowe Base Image with JDK enabled" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components with JDK enabled" \ - description="Base image for Zowe components with JDK enabled" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components with JDK enabled" \ + description="Base image for Zowe components with JDK enabled" ################################## # Install JDK RUN microdnf install --nodocs \ - java-1.8.0-openjdk \ - && microdnf clean all --enablerepo='*' \ - # smoke tests - && java -version -ENV JAVA_HOME=/usr/lib/jvm/jre-1.8.0 + java-17-openjdk-headless \ + && microdnf clean all --enablerepo='*' \ + # smoke tests + && java -version +ENV JAVA_HOME=/usr/lib/jvm/jre-1.17.0 diff --git a/containers/base-jdk/ubuntu/Dockerfile b/containers/base-jdk/ubuntu/Dockerfile index 3ce76a688a..b5c3417d84 100644 --- a/containers/base-jdk/ubuntu/Dockerfile +++ b/containers/base-jdk/ubuntu/Dockerfile @@ -9,24 +9,25 @@ # Copyright Contributors to the Zowe Project. ####################################################################### -FROM zowe-docker-release.jfrog.io/ompzowe/base:latest-ubuntu +FROM zowe-docker-release.jfrog.io/ompzowe/base:3-ubuntu ################################## # labels LABEL name="Zowe Base Image with JDK enabled" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components with JDK enabled" \ - description="Base image for Zowe components with JDK enabled" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components with JDK enabled" \ + description="Base image for Zowe components with JDK enabled" ################################## -# Install JDK + +# Install JDK. RUN apt-get update \ - && apt-get install -y \ - openjdk-8-jre \ - && rm -rf /var/lib/apt/lists/* \ - # smoke tests - && java -version -ENV JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre + && apt-get install -y \ + openjdk-17-jre \ + && rm -rf /var/lib/apt/lists/* \ + # smoke tests + && java -version +ENV JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64/jre diff --git a/containers/base-node/Dockerfile b/containers/base-node/Dockerfile index e3cd778ccd..089a4c7af0 100644 --- a/containers/base-node/Dockerfile +++ b/containers/base-node/Dockerfile @@ -10,19 +10,19 @@ ####################################################################### # base image tag -ARG ZOWE_BASE_IMAGE=latest-ubuntu +ARG ZOWE_BASE_IMAGE=3-ubuntu FROM zowe-docker-release.jfrog.io/ompzowe/base:${ZOWE_BASE_IMAGE} ################################## # labels LABEL name="Zowe Base Image with node.js enabled" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components with node.js enabled" \ - description="Base image for Zowe components with node.js enabled" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components with node.js enabled" \ + description="Base image for Zowe components with node.js enabled" ################################## # node.js is installed in base image, so no actions here diff --git a/containers/base/ubi/Dockerfile b/containers/base/ubi/Dockerfile index 1c7faf2def..51a4753b90 100644 --- a/containers/base/ubi/Dockerfile +++ b/containers/base/ubi/Dockerfile @@ -14,12 +14,12 @@ FROM registry.redhat.io/ubi8/ubi-minimal:latest ################################## # labels LABEL name="Zowe Base Image" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components" \ - description="Base image for Zowe components" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components" \ + description="Base image for Zowe components" ################################## # arguments @@ -32,59 +32,58 @@ ARG NODE_CPU_ARCH=x64 ################################## # environments -ENV NODE_VERSION=16.18.1 +ENV NODE_VERSION=18.20.4 ################################## # customize RUN set -ex \ - # shadow-utils is needed for having adduser groupadd commands - && microdnf install --nodocs shadow-utils \ - # define zowe user/group - && groupadd --gid ${GID} zowe \ - && useradd -r -m --no-log-init --uid ${UID} --gid ${GID} --home /home/zowe zowe \ - # create /licenses folder - && mkdir -p /licenses \ - && chown zowe.zowe /licenses \ - # create /component folder - && mkdir -p /component \ - && chown zowe.zowe /component \ - # install node.js which is mandatory for now - && microdnf install --nodocs \ - findutils \ - tar \ - xz \ - && ARCH=${NODE_CPU_ARCH} \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - 108F52B48DB57BB0CC439B2997B01419BD92F80A \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ - done \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ - && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ - && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ - && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ - && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ - # smoke tests - && node --version \ - && npm --version \ - # remove unused pacakges - && microdnf remove \ - findutils \ - tar \ - xz \ - # clean up - && microdnf clean all --enablerepo='*' + # shadow-utils is needed for having adduser groupadd commands + && microdnf install --nodocs shadow-utils \ + # define zowe user/group + && groupadd --gid ${GID} zowe \ + && useradd -r -m --no-log-init --uid ${UID} --gid ${GID} --home /home/zowe zowe \ + # create /licenses folder + && mkdir -p /licenses \ + && chown zowe.zowe /licenses \ + # create /component folder + && mkdir -p /component \ + && chown zowe.zowe /component \ + # install node.js which is mandatory for now + && microdnf install --nodocs \ + findutils \ + tar \ + xz \ + && ARCH=${NODE_CPU_ARCH} \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ + 141F07595B7B3FFE74309A937405533BE57C7D57 \ + 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ + DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \ + CC68F5A3106FF448322E48ED27F5E38D5B0A215F \ + 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ + 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \ + C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ + 108F52B48DB57BB0CC439B2997B01419BD92F80A \ + A363A499291CBBC940DD62E41F10027AF002F8B0 \ + ; do \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ + done \ + && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ + && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ + && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ + && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ + # smoke tests + && node --version \ + && npm --version \ + # remove unused pacakges + && microdnf remove \ + findutils \ + tar \ + xz \ + # clean up + && microdnf clean all --enablerepo='*' diff --git a/containers/base/ubuntu/Dockerfile b/containers/base/ubuntu/Dockerfile index 232f9b5824..a8b0c96819 100644 --- a/containers/base/ubuntu/Dockerfile +++ b/containers/base/ubuntu/Dockerfile @@ -14,12 +14,12 @@ FROM ubuntu:latest ################################## # labels LABEL name="Zowe Base Image" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components" \ - description="Base image for Zowe components" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components" \ + description="Base image for Zowe components" ################################## # arguments @@ -32,65 +32,64 @@ ARG NODE_CPU_ARCH=x64 ################################## # environments -ENV NODE_VERSION=16.18.1 +ENV NODE_VERSION=18.20.4 ################################## # customize RUN set -ex \ - # define zowe user/group - && groupadd -g $GID -r zowe \ - && useradd -r -m --no-log-init --uid ${UID} --gid ${GID} -d /home/zowe zowe \ - # use bash as default shell - && cd /bin \ - && ln -sfn bash sh \ - # create /licenses folder - && mkdir -p /licenses \ - && chown zowe.zowe /licenses \ - # create /component folder - && mkdir -p /component \ - && chown zowe.zowe /component \ - # install node.js which is mandatory for now - && apt-get update \ - && apt-get install -y \ - curl \ - gnupg \ - xz-utils \ - # upgrade - && apt-get upgrade -y \ - && ARCH=${NODE_CPU_ARCH} \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - 108F52B48DB57BB0CC439B2997B01419BD92F80A \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ - done \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ - && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ - && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ - && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ - && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ - # smoke tests - && node --version \ - && npm --version \ - # remove unused pacakges - && apt-get purge --auto-remove -y \ - bzip2 \ - curl \ - gnupg \ - tini \ - xz-utils \ - # clean up - && rm -rf /var/lib/apt/lists/* + # define zowe user/group + && groupadd -g $GID -r zowe \ + && useradd -r -m --no-log-init --uid ${UID} --gid ${GID} -d /home/zowe zowe \ + # use bash as default shell + && cd /bin \ + && ln -sfn bash sh \ + # create /licenses folder + && mkdir -p /licenses \ + && chown zowe.zowe /licenses \ + # create /component folder + && mkdir -p /component \ + && chown zowe.zowe /component \ + # install node.js which is mandatory for now + && apt-get update \ + && apt-get install -y \ + curl \ + gnupg \ + xz-utils \ + # upgrade + && apt-get upgrade -y \ + && ARCH=${NODE_CPU_ARCH} \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ + 141F07595B7B3FFE74309A937405533BE57C7D57 \ + 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ + DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \ + CC68F5A3106FF448322E48ED27F5E38D5B0A215F \ + 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ + 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \ + C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ + 108F52B48DB57BB0CC439B2997B01419BD92F80A \ + A363A499291CBBC940DD62E41F10027AF002F8B0 \ + ; do \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ + done \ + && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ + && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ + && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ + && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ + # smoke tests + && node --version \ + && npm --version \ + # remove unused pacakges + && apt-get purge --auto-remove -y \ + bzip2 \ + curl \ + gnupg \ + tini \ + xz-utils \ + # clean up + && rm -rf /var/lib/apt/lists/* diff --git a/containers/kubernetes/samples/config-cm.yaml b/containers/kubernetes/samples/config-cm.yaml index a8956595c4..d8fdbbee86 100644 --- a/containers/kubernetes/samples/config-cm.yaml +++ b/containers/kubernetes/samples/config-cm.yaml @@ -90,7 +90,7 @@ data: zaas: enabled: true - port: 7563 + port: 7558 debug: false discovery: diff --git a/containers/kubernetes/samples/zaas-service.yaml b/containers/kubernetes/samples/zaas-service.yaml index 1057286890..5dafdb9a44 100644 --- a/containers/kubernetes/samples/zaas-service.yaml +++ b/containers/kubernetes/samples/zaas-service.yaml @@ -20,6 +20,6 @@ spec: ports: - name: zaas protocol: TCP - port: 7563 + port: 7558 targetPort: zaas-port appProtocol: https diff --git a/containers/kubernetes/workloads/zaas-deployment.yaml b/containers/kubernetes/workloads/zaas-deployment.yaml index acf548cbbd..f097d43d21 100644 --- a/containers/kubernetes/workloads/zaas-deployment.yaml +++ b/containers/kubernetes/workloads/zaas-deployment.yaml @@ -61,17 +61,17 @@ spec: cpu: "700m" ports: - name: zaas-port - containerPort: 7563 + containerPort: 7558 protocol: TCP startupProbe: tcpSocket: - port: 7563 + port: 7558 # this should give 90 * periodSeconds(default to 10) seconds about 15 minutes to confirm it's ready periodSeconds: 10 failureThreshold: 90 livenessProbe: tcpSocket: - port: 7563 + port: 7558 # this should give 3 * periodSeconds(default to 10) seconds about 30 seconds to confirm it's offline periodSeconds: 10 failureThreshold: 3 diff --git a/containers/zowe-launch-scripts/Dockerfile b/containers/zowe-launch-scripts/Dockerfile index 4c969ce1d7..30d28465dc 100644 --- a/containers/zowe-launch-scripts/Dockerfile +++ b/containers/zowe-launch-scripts/Dockerfile @@ -10,19 +10,19 @@ ####################################################################### # base image tag -ARG ZOWE_BASE_IMAGE=latest-ubuntu +ARG ZOWE_BASE_IMAGE=3-ubuntu FROM zowe-docker-release.jfrog.io/ompzowe/base-node:${ZOWE_BASE_IMAGE} ################################## # labels LABEL name="Zowe Launch Script Image" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="0.0.0" \ - release="0" \ - summary="Base Launch Script for Zowe components" \ - description="Base Launch Script for Zowe components" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="0.0.0" \ + release="0" \ + summary="Base Launch Script for Zowe components" \ + description="Base Launch Script for Zowe components" ################################## # switch context diff --git a/example-zowe.yaml b/example-zowe.yaml index 811f07c67c..79aec60b1b 100644 --- a/example-zowe.yaml +++ b/example-zowe.yaml @@ -308,7 +308,7 @@ zowe: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # This is an ID you use to separate multiple Zowe installs when determining # resource names used in RBAC authorization checks such as dataservices with RBAC - # expects this ID in SAF resources + # expects this ID in SAF resources rbacProfileIdentifier: "1" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -324,7 +324,7 @@ zowe: externalDomains: # this should be the domain name to access Zowe APIML Gateway - sample-domain.com - + # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # This is the port you use to access Zowe