diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index 5e54d6a1..00000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,1482 +0,0 @@ -image: ${ARTIFACTORY_SERVER}/dockerhub-remote/node:8 - -stages: - - process - - test - - build - - functional_test_publish - - functional_test_init - - functional_test_execute - - functional_test_cleanup - - functional_test_cleanup_container - - publish - - release_publish - - release_trigger_template_tests - -.helpers: &helpers | - function validate () { - "$@" - if [[ $? -ne 0 ]]; then exit 1; fi - } - -before_script: - - *helpers - -variables: - ARM_CLIENT_ID: "$AZURE_COMMERCIAL_CLIENT_ID" - ARM_CLIENT_SECRET: "$AZURE_COMMERCIAL_CLIENT_SECRET" - ARM_SUBSCRIPTION_ID: "$AZURE_COMMERCIAL_SUBSCRIPTION_ID" - ARM_TENANT_ID: "$AZURE_COMMERCIAL_TENANT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_COMMERCIAL_TENANT_ID" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_COMMERCIAL_OBJECT_ID" - AWS_ACCESS_KEY_ID: "$AWS_ACCESS_KEY_ID" - AWS_SECRET_ACCESS_KEY: "$AWS_SECRET_ACCESS_KEY" - TF_VAR_AWS_DEFAULT_DOMAIN: "$AWS_DEFAULT_DOMAIN" - TF_VAR_AWS_DEFAULT_REGION: "$AWS_DEFAULT_REGION" - TF_VAR_AZURE_OFFER: "$AZURE_OFFER" - TF_VAR_AZURE_SKU: "$AZURE_SKU" - TF_VAR_DOMAIN: 'us' - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION" - GIT_SECRETS_VERSION: '1.3.0' - GIT_SECRETS_PKG_URL: "https://github.com/awslabs/git-secrets/archive/${GIT_SECRETS_VERSION}.tar.gz" - - -# Cleanup development RPM's on CDN when branch no longer present on gitlab -cleanup_publish_rpms_dev_cdn: - stage: process - only: - variables: - - $CLEANUP_DEVELOP_CDN == "true" - except: - variables: - - $RUN_FUNCTIONAL_TESTS == "true" - - $PUBLISH_RPM == "true" - script: - # install jq - - apt-get update - - apt-get install -y jq - # find branches in project and cdn - - CDN_FOLDER="f5-bigip-runtime-init" - - AUTH_OPTS="--username ${CDN_SVC_ACCOUNT_USER} --password ${CDN_SVC_ACCOUNT_PWD} --non-interactive" - - svn co ${F5_CDN_SVN_ROOT}/cloudsolutions/${CDN_FOLDER} ${AUTH_OPTS} - - curl -k -H "PRIVATE-TOKEN:${DAILY_TEST_TOKEN}" "https://${GITLAB_URL}/api/v4/projects/${CI_PROJECT_ID}/repository/branches" | jq -r .[].name > branches.txt - - cat branches.txt - - ls ${CDN_FOLDER}/develop > cdn_branches.txt - - cat cdn_branches.txt - - diff=$(comm -23 cdn_branches.txt branches.txt) - - echo "Removing directories:$diff" - - cd ${CDN_FOLDER}/develop - - for d in $diff; do svn rm $d; done - - changed_files_count=$(svn diff --summarize | wc -l) - - if [[ $changed_files_count -ge 1 ]]; then svn commit -m "F5 automation templates project automation - ${CI_COMMIT_REF_NAME}" ${AUTH_OPTS}; else echo "Develop directories unchanged"; fi - - tags: - - cm-official-docker-executor - -# Cleanup artifactory images when matching branch no longer present on gitlab -cleanup_artifactory_images: - stage: process - only: - variables: - - $CLEANUP_ARTIFACTORY == "true" - except: - variables: - - $RUN_FUNCTIONAL_TESTS == "true" - script: - # install jq - - apt-get update - - apt-get install -y jq - # find branches in project and images in artifactory - - curl -k -H "PRIVATE-TOKEN:${DAILY_TEST_TOKEN}" "https://${GITLAB_URL}/api/v4/projects/${CI_PROJECT_ID}/repository/branches" | jq -r .[].name > branches.txt - - cat branches.txt - - curl -k -u "${GITLAB_ARTIFACTORY_USER}:${GITLAB_ARTIFACTORY_PASSWORD}" -X GET "https://${ARTIFACTORY_SERVER}/artifactory/api/docker/ecosystems-cloudsolutions-docker-dev/v2/deployment-tool-runtime-init/tags/list" | jq -r .tags[] > artifactory_tags.txt - - cat artifactory_tags.txt - - diff=$(comm -23 artifactory_tags.txt branches.txt) - - for d in $diff; do if [[ $d != "latest" ]]; then echo removing image ${d}; curl -k -u "${GITLAB_ARTIFACTORY_USER}:${GITLAB_ARTIFACTORY_PASSWORD}" -X DELETE "https://${ARTIFACTORY_SERVER}/artifactory/ecosystems-cloudsolutions-docker-dev/deployment-tool-runtime-init/${d}"; fi; done - tags: - - cm-official-docker-executor - -# lint package -lint_package: - stage: test - script: - # linter - - npm install --unsafe-perm - - npm run lint - tags: - - cm-official-docker-executor - except: - refs: - - schedules - variables: - - $CLEANUP_DEVELOP_CDN == "true" - -# audit packages for vulnerabilities -test_audit: - stage: test - script: - # npm audit - uses custom audit processor wrapper - - npm install --unsafe-perm - - npm run audit - tags: - - cm-official-docker-executor - except: - refs: - - schedules - variables: - - $CLEANUP_DEVELOP_CDN == "true" - -# run unit tests --uncomment -unit_tests: - stage: test - script: - - npm install --unsafe-perm - - npm run test - tags: - - cm-official-docker-executor - except: - refs: - - schedules - variables: - - $CLEANUP_DEVELOP_CDN == "true" - -# check for disallowed content in all files, this supplements -# the native pre-receive push rules built into GitLab for secrets -# NOTE: .gitallowed is used for exceptions -check_content: - image: ${ARTIFACTORY_SERVER}/dockerhub-remote/f5devcentral/containthedocs:rpmbuild - stage: test - script: - # install git-secrets - - curl -q -L -o git_secrets.tar.gz ${GIT_SECRETS_PKG_URL} - - tar xzf git_secrets.tar.gz - - cd git-secrets-${GIT_SECRETS_VERSION} && make install && cd .. - # now, add any patterns to disallow - - git secrets --add '.*f5.*\.com' - # scan - - git secrets --scan - tags: - - cm-official-docker-executor - except: - refs: - - schedules - -# generate README.md and SCHEMA.md -check_schema: - stage: test - script: - - npm install --unsafe-perm - - npm run generate-readmes - - if git diff | grep 'diff --git'; then exit 1; else exit 0; fi - tags: - - cm-official-docker-executor - except: - refs: - - schedules - -# verifies all examples use the latest AT Components versions -check_at_components_metadata: - stage: test - image: ${ARTIFACTORY_SERVER}/dockerhub-remote/python:3 - script: - - curl -sL https://deb.nodesource.com/setup_12.x | bash - && apt-get install -yq nodejs build-essential - - npm install -g npm - - apt-get install -y jq - - pip3 install yq - - npm run sync-at-components-metadata - - if git diff | grep 'diff --git'; then exit 1; else exit 0; fi - tags: - - cm-official-docker-executor - except: - refs: - - schedules - -# checks links in README -check_links: - image: ${ARTIFACTORY_SERVER}/dockerhub-remote/node:10 - stage: test - script: - - validate make link_check - tags: - - cm-official-docker-executor - except: - refs: - - schedules - -# build package -build_package: - stage: build - script: - # install packages: jq, rpm - - apt-get update - - apt-get install -y jq - - apt-get install -y rpm - # install node dependencies - - npm install --unsafe-perm - # build package artifact - - npm run build - tags: - - cm-official-docker-executor - artifacts: - name: package - paths: - - node_modules - - dist - expire_in: 1 week - except: - variables: - - $CLEANUP_DEVELOP_CDN == "true" - -### Functional Tests Section -# Publish docker image to artifactory -publish_container: - image: ${ARTIFACTORY_SERVER}/dockerhub-remote/docker:stable - stage: functional_test_publish - script: - - docker login -u ${GITLAB_ARTIFACTORY_USER} -p ${GITLAB_ARTIFACTORY_PASSWORD} ${ARTIFACTORY_SERVER} - - docker build --build-arg artifactory_server=${ARTIFACTORY_SERVER} -t ${ARTIFACTORY_SERVER}/ecosystems-cloudsolutions-docker-dev/deployment-tool-runtime-init:${CI_COMMIT_REF_NAME} . - - docker push ${ARTIFACTORY_SERVER}/ecosystems-cloudsolutions-docker-dev/deployment-tool-runtime-init:${CI_COMMIT_REF_NAME} - tags: - - docker-executor - only: - variables: - - $CI_COMMIT_REF_NAME == "main" - - $CI_COMMIT_REF_NAME == "develop" - - $RUN_FUNCTIONAL_TESTS == "true" - - $CI_COMMIT_MESSAGE =~ /smart:run_functional_tests/ - changes: - - Dockerfile - - plans/**/* - except: - variables: - - $CLEANUP_DEVELOP_CDN == "true" - -# Functional Tests - Initialization phase (with 1 retries in a case of any failures) -.test_functional_init_generic: &test_functional_init_generic - stage: functional_test_init - image: ${ARTIFACTORY_SERVER}/ecosystems-cloudsolutions-docker-dev/deployment-tool-runtime-init:${CI_COMMIT_REF_NAME} - retry: - max: 1 - script: - - current_dir=$(pwd) - - echo "*** Configuring SSH" - - eval $(ssh-agent -s) - - echo "$SSH_KEY" | sed 's/\\n/\n/g' | ssh-add - - - mkdir -p ~/.ssh - - chmod 700 ~/.ssh - # - printf '%s\n' '${SSH_KEY}' >> dewpt.pem - # - chmod 600 dewpt.pem - # deploy hashicorp vault and exit out of the folder - - cd /deployment-tool/plans/vault/aws - - terraform init - - terraform apply -auto-approve - - cd $current_dir - # sleep - - sleep 3m - # get Hashicorp vault details and place them in user_data file - - export VAULT_MGMT_IP=$(cat /deployment-tool/plans/vault/aws/terraform.tfstate | jq .outputs.vault_server_public_ip.value -r) - - export VAULT_SERVER_PUBLIC_HTTP=$(cat /deployment-tool/plans/vault/aws/terraform.tfstate | jq .outputs.vault_server_public_http.value -r) - - export VAULT_APP_ROLE=$(ssh -l ubuntu $VAULT_MGMT_IP -o 'StrictHostKeyChecking=no' 'cat /tmp/role-id | jq -r .data.role_id') - - export VAULT_SECRET_ID=$(ssh -l ubuntu $VAULT_MGMT_IP -o 'StrictHostKeyChecking=no' 'cat /tmp/secret-id | jq -r .data.secret_id') - - export VAULT_WRAPPED_SECRET_ID=$(ssh -l ubuntu $VAULT_MGMT_IP -o 'StrictHostKeyChecking=no' 'cat /tmp/wrapped-secret-id | jq -r .wrap_info.token') - - export VAULT_WRAPPED_SECRET_ID_2=$(ssh -l ubuntu $VAULT_MGMT_IP -o 'StrictHostKeyChecking=no' 'cat /tmp/wrapped-secret-id-2 | jq -r .wrap_info.token') - # debugging the values - - echo $VAULT_MGMT_IP - - echo $VAULT_SERVER_PUBLIC_HTTP - - echo $VAULT_APP_ROLE - - echo $VAULT_SECRET_ID - - echo $VAULT_WRAPPED_SECRET_ID - - echo $VAULT_WRAPPED_SECRET_ID_2 - - sed -i "s \vault_server_public_http $VAULT_SERVER_PUBLIC_HTTP g" /deployment-tool/plans/${CLOUD}/user_data.tpl - - sed -i "s/\vault_app_role/$VAULT_APP_ROLE/g" /deployment-tool/plans/${CLOUD}/user_data.tpl - - sed -i "s/\vault_secret_id/$VAULT_SECRET_ID/g" /deployment-tool/plans/${CLOUD}/user_data.tpl - - sed -i "s/\vault_wrapped_secret_id/$VAULT_WRAPPED_SECRET_ID/g" /deployment-tool/plans/${CLOUD}/user_data.tpl - # deploy environment - required artifacts will be place in output folder - - /deployment-tool/deploy.sh --deployment-plan ${CLOUD} --action create --output-folder env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH} - # Collecting deployment metadata - - grep "\-\-\-" /deployment-tool/plans/${CLOUD}/user_data.tpl -A 1000 > env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration.yaml - - export MGMT_IP=$(cat env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/deployment_info.json | jq .instances[].mgmt_address -r) - - export USERNAME=$(cat env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/deployment_info.json | jq .instances[].admin_username -r) - - export PASSWORD=$(cat env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/deployment_info.json | jq .instances[].admin_password -r) - - export DEPLOYMENT_ID=$(cat env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/deployment_info.json | jq .deploymentId -r) - - export SECRET_ID=$(cat env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/deployment_info.json | jq .secret_id -r) - - export NAME=$(cat package.json | jq .name -r) - - export VERSION=$(cat package.json | jq -r ".version") - - export RELEASE=$(cat package.json | jq -r ".release") - - echo "Verifying that BIGIP is ready to accept commands" - - bash tests/scripts/verify_bash_available.sh - - if [[ $? != 0 ]]; then exit 1; fi - - echo "Installing RPM and executing" - - sshpass -p $PASSWORD scp -o StrictHostKeyChecking=no dist/f5-bigip-runtime-init-$VERSION-$RELEASE.gz.run $USERNAME@$MGMT_IP:/var/tmp/ - # Workaround: copying over declaration to support bigip version with no user-data support - - sed "s/\${deployment_id}/$DEPLOYMENT_ID/g" env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration.yaml > env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration_replaced01.yaml - - sed "s/\${secret_id}/$SECRET_ID/g" env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration_replaced01.yaml > env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration_replaced02.yaml - - sed "s/\${domain}/$TF_VAR_DOMAIN/g" env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration_replaced02.yaml > env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration_replaced03.yaml - - rm env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration.yaml && rm env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration_replaced01.yaml && rm env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration_replaced02.yaml - - mv env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration_replaced03.yaml env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration.yaml - - cat env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration.yaml - - sshpass -p $PASSWORD scp -o StrictHostKeyChecking=no env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration.yaml $USERNAME@$MGMT_IP:/config/cloud/onboard_config - # End of Workaround. - - sshpass -p $PASSWORD scp -o StrictHostKeyChecking=no dist/f5-bigip-runtime-init-$VERSION-$RELEASE.gz.run $USERNAME@$MGMT_IP:/var/tmp/ - - sshpass -p $PASSWORD ssh -o StrictHostKeyChecking=no $USERNAME@$MGMT_IP "bash /var/tmp/f5-bigip-runtime-init-$VERSION-$RELEASE.gz.run -- '--cloud ${CLOUD} --toolchain-metadata-file-url https://f5-cft.s3.amazonaws.com/invalid.json --telemetry-params testKey01:testValue01,testKey02:testValue02'" - - sshpass -p $PASSWORD ssh -o StrictHostKeyChecking=no $USERNAME@$MGMT_IP "bash -c 'export TEEM_API_ENVIRONMENT=staging && f5-bigip-runtime-init -c /config/cloud/onboard_config'" - # Attempt to re-run self-executable and runtime-init - # Using updated config because wrapped Vault token can only be used once - - sed "s/${VAULT_WRAPPED_SECRET_ID}/${VAULT_WRAPPED_SECRET_ID_2}/g" env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration.yaml > env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration-update.yaml - - cat env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration-update.yaml - - sshpass -p $PASSWORD scp -o StrictHostKeyChecking=no env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/f5-bigip-runtime-declaration-update.yaml $USERNAME@$MGMT_IP:/config/cloud/onboard_config_update - - sshpass -p $PASSWORD ssh -o StrictHostKeyChecking=no $USERNAME@$MGMT_IP "bash /var/tmp/f5-bigip-runtime-init-$VERSION-$RELEASE.gz.run -- '--cloud ${CLOUD} --skip-verify --skip-toolchain-metadata-sync'" - - sshpass -p $PASSWORD ssh -o StrictHostKeyChecking=no $USERNAME@$MGMT_IP "bash f5-bigip-runtime-init -c /config/cloud/onboard_config_update --skip-telemetry" - tags: - - cm-official-docker-executor - only: - variables: - - $CI_COMMIT_REF_NAME == "main" - - $CI_COMMIT_REF_NAME == "develop" - - $RUN_FUNCTIONAL_TESTS == "true" - - $CI_COMMIT_MESSAGE =~ /smart:run_functional_tests/ - except: - variables: - - $CLEANUP_DEVELOP_CDN == "true" - - $PUBLISH_RPM == "true" - artifacts: - paths: - - env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH} - when: always - expire_in: 1 week - -# run functional tests: azure and BIGIPv16 -test_functional_init_azure_v16: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "16" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v16" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: azure and BIGIPv15 -test_functional_init_azure_v15: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "15" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v15" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: azure and BIGIPv14 -test_functional_init_azure_v14: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "14" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v14" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: azure and BIGIPv16 -test_functional_init_azure_gov_v16: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "16" - variables: - CLOUD: "azure" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v16" - VERSION_PATH: "v16" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_location: "usgovvirginia" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - ARM_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - ARM_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - ARM_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - ARM_TENANT_ID: "$AZURE_GOV_TENANT_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - -# run functional tests: azure and BIGIPv15 -test_functional_init_azure_gov_v15: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "15" - variables: - CLOUD: "azure" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v15" - VERSION_PATH: "v15" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_location: "usgovvirginia" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - ARM_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - ARM_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - ARM_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - ARM_TENANT_ID: "$AZURE_GOV_TENANT_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - -# run functional tests: azure and BIGIPv14 -test_functional_init_azure_gov_v14: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "14" - variables: - CLOUD: "azure" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v15" - VERSION_PATH: "v14" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_location: "usgovvirginia" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - ARM_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - ARM_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - ARM_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - ARM_TENANT_ID: "$AZURE_GOV_TENANT_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - -# run functional tests: aws and BIGIPv16 -test_functional_init_aws_v16: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "16" - variables: - CLOUD: "aws" - TF_VAR_AWS_BIGIP_AMI_ID: "$AWS_BIGIP_AMI_ID_v16" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: aws and BIGIPv15 -test_functional_init_aws_v15: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "15" - variables: - CLOUD: "aws" - TF_VAR_AWS_BIGIP_AMI_ID: "$AWS_BIGIP_AMI_ID_v15" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: aws and BIGIPv14 -test_functional_init_aws_v14: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "14" - variables: - CLOUD: "aws" - TF_VAR_AWS_BIGIP_AMI_ID: "$AWS_BIGIP_AMI_ID_v14" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: gcp and BIGIPv16 -test_functional_init_gcp_v16: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "16" - variables: - CLOUD: "gcp" - TF_VAR_bigip_version: "$GOOGLE_BIGIP_VERSION_v16" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: gcp and BIGIPv15 -test_functional_init_gcp_v15: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "15" - variables: - CLOUD: "gcp" - TF_VAR_bigip_version: "$GOOGLE_BIGIP_VERSION_v15" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: gcp and BIGIPv14 -test_functional_init_gcp_v14: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "14" - variables: - CLOUD: "gcp" - TF_VAR_bigip_version: "$GOOGLE_BIGIP_VERSION_v14" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - -# run functional tests: base package and BIGIPv16 -test_functional_init_base_v16: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "16" - variables: - CLOUD: "base" - TF_VAR_bigip_version: "$GOOGLE_BIGIP_VERSION_v16" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - -# run functional tests: base package and BIGIPv15 -test_functional_init_base_v15: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "15" - variables: - CLOUD: "base" - TF_VAR_bigip_version: "$GOOGLE_BIGIP_VERSION_v15" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - -# run functional tests: base package and BIGIPv15 -test_functional_init_base_v14: - <<: *test_functional_init_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "14" - variables: - CLOUD: "base" - TF_VAR_bigip_version: "$GOOGLE_BIGIP_VERSION_v14" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - -# Functional Tests - Execute phase (with no retries) -.test_functional_execute_generic: &test_functional_execute_generic - stage: functional_test_execute - image: ${ARTIFACTORY_SERVER}/dockerhub-remote/python:3.7 - script: - # install jq - - apt-get update - - apt-get install -y jq - # install sshpass - - apt-get install sshpass - # install node (and package dependencies ) - - curl -sL https://deb.nodesource.com/setup_12.x | bash - && apt-get -y install nodejs - - npm install --unsafe-perm - # copying artifacts inherited from functional_test_init target to root directory - - cp -a env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/. . - # executing fuctional test - - validate npm run functional-test - tags: - - cm-official-docker-executor - only: - variables: - - $CI_COMMIT_REF_NAME == "main" - - $CI_COMMIT_REF_NAME == "develop" - - $RUN_FUNCTIONAL_TESTS == "true" - - $CI_COMMIT_MESSAGE =~ /smart:run_functional_tests/ - except: - variables: - - $CLEANUP_DEVELOP_CDN == "true" - - $PUBLISH_RPM == "true" - artifacts: - paths: - - logs - when: always - expire_in: 1 week - -# run functional tests: azure -test_functional_execute_azure_v16: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "16" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - VERSION_PATH: "v16" - AZURE_CLIENT_ID: "$AZURE_COMMERCIAL_CLIENT_ID" - AZURE_CLIENT_SECRET: "$AZURE_COMMERCIAL_CLIENT_SECRET" - AZURE_TENANT_ID: "$AZURE_COMMERCIAL_TENANT_ID" - AZURE_SUBSCRIPTION_ID: "$AZURE_COMMERCIAL_SUBSCRIPTION_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_v16 - - build_package - -# run functional tests: azure -test_functional_execute_azure_v15: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "15" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - VERSION_PATH: "v15" - AZURE_CLIENT_ID: "$AZURE_COMMERCIAL_CLIENT_ID" - AZURE_CLIENT_SECRET: "$AZURE_COMMERCIAL_CLIENT_SECRET" - AZURE_TENANT_ID: "$AZURE_COMMERCIAL_TENANT_ID" - AZURE_SUBSCRIPTION_ID: "$AZURE_COMMERCIAL_SUBSCRIPTION_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_v15 - - build_package - -# run functional tests: azure -test_functional_execute_azure_v14: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "14" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - VERSION_PATH: "v14" - AZURE_CLIENT_ID: "$AZURE_COMMERCIAL_CLIENT_ID" - AZURE_CLIENT_SECRET: "$AZURE_COMMERCIAL_CLIENT_SECRET" - AZURE_TENANT_ID: "$AZURE_COMMERCIAL_TENANT_ID" - AZURE_SUBSCRIPTION_ID: "$AZURE_COMMERCIAL_SUBSCRIPTION_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_v14 - - build_package - -# run functional tests: azure goverment -test_functional_execute_azure_gov_v16: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "16" - variables: - CLOUD: "azure" - VERSION_PATH: "v16" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - AZURE_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - AZURE_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - AZURE_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_gov_v16 - - build_package - -# run functional tests: azure goverment -test_functional_execute_azure_gov_v15: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "15" - variables: - CLOUD: "azure" - VERSION_PATH: "v15" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - AZURE_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - AZURE_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - AZURE_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_gov_v15 - - build_package - -# run functional tests: azure -test_functional_execute_azure_gov_v14: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "14" - variables: - CLOUD: "azure" - VERSION_PATH: "v14" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - AZURE_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - AZURE_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - AZURE_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_gov_v14 - - build_package - -# run functional tests: aws -test_functional_execute_aws_v16: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "16" - variables: - CLOUD: "aws" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_aws_v16 - - build_package - - -# run functional tests: aws -test_functional_execute_aws_v15: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "15" - variables: - CLOUD: "aws" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_aws_v15 - - build_package - -test_functional_execute_aws_v14: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "14" - variables: - CLOUD: "aws" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_aws_v14 - - build_package - -# run functional tests: gcp -test_functional_execute_gcp_v16: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "16" - variables: - CLOUD: "gcp" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_gcp_v16 - - build_package - -test_functional_execute_gcp_v15: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "15" - variables: - CLOUD: "gcp" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_gcp_v15 - - build_package - -test_functional_execute_gcp_v14: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "14" - variables: - CLOUD: "gcp" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_gcp_v14 - - build_package - -# run base package tests -test_functional_execute_base_v16: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "16" - variables: - CLOUD: "base" - VERSION_PATH: "v16" - ENV_PROVIDER_TESTS: "ignore" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - dependencies: - - test_functional_init_base_v16 - - build_package - -test_functional_execute_base_v15: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "15" - variables: - CLOUD: "base" - VERSION_PATH: "v15" - ENV_PROVIDER_TESTS: "ignore" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - dependencies: - - test_functional_init_base_v15 - - build_package - -test_functional_execute_base_v14: - <<: *test_functional_execute_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "14" - variables: - CLOUD: "base" - VERSION_PATH: "v14" - ENV_PROVIDER_TESTS: "ignore" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - dependencies: - - test_functional_init_base_v14 - - build_package - - -# Functional Tests - Cleanup phase (executes always with 1 retry in a case of any failures) -.test_functional_cleanup_generic: &test_functional_cleanup_generic - stage: functional_test_cleanup - image: ${ARTIFACTORY_SERVER}/ecosystems-cloudsolutions-docker-dev/deployment-tool-runtime-init:${CI_COMMIT_REF_NAME} - retry: - max: 1 - when: always - script: - # copying artifacts inherited from functional_test_init target to root directory - - cp -a env_metadata/${CLOUD}_${TF_VAR_DOMAIN}/${VERSION_PATH}/. . - # teardown environment - - /deployment-tool/deploy.sh --deployment-plan ${CLOUD} --action delete - tags: - - cm-official-docker-executor - only: - variables: - - $CI_COMMIT_REF_NAME == "main" - - $CI_COMMIT_REF_NAME == "develop" - - $RUN_FUNCTIONAL_TESTS == "true" - - $CI_COMMIT_MESSAGE =~ /smart:run_functional_tests/ - except: - variables: - - $CLEANUP_DEVELOP_CDN == "true" - - $PUBLISH_RPM == "true" - -# run functional tests: azure -test_functional_cleanup_azure_v16: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "16" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_v16 - -test_functional_cleanup_azure_v15: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "15" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_v15 - -test_functional_cleanup_azure_v14: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure" && $BIGIP_VERSION == "14" - variables: - CLOUD: "azure" - TF_VAR_DOMAIN: "$CLOUD" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_v14 - - -# run functional tests: azure gov -test_functional_cleanup_azure_gov_v16: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "16" - variables: - CLOUD: "azure" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v16" - VERSION_PATH: "v16" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_location: "usgovvirginia" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - ARM_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - ARM_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - ARM_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - ARM_TENANT_ID: "$AZURE_GOV_TENANT_ID" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_gov_v16 - -test_functional_cleanup_azure_gov_v15: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "15" - variables: - CLOUD: "azure" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v15" - VERSION_PATH: "v15" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_location: "usgovvirginia" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - ARM_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - ARM_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - ARM_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - ARM_TENANT_ID: "$AZURE_GOV_TENANT_ID" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_gov_v15 - -test_functional_cleanup_azure_gov_v14: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "azure_gov" && $BIGIP_VERSION == "14" - variables: - CLOUD: "azure" - TF_VAR_AZURE_BIGIP_VERSION: "$AZURE_BIGIP_VERSION_v15" - VERSION_PATH: "v15" - TF_VAR_DOMAIN: "usgovcloudapi" - TF_VAR_location: "usgovvirginia" - TF_VAR_AZURE_ENVIROMENT: "usgovernment" - TF_VAR_AZURE_OBJECT_ID: "$AZURE_GOV_OBJECT_ID" - TF_VAR_AZURE_TENANT_ID: "$AZURE_GOV_TENANT_ID" - ARM_CLIENT_ID: "$AZURE_GOV_CLIENT_ID" - ARM_CLIENT_SECRET: "$AZURE_GOV_CLIENT_SECRET" - ARM_SUBSCRIPTION_ID: "$AZURE_GOV_SUBSCRIPTION_ID" - ARM_TENANT_ID: "$AZURE_GOV_TENANT_ID" - except: - variables: - - $TEST_SUITE == "aws" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_azure_gov_v14 - -# run functional tests: aws -test_functional_cleanup_aws_v16: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "16" - variables: - CLOUD: "aws" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_aws_v16 - -test_functional_cleanup_aws_v15: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "15" - variables: - CLOUD: "aws" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_aws_v15 - -test_functional_cleanup_aws_v14: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "aws" && $BIGIP_VERSION == "14" - variables: - CLOUD: "aws" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "gcp" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_aws_v14 - - -# run functional tests: gcp -test_functional_cleanup_gcp_v16: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "16" - variables: - CLOUD: "gcp" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_gcp_v16 - -test_functional_cleanup_gcp_v15: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "15" - variables: - CLOUD: "gcp" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_gcp_v15 - -test_functional_cleanup_gcp_v14: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "gcp" && $BIGIP_VERSION == "14" - variables: - CLOUD: "gcp" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "base" - dependencies: - - test_functional_init_gcp_v14 - - -# run functional tests: base -test_functional_cleanup_base_v16: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "16" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "16" - variables: - CLOUD: "base" - VERSION_PATH: "v16" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - dependencies: - - test_functional_init_base_v16 - -test_functional_cleanup_base_v15: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "15" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "15" - variables: - CLOUD: "base" - VERSION_PATH: "v15" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - dependencies: - - test_functional_init_base_v15 - -test_functional_cleanup_base_v14: - <<: *test_functional_cleanup_generic - only: - variables: - - $TEST_SUITE == "all" && $BIGIP_VERSION == "14" - - $TEST_SUITE == "all" && $BIGIP_VERSION == "all" - - $TEST_SUITE == "base" && $BIGIP_VERSION == "14" - variables: - CLOUD: "base" - VERSION_PATH: "v14" - except: - variables: - - $TEST_SUITE == "azure" - - $TEST_SUITE == "aws" - - $TEST_SUITE == "azure_gov" - - $TEST_SUITE == "gcp" - dependencies: - - test_functional_init_base_v14 - -# End of Funtional tests - -# Publish RPM's to CDN -publish_rpms_dev_cdn: - stage: publish - only: - variables: - - $CI_COMMIT_REF_NAME == "develop" - - $PUBLISH_RPM_DEVELOP == "true" - - $CI_COMMIT_MESSAGE =~ /smart:run_publish_develop_cdn/ - except: - variables: - - $RUN_FUNCTIONAL_TESTS == "true" - - $CLEANUP_DEVELOP_CDN == "true" - script: - # publish dist rpms to F5 CDN into develop directory - # install jq - - apt-get update - - apt-get install -y jq - # copy push rpms to cdn - - VERSION=$(cat package.json | jq -r ".version") - - RELEASE=$(cat package.json | jq -r ".release") - - echo "Version:${VERSION}, Release:${RELEASE}" - - CDN_FOLDER="f5-bigip-runtime-init" - - AUTH_OPTS="--username ${CDN_SVC_ACCOUNT_USER} --password ${CDN_SVC_ACCOUNT_PWD} --non-interactive" - - svn co ${F5_CDN_SVN_ROOT}/cloudsolutions/${CDN_FOLDER} ${AUTH_OPTS} - - mkdir -p ${CDN_FOLDER}/develop/${CI_COMMIT_REF_NAME} - - cp -r dist ${CDN_FOLDER}/develop/${CI_COMMIT_REF_NAME} - - cd ${CDN_FOLDER}/develop - - status=$(svn status) - - echo "$status" - - if echo "$status" | grep -F '?'; then svn add --force ${CI_COMMIT_REF_NAME}; else echo "No new directory to add"; fi - - changed_files_count=$(svn diff --summarize | wc -l) - - echo "$changed_files_count" - - if [[ $changed_files_count -ge 1 ]]; then svn add --force ${CI_COMMIT_REF_NAME}/*; svn commit -m "F5 automation templates project automation - ${CI_COMMIT_REF_NAME}" ${AUTH_OPTS}; else echo "RPM files unchanged"; fi - tags: - - cm-official-docker-executor - -publish_rpms_cdn: - stage: release_publish - only: - - /(^publish-(\d+\.){1,2}(\d)-(\d+)?$)/ - script: - # publish dist rpms to F5 CDN into $VERSION directory - # install jq - - apt-get update - - apt-get install -y jq - # copy push rpms to cdn - - VERSION=$(cat package.json | jq -r ".version") - - RELEASE=$(cat package.json | jq -r ".release") - - echo "Version:${VERSION}, Release:${RELEASE}" - - CDN_FOLDER="f5-bigip-runtime-init" - - AUTH_OPTS="--username ${CDN_SVC_ACCOUNT_USER} --password ${CDN_SVC_ACCOUNT_PWD} --non-interactive" - - svn co ${F5_CDN_SVN_ROOT}/cloudsolutions/${CDN_FOLDER} ${AUTH_OPTS} - - mkdir -p ${CDN_FOLDER}/v${VERSION} - - cp -r dist ${CDN_FOLDER}/v${VERSION} - - cd ${CDN_FOLDER} - - status=$(svn status) - - if echo "$status" | grep -F '?'; then svn add --force v${VERSION}; else echo "No new directory to add"; fi - - changed_files_count=$(svn diff --summarize | wc -l) - - if [[ $changed_files_count -ge 1 ]]; then svn add --force v${VERSION}/*; svn commit -m "F5 automation templates project automation - ${CI_COMMIT_REF_NAME}" ${AUTH_OPTS}; else echo "RPM files unchanged"; fi - tags: - - cm-official-docker-executor - -publish_to_github: - stage: release_publish - only: - - /(^publish-(\d+\.){1,2}(\d)-(\d+)?$)/ - script: - # install jq - - apt-get update - - apt-get install -y jq - # Execute Release script to push source to github repo - - ./scripts/publish_github.sh - -trigger_downstream_templates_tests_azure: - stage: release_trigger_template_tests - only: - - /(^publish-(\d+\.){1,2}(\d)-(\d+)?$)/ - variables: - RELEASE_RUNTIME_INIT_TESTS: "true" - VERSION: $CI_COMMIT_REF_NAME - trigger: - project: cloudsolutions/automation-templates/f5-azure-arm-templates-v2 - branch: main -trigger_downstream_templates_tests_aws: - stage: release_trigger_template_tests - only: - - /(^publish-(\d+\.){1,2}(\d)-(\d+)?