Gateway from your web browser. # @@ -366,8 +366,8 @@ zowe: # ZWED_TN3270_PORT: 23 # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - # You can define any Zowe message portions to be checked for and the message added to the - # system log upon its logging, truncated to 126 characters. + # You can define any Zowe message portions to be checked for and the message added to the + # system log upon its logging, truncated to 126 characters. sysMessages: # # Zowe starting - "ZWEL0021I" @@ -437,7 +437,7 @@ zowe: # This mode does not validate certificate Common Name and Subject # Alternative Name (SAN). # - DISABLED: disable certificate validation. This is NOT recommended for - # security. + # security. verifyCertificates: STRICT @@ -506,24 +506,12 @@ components: enabled: true port: 7554 debug: false - - # If we customize this to use different external certificate, than should also - # define "server.internal.ssl.certificate" and enable "server.internal.ssl.enabled". - # certificate: - # keystore: - # alias: "" - - # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - zaas: - enabled: true - port: 7563 - debug: false apiml: security: auth: provider: zosmf zosmf: - jwtAutoconfiguration: auto + jwtAutoconfiguration: jwt serviceId: ibmzosmf authorization: endpoint: @@ -531,6 +519,18 @@ components: provider: "native" x509: enabled: false + + # If we customize this to use different external certificate, than should also + # define "server.internal.ssl.certificate" and enable "server.internal.ssl.enabled". + # certificate: + # keystore: + # alias: "" + + # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + zaas: + enabled: true + port: 7558 + debug: false # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> api-catalog: enabled: true @@ -553,17 +553,14 @@ components: storage: evictionStrategy: reject - # can be inMemory, VSAM, redis or infinispan - mode: VSAM - size: 10000 - vsam: - # your VSAM data set created by "zwe init vsam" command or ZWECSVSM JCL - # this is required if storage mode is VSAM - name: "" + # can be infinispan, inMemory, redis or VSAM(deprecated) + mode: infinispan infinispan: # this is required if storage mode is infinispan jgroups: port: 7600 + keyExchange: + port: 7601 # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> app-server: @@ -624,7 +621,7 @@ components: # # This sysname will be used to route your JES command to target system. # sysname: LPR1 # # for this HA instance, we did not customize "components", so it will use default value. - + # # HA instance ID, we will start 2 instances on LPAR2 # # **NOTE**, we can only start one gateway in same LPAR. # lpar2a: diff --git a/files/defaults.yaml b/files/defaults.yaml index 8705166e9a..eed7339508 100644 --- a/files/defaults.yaml +++ b/files/defaults.yaml @@ -152,8 +152,8 @@ components: auth: provider: zosmf zosmf: - jwtAutoconfiguration: auto - serviceId: zosmf + jwtAutoconfiguration: jwt + serviceId: ibmzosmf authorization: endpoint: enabled: false @@ -169,15 +169,9 @@ components: enabled: false # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - metrics-service: + zaas: enabled: false - port: 7551 - debug: false - - # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - cloud-gateway: - enabled: false - port: 7563 + port: 7558 debug: false # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -201,16 +195,13 @@ components: storage: evictionStrategy: reject # can be inMemory, VSAM, redis or infinispan - mode: VSAM - size: 10000 - vsam: - # your VSAM data set created by "zwe init vsam" command or ZWECSVSM JCL - # this is required if storage mode is VSAM - name: "" + mode: infinispan infinispan: # this is required if storage mode is infinispan jgroups: port: 7600 + keyExchange: + port: 7601 # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> app-server: diff --git a/files/sca/zowe_base_server.json b/files/sca/zowe_base_sca.json similarity index 66% rename from files/sca/zowe_base_server.json rename to files/sca/zowe_base_sca.json index 6cfd05c68c..7300cfa3fe 100644 --- a/files/sca/zowe_base_server.json +++ b/files/sca/zowe_base_sca.json @@ -1,21 +1,21 @@ { - "ServiceId": "AZWE001BASE0S", + "ServiceId": "AZWE003BASE0S", "ServiceName": "Zowe Configuration - Server", - "MetaValidationItemVersion": 1.0, + "MetaValidationItemVersion": 2.0, "Vendor": "OPEN MAINFRAME PROJECT", "SecurityValidationItems": [ { - "ItemID": "AZWE001BASE0SI00001000", + "ItemID": "AZWE003BASE0SI00001000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "ZWES.IS", "ResourceClass": "FACILITY", "WhoNeedsAccess": "ZWESVUSR", "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe ZWESVSTC processes to access the Zowe ZIS cross memory server." + "ItemDescription": "To allow Zowe ZWESVSTC processes to access the Zowe ZIS cross-memory server." }, { - "ItemID": "AZWE001BASE0SI00002000", + "ItemID": "AZWE003BASE0SI00002000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "BPX.SERVER", @@ -25,7 +25,7 @@ "ItemDescription": "To allow the Zowe Desktop ZLUX server to run code on behalf of the API requester's TSO user ID." }, { - "ItemID": "AZWE001BASE0SI00003000", + "ItemID": "AZWE003BASE0SI00003000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "BPX.DAEMON", @@ -35,7 +35,7 @@ "ItemDescription": "To allow the Zowe Desktop ZLUX server to run code on behalf of the API requester's TSO user ID." }, { - "ItemID": "AZWE001BASE0SI00004000", + "ItemID": "AZWE003BASE0SI00004000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "BPX.JOBNAME", @@ -45,7 +45,7 @@ "ItemDescription": "To allow z/OS address spaces for unix processes to be renamed for ease of identification." }, { - "ItemID": "AZWE001BASE0SI00005000", + "ItemID": "AZWE003BASE0SI00005000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "CSFRNGL", @@ -55,7 +55,17 @@ "ItemDescription": "To generate symmetric keys using ICSF that is used by Zowe Desktop cookies." }, { - "ItemID": "AZWE001BASE0SI00006000", + "ItemID": "AZWE003BASE0SI00006000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "IRR.RAUDITX", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe Zowe main server to cut SMF records." + }, + { + "ItemID": "AZWE003BASE0SI00007000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "IRR.RUSERMAP", @@ -65,7 +75,7 @@ "ItemDescription": "To allow Zowe to map an X.509 client certificate to a z/OS identity." }, { - "ItemID": "AZWE001BASE0SI00007000", + "ItemID": "AZWE003BASE0SI00008000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "IRR.RADMIN.LISTUSER", @@ -75,7 +85,7 @@ "ItemDescription": "To allow Zowe to obtain information about OMVS segment of the user profile using LISTUSER TSO command." }, { - "ItemID": "AZWE001BASE0SI00008000", + "ItemID": "AZWE003BASE0SI00009000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "OMVSAPPL", @@ -85,7 +95,7 @@ "ItemDescription": "To allow Zowe Desktop vendor extensions the ability to use single-sign on." }, { - "ItemID": "AZWE001BASE0SI00009000", + "ItemID": "AZWE003BASE0SI00010000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "SUPERUSER.FILESYS", @@ -95,44 +105,64 @@ "ItemDescription": "An alternative option to allow Zowe user ID to write persistent data in the Zowe directory structure." }, { - "ItemID": "AZWE001BASE0SI00010000", - "ItemType": "SEMI-PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRRPTAUTH..ANYUSER", - "ResourceClass": "PTKTDATA", + "ItemID": "AZWE003BASE0SI00011000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "CERTIFICATE", + "ResourceProfile": "IRR.DIGTCERT.LISTRING", + "ResourceClass": "FACILITY", "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "UPDATE", - "ItemDescription": "To allow Zowe APIML to generate passtickets for application. Used for SSO and client certificate authentication." + "LevelOfAccessRequired": "READ", + "ItemDescription": "Permit the Zowe SERVER ID to access the key ring." + }, + { + "ItemID": "AZWE003BASE0SI00012000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "CERTIFICATE", + "ResourceProfile": "IRR.DIGTCERT.GENCERT", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "CONTROL", + "ItemDescription": "Permit the Zowe SERVER ID to access the private key." }, { - "ItemID": "AZWE001BASE0SI00011000", + "ItemID": "AZWE003BASE0SI00013000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "RDATALIB class", + "ResourceProfile": "..LST", + "ResourceClass": "RDATALIB", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe SERVER ID to access the key ring." + }, + { + "ItemID": "AZWE003BASE0SI00014000", "ItemType": "SEMI-PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRRPTAUTH..ANYUSER", - "ResourceClass": "PTKTDATA", + "ItemCategory": "PASS TICKET", + "ResourceProfile": "", + "ResourceClass": "APPL", "WhoNeedsAccess": "ZWESVUSR", "LevelOfAccessRequired": "READ", "ItemDescription": "To allow Zowe APIML to evaluate passtickets for application. Used for SSO and client certificate authentication." }, { - "ItemID": "AZWE001BASE0SI00012000", - "ItemType": "PROGRAMMABLE", + "ItemID": "AZWE003BASE0SI00015000", + "ItemType": "SEMI-PROGRAMMABLE", "ItemCategory": "SERVER", - "ResourceProfile": "IRR.DIGTCERT.LISTRING", - "ResourceClass": "FACILITY", + "ResourceProfile": "IRRPTAUTH..ANYUSER", + "ResourceClass": "PTKTDATA", "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe user id to access his own keyring." + "LevelOfAccessRequired": "UPDATE", + "ItemDescription": "To allow Zowe APIML to evaluate passtickets for application. Used for SSO and client certificate authentication." }, { - "ItemID": "AZWE001BASE0SI00013000", + "ItemID": "AZWE003BASE0SI00016000", "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRR.DIGTCERT.GENCERT", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "CONTROL", - "ItemDescription": "To optionally allow Zowe user id to use SITE owned certificate as a server certificate." + "ItemCategory": "USER", + "ResourceProfile": "APIML.SERVICES", + "ResourceClass": "ZOWE", + "WhoNeedsAccess": "", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe user to use API Mediation Layer services." } ] } diff --git a/files/sca/zowe_base_user.json b/files/sca/zowe_base_user.json deleted file mode 100644 index 7653fe28b5..0000000000 --- a/files/sca/zowe_base_user.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "ServiceId": "AZWE001BASE0U", - "ServiceName": "Zowe Configuration - User", - "MetaValidationItemVersion": 1.0, - "Vendor": "OPEN MAINFRAME PROJECT", - "SecurityValidationItems": [ - { - "ItemID": "AZWE001BASE0UI00001000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "USER", - "ResourceProfile": "APIML.SERVICES", - "ResourceClass": "ZOWE", - "WhoNeedsAccess": "", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe user to use API Mediation Layer services." - } - ] -} diff --git a/files/zlux/config/allowedPlugins.json b/files/zlux/config/allowedPlugins.json index 368cac3a02..8a46519147 100644 --- a/files/zlux/config/allowedPlugins.json +++ b/files/zlux/config/allowedPlugins.json @@ -52,6 +52,10 @@ "identifier": "org.zowe.zlux.ng2desktop", "versions": ["*"] }, + { + "identifier": "org.zowe.zlux.ivydesktop", + "versions": ["*"] + }, { "identifier": "org.zowe.zlux.ng2desktop.settings", "versions": ["*"] diff --git a/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json b/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json new file mode 100644 index 0000000000..1a791b6331 --- /dev/null +++ b/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json @@ -0,0 +1,5 @@ +{ + "identifier": "org.zowe.zlux.ivydesktop", + "pluginLocation": "zlux-app-manager/virtual-desktop", + "relativeTo": "$ZLUX_ROOT_DIR" +} diff --git a/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json b/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json index 2fd18ed29b..44a33568d3 100644 --- a/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json +++ b/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json @@ -1,5 +1,5 @@ { "identifier": "org.zowe.zlux.ng2desktop", - "pluginLocation": "zlux-app-manager/virtual-desktop", + "pluginLocation": "zlux-app-manager-v2/virtual-desktop", "relativeTo": "$ZLUX_ROOT_DIR" } diff --git a/manifest.json.template b/manifest.json.template index 6194230ca9..ccd79e8e3a 100644 --- a/manifest.json.template +++ b/manifest.json.template @@ -44,16 +44,16 @@ "artifact": "*.pax" }, "org.zowe.explorer-jes": { - "version": "~2.0.2-SNAPSHOT" + "version": "^3.0.0-PR-389" }, "org.zowe.explorer-mvs": { - "version": "~2.0.2-SNAPSHOT" + "version": "^3.0.0-PR-263" }, "org.zowe.explorer-uss": { - "version": "~2.0.2-SNAPSHOT" + "version": "^3.0.0-SNAPSHOT" }, "org.zowe.explorer-ip": { - "version": "~3.0.0-SNAPSHOT", + "version": "^3.0.0-SNAPSHOT", "artifact": "*.pax" }, "org.zowe.apiml.api-catalog-package": { diff --git a/playbooks/all_host_vars_list.yml b/playbooks/all_host_vars_list.yml index 93f9f01653..30cf5605e6 100644 --- a/playbooks/all_host_vars_list.yml +++ b/playbooks/all_host_vars_list.yml @@ -28,7 +28,7 @@ zos_zosmf_user: IZUSVR zowe_apiml_catalog_port: 7552 zowe_apiml_discovery_port: 7553 zowe_apiml_gateway_port: 7554 -zowe_apiml_zaas_port: 7563 +zowe_apiml_zaas_port: 7558 zowe_apiml_gateway_timeout_millis: 600000 zowe_apiml_nonstrict_verify_certficates_of_services: true zowe_apiml_security_auth_provider: zosmf @@ -39,10 +39,10 @@ zowe_apiml_security_oidc_client_id: zowe_apiml_security_oidc_client_secret: zowe_apiml_security_oidc_registry: zowe_apiml_security_zosmf_applid: IZUDFLT -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: LTPA zowe_apiml_verify_certficates_of_services: true zowe_auto_create_user_group: false -zowe_caching_service_persistent: VSAM +zowe_caching_service_persistent: infinispan zowe_caching_service_port: 7555 zowe_caching_service_vsam_dsprefix: CACHE zowe_caching_vsam_storage_class: diff --git a/playbooks/roles/configfmid/defaults/main.yml b/playbooks/roles/configfmid/defaults/main.yml index 34b56b1682..ba662c7ebe 100644 --- a/playbooks/roles/configfmid/defaults/main.yml +++ b/playbooks/roles/configfmid/defaults/main.yml @@ -61,7 +61,7 @@ zowe_apiml_gateway_timeout_millis: 600000 zowe_apiml_security_x509_enabled: false zowe_apiml_security_zosmf_applid: IZUDFLT zowe_apiml_security_auth_provider: zosmf -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: LTPA zowe_apiml_security_oidc_enabled: false zowe_apiml_security_oidc_client_id: zowe_apiml_security_oidc_client_secret: diff --git a/playbooks/roles/configfmid/tasks/main.yml b/playbooks/roles/configfmid/tasks/main.yml index 317cb6e7af..f47945e663 100644 --- a/playbooks/roles/configfmid/tasks/main.yml +++ b/playbooks/roles/configfmid/tasks/main.yml @@ -290,14 +290,14 @@ "components.gateway.apiml.gateway.timeoutMillis": "{{ zowe_apiml_gateway_timeout_millis }}" # zaas settings - "components.zaas.apiml.security.x509.enabled": "{{ zowe_apiml_security_x509_enabled|string|lower }}" - "components.zaas.apiml.security.auth.provider": "{{ zowe_apiml_security_auth_provider|string|lower }}" - "components.zaas.apiml.security.auth.zosmf.jwtAutoconfiguration": "{{ zowe_apiml_security_zosmf_jwt_autoconfiguration_mode }}" - "components.zaas.apiml.security.oidc.enabled": "{{ zowe_apiml_security_oidc_enabled|string|lower }}" - "components.zaas.apiml.security.oidc.clientId": "{{ zowe_apiml_security_oidc_client_id|string }}" - "components.zaas.apiml.security.oidc.clientSecret": "{{ zowe_apiml_security_oidc_client_secret|string }}" - "components.zaas.apiml.security.oidc.registry": "{{ zowe_apiml_security_oidc_registry|string }}" - "components.zaas.apiml.security.oidc.jwks.uri": "{{ zowe_apiml_security_oidc_jwks_uri|string }}" + "components.gateway.apiml.security.x509.enabled": "{{ zowe_apiml_security_x509_enabled|string|lower }}" + "components.gateway.apiml.security.auth.provider": "{{ zowe_apiml_security_auth_provider|string|lower }}" + "components.gateway.apiml.security.auth.zosmf.jwtAutoconfiguration": "{{ zowe_apiml_security_zosmf_jwt_autoconfiguration_mode }}" + "components.gateway.apiml.security.oidc.enabled": "{{ zowe_apiml_security_oidc_enabled|string|lower }}" + "components.gateway.apiml.security.oidc.clientId": "{{ zowe_apiml_security_oidc_client_id|string }}" + "components.gateway.apiml.security.oidc.clientSecret": "{{ zowe_apiml_security_oidc_client_secret|string }}" + "components.gateway.apiml.security.oidc.registry": "{{ zowe_apiml_security_oidc_registry|string }}" + "components.gateway.apiml.security.oidc.jwks.uri": "{{ zowe_apiml_security_oidc_jwks_uri|string }}" # desktop customizations "zowe.environments.ZWED_SSH_PORT": "{{ zowe_zlux_terminal_ssh_port }}" "zowe.environments.ZWED_TN3270_PORT": "{{ zowe_zlux_terminal_telnet_port }}" diff --git a/playbooks/roles/configure/defaults/main.yml b/playbooks/roles/configure/defaults/main.yml index 39ad5e895f..cc4cc80d20 100644 --- a/playbooks/roles/configure/defaults/main.yml +++ b/playbooks/roles/configure/defaults/main.yml @@ -54,7 +54,7 @@ zos_zosmf_ca: zowe_apiml_catalog_port: 7552 zowe_apiml_discovery_port: 7553 zowe_apiml_gateway_port: 7554 -zowe_apiml_zaas_port: 7563 +zowe_apiml_zaas_port: 7558 zowe_apiml_verify_certficates_of_services: true zowe_apiml_nonstrict_verify_certficates_of_services: true # APIML configuration properties @@ -63,7 +63,7 @@ zowe_apiml_security_x509_enabled: false zowe_apiml_service_forwardClientCertEnabled: true zowe_apiml_security_zosmf_applid: IZUDFLT zowe_apiml_security_auth_provider: zosmf -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: LTPA zowe_apiml_security_oidc_enabled: false zowe_apiml_security_oidc_client_id: zowe_apiml_security_oidc_client_secret: @@ -75,7 +75,7 @@ zowe_mvs_explorer_port: 7561 zowe_uss_explorer_port: 7562 # caching service zowe_caching_service_port: 7555 -zowe_caching_service_persistent: VSAM +zowe_caching_service_persistent: infinispan # the final data set name will be: {zowe_dataset_prefix}.{zowe_caching_service_vsam_dsprefix}{zowe_instance_id} # for example: IBMUSER.ZWE.CACHE1 zowe_caching_service_vsam_dsprefix: CACHE diff --git a/playbooks/roles/configure/tasks/main.yml b/playbooks/roles/configure/tasks/main.yml index 979fdf6e0f..1881a673ab 100644 --- a/playbooks/roles/configure/tasks/main.yml +++ b/playbooks/roles/configure/tasks/main.yml @@ -290,18 +290,17 @@ "components.zss.port": "{{ zowe_zss_port }}" # other gateway configs "components.gateway.apiml.gateway.timeoutMillis": "{{ zowe_apiml_gateway_timeout_millis }}" - "components.gateway.apiml.security.x509.enabled": "{{ zowe_apiml_security_x509_enabled|string|lower }}" "components.gateway.apiml.service.forwardClientCertEnabled": "{{ zowe_apiml_service_forwardClientCertEnabled|string|lower }}" # zaas configs - "components.zaas.apiml.security.x509.enabled": "{{ zowe_apiml_security_x509_enabled|string|lower }}" - "components.zass.apiml.security.auth.provider": "{{ zowe_apiml_security_auth_provider|string|lower }}" - "components.zaas.apiml.security.auth.zosmf.jwtAutoconfiguration": "{{ zowe_apiml_security_zosmf_jwt_autoconfiguration_mode }}" - "components.zaas.apiml.security.oidc.enabled": "{{ zowe_apiml_security_oidc_enabled|string|lower }}" - "components.zaas.apiml.security.oidc.clientId": "{{ zowe_apiml_security_oidc_client_id|string }}" - "components.zaas.apiml.security.oidc.clientSecret": "{{ zowe_apiml_security_oidc_client_secret|string }}" - "components.zaas.apiml.security.oidc.registry": "{{ zowe_apiml_security_oidc_registry|string }}" - "components.zaas.apiml.security.oidc.jwks.uri": "{{ zowe_apiml_security_oidc_jwks_uri|string }}" + "components.gateway.apiml.security.x509.enabled": "{{ zowe_apiml_security_x509_enabled|string|lower }}" + "components.gateway.apiml.security.auth.provider": "{{ zowe_apiml_security_auth_provider|string|lower }}" + "components.gateway.apiml.security.auth.zosmf.jwtAutoconfiguration": "{{ zowe_apiml_security_zosmf_jwt_autoconfiguration_mode }}" + "components.gateway.apiml.security.oidc.enabled": "{{ zowe_apiml_security_oidc_enabled|string|lower }}" + "components.gateway.apiml.security.oidc.clientId": "{{ zowe_apiml_security_oidc_client_id|string }}" + "components.gateway.apiml.security.oidc.clientSecret": "{{ zowe_apiml_security_oidc_client_secret|string }}" + "components.gateway.apiml.security.oidc.registry": "{{ zowe_apiml_security_oidc_registry|string }}" + "components.gateway.apiml.security.oidc.jwks.uri": "{{ zowe_apiml_security_oidc_jwks_uri|string }}" # desktop customizations "zowe.environments.ZWED_SSH_PORT": "{{ zowe_zlux_terminal_ssh_port }}" "zowe.environments.ZWED_TN3270_PORT": "{{ zowe_zlux_terminal_telnet_port }}" diff --git a/playbooks/roles/custom_for_test/defaults/main.yml b/playbooks/roles/custom_for_test/defaults/main.yml index 5209791295..9a2bfcdd33 100644 --- a/playbooks/roles/custom_for_test/defaults/main.yml +++ b/playbooks/roles/custom_for_test/defaults/main.yml @@ -54,7 +54,7 @@ zos_zosmf_ca: zowe_apiml_catalog_port: 7552 zowe_apiml_discovery_port: 7553 zowe_apiml_gateway_port: 7554 -zowe_apiml_cloud_gateway_port: 7563 +zowe_apiml_zaas_port: 7558 zowe_apiml_verify_certficates_of_services: true zowe_apiml_nonstrict_verify_certficates_of_services: true # APIML configuration properties @@ -67,14 +67,14 @@ zowe_apiml_security_oidc_registry: zowe_apiml_security_oidc_jwks_uri: zowe_apiml_security_zosmf_applid: IZUDFLT zowe_apiml_security_auth_provider: zosmf -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: LTPA # explorer APIs/plugins ports zowe_jobs_explorer_port: 7560 zowe_mvs_explorer_port: 7561 zowe_uss_explorer_port: 7562 # caching service zowe_caching_service_port: 7555 -zowe_caching_service_persistent: VSAM +zowe_caching_service_persistent: infinispan # the final data set name will be: {zowe_dataset_prefix}.{zowe_caching_service_vsam_dsprefix}{zowe_instance_id} # for example: IBMUSER.ZWE.CACHE1 zowe_caching_service_vsam_dsprefix: CACHE diff --git a/playbooks/roles/custom_for_test/tasks/main.yml b/playbooks/roles/custom_for_test/tasks/main.yml index 4403348fad..ea85b09568 100644 --- a/playbooks/roles/custom_for_test/tasks/main.yml +++ b/playbooks/roles/custom_for_test/tasks/main.yml @@ -151,7 +151,7 @@ # ============================================================================ # Enable disabled services -- name: Update zowe.yaml zowe.setup.vsam +- name: Update zowe.yaml import_role: name: zos tasks_from: update_zowe_yaml diff --git a/playbooks/roles/verify/defaults/main.yml b/playbooks/roles/verify/defaults/main.yml index 62fc35714b..1f1888134a 100644 --- a/playbooks/roles/verify/defaults/main.yml +++ b/playbooks/roles/verify/defaults/main.yml @@ -27,6 +27,6 @@ zowe_job_prefix: ZWE zowe_proclib_membername: ZWESLSTC zowe_instance_id: 1 # ports will be tested -zowe_apiml_zaas_port: 7563 +zowe_apiml_zaas_port: 7558 zowe_apiml_gateway_port: 7554 zowe_zlux_port: 7556 diff --git a/pswi/01_smpe.sh b/pswi/01_smpe.sh index 8370b9ef54..42d9f89aff 100644 --- a/pswi/01_smpe.sh +++ b/pswi/01_smpe.sh @@ -91,8 +91,8 @@ STATUS_NAME=`echo $RESP | grep -o '"statusName":".*"' | cut -f4 -d\"` if [ "$STATUS_NAME" = "in-progress" ] then - echo "Workflow ended with an error." - echo $RESP + echo "Workflow with SMP/E ended with an error." >> report.txt + echo $RESP >> report.txt exit -1 elif [ "$STATUS_NAME" = "complete" ] then diff --git a/pswi/02_ptf.sh b/pswi/02_ptf.sh index e2c23e54e3..e5174333d7 100644 --- a/pswi/02_ptf.sh +++ b/pswi/02_ptf.sh @@ -87,8 +87,8 @@ STATUS_NAME=`echo $RESP | grep -o '"statusName":".*"' | cut -f4 -d\"` if [ "$STATUS_NAME" = "in-progress" ] then - echo "Workflow ended with an error." - echo $RESP + echo "Workflow with PTFs ended with an error." >> report.txt + echo $RESP >> report.txt exit -1 elif [ "$STATUS_NAME" = "complete" ] then diff --git a/pswi/03_create.sh b/pswi/03_create.sh index 3f9e30fb84..724ab7ad61 100644 --- a/pswi/03_create.sh +++ b/pswi/03_create.sh @@ -79,8 +79,8 @@ then then echo "${ZOWE_MOUNT} with zFS ${ZOWE_ZFS} mounted will be used." else - echo "The file system ${ZOWE_ZFS} exists but is mounted to different mount point ${MOUNTZ}." - echo "It is required to have the file system ${ZOWE_ZFS} mounted to the exact mount point (${ZOWE_MOUNT}) to successfully export Zowe PSWI." + echo "The file system ${ZOWE_ZFS} exists but is mounted to different mount point ${MOUNTZ}." >> report.txt + echo "It is required to have the file system ${ZOWE_ZFS} mounted to the exact mount point (${ZOWE_MOUNT}) to successfully export Zowe PSWI." >> report.txt exit -1 fi else @@ -90,7 +90,7 @@ else if [ -n "$MOUNTZFS" ] then # If ZFS is not mounted to the mountpoint then this ZOWE mountpoint has different zFS - echo "The mountpoint ${ZOWE_MOUNT} has different zFS ${MOUNTZFS}." + echo "The mountpoint ${ZOWE_MOUNT} has different zFS ${MOUNTZFS}." >> report.txt exit -1 else # Mount zFS to Zowe mountpoint @@ -108,14 +108,14 @@ RESP=`curl -s $CHECK_WORKFLOW_DSN_URL -k -X "GET" -H "Content-Type: application/ DS_COUNT=`echo $RESP | grep -o '"returnedRows":[0-9]*' | cut -f2 -d:` if [ $DS_COUNT -ne 0 ] then - echo "The ${WORKFLOW_DSN} already exist. Because there is a possibility that it contains something unwanted the script does not continue." + echo "The ${WORKFLOW_DSN} already exist. Because there is a possibility that it contains something unwanted the script does not continue." >> report.txt exit -1 else echo "Creating a data set where the post-Deployment workflow will be stored." RESP=`curl -s $WORKFLOW_DSN_URL -k -X "POST" -d "$ADD_WORKFLOW_DSN_JSON" -H "Content-Type: application/json" -H "X-CSRF-ZOSMF-HEADER: A" --user $ZOSMF_USER:$ZOSMF_PASS` if [ -n "$RESP" ] then - echo "The creation of the ${WORKFLOW_DSN} was not successful. Error message: ${RESP}" + echo "The creation of the ${WORKFLOW_DSN} was not successful. Error message: ${RESP}" >> report.txt exit -1 fi fi @@ -173,7 +173,7 @@ RESP=`curl -s $CHECK_EXPORT_DSN_URL -k -X "GET" -H "Content-Type: application/js DSN_COUNT=`echo $RESP | grep -o '"returnedRows":[0-9]*' | cut -f2 -d:` if [ $DSN_COUNT -ne 0 ] then - echo "The ${EXPORT_DSN} already exist. Because there is a possibility that it contains something unwanted the script does not continue." + echo "The ${EXPORT_DSN} already exist. Because there is a possibility that it contains something unwanted the script does not continue." >> report.txt exit -1 else echo "Creating a data set where the export jobs will be stored." @@ -209,7 +209,7 @@ if [ $? -gt 0 ];then exit -1;fi LOAD_STATUS_URL=`echo $RESP | grep -o '"statusurl":".*"' | cut -f4 -d\" | tr -d '\' 2>/dev/null` if [ -z "$LOAD_STATUS_URL" ] then - echo "No response from the REST API call." + echo "No response from the load product REST API call." >> report.txt exit -1 fi @@ -239,7 +239,7 @@ if [ $? -gt 0 ];then exit -1;fi EXPORT_STATUS_URL=`echo $RESP | grep -o '"statusurl":".*"' | cut -f4 -d\" | tr -d '\' 2>/dev/null` if [ -z "$EXPORT_STATUS_URL" ] then - echo "No response from the REST API call." + echo "No response from the export REST API call." >> report.txt exit -1 fi @@ -266,7 +266,7 @@ then # Can be 100% but still running if [ "$STATUS" != "complete" ] && [ "$STATUS" != "running" ] then - echo "Status of generation of Export JCL failed." + echo "Status of generation of Export JCL failed." >> report.txt exit -1 fi fi @@ -275,7 +275,7 @@ done if [ -z "$DSN" ] then - echo "The creation of export JCL failed" + echo "The creation of export JCL failed" >> report.txt exit -1 fi diff --git a/pswi/051_test_workflows.sh b/pswi/051_test_workflows.sh new file mode 100644 index 0000000000..fed47c1345 --- /dev/null +++ b/pswi/051_test_workflows.sh @@ -0,0 +1,28 @@ +#!/bin/sh +#version=1.0 + +export BASE_URL="${ZOSMF_URL}:${ZOSMF_PORT}" + +echo "" +echo "" +echo "Script for testing workflows..." +echo "Host :" $ZOSMF_URL +echo "Port :" $ZOSMF_PORT +echo "SSH Port :" $ZZOW_SSH_PORT +echo "z/OSMF system :" $ZOSMF_SYSTEM +echo "Test HLQ :" $TEST_HLQ +echo "Test mount point :" $TEST_MOUNT +echo "Work zFS :" $WORK_ZFS # For z/OSMF v2.3 +echo "Work mount point :" $WORK_MOUNT # For z/OSMF v2.3 + +echo "Mounting ${TEST_HLQ}.ZFS" +sh scripts/tmp_mounts.sh "${TEST_HLQ}.ZFS" "${TEST_MOUNT}" +if [ $? -gt 0 ]; then exit -1; fi + +echo "Registering/testing the configuration workflow ${TEST_HLQ}.WORKFLOW(ZWECONF)" +sh scripts/wf_run_test.sh "${TEST_HLQ}.WORKFLOW(ZWECONF)" +if [ $? -gt 0 ];then exit -1;fi + +echo "Registering/testing the configuration workflow ${TEST_MOUNT}/files/workflows/ZWECONF.xml" +sh scripts/wf_run_test.sh "${TEST_MOUNT}/files/workflows/ZWECONF.xml" +if [ $? -gt 0 ];then exit -1;fi diff --git a/pswi/05_test.sh b/pswi/05_test.sh index 079ba78efc..94afd818a2 100644 --- a/pswi/05_test.sh +++ b/pswi/05_test.sh @@ -15,10 +15,10 @@ echo "Test HLQ :" $TEST_HLQ echo "Test mount point :" $TEST_MOUNT echo "Job name :" $JOBNAME echo "Deploy name :" $DEPLOY_NAME -echo "Software instance name :" $DEPLOY_NAME +echo "Software instance name :" $DEPLOY_NAME echo "Temporary directory :" $TMP_MOUNT echo "Temporary zFS :" $TMP_ZFS -echo "Work zFS :" $WORK_ZFS # For z/OSMF v2.3 +echo "Work zFS :" $WORK_ZFS # For z/OSMF v2.3 echo "Work mount point :" $WORK_MOUNT # For z/OSMF v2.3 echo "Storage Class :" $STORCLAS echo "Volume :" $VOLUME @@ -31,10 +31,10 @@ NEW_PSWI_JSON='{"name":"'${PSWI}'","system":"'${ZOSMF_SYSTEM}'","description":"Z # Check if temp zFS for PSWI is mounted echo "Checking/mounting ${TMP_ZFS}" sh scripts/tmp_mounts.sh "${TMP_ZFS}" "${TMP_MOUNT}" -if [ $? -gt 0 ];then exit -1;fi +if [ $? -gt 0 ]; then exit -1; fi cd ../.pax -sshpass -p${ZOSMF_PASS} sftp -o HostKeyAlgorithms=+ssh-rsa -o BatchMode=no -o StrictHostKeyChecking=no -o PubkeyAuthentication=no -b - -P ${ZZOW_SSH_PORT} ${ZOSMF_USER}@${HOST} << EOF +sshpass -p${ZOSMF_PASS} sftp -o HostKeyAlgorithms=+ssh-rsa -o BatchMode=no -o StrictHostKeyChecking=no -o PubkeyAuthentication=no -b - -P ${ZZOW_SSH_PORT} ${ZOSMF_USER}@${HOST} < JCL -echo ${JOBST2} >> JCL -echo "//UNPAXDIR EXEC PGM=BPXBATCH" >> JCL -echo "//STDOUT DD SYSOUT=*" >> JCL -echo "//STDERR DD SYSOUT=*" >> JCL -echo "//STDPARM DD *" >> JCL -echo "SH set -x;set -e;" >> JCL -echo "mkdir -p ${EXPORT};" >> JCL -echo "cd ${EXPORT};" >> JCL -echo "pax -rv -f ${TMP_MOUNT}/${SWI_NAME}.pax.Z;" >> JCL -echo "rm ${TMP_MOUNT}/${SWI_NAME}.pax.Z;" >> JCL -echo "/*" >> JCL +echo ${JOBST1} >JCL +echo ${JOBST2} >>JCL +echo "//UNPAXDIR EXEC PGM=BPXBATCH" >>JCL +echo "//STDOUT DD SYSOUT=*" >>JCL +echo "//STDERR DD SYSOUT=*" >>JCL +echo "//STDPARM DD *" >>JCL +echo "SH set -x;set -e;" >>JCL +echo "mkdir -p ${EXPORT};" >>JCL +echo "cd ${EXPORT};" >>JCL +echo "pax -rv -f ${TMP_MOUNT}/${SWI_NAME}.pax.Z;" >>JCL +echo "rm ${TMP_MOUNT}/${SWI_NAME}.pax.Z;" >>JCL +echo "/*" >>JCL -sh scripts/submit_jcl.sh "`cat JCL`" -if [ $? -gt 0 ];then exit -1;fi +sh scripts/submit_jcl.sh "$(cat JCL)" +if [ $? -gt 0 ]; then exit -1; fi rm JCL # z/OSMF 2.3 @@ -65,22 +65,10 @@ rm JCL # Check if work zFS for PSWI is mounted echo "Checking/mounting ${WORK_ZFS}" sh scripts/tmp_mounts.sh "${WORK_ZFS}" "${WORK_MOUNT}" -if [ $? -gt 0 ];then exit -1;fi +if [ $? -gt 0 ]; then exit -1; fi # Run the deployment test echo " Running the deployment test for z/OSMF version 2.3" pip install requests python scripts/deploy_test_2_3.py - -echo "Mounting ${TEST_HLQ}.ZFS" -sh scripts/tmp_mounts.sh "${TEST_HLQ}.ZFS" "${TEST_MOUNT}" -if [ $? -gt 0 ];then exit -1;fi - -echo "Registering/testing the configuration workflow ${TEST_HLQ}.WORKFLOW(ZWECONF)" -sh scripts/wf_run_test.sh "${TEST_HLQ}.WORKFLOW(ZWECONF)" -if [ $? -gt 0 ];then exit -1;fi - -echo "Registering/testing the configuration workflow ${TEST_MOUNT}/content/files/workflows/ZWECONF.xml" -sh scripts/wf_run_test.sh "${TEST_MOUNT}/files/workflows/ZWECONF.xml" -if [ $? -gt 0 ];then exit -1;fi diff --git a/pswi/PSWI-marist.sh b/pswi/PSWI-marist.sh index 80441508af..5a9e03bfa7 100755 --- a/pswi/PSWI-marist.sh +++ b/pswi/PSWI-marist.sh @@ -1,3 +1,4 @@ +set -x export ZOSMF_URL="https://zzow07.zowe.marist.cloud" export ZOSMF_PORT=10443 export ZOSMF_SYSTEM="S0W1" @@ -41,7 +42,7 @@ if [ -f ../.pax/zowe-smpe.zip ]; then mkdir -p "unzipped" unzip ../.pax/zowe-smpe.zip -d unzipped else - echo "zowe-smpe file not found" + echo "zowe-smpe file not found" >> report.txt exit -1 fi @@ -73,7 +74,7 @@ else if [ -f ../.pax/${FMID}.zip ]; then unzip ../.pax/${FMID}.zip -d unzipped else - echo "File with FMID not found" + echo "File with FMID not found" >> report.txt exit -1 fi fi @@ -90,6 +91,14 @@ export WORKFLOW_DSN=${CSIHLQ}.WORKFLOW export ZOWE_ZFS="${CSIHLQ}.ZFS" export VERSION=$(cat ../manifest.json.template | grep -o '"version": ".*"' | head -1 | cut -f4 -d\") +# Initialize variables +presmpe=0 +smpe=0 +ptf=0 +create=0 +test=0 +wf_test=0 + # Upload and prepare all files sh 00_presmpe.sh presmpe=$? @@ -125,7 +134,13 @@ if [ $presmpe -eq 0 ]; then # Test PSWI sh 05_test.sh test=$? - + + if [ $test -eq 0 ]; then + #test the workflows + sh 051_test_workflows.sh + wf_test=$? + fi + # Cleanup after the test sh 06_test_cleanup.sh fi @@ -141,23 +156,28 @@ if [ $presmpe -eq 0 ]; then # Clean RELFILEs and PTFs sh 08_presmpe_cleanup.sh fi +else + # Clean RELFILEs and PTFs + sh 08_presmpe_cleanup.sh fi echo "" echo "" -if [ $smpe -ne 0 ] || [ $ptf -ne 0 ] || [ $create -ne 0 ] || [ $test -ne 0 ] || [ $presmpe -ne 0 ]; then - echo "Build unsuccessful!" +if [ $smpe -ne 0 ] || [ $ptf -ne 0 ] || [ $create -ne 0 ] || [ $test -ne 0 ] || [ $presmpe -ne 0 ] || [ $wf_test -ne 0 ]; then + echo "Build unsuccessful!" >> report.txt if [ $presmpe -ne 0 ]; then - echo "Pre-SMP/E wasn't successful." + echo "Pre-SMP/E wasn't successful." >> report.txt elif [ $smpe -ne 0 ]; then - echo "SMP/E wasn't successful." + echo "SMP/E wasn't successful." >> report.txt elif [ $ptf -ne 0 ]; then - echo "Applying PTFs wasn't successful." + echo "Applying PTFs wasn't successful." >> report.txt elif [ $create -ne 0 ]; then - echo "Creation of PSWI wasn't successful." + echo "Creation of PSWI wasn't successful." >> report.txt elif [ $test -ne 0 ]; then - echo "Testing of PSWI wasn't successful." + echo "Testing of PSWI wasn't successful." >> report.txt + elif [ $wf_test -ne 0 ]; then + echo "Workflow testing wasn't successful." >> report.txt fi exit -1 else diff --git a/pswi/ZWECONF_test.sh b/pswi/ZWECONF_test.sh new file mode 100755 index 0000000000..346c997e45 --- /dev/null +++ b/pswi/ZWECONF_test.sh @@ -0,0 +1,60 @@ +export ZOSMF_URL="https://zzow07.zowe.marist.cloud" +export ZOSMF_PORT=10443 +export ZOSMF_SYSTEM="S0W1" +export JOBNAME="ZWECONF1" +export HOST=${ZOSMF_URL#https:\/\/} +export BASE_URL="${ZOSMF_URL}:${ZOSMF_PORT}" +WORK_MOUNT="/tmp" + +echo "Changing runtime path in ZWECONF.properties." + +cp ../workflows/files/ZWECONF.properties ./ZWECONF.properties +sed "s|runtimeDirectory=|runtimeDirectory=${WORK_MOUNT}|g" ./ZWECONF.properties > _ZWECONF +sed "s|java_home=|java_home=#delete_me#|g" _ZWECONF > ZWECONF +sed "s|node_home=|node_home=#delete_me#|g" ZWECONF > _ZWECONF + +echo "Changing the configuration workflow to be fully automated." + +cp ../workflows/files/ZWECONF.xml ./ZWECONF.xml +sed "s|false|true|g" ./ZWECONF.xml > ZWECONFX + +sshpass -p${ZOSMF_PASS} sftp -o HostKeyAlgorithms=+ssh-rsa -o BatchMode=no -o StrictHostKeyChecking=no -o PubkeyAuthentication=no -b - -P ${ZZOW_SSH_PORT} ${ZOSMF_USER}@${HOST} << EOF +cd ${WORK_MOUNT} +put _ZWECONF +put ZWECONFX +EOF + +echo "Testing the configuration workflow ${WORK_MOUNT}/ZWECONFX" +sh scripts/wf_run_test.sh "${WORK_MOUNT}/ZWECONFX" "run" "ZWECONF" "${WORK_MOUNT}/_ZWECONF" +if [ $? -gt 0 ];then exit -1;fi + +echo "Converting zowe.yaml" + +echo "//${ZOSMF_SYSTEM} JOB (1),'PSWI',MSGCLASS=A,REGION=0M" > JCL +echo "/*JOBPARM SYSAFF=(${ZOSMF_SYSTEM})" >> JCL +echo "//UNPAXDIR EXEC PGM=BPXBATCH" >> JCL +echo "//STDOUT DD SYSOUT=*" >> JCL +echo "//STDERR DD SYSOUT=*" >> JCL +echo "//STDPARM DD *" >> JCL +echo "SH set -x;set -e;" >> JCL +echo "cd ${WORK_MOUNT};" >> JCL +echo "iconv -f IBM-1047 -t ISO8859-1 zowe.yaml > zowe_.yaml;" >> JCL +echo "/*" >> JCL + +sh scripts/submit_jcl.sh "`cat JCL`" +if [ $? -gt 0 ];then exit -1;fi +rm JCL + +sshpass -p${ZOSMF_PASS} sftp -o HostKeyAlgorithms=+ssh-rsa -o BatchMode=no -o StrictHostKeyChecking=no -o PubkeyAuthentication=no -b - -P ${ZZOW_SSH_PORT} ${ZOSMF_USER}@${HOST} << EOF +cd ${WORK_MOUNT} +get zowe_.yaml +rm zowe_.yaml +EOF + +pwd + +cp ../example-zowe.yaml example-zowe.yaml + +diff --ed example-zowe.yaml zowe_.yaml > diff.txt || true + +diff --ed diff.txt scripts/base_diff.txt > final_diff.txt diff --git a/pswi/scripts/base_diff.txt b/pswi/scripts/base_diff.txt new file mode 100644 index 0000000000..d23d5ebdc1 --- /dev/null +++ b/pswi/scripts/base_diff.txt @@ -0,0 +1,46 @@ +483c + home: "#delete_me#" +. +468c + home: "#delete_me#" +. +281c + runtimeDirectory: "/tmp" +. +106c + # directory: +. +100,103c + # certificate: + # Type of certificate storage. Valid values are: PKCS12, JCEKS, JCECCAKS, JCERACFKS, JCECCARACFKS, or JCEHYBRIDRACFKS + # type: + # pkcs12: +. +66,91c + # Security related configurations. This setup is optional. + security: + # security product name. Can be RACF, ACF2 or TSS + product: RACF + # security group name + groups: + # Zowe admin user group + admin: ZWEADMIN + # Zowe STC group + stc: ZWEADMIN + # Zowe SysProg group + sysProg: ZWEADMIN + # security user name + users: + # Zowe runtime user name of main service + zowe: ZWESVUSR + # Zowe runtime user name of ZIS + zis: ZWESIUSR + # STC names + stcs: + # STC name of Zowe main service + zowe: ZWESLSTC + # STC name of Zowe ZIS + zis: ZWESISTC + # STC name of Zowe ZIS Auxiliary Server + aux: ZWESASTC +. diff --git a/pswi/scripts/check_response.sh b/pswi/scripts/check_response.sh index b9b280848e..b589cf88d2 100644 --- a/pswi/scripts/check_response.sh +++ b/pswi/scripts/check_response.sh @@ -5,13 +5,13 @@ REASON=`echo $RESP | grep -o '"reason":'` MSG=`echo $RESP | grep -o '"messageText":'` if [ -n "$REASON" ] || [ -n "$MSG" ] then - echo $RESP + echo $RESP >> report.txt exit -1 fi if [ $RESPCODE -ne 0 ] then - echo "REST API call failed." - echo $RESP + echo "REST API call failed." >> report.txt + echo $RESP >> report.txt exit -1 else echo "REST API call was successful." diff --git a/pswi/scripts/submit_jcl.sh b/pswi/scripts/submit_jcl.sh index 58f32f3805..43a5c672ba 100644 --- a/pswi/scripts/submit_jcl.sh +++ b/pswi/scripts/submit_jcl.sh @@ -11,7 +11,7 @@ sh scripts/check_response.sh "${RESP}" $? JOB_STATUS_URL=`echo $RESP | grep -o '"url":".*"' | cut -f4 -d\" | tr -d '\' 2>/dev/null` if [ -z "$JOB_STATUS_URL" ] then - echo "No response from the REST API call." + echo "No response from the REST API call." >> report.txt exit -1 fi JOBID=`echo $RESP | grep -o '"jobid":".*"' | cut -f4 -d\"` @@ -49,7 +49,7 @@ if [ "$RC" = "CC 0000" ] then echo "${JOBNAME} ${JOBID} was completed." else - echo "${JOBNAME} ${JOBID} failed." - cat $JOBNAME/$JOBID + echo "${JOBNAME} ${JOBID} failed." >> report.txt + cat $JOBNAME/$JOBID >> report.txt exit -1 fi diff --git a/pswi/scripts/tmp_mounts.sh b/pswi/scripts/tmp_mounts.sh index 23fa144cdb..eb44340d58 100644 --- a/pswi/scripts/tmp_mounts.sh +++ b/pswi/scripts/tmp_mounts.sh @@ -20,8 +20,8 @@ then echo "${MOUNT} with zFS ${ZFS} mounted will be used as is." MOUNTED=true else - echo "The file system ${ZFS} exists but is mounted to different mount point(${MOUNTP})." - echo "Use different name of zFS or ${MOUNTP} for mount point." + echo "The file system ${ZFS} exists but is mounted to different mount point(${MOUNTP})." >> report.txt + echo "Use different name of zFS or ${MOUNTP} for mount point." >> report.txt exit -1 fi else @@ -33,9 +33,9 @@ else if [ -n "$MOUNTZFS" ] then # If zFS is not mounted to the mount point then this mount point has different zFS - echo "The mount point ${MOUNT} has different zFS (${MOUNTZFS}) mounted." - echo "Use different mount point (not ${MOUNT})." - echo "Or use ${MOUNTZFS} for zFS." + echo "The mount point ${MOUNT} has different zFS (${MOUNTZFS}) mounted." >> report.txt + echo "Use different mount point (not ${MOUNT})." >> report.txt + echo "Or use ${MOUNTZFS} for zFS." >> report.txt exit -1 fi fi diff --git a/pswi/scripts/wf_run_test.sh b/pswi/scripts/wf_run_test.sh index 5987aeef41..e31a8e3c19 100755 --- a/pswi/scripts/wf_run_test.sh +++ b/pswi/scripts/wf_run_test.sh @@ -4,28 +4,41 @@ export BASE_URL="${ZOSMF_URL}:${ZOSMF_PORT}" WF_DEF_FILE=$1 run=$2 +ZWECONF=$3 +INPUT_FILE=$4 echo "" echo "" -echo "Script for testing workflow and if specified running with defaults as well..." +echo "Script for testing workflow and if specified running with defaults/variable input file as well..." echo "Host :" $ZOSMF_URL echo "Port :" $ZOSMF_PORT echo "z/OSMF system :" $ZOSMF_SYSTEM echo "Workflow definition file :" $WF_DEF_FILE +echo "Variable Input file :" $INPUT_FILE -WF_NAME="Testing workflows" +WF_NAME="Testing_workflows" # URLs CREATE_WF_URL="${BASE_URL}/zosmf/workflow/rest/1.0/workflows" WF_LIST_URL="${BASE_URL}/zosmf/workflow/rest/1.0/workflows?owner=${ZOSMF_USER}&workflowName=${WF_NAME}" # JSONs - +if [ -n "$INPUT_FILE" ] +then +ADD_WORKFLOW_JSON='{"workflowName":"'$WF_NAME'", +"workflowDefinitionFile":"'${WF_DEF_FILE}'", +"variableInputFile":"'${INPUT_FILE}'", +"system":"'$ZOSMF_SYSTEM'", +"owner":"'$ZOSMF_USER'", +"assignToOwner" :true}' +else ADD_WORKFLOW_JSON='{"workflowName":"'$WF_NAME'", "workflowDefinitionFile":"'${WF_DEF_FILE}'", "system":"'$ZOSMF_SYSTEM'", "owner":"'$ZOSMF_USER'", "assignToOwner" :true}' +fi +set -x # Get workflowKey for the workflow owned by user echo "Get workflowKey for the workflow if it exists." @@ -41,7 +54,6 @@ RESP=`curl -s $WORKFLOW_URL -k -X "DELETE" -H "Content-Type: application/json" - sh scripts/check_response.sh "${RESP}" $? fi -set -ex # Create workflow with REST API echo 'Invoking REST API to create the workflow.' @@ -51,7 +63,7 @@ if [ $? -gt 0 ];then exit -1;fi WFKEY=`echo $RESP | grep -o '"workflowKey":".