$)/ - variables: - RELEASE_RUNTIME_INIT_TESTS: "true" - VERSION: $CI_COMMIT_REF_NAME - trigger: - project: cloudsolutions/automation-templates/f5-aws-cloudformation-v2 - branch: main diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index e19df4fe..00000000 --- a/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -ARG artifactory_server -FROM ${artifactory_server}/ecosystems-cloudsolutions-docker-dev/deployment-tool:latest - -# APK update -RUN apk add --update - -RUN apk add git - -# Delete their deployment files -RUN rm -r plans/ - -# Copy our deployment files -COPY plans/ plans/ diff --git a/Makefile b/Makefile deleted file mode 100644 index d57b72a8..00000000 --- a/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -# BIGIP Runtime Init Makefile - -CUR_DIR := $(cwd) -PROJECT_DIR := . -LINK_CHECK_DIR := ./scripts/link_checker - -.PHONY: help -help: - @echo "Check MakeFile" - -link_check: - echo "Running link checker against all markdown files"; - cd ${LINK_CHECK_DIR} && npm install && cd ${CUR_DIR}; - ${LINK_CHECK_DIR}/link_checker.sh ${PROJECT_DIR} "tests scripts node_modules" diff --git a/RELEASE.md b/RELEASE.md deleted file mode 100644 index 3fc94563..00000000 --- a/RELEASE.md +++ /dev/null @@ -1,70 +0,0 @@ -# Release Process - -### Overview - -This document provides overview and instructions on release process used for BIG-IP Runtime Init project. - -The release is fully automated process. However, it requires a few manual steps to trigger automation pipeline; all steps are outlined below in details. - - -### Step #1. Pre-release - -Before triggering release pipeline, the following needs to be done as a part of pre-release activities - - 1. Update `version` and `release` values under package.json - 2. Edits to the README.md file should be made to scripts/README_template.md. This file is tagged with mustache handlebars used to update README.md with the correctly versioned links based on package.json when scripts/README_render.js is executed; SCHEMA.md will also be generated based on the contents of base_schema.json. Run this command manually after updating the version in package.json: **node scripts/README_render.js** - 3. Create Merge Request (aka MR) to merge all changes from `develop` to `main` branch - 4. After merging changes to `main` branch, use pre-configured schedules to trigger functional tests against `main` branch: - * There a few environment variables which are used for triggering functional tests for different clouds as well as BIG-IP versions: - - BIGIP_VERSION - specifies BIG-IP version used in testing; possible values (14, 15 or all) - - TEST_SUITE - specifies Public Cloud against which functional testing will be done; possilbe values ( aws, azure, azure_gov, gcp, or all). - - *Example:* Specifying `TEST_SUITE: all and BIGIP_VERSION: all` will trigger 6 tests pipelines to test each supported BIG-IP version (v14 and v15) against each supported Public Cloud (aws, gcp, and azure) - -When functional tests against `main` branch is completed, the pre-release part is done. Continue to actual release - - -### Step #2. Release - -The release is triggered by creating a tag with Release Notes on main branch; however, the tag must be in a particular form to trigger the release CI/CD pipeline. - -Please use the following steps to trigger release pipeline: - - 1. Using Gitlab UI create tag with Release Notes on main branch; the release tag must be in form: - * `publish--` - - - corresponds to version number specified under package.json - - - corresponds to release number specified under package.json - - example: `publish-0.10.0-1` - 2. Navigate to CI/CD Pipelines view to monitor Release Pipeline execution - - -#### Release workflow - -Creation of `publish--` tag triggers CI/CD pipeline which includes the following steps - - 1. Run checks: - - Unit tests - - Lint - - Content check - - Audit check - 2. Build package - self-executable with RPM files - 3. Publish - - Publish package to f5 cdn (NOTE: `` and `` values are used for constructing CDN path; i.e. `https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v/dist/f5-bigip-runtime-init--.gz.run`) - - Publish source code to github; only the following will be published: - * src/ directory - * examples/ directory - * diagrams/ directory - * README.md - * SCHEMA.md - * package.json - * package-lock.json - * .gitigonre - * tsconfig.json - - NOTE: the list of allowed items can be found under `scripts/publish_github.sh` - 4. Trigger downstream CI/CD pipeline on `f5-cloud-factory/master` to start post-release testing; it includes: - - Updating bigip.json module template with new version of runtime init - - Triggering templates functional tests for BIG-IP module and Autoscale solution - - -### Additional details - -Deploy keys, for gitlab and github repos, are used for committing changes to git; deploy keys are stored under CI/CD settings. diff --git a/aws.update b/aws.update deleted file mode 100644 index e69de29b..00000000 diff --git a/azure.update b/azure.update deleted file mode 100644 index e69de29b..00000000 diff --git a/base.update b/base.update deleted file mode 100644 index e69de29b..00000000 diff --git a/f5-bigip-runtime-init.spec b/f5-bigip-runtime-init.spec deleted file mode 100644 index ce3a755d..00000000 --- a/f5-bigip-runtime-init.spec +++ /dev/null @@ -1,41 +0,0 @@ -Summary: F5 BIGIP Runtime Init -Version: %{_version} -Name: %{_name} -Release: %{_release} -BuildArch: noarch -Group: Development/Tools -License: Commercial -Packager: F5 Networks - - -%description -F5 BIGIP Runtime Init installs extensions and configures BIGIP system. This package is for %{cloud} cloud - -%define _binaries_in_noarch_packages_terminate_build 0 -%define APP_INSTALL_DIR /%{name} - - -%prep -cp -r %{main}/dist/working/%{cloud}/src/ %{_builddir}/src/ -cp -r %{main}/dist/working/%{cloud}/package.json %{_builddir} -cp -r %{main}/dist/working/%{cloud}/node_modules %{_builddir} -echo -n %{version}-%{release} > %{_builddir}/src/version - - -%install -rm -rf $RPM_BUILD_ROOT -mkdir -p $RPM_BUILD_ROOT%{APP_INSTALL_DIR} -cp -r %{_builddir}/* $RPM_BUILD_ROOT%{APP_INSTALL_DIR} - -%post -# Starting post process -echo "post stage..." - - -%clean -rm -rf $RPM_BUILD_ROOT - - -%files -%defattr(-,root,root) -%{APP_INSTALL_DIR} diff --git a/gcp.update b/gcp.update deleted file mode 100644 index e69de29b..00000000 diff --git a/modules/utils/main.tf b/modules/utils/main.tf deleted file mode 100644 index 6f8250c5..00000000 --- a/modules/utils/main.tf +++ /dev/null @@ -1,21 +0,0 @@ -resource "random_string" "env_prefix" { - length = 8 - upper = false - special = false -} - -resource "random_string" "admin_password" { - length = 16 - min_upper = 1 - min_lower = 1 - min_numeric = 1 - special = false -} - -output "env_prefix" { - value = "${random_string.env_prefix.result}" -} - -output "admin_password" { - value = "${random_string.admin_password.result}" -} \ No newline at end of file diff --git a/modules/utils/versions.tf b/modules/utils/versions.tf deleted file mode 100644 index ac97c6ac..00000000 --- a/modules/utils/versions.tf +++ /dev/null @@ -1,4 +0,0 @@ - -terraform { - required_version = ">= 0.12" -} diff --git a/plans/aws/aws_do_template.json b/plans/aws/aws_do_template.json deleted file mode 100644 index 77e990a4..00000000 --- a/plans/aws/aws_do_template.