*"' | cut -f4 -d\"` WORKFLOW_URL="${CREATE_WF_URL}/${WFKEY}" -if [ -n "${run}" ] +if [ "$run" = "run" ] then # Run workflow echo "Invoking REST API to start the workflow." @@ -72,9 +84,25 @@ STATUS_NAME=`echo $RESP | grep -o '"statusName":".*"' | cut -f4 -d\"` if [ "$STATUS_NAME" = "in-progress" ] then - echo "Workflow ended with an error." - echo $RESP - exit -1 + echo "Workflow ended with an error." >> report.txt + echo $RESP >> report.txt + echo "Checking if the workflow is ZWECONF" >> report.txt + if [ "$ZWECONF" = "ZWECONF" ] + then + STEP_NAME=`echo $RESP | grep -o '"currentStepName":".*"' | cut -f4 -d\"` + if [ "$STEP_NAME" = "init_zowe" ] + then + echo "The workflow is ZWECONF and should end in step 'init_zowe'" + STATUS="FINISHED" + else + echo "The workflow is ZWECONF but ended in different step: '$STEP_NAME'" >> report.txt + exit -1 + fi + else + echo "Workflow ended with an error and it is not ZWECONF." >> report.txt + echo $RESP >> report.txt + exit -1 + fi elif [ "$STATUS_NAME" = "complete" ] then echo "Workflow finished successfully." diff --git a/tests/sanity/test/e2e/test-01-login.js b/tests/sanity/test/e2e/test-01-login.js index 0b2b102a30..52687707c6 100644 --- a/tests/sanity/test/e2e/test-01-login.js +++ b/tests/sanity/test/e2e/test-01-login.js @@ -15,12 +15,12 @@ const addContext = require('mochawesome/addContext'); const testName = path.basename(__filename, path.extname(__filename)); const { - PRE_INSTALLED_APPS, - PRE_INSTALLED_APPS_DISABLED_FOR_DOCKER, - PRE_PINNED_APPS, +// PRE_INSTALLED_APPS, +// PRE_INSTALLED_APPS_DISABLED_FOR_DOCKER, +// PRE_PINNED_APPS, DEFAULT_PAGE_LOADING_TIMEOUT, DEFAULT_ELEMENT_CHECK_INTERVAL, - getElements, + // getElements, getElement, getElementText, waitUntilElement, @@ -252,8 +252,12 @@ describe('test MVD login page', function() { expect(launchbar).to.be.an('object'); // check we have known apps launched - const apps = await getElements(driver, 'rs-com-launchbar-icon'); + + + /*const apps = await getElements(driver, 'rs-com-launchbar-icon'); expect(apps).to.be.an('array').that.have.lengthOf(PRE_PINNED_APPS.length); + + */ // FIXME: ignore the title check now since title has been changed to show plugin description // for (let app of apps) { // const icon = await getElement(app, 'div.launchbar-icon-image'); @@ -265,8 +269,8 @@ describe('test MVD login page', function() { loginSuccessfully = true; }); - const zosHost = process.env.ZOWE_ZOS_HOST || process.env.ZOWE_EXTERNAL_HOST; - const dockerTest = process.env.ZOWE_EXTERNAL_HOST !== zosHost; + // const zosHost = process.env.ZOWE_ZOS_HOST || process.env.ZOWE_EXTERNAL_HOST; + // const dockerTest = process.env.ZOWE_EXTERNAL_HOST !== zosHost; it('should be able to popup apps menu', async function() { if (!loginSuccessfully) { @@ -293,7 +297,7 @@ describe('test MVD login page', function() { expect(popup).to.be.an('object'); // check popup menu items - const menuItems = await getElements(popup, '.launch-widget-row > .app-label'); + /* const menuItems = await getElements(popup, '.launch-widget-row > .app-label'); if (dockerTest) { // Docker scenario will not have IP Explorer, thus installed apps should be one less the total count @@ -305,7 +309,7 @@ describe('test MVD login page', function() { for (let item of menuItems) { const text = await item.getText(); expect(text).to.be.oneOf(PRE_INSTALLED_APPS); - } + }*/ }); diff --git a/tests/sanity/test/e2e/test-05-tn3270.js b/tests/sanity/test/e2e/test-05-tn3270.js index c55717398d..f2170ff912 100644 --- a/tests/sanity/test/e2e/test-05-tn3270.js +++ b/tests/sanity/test/e2e/test-05-tn3270.js @@ -8,6 +8,7 @@ * Copyright IBM Corporation 2018, 2019 */ +/* const path = require('path'); const expect = require('chai').expect; const debug = require('debug')('zowe-sanity-test:e2e:tn3270'); @@ -99,3 +100,4 @@ describe(`test ${APP_TO_TEST}`, function() { } }); }); +*/ diff --git a/tests/sanity/test/e2e/test-09-editor.js b/tests/sanity/test/e2e/test-09-editor.js index 14e24d8540..2504beb2e7 100644 --- a/tests/sanity/test/e2e/test-09-editor.js +++ b/tests/sanity/test/e2e/test-09-editor.js @@ -7,7 +7,7 @@ * * Copyright IBM Corporation 2019 */ - +/* const path = require('path'); const expect = require('chai').expect; const debug = require('debug')('zowe-sanity-test:e2e:editor'); @@ -89,3 +89,4 @@ describe(`test ${APP_TO_TEST}`, function() { } }); }); +*/ diff --git a/workflows/files/ZWECONF.properties b/workflows/files/ZWECONF.properties index 4eadca84d7..ccf3efc3a8 100644 --- a/workflows/files/ZWECONF.properties +++ b/workflows/files/ZWECONF.properties @@ -64,10 +64,10 @@ zowe_setup_dataset_authPluginLib=IBMUSER.ZWEV2.CUST.ZWESAPL # zowe_setup_vsam_mode # Label: Zowe setup VSAM mode -# Abstract: VSAM data set with Record-Level-Sharing enabled or not +# Abstract: VSAM data set with Record-Level-Sharing enabled or disabled # Category: components # Description: -# VSAM data set with Record-Level-Sharing enabled or not +# VSAM data set with Record-Level-Sharing enabled or disabled # Choices: NONRLS,RLS zowe_setup_vsam_mode=NONRLS @@ -140,15 +140,15 @@ zowe_job_prefix=ZWE1 # zowe_externalDomains # Label: Zowe external domains -# Abstract: This should be the domain name of your Dynamic VIP Address (DVIPA) +# Abstract: The domain name of your Dynamic VIP Address (DVIPA) # Category: zowe # Description: -# This should be the domain name of your Dynamic VIP Address (DVIPA) +# The domain name of your Dynamic VIP Address (DVIPA) zowe_externalDomains=sample-domain.com # zowe_externalPort # Label: Zowe external port -# Abstract: This is the port you use to access Zowe Gateway from your web browser +# Abstract: The port you use to access Zowe Gateway from your web browser # Category: zowe # Description: # This is the port you use to access Zowe Gateway from your web browser. @@ -174,6 +174,46 @@ zowe_launchScript_logLevel=info # Choices: warn,exit zowe_launchScript_CompConf=warn +# zowe_network_server_attls +# Label: Application Transparent Transport Layer Security for inbound +# Abstract: Enable on AT-TLS on inbound calls +# Category: network +# Description: +# Enable aware mode of inbound AT-TLS rules of all Zowe components. +zowe_network_server_attls=false + +# zowe_network_client_attls +# Label: Application Transparent Transport Layer Security for outbound +# Abstract: Enable on AT-TLS on outbound calls +# Category: network +# Description: +# Enable aware mode of outbound AT-TLS rules of all Zowe components. +zowe_network_client_attls=false + +# zowe_network_server_tls_min +# Label: Transport Layer Security - min version +# Abstract: TLS minimum version +# Category: network +# Description: +# The default configuration of the minimal version of a security transport protocol for inbound calls. +# TLS settings only apply when attls=false. +# Else you must use AT-TLS configuration for TLS customization. +# +# Choices: TLSv1.1,TLSv1.2,TLSv1.3 +zowe_network_server_tls_min=TLSv1.2 + +# zowe_network_server_tls_max +# Label: Transport Layer Security - max version +# Abstract: TLS maximum version +# Category: certificates +# Description: +# The default configuration of the maximum version of a security transport protocol for inbound calls. +# TLS settings only apply when attls=false. +# Else you must use AT-TLS configuration for TLS customization. +# +# Choices: TLSv1.1,TLSv1.2,TLSv1.3 +zowe_network_server_tls_max=TLSv1.3 + # zowe_certificate_keystore_type # Label: Zowe certificate keystore type # Abstract: Certificate keystore type (PKCS12, JCEKS, JCECCAKS, JCERACFKS, JCECCARACFKS, or JCEHYBRIDRACFKS) @@ -185,7 +225,7 @@ zowe_certificate_keystore_type=PKCS12 # zowe_certificate_keystore_file # Label: Zowe certificate keystore file -# Abstract: Zowe certificate keystore file. In case of keyring the format is "safkeyring://OWNER/KEYRING". +# Abstract: Zowe certificate keystore file. For keyring, the format is "safkeyring://OWNER/KEYRING". # Category: certificates # Description: # Zowe certificate keystore file @@ -218,7 +258,7 @@ zowe_certificate_truststore_type=PKCS12 # zowe_certificate_truststore_file # Label: Zowe certificate truststore file -# Abstract: File location for the certificate truststore. Keyring is in the format "safkeyring://OWNER/KEYRING". +# Abstract: File location for cert truststore. For keyring, the format is "safkeyring://OWNER/KEYRING" # Category: certificates # Description: # File location for the certificate truststore @@ -306,19 +346,19 @@ zOSMF_port=443 zOSMF_applId=IZUDFLT # components_gateway_enabled -# Label: Enable gateway -# Abstract: Should the APIML gateway be enabled? +# Label: Enable the gateway +# Abstract: Check this option to enable the gateway # Category: components # Description: -# Should the APIML gateway be enabled? +# Check this option to enable the gateway components_gateway_enabled=true # components_gateway_port # Label: Gateway port -# Abstract: Port for the APIML gateway +# Abstract: Port for the API ML gateway # Category: components # Description: -# Port for the APIML gateway +# Port for the API ML gateway components_gateway_port=7554 # components_gateway_debug @@ -329,156 +369,133 @@ components_gateway_port=7554 # Switch on the debug mode for the gateway components_gateway_debug=false -# components_gateway_apiml_security_authorization_endpoint_enabled -# Label: Enable gateway APIML security authorization endpoint -# Abstract: Use this to enable the security authorization endpoint -# Category: components -# Description: -# Use this to enable the security authorization endpoint -components_gateway_apiml_security_authorization_endpoint_enabled=false - -# components_gateway_apiml_security_authorization_provider -# Label: Gateway APIML security authorization provider -# Abstract: Security authorization provider for the gateway -# Category: components -# Description: -# Security authorization provider for the gateway -components_gateway_apiml_security_authorization_provider= - -# components_gateway_apiml_security_x509_enabled -# Label: Enable gateway APIML security x509 -# Abstract: Check to enable the gateway security x509 -# Category: components -# Description: -# Check to enable the gateway security x509 -components_gateway_apiml_security_x509_enabled=false - -# components_metrics_service_enabled -# Label: Enable metrics service -# Abstract: Use this option to enable the metrics seervice +# components_zaas_enabled +# Label: Enable ZAAS +# Abstract: Should the APIML ZAAS be enabled? # Category: components # Description: -# Use this option to enable the metrics seervice -components_metrics_service_enabled=false +# Should the APIML ZAAS be enabled? +components_zaas_enabled=true -# components_metrics_service_port -# Label: Metrics service port -# Abstract: Port for the metrics service +# components_zaas_port +# Label: ZAAS port +# Abstract: Port for the APIML ZAAS # Category: components # Description: -# Port for the metrics service -components_metrics_service_port=7551 +# Port for the APIML ZAAS +components_zaas_port=7558 -# components_metrics_service_debug -# Label: Metrics service debug -# Abstract: Check this value to get additional debugging +# components_zaas_debug +# Label: ZAAS debug +# Abstract: Switch on the debug mode for the ZAAS # Category: components # Description: -# Check this value to get additional debugging -components_metrics_service_debug=false +# Switch on the debug mode for the ZAAS +components_zaas_debug=false -# components_zaas_enabled -# Label: Enable ZAAS -# Abstract: Use this option to enable the Zowe Authentication and Authorization Service +# components_gateway_apiml_security_auth_provider +# Label: APIML security auth provider +# Abstract: Authorization provider for the gateway # Category: components # Description: -# Use this option to enable the Zowe Authentication and Authorization Service -components_zaas_enabled=false +# Authorization provider for the gateway +components_gateway_apiml_security_auth_provider=zosmf -# components_zaas_port -# Label: ZAAS port -# Abstract: Port for ZAAS +# components_gateway_apiml_security_auth_zosmf_jwtAutoconfiguration +# Label: APIML security auth z/OSMF jwtAutoconfiguration +# Abstract: JWT auto configuration for gateway security auth # Category: components # Description: -# Port for ZAAS -components_zaas_port=7563 +# JWT auto configuration for gateway security auth +# Choices: jwt,ltpa +components_gateway_apiml_security_auth_zosmf_jwtAutoconfiguration=jwt -# components_zaas_debug -# Label: ZAAS debug -# Abstract: Check this value to get additional debugging +# components_gateway_apiml_security_auth_zosmf_serviceId +# Label: APIML security auth z/OSMF serviceId +# Abstract: Service ID for gateway security auth # Category: components # Description: -# Check this value to get additional debugging -components_zaas_debug=false +# Service ID for gateway security auth +components_gateway_apiml_security_auth_zosmf_serviceId=ibmzosmf -# components_zaas_apiml_security_auth_provider -# Label: ZAAS APIML security auth provider -# Abstract: Authentication provider for ZAAS +# components_gateway_apiml_security_authorization_endpoint_enabled +# Label: Enable APIML security authorization endpoint +# Abstract: Use this to enable the security authorization endpoint # Category: components # Description: -# Authentication provider for the gateway -components_zaas_apiml_security_auth_provider=zosmf +# Use this to enable the security authorization endpoint +components_gateway_apiml_security_authorization_endpoint_enabled=false -# components_zaas_apiml_security_auth_zosmf_jwtAutoconfiguration -# Label: ZAAS APIML security auth z/OSMF jwtAutoconfiguration -# Abstract: JWT auto configuration for ZAAS (Authentication) +# components_gateway_apiml_security_authorization_provider +# Label: APIML security authorization provider +# Abstract: Security authorization provider for the gateway # Category: components # Description: -# JWT auto configuration for ZAAS (Authentication) -components_zaas_apiml_security_auth_zosmf_jwtAutoconfiguration=auto +# Security authorization provider for the gateway +components_gateway_apiml_security_authorization_provider=native -# components_zaas_apiml_security_auth_zosmf_serviceId -# Label: ZAAS APIML - z/OSMF serviceId -# Abstract: Service ID for ZAAS (Authentication) +# components_gateway_apiml_security_x509_enabled +# Label: Enable APIML security x509 +# Abstract: Check to enable the gateway security x509 # Category: components # Description: -# Service ID for ZAAS (Authentication) -components_zaas_apiml_security_auth_zosmf_serviceId=zosmf +# Check to enable the gateway security x509 +components_gateway_apiml_security_x509_enabled=false # components_api_catalog_enabled -# Label: Enable API catalog -# Abstract: Use this option to enable the API catalog +# Label: Enable API Catalog +# Abstract: Check this option to enable the API Catalog # Category: components # Description: -# Use this option to enable the API catalog +# Check this option to enable the API Catalog components_api_catalog_enabled=true # components_api_catalog_port # Label: API catalog port -# Abstract: Port on which the API catalog should be running. +# Abstract: Port on which the API Catalog should be running. # Category: components # Description: -# Port on which the API catalog should be running. +# Port on which the API Catalog should be running. components_api_catalog_port=7552 # components_api_catalog_debug # Label: API catalog debug -# Abstract: Extra debugging information from API catalog. +# Abstract: Extra debugging information from API Catalog. # Category: components # Description: -# Extra debugging information from API catalog. +# Extra debugging information from API Catalog. components_api_catalog_debug=false # components_discovery_enabled -# Label: Enable discovery -# Abstract: Should the automatic discovery be enabled? +# Label: Enable the Discovery service +# Abstract: Check this option to enable the Discovery service # Category: components # Description: -# Should the automatic discovery be enabled? +# Check this option to enable the Discovery service components_discovery_enabled=true # components_discovery_port # Label: Discovery port -# Abstract: Port on which the discovery service should be running +# Abstract: Port on which the Discovery service should be running # Category: components # Description: -# Port on which the discovery service should be running +# Port on which the Discovery service should be running components_discovery_port=7553 # components_discovery_debug # Label: Discovery debug -# Abstract: Should there be extra debugging information? +# Abstract: Check this option to include extra debugging information # Category: components # Description: -# Should there be extra debugging information? +# Check this option to include extra debugging information components_discovery_debug=false # components_caching_service_enabled -# Label: Enable caching service -# Abstract: Check to enable the caching service +# Label: Enable the Caching service +# Abstract: Check this option to enable the Caching service # Category: components # Description: -# Check to enable the caching service +# Check this option to enable the Caching service components_caching_service_enabled=true # components_caching_service_port @@ -499,7 +516,7 @@ components_caching_service_debug=false # components_caching_service_storage_evictionStrategy # Label: Caching service storage eviction strategy -# Abstract: Specifies the eviction strategy when storage size is achieved. +# Abstract: Specifies the eviction strategy when storage size is achieved # Category: components # Description: # Specifies the eviction strategy when storage size is achieved. @@ -511,17 +528,9 @@ components_caching_service_storage_evictionStrategy=reject # Abstract: Specifies the components caching service storage mode # Category: components # Description: -# Specifies the components caching service storage mode +# Specifies the components caching service storage mode. # Choices: inMemory,redis,infinispan,VSAM -components_caching_service_storage_mode=VSAM - -# components_caching_service_storage_size -# Label: Caching service storage size -# Abstract: Number of records before the eviction strategies kick in -# Category: components -# Description: -# Number of records before the eviction strategies kick in -components_caching_service_storage_size=10000 +components_caching_service_storage_mode=infinispan # components_caching_service_storage_vsam_name # Label: Caching service storage VSAM name @@ -539,12 +548,28 @@ components_caching_service_storage_vsam_name= # Port for jgroups. This is required if storage mode is infinispan. components_caching_service_storage_infinispan_jgroups_port=7600 +# components_caching_service_storage_infinispan_jgroups_host +# Label: Caching service storage jgroups host +# Abstract: Host for jgroups +# Category: components +# Description: +# Host for jgroups. Default value is the same as Zowe host and it is used if storage mode is infinispan. +components_caching_service_storage_infinispan_jgroups_host= + +# components_caching_service_storage_infinispan_jgroups_keyExchange_port +# Label: Caching service storage jgroups keyExchange port +# Abstract: Port for jgroups key exchange +# Category: components +# Description: +# Port for jgroups key exchange. This is required if storage mode is infinispan. +components_caching_service_storage_infinispan_jgroups_keyExchange_port=7601 + # components_app_server_enabled -# Label: Enable app server +# Label: Enable the app server # Abstract: Check this option to enable the app server # Category: components # Description: -# Check this option to enable the app server +# Check this option to enable the app server. components_app_server_enabled=true # components_app_server_debug @@ -552,7 +577,7 @@ components_app_server_enabled=true # Abstract: Check to get extra debug information from the service # Category: components # Description: -# Check to get extra debug information from the service +# Check to get extra debug information from the service. components_app_server_debug=false # components_app_server_port @@ -565,10 +590,10 @@ components_app_server_port=7556 # components_zss_enabled # Label: Enable ZSS -# Abstract: Check this option to enable the ZSS component +# Abstract: Check this option to enable ZSS # Category: components # Description: -# Check this option to enable the ZSS component +# Check this option to enable ZSS components_zss_enabled=true # components_zss_port @@ -603,84 +628,44 @@ components_zss_tls=true # If fallback is enabled, the agent issues and accepts cookies from itself in the event a JWT cannot be provided. components_zss_agent_jwt_fallback=true -# components_jobs_api_enabled -# Label: Enable jobs API -# Abstract: Check this option to enable the jobs API +# components_zss_agent_64bit +# Label: ZSS 64bit +# Abstract: Check this to enable 64bit mode # Category: components # Description: -# Check this option to enable the jobs API -components_jobs_api_enabled=false - -# components_jobs_api_debug -# Label: Jobs API debug -# Abstract: Check to get extra debug information from the service -# Category: components -# Description: -# Check to get extra debug information from the service -components_jobs_api_debug=false - -# components_jobs_api_port -# Label: Jobs API port -# Abstract: Port for the Jobs API -# Category: components -# Description: -# Port for the Jobs API -components_jobs_api_port=7558 - -# components_files_api_enabled -# Label: Enable files API -# Abstract: Check this option to enable the files API -# Category: components -# Description: -# Check this option to enable the files API -components_files_api_enabled=false - -# components_files_api_debug -# Label: Files API debug -# Abstract: Check to get extra debug information from the service -# Category: components -# Description: -# Check to get extra debug information from the service -components_files_api_debug=false - -# components_files_api_port -# Label: Files API port -# Abstract: Port which will be used by the Files API -# Category: components -# Description: -# Port which will be used by the Files API -components_files_api_port=7559 +# If 64bit mode is disabled 31bit mode will be used. +components_zss_agent_64bit=true # components_explorer_jes_enabled # Label: Enable explorer JES -# Abstract: Check this to enable the JES explorer +# Abstract: Check this option to enable the JES explorer # Category: components # Description: -# Check this to enable the JES explorer +# Check this option to enable the JES explorer. components_explorer_jes_enabled=true # components_explorer_mvs_enabled # Label: Enable explorer MVS -# Abstract: Check this option to enable MVS explorer +# Abstract: Check this option to enable the MVS explorer # Category: components # Description: -# Check this option to enable MVS explorer +# Check this option to enable the MVS explorer. components_explorer_mvs_enabled=true # components_explorer_uss_enabled # Label: Enable explorer USS -# Abstract: Check this option to enable USS explorer +# Abstract: Check this option to enable the USS explorer # Category: components # Description: -# Check this option to enable USS explorer +# Check this option to enable the USS explorer. components_explorer_uss_enabled=true # useconfig_manager_enabled # Label: Enable Zowe configuration manager -# Abstract: Should Zowe configuration manager be enabled? +# Abstract: Check this option to enable Zowe configuration manager # Category: configManager # Description: -# Should Zowe configuration manager be enabled? +# Check this option to enable Zowe configuration manager. useconfig_manager_enabled=true # config_manager_validation @@ -780,3 +765,13 @@ zowe_setup_security_stcs_zis=ZWESISTC # Description: # STC name of Auxiliary Service zowe_setup_security_stcs_aux=ZWESASTC + +# zowe_setup_installStep_enabled +# Label: Install the MVS data sets +# Abstract: Check to enable this run step with the zwe install command. For convenience build only. +# Category: installMVSDatasets +# Description: +# Check this option to enable the optional workflow step with zwe install command. After Zowe convenience build is extracted, +# you can enable this flag to run the zwe install command to install MVS data sets within this workflow run. +# This option is for convenience build only. SMP/E installs the MVS data sets during installation. +zowe_setup_installStep_enabled=false \ No newline at end of file diff --git a/workflows/files/ZWECONF.xml b/workflows/files/ZWECONF.xml index f0961c356b..b9a54cde87 100644 --- a/workflows/files/ZWECONF.xml +++ b/workflows/files/ZWECONF.xml @@ -3,9 +3,9 @@ true - config_zowe_20 - Configuration of Zowe 2.0 - Use this workflow to configure the Zowe 2.0 + config_zowe_30 + Configuration of Zowe 3.0 + Use this workflow to configure the Zowe 3.0 ###ZOWE_VERSION### Zowe @@ -249,6 +249,60 @@ some use cases, like containerization, this port could be different.warn + + + Enable on AT-TLS on inbound calls + Enable aware mode of inbound AT-TLS rules of all Zowe components. + network + + + + false + + + + + Enable on AT-TLS on outbound calls + Enable aware mode of outbound AT-TLS rules of all Zowe components. + network + + + + false + + + + + TLS minimum version + The default configuration of the minimal version of a security transport protocol for inbound calls. + TLS settings only apply when attls=false. + Else you must use AT-TLS configuration for TLS customization. + + network + + + TLSv1.1 + TLSv1.2 + TLSv1.3 + TLSv1.2 + + + + + TLS maximum version + The default configuration of the maximum version of a security transport protocol for inbound calls. + TLS settings only apply when attls=false. + Else you must use AT-TLS configuration for TLS customization. + + certificates + + + TLSv1.1 + TLSv1.2 + TLSv1.3 + TLSv1.3 + + Certificate keystore type (PKCS12, JCEKS, JCECCAKS, JCERACFKS, JCECCARACFKS, or JCEHYBRIDRACFKS) @@ -499,7 +553,7 @@ How we want to verify SSL certificates of services. Valid values are: - 7563 + 7558 @@ -513,10 +567,10 @@ How we want to verify SSL certificates of services. Valid values are: false - - - Authorization provider for the ZAAS - Authorization provider for the ZAAS + + + Authorization provider for the gateway + Authorization provider for the gateway components @@ -524,30 +578,32 @@ How we want to verify SSL certificates of services. Valid values are: zosmf - - + + JWT auto configuration for gateway security auth JWT auto configuration for gateway security auth components - auto + jwt + ltpa + jwt - - - Service ID for ZAAS security auth - Service ID for ZAAS security auth + + + Service ID for gateway security auth + Service ID for gateway security auth components - zosmf + ibmzosmf - - + + Use this to enable the security authorization endpoint Use this to enable the security authorization endpoint components @@ -557,20 +613,21 @@ How we want to verify SSL certificates of services. Valid values are: false - - - Security authorization provider for the ZAAS - Security authorization provider for the ZAAS + + + Security authorization provider for the gateway + Security authorization provider for the gateway components + native - - - Check to enable the ZAAS security x509 - Check to enable the ZAAS security x509 + + + Check to enable the gateway security x509 + Check to enable the gateway security x509 components @@ -702,20 +759,9 @@ How we want to verify SSL certificates of services. Valid values are: redis infinispan VSAM - VSAM + infinispan - - - Number of records before the eviction strategies kick in - Number of records before the eviction strategies kick in. - components - - - - 10000 - - VSAM name of the storage @@ -737,6 +783,24 @@ How we want to verify SSL certificates of services. Valid values are: 7600 + + + Host for jgroups + Host for jgroups. Default value is the same as Zowe host and it is used if storage mode is infinispan. + components + + + + + Port for jgroups key exchange + Port for jgroups key exchange. This is required if storage mode is infinispan. + components + + + + 7601 + + Check this option to enable the app server @@ -825,72 +889,17 @@ How we want to verify SSL certificates of services. Valid values are: true - - - Check this option to enable the jobs API - Check this option to enable the jobs API. + + + Check this to enable 64bit mode + If 64bit mode is disabled 31bit mode will be used. components - false - - - - - Check to get extra debug information from the service - Check to get extra debug information from the service. - components - - - - false - - - - - Port for the Jobs API - Port for the Jobs API - components - - - - 7558 - - - - - Check this option to enable the files API - Check this option to enable the files API. - components - - - - false - - - - - Check to get extra debug information from the service - Check to get extra debug information from the service. - components - - - - false + true - - - Port which will be used by the Files API - Port which will be used by the Files API - components - - - - 7559 - - Check this option to enable the JES explorer @@ -1122,6 +1131,10 @@ How we want to verify SSL certificates of services. Valid values are: + + + + @@ -1188,6 +1201,12 @@ How we want to verify SSL certificates of services. Valid values are: + + + + + + Run this step to specify the cloud gateway variables 1 z/OS System Programmer @@ -1212,12 +1231,6 @@ How we want to verify SSL certificates of services. Valid values are: - - - - - - Run this step to fill gateway component variables. 1 z/OS System Programmer @@ -1295,7 +1308,6 @@ How we want to verify SSL certificates of services. Valid values are: - Run this step to specify the variables for the Caching Service 1 z/OS System Programmer @@ -1303,7 +1315,7 @@ How we want to verify SSL certificates of services. Valid values are: false - + Variables for Caching Service - VSAM mode Specify the variables for the VSAM mode of Caching Service @@ -1323,10 +1335,10 @@ How we want to verify SSL certificates of services. Valid values are: - + - + Run this step to specify the variables for the Caching Service 1 z/OS System Programmer @@ -1356,6 +1368,8 @@ How we want to verify SSL certificates of services. Valid values are: + + Run this step to specify the variables for the Caching Service 1 z/OS System Programmer @@ -1407,6 +1421,7 @@ How we want to verify SSL certificates of services. Valid values are: + Run this step to specify the values for the ZSS variables 1 z/OS System Programmer @@ -1414,54 +1429,6 @@ How we want to verify SSL certificates of services. Valid values are: false - - Jobs API Variables - Define variables for the Jobs API - - - 1==1 - Always true - - - Skips if the Jobs API wasn't selected - !${instance-components_jobs_api_enabled} - skipped - - - - - - Run this step to define the variables for the Jobs API - 1 - z/OS System Programmer - false - false - - - - Files API Variables - Specify the variables for Files API - - - 1==1 - Always true - - - Skips this step if the Files API wasn't selected - !${instance-components_files_api_enabled} - skipped - - - - - - Run this step to specify the variables for the Files API - 1 - z/OS System Programmer - false - false - - Create configuration @@ -1636,7 +1603,7 @@ echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # >>>> Certificate setup scenario 2' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # PKCS12 (keystore) with importing certificate generated by other CA.' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # certificate:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' # # Type of certificate storage. Valid values are: PKCS12, JCEKS, JCECCAKS, JCERACFKS, JCECCARACFKS, or JCEHYBRIDRACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # # Type of certificate storage. Valid values are: PKCS12, JCERACFKS. APIML additionally supports: JCEKS, JCECCAKS, JCECCARACFKS, or JCEHYBRIDRACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # type: PKCS12' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # pkcs12:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # **COMMONLY_CUSTOMIZED**' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -1669,9 +1636,8 @@ echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # >>>> Certificate setup scenario 3' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # Zowe generated z/OS Keyring with Zowe generated certificates.' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # certificate:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' # # Type of certificate storage. Valid values are: PKCS12, JCEKS, JCECCAKS, JCERACFKS, JCECCARACFKS, or JCEHYBRIDRACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # # Type of certificate storage. Valid values are: PKCS12, JCERACFKS. APIML additionally supports: JCEKS, JCECCAKS, JCECCARACFKS, or JCEHYBRIDRACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # type: JCERACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' # createZosmfTrust: true' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # keyring:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # **COMMONLY_CUSTOMIZED**' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # keyring name' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -1705,7 +1671,7 @@ echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # >>>> Certificate setup scenario 4' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # Zowe generated z/OS Keyring and connect to existing certificate' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # certificate:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' # # Type of certificate storage. Valid values are: PKCS12, JCEKS, JCECCAKS, JCERACFKS, JCECCARACFKS, or JCEHYBRIDRACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # # Type of certificate storage. Valid values are: PKCS12, JCERACFKS. APIML additionally supports: JCEKS, JCECCAKS, JCECCARACFKS, or JCEHYBRIDRACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # type: JCERACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # keyring:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # **COMMONLY_CUSTOMIZED**' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -1729,7 +1695,7 @@ echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # >>>> Certificate setup scenario 5' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # Zowe generated z/OS Keyring with importing certificate stored in data set' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # certificate:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' # # Type of certificate storage. Valid values are: PKCS12, JCEKS, JCECCAKS, JCERACFKS, JCECCARACFKS, or JCEHYBRIDRACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # # Type of certificate storage. Valid values are: PKCS12, JCERACFKS. APIML additionally supports: JCEKS, JCECCAKS, JCECCARACFKS, or JCEHYBRIDRACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # type: JCERACFKS' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # keyring:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # # **COMMONLY_CUSTOMIZED**' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -1834,7 +1800,7 @@ echo ' # address bar.' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' externalDomains:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # this should be the domain name to access Zowe APIML Gateway' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #foreach($externalDomain in ${instance-zowe_externalDomains.split("\n")}) -echo ' - ${externalDomain}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' - ${externalDomain}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -1845,6 +1811,28 @@ echo ' # some use cases, like containerization, this port could be different.' echo ' externalPort: ${instance-zowe_externalPort}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' #' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # In this section, behavior such as which TLS levels, ciphers should be used, and if native TLS versus AT-TLS should be used.' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # See the schema for options.' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' #' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # This section applies to all components that support it.' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # So far: "zss" and "app-server"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' #' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # This section can be overridden per-component by placing it' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # Under a "zowe" subsection of a component, as in "components.zss.zowe.network"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' network:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' server:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' tls:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' attls: ${instance-zowe_network_server_attls}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # TLS settings only apply when attls=false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # Else you must use AT-TLS configuration for TLS customization.' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' minTls: "${instance-zowe_network_server_tls_min}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' maxTls: "${instance-zowe_network_server_tls_max}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' client:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' tls:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' attls: ${instance-zowe_network_client_attls}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # You can un-comment and define any extra environment variables as key/value' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # pairs here.' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # environments:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -1997,12 +1985,38 @@ echo ' gateway:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' enabled: ${instance-components_gateway_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: ${instance-components_gateway_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' debug: ${instance-components_gateway_debug}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' apiml:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' security:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' auth:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' provider: $!{instance-components_gateway_apiml_security_auth_provider}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' zosmf:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' jwtAutoconfiguration: $!{instance-components_gateway_apiml_security_auth_zosmf_jwtAutoconfiguration}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' serviceId: $!{instance-components_gateway_apiml_security_auth_zosmf_serviceId}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' authorization:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' endpoint:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' enabled: ${instance-components_gateway_apiml_security_authorization_endpoint_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' provider: "$!{instance-components_gateway_apiml_security_authorization_provider}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' x509:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' enabled: ${instance-components_gateway_apiml_security_x509_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end #if (${instance-components_gateway_enabled} == "false" ) echo ' gateway:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' enabled: ${instance-components_gateway_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: 7554' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' debug: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' apiml:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' security:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' auth:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' provider: zosmf' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' zosmf:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' jwtAutoconfiguration: auto' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' serviceId: ibmzosmf' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' authorization:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' endpoint:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' enabled: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' provider: "native"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' x509:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' enabled: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # If we customize this to use different external certificate, than should also' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -2017,42 +2031,13 @@ echo ' zaas:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' enabled: ${instance-components_zaas_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: ${instance-components_zaas_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' debug: ${instance-components_zaas_debug}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' apiml:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' security:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' auth:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' provider: "$!{instance-components_zaas_apiml_security_auth_provider}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' zosmf:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' jwtAutoconfiguration: "$!{instance-components_zaas_apiml_security_auth_zosmf_jwtAutoconfiguration}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' serviceId: "$!{instance-components_zaas_apiml_security_auth_zosmf_serviceId}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' authorization:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' endpoint:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' enabled: ${instance-components_zaas_apiml_security_authorization_endpoint_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' provider: "$!{instance-components_zaas_apiml_security_authorization_provider}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' x509:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' enabled: ${instance-components_zaas_apiml_security_x509_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end #if (${instance-components_zaas_enabled} == "false" ) echo ' zaas:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' enabled: ${instance-components_zaas_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' port: 7563' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' port: 7558' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' debug: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' apiml:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' security:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' auth:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' provider: "zosmf"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' zosmf:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' jwtAutoconfiguration: "auto"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' serviceId: "zosmf"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' authorization:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' endpoint:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' enabled: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' provider: ""' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' x509:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' enabled: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end -echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #if (${instance-components_api_catalog_enabled} == "true" ) echo ' api-catalog:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -2091,21 +2076,30 @@ echo ' port: ${instance-components_caching_service_port}' >> "${instance-zowe echo ' debug: ${instance-components_caching_service_debug}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' storage:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' evictionStrategy: "$!{instance-components_caching_service_storage_evictionStrategy}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' # can be inMemory, VSAM, redis or infinispan' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' mode: "$!{instance-components_caching_service_storage_mode}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' size: ${instance-components_caching_service_storage_size}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' evictionStrategy: $!{instance-components_caching_service_storage_evictionStrategy}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' # can be infinispan, inMemory, redis or VSAM(deprecated)' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' mode: $!{instance-components_caching_service_storage_mode}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +#if (${instance-components_caching_service_storage_mode} == "VSAM" ) echo ' vsam:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # your VSAM data set created by "zwe init vsam" command or ZWECSVSM JCL' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # this is required if storage mode is VSAM' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' name: "$!{instance-components_caching_service_storage_vsam_name}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +#end echo ' infinispan:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # this is required if storage mode is infinispan' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' jgroups:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #if (${instance-components_caching_service_storage_mode} == "infinispan" ) echo ' port: ${instance-components_caching_service_storage_infinispan_jgroups_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +#if ($!{instance-components_caching_service_storage_infinispan_jgroups_host} and ${instance-components_caching_service_storage_infinispan_jgroups_host} != "" ) +echo ' host: ${instance-components_caching_service_storage_infinispan_jgroups_host}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +#end +echo ' keyExchange:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' port: ${instance-components_caching_service_storage_infinispan_jgroups_keyExchange_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #else echo ' port: 7600' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' host:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' keyExchange:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' port: 7601' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end #end #if (${instance-components_caching_service_enabled} == "false" ) @@ -2115,9 +2109,9 @@ echo ' port: 7555' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' debug: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' storage:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' evictionStrategy: "reject"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' evictionStrategy: reject' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # can be inMemory, VSAM, redis or infinispan' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' mode: "VSAM"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' mode: VSAM' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' size: 10000' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' vsam:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # your VSAM data set created by "zwe init vsam" command or ZWECSVSM JCL' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -2127,6 +2121,9 @@ echo ' infinispan:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # this is required if storage mode is infinispan' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' jgroups:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: 7600' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' host:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' keyExchange:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' port: 7601' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -2156,48 +2153,20 @@ echo ' zss:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #if (${instance-components_zss_enabled} == "true" ) echo ' enabled: ${instance-components_zss_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: ${instance-components_zss_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' crossMemoryServerName: "$!{instance-components_zss_crossMemoryServerName}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' tls: ${instance-components_zss_tls}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' crossMemoryServerName: $!{instance-components_zss_crossMemoryServerName}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' agent:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' jwt:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' fallback: ${instance-components_zss_agent_jwt_fallback}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' 64bit: ${instance-components_zss_agent_64bit}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end #if (${instance-components_zss_enabled} == "false" ) echo ' enabled: ${instance-components_zss_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: 7557' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' crossMemoryServerName: "ZWESIS_STD"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' tls: true' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' crossMemoryServerName: ZWESIS_STD' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' agent:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' jwt:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' fallback: true' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -#end -echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -#if (${instance-components_jobs_api_enabled} == "true" ) -echo ' jobs-api:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' enabled: ${instance-components_jobs_api_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' debug: ${instance-components_jobs_api_debug}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' port: ${instance-components_jobs_api_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -#end -#if (${instance-components_jobs_api_enabled} == "false" ) -echo ' jobs-api:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' enabled: ${instance-components_jobs_api_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' debug: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' port: 7558' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -#end -echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -#if (${instance-components_files_api_enabled} == "true" ) -echo ' files-api:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' enabled: ${instance-components_files_api_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' debug: ${instance-components_files_api_debug}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' port: ${instance-components_files_api_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -#end -#if (${instance-components_files_api_enabled} == "false" ) -echo ' files-api:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' enabled: ${instance-components_files_api_enabled}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' debug: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" -echo ' port: 7559' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' 64bit: true' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" @@ -2268,6 +2237,8 @@ echo '# sysname: LPR2' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '# # These configurations will overwrite highest level default "components" configuration' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '# components:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo '# zaas:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo '# enabled: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '# gateway:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '# enabled: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo '# discovery:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"