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "schemaVersion": "1.0.0", - "class": "Device", - "async": true, - "label": "my BIG-IP declaration for declarative onboarding", - "Common": { - "class": "Tenant", - "mySystem": { - "class": "System", - "hostname": "{{ HOST_NAME }}", - "cliInactivityTimeout": 1200, - "consoleInactivityTimeout": 1200, - "autoPhonehome": false - }, - "myDns": { - "class": "DNS", - "nameServers": [ - "8.8.8.8" - ] - }, - "myNtp": { - "class": "NTP", - "servers": [ - "0.pool.ntp.org" - ], - "timezone": "UTC" - }, - "admin": { - "class": "User", - "userType": "regular", - "password": "{{ ADMIN_PASS }}", - "shell": "bash" - }, - "myProvisioning": { - "class": "Provision", - "ltm": "nominal", - "asm": "nominal" - }, - "external": { - "class": "VLAN", - "tag": 4094, - "mtu": 1500, - "interfaces": [ - { - "name": "1.1", - "tagged": true - } - ] - }, - "external-self": { - "class": "SelfIp", - "address": "{{{ SELF_IP_EXTERNAL }}}", - "vlan": "external", - "allowService": "default", - "trafficGroup": "traffic-group-local-only" - }, - "dbvars": { - "class": "DbVariables", - "provision.extramb": 500, - "restjavad.useextramb": true - } - } -} \ No newline at end of file diff --git a/plans/aws/aws_do_template_w_vault.json b/plans/aws/aws_do_template_w_vault.json deleted file mode 100644 index baef3bba..00000000 --- a/plans/aws/aws_do_template_w_vault.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "schemaVersion": "1.0.0", - "class": "Device", - "async": true, - "label": "my BIG-IP declaration for declarative onboarding", - "Common": { - "class": "Tenant", - "mySystem": { - "class": "System", - "hostname": "{{ HOST_NAME }}", - "cliInactivityTimeout": 1200, - "consoleInactivityTimeout": 1200, - "autoPhonehome": false - }, - "myDns": { - "class": "DNS", - "nameServers": [ - "8.8.8.8" - ] - }, - "myNtp": { - "class": "NTP", - "servers": [ - "0.pool.ntp.org" - ], - "timezone": "UTC" - }, - "admin": { - "class": "User", - "userType": "regular", - "password": "{{ ADMIN_PASS }}", - "shell": "bash" - }, - "vaultadmin": { - "class": "User", - "userType": "regular", - "password": "{{ ROOT_PASS }}", - "shell": "bash", - "partitionAccess": { - "all-partitions": { - "role": "admin" - } - } - }, - "vaultadmin2": { - "class": "User", - "userType": "regular", - "password": "{{ SECOND_PASS.bigiq_admin_password }}", - "shell": "bash", - "partitionAccess": { - "all-partitions": { - "role": "admin" - } - } - }, - "myProvisioning": { - "class": "Provision", - "ltm": "nominal", - "asm": "nominal" - }, - "external": { - "class": "VLAN", - "tag": 4094, - "mtu": 1500, - "interfaces": [ - { - "name": "1.1", - "tagged": true - } - ] - }, - "external-self": { - "class": "SelfIp", - "address": "{{{ SELF_IP_EXTERNAL }}}", - "vlan": "external", - "allowService": "default", - "trafficGroup": "traffic-group-local-only" - }, - "dbvars": { - "class": "DbVariables", - "provision.extramb": 500, - "restjavad.useextramb": true - } - } -} \ No newline at end of file diff --git a/plans/aws/main.tf b/plans/aws/main.tf deleted file mode 100644 index 9b90c449..00000000 --- a/plans/aws/main.tf +++ /dev/null @@ -1,327 +0,0 @@ -module "utils" { - source = "../../modules/utils" -} - -provider "aws" { - region = "${var.AWS_DEFAULT_REGION}" -} - -variable "global_tags" { - type = "map" - default = { - creator = "Terraform - SDK Extension" - delete = "True" - } -} - -# Create 'supporting' network infrastructure for the BIG-IP VMs -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - enable_dns_support = true - enable_dns_hostnames = true - tags = merge(var.global_tags, {Name="aws-vpc-${module.utils.env_prefix}"}) -} - -resource "aws_internet_gateway" "gateway" { - vpc_id = "${aws_vpc.main.id}" - tags = merge(var.global_tags, {Name="aws-internet-gateway-${module.utils.env_prefix}"}) -} -resource "aws_route_table" "mgmt" { - vpc_id = "${aws_vpc.main.id}" - route { - cidr_block = "0.0.0.0/0" - gateway_id = "${aws_internet_gateway.gateway.id}" - } - tags = merge(var.global_tags, {Name="aws-route-table-mgmt-${module.utils.env_prefix}"}) -} - -resource "aws_route_table" "external" { - vpc_id = "${aws_vpc.main.id}" - route { - cidr_block = "0.0.0.0/0" - gateway_id = "${aws_internet_gateway.gateway.id}" - } - tags = merge(var.global_tags, {Name="aws-route-table-external-${module.utils.env_prefix}"}) -} - -resource "aws_subnet" "mgmtAz1" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${var.AWS_DEFAULT_REGION}a" - cidr_block = "10.0.0.0/24" - tags = merge(var.global_tags, {Name="aws-subnet-mgmtAz1-${module.utils.env_prefix}"}) -} - -resource "aws_route_table_association" "mgmtAz1" { - subnet_id = "${aws_subnet.mgmtAz1.id}" - route_table_id = "${aws_route_table.mgmt.id}" -} - -resource "aws_subnet" "externalAz1" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${var.AWS_DEFAULT_REGION}a" - cidr_block = "10.0.1.0/24" - tags = merge(var.global_tags, {Name="aws-subnet-externalAz1-${module.utils.env_prefix}"}) -} - -resource "aws_route_table_association" "externalAz1" { - subnet_id = "${aws_subnet.externalAz1.id}" - route_table_id = "${aws_route_table.external.id}" -} - -# Creates a BIG-IP for testing -resource "aws_security_group" "external" { - description = "External interface rules" - vpc_id = "${aws_vpc.main.id}" - ingress { - from_port = 80 - to_port = 80 - protocol = 6 - cidr_blocks = ["0.0.0.0/0"] - } - ingress { - from_port = 443 - to_port = 443 - protocol = 6 - cidr_blocks = ["0.0.0.0/0"] - } - ingress { - from_port = 4353 - to_port = 4353 - protocol = 6 - self = true - } - ingress { - from_port = 1026 - to_port = 1026 - protocol = 17 - self = true - } - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } - tags = merge(var.global_tags, {Name="aws-security-group-external-${module.utils.env_prefix}"}) -} - -resource "aws_security_group" "mgmt" { - description = "External interface rules" - vpc_id = "${aws_vpc.main.id}" - ingress { - from_port = 22 - to_port = 22 - protocol = 6 - cidr_blocks = ["0.0.0.0/0"] - } - ingress { - from_port = 443 - to_port = 443 - protocol = 6 - cidr_blocks = ["0.0.0.0/0"] - } - ingress { - from_port = 443 - to_port = 443 - protocol = 6 - security_groups = ["${aws_security_group.external.id}"] - } - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } - tags = merge(var.global_tags, {Name="aws-security-group-mgmt-${module.utils.env_prefix}"}) -} - -resource "aws_s3_bucket" "configdb" { - bucket = "aws-s3-bucket-${module.utils.env_prefix}" - force_destroy = true - tags = merge(var.global_tags, {Name="aws-s3-bucket-${module.utils.env_prefix}"}) -} - -resource "aws_secretsmanager_secret" "adminsecret" { - name = "aws-secretsmanager-${module.utils.env_prefix}" -} - -resource "aws_secretsmanager_secret_version" "testAwsAdminSecret" { - secret_id = "${aws_secretsmanager_secret.adminsecret.id}" - secret_string = "StrongPassword2010!" -} - -resource "aws_iam_role" "main" { - assume_role_policy = < /config/cloud/onboard_config.yaml ---- -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit-test.log - logToJson: true - extensionInstallDelayInMs: 6000 -runtime_parameters: - - name: REGION - type: url - value: http://169.254.169.254/latest/dynamic/instance-identity/document - query: region - headers: - - name: Content-Type - value: json - - name: User-Agent - value: func-test - - name: X-aws-ec2-metadata-token - value: "{{{AWS_SESSION_TOKEN}}}" - - name: AWS_SESSION_TOKEN - type: url - value: http://169.254.169.254/latest/api/token - headers: - - name: Content-Type - value: json - - name: User-Agent - value: func-test - - name: method - value: PUT - - name: X-aws-ec2-metadata-token-ttl-seconds - value: 21600 - - name: ADMIN_PASS - type: secret - secretProvider: - environment: aws - type: SecretsManager - secretId: ${secret_id} - version: AWSCURRENT - field: password - - name: ROOT_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: vault_server_public_http - secretsEngine: kv2 - secretPath: kv/data/credential - field: password - version: "1" - authBackend: - type: approle - roleId: - type: inline - value: vault_app_role - secretId: - type: inline - value: vault_secret_id - unwrap: false - - name: SECOND_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: vault_server_public_http - secretsEngine: kv2 - secretPath: kv/data/credential - field: data - version: "1" - authBackend: - type: approle - roleId: - type: inline - value: vault_app_role - secretId: - type: inline - value: vault_wrapped_secret_id - unwrap: true - - name: HOST_NAME - type: metadata - metadataProvider: - environment: aws - type: uri - value: /latest/meta-data/hostname - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 1 - - name: GATEWAY - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 1 - ipcalc: first - - name: ADDRESS_SIZE - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 1 - ipcalc: size - - name: DEFAULT_ROUTE - type: metadata - metadataProvider: - environment: aws - type: network - field: subnet-ipv4-cidr-block - index: 1 - - name: MGMT_ROUTE - type: metadata - metadataProvider: - environment: aws - type: network - field: subnet-ipv4-cidr-block - index: 0 - - name: REGION02 - type: url - value: http://169.254.169.254/latest/dynamic/instance-identity/document - query: region - headers: - - name: Content-Type - value: json - - name: User-Agent - value: func-test - - name: X-aws-ec2-metadata-token - value: "{{{AWS_SESSION_TOKEN}}}" - - name: ACCOUNT_ID - type: metadata - metadataProvider: - environment: aws - type: uri - value: /latest/dynamic/instance-identity/document - query: accountId - - name: NAME_TAG - type: tag - tagProvider: - environment: aws - key: Name - - name: TEST_TYPE_FILE - type: url - value: file:///tmp/pre_onboard_test_param.txt -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true - - name: create_local_parameter - type: inline - commands: - - touch /tmp/pre_onboard_test_param.txt - - chmod 777 /tmp/pre_onboard_test_param.txt - - echo "test-value" > /tmp/pre_onboard_test_param.txt -bigip_ready_enabled: - - name: provision_asm - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: example_inline_command - type: inline - commands: - - touch /tmp/pre_onboard_script.sh - - chmod 777 /tmp/pre_onboard_script.sh - - echo "touch /tmp/created_by_autogenerated_pre_local" > /tmp/pre_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/pre_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://cdn.f5.com/product/cloudsolutions/templates/f5-aws-cloudformation/examples/scripts/remote_pre_onboard.sh - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -post_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/post_onboard_script.sh - - chmod 777 /tmp/post_onboard_script.sh - - echo "touch /tmp/created_by_autogenerated_post_local" > /tmp/post_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/post_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://cdn.f5.com/product/cloudsolutions/templates/f5-aws-cloudformation/examples/scripts/remote_post_onboard.sh -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.23.0 - - extensionType: as3 - extensionUrl: https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.30.0/f5-appsvcs-3.30.0-5.noarch.rpm - extensionHash: 47cc7bb6962caf356716e7596448336302d1d977715b6147a74a142dc43b391b - - extensionType: fast - extensionVersion: 1.11.0 - - extensionType: ilx - extensionUrl: file:///var/config/rest/downloads/hello-world-0.1.0-0001.noarch.rpm - extensionVerificationEndpoint: /mgmt/shared/echo - extensionVersion: 0.1.0 -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: my BIG-IP declaration for declarative onboarding - Common: - class: Tenant - mySystem: - class: System - hostname: '{{ HOST_NAME }}' - cliInactivityTimeout: 1200 - consoleInactivityTimeout: 1200 - autoPhonehome: true - myDns: - class: DNS - nameServers: - - 8.8.8.8 - myNtp: - class: NTP - servers: - - 0.pool.ntp.org - timezone: UTC - admin: - class: User - userType: regular - password: '{{ ADMIN_PASS }}' - shell: bash - vaultadmin: - class: User - userType: regular - password: '{{ ROOT_PASS }}' - shell: bash - partitionAccess: - all-partitions: - role: admin - vaultadmin2: - class: User - userType: regular - password: '{{ SECOND_PASS.bigiq_admin_password }}' - shell: bash - partitionAccess: - all-partitions: - role: admin - myProvisioning: - class: Provision - ltm: nominal - asm: nominal - external: - class: VLAN - tag: 4094 - mtu: 1500 - interfaces: - - name: '1.1' - tagged: true - external-self: - class: SelfIp - address: '{{{ SELF_IP_EXTERNAL }}}' - vlan: external - allowService: default - trafficGroup: traffic-group-local-only - dbvars: - class: DbVariables - provision.extramb: 500 - restjavad.useextramb: true - - extensionType: as3 - type: url - value: https://f5-cft.s3.amazonaws.com/autoscale_as3_aws.json diff --git a/plans/aws/variables.tf b/plans/aws/variables.tf deleted file mode 100644 index 902a7234..00000000 --- a/plans/aws/variables.tf +++ /dev/null @@ -1,21 +0,0 @@ - - -variable "AWS_DEFAULT_REGION" { - description = "The AWS Region in which the resources in this example should exist" - default = "" -} - -variable "AWS_BIGIP_AMI_ID" { - description = "The API ID used to specify which BIGIP image to use" - default = "" -} - -variable "instance_size" { - description = "The instance size for the virtual machine" - default = "Standard_DS3_v2" -} - -variable "admin_username" { - description = "The admin username for the virtual machine" - default = "awsuser" -} diff --git a/plans/aws/versions.tf b/plans/aws/versions.tf deleted file mode 100644 index ac97c6ac..00000000 --- a/plans/aws/versions.tf +++ /dev/null @@ -1,4 +0,0 @@ - -terraform { - required_version = ">= 0.12" -} diff --git a/plans/azure/azure_do_template_w_vault.json b/plans/azure/azure_do_template_w_vault.json deleted file mode 100644 index a341c668..00000000 --- a/plans/azure/azure_do_template_w_vault.json +++ /dev/null @@ -1,97 +0,0 @@ -{ - "schemaVersion": "1.0.0", - "class": "Device", - "async": true, - "label": "my BIG-IP declaration for declarative onboarding", - "Common": { - "class": "Tenant", - "hostname": "{{ HOST_NAME }}.local", - "internal": { - "class": "VLAN", - "tag": 4093, - "mtu": 1500, - "interfaces": [ - { - "name": "1.2", - "tagged": true - } - ] - }, - "internal-self": { - "class": "SelfIp", - "address": "{{{ SELF_IP_INTERNAL }}}", - "vlan": "internal", - "allowService": "default", - "trafficGroup": "traffic-group-local-only" - }, - "external": { - "class": "VLAN", - "tag": 4094, - "mtu": 1500, - "interfaces": [ - { - "name": "1.1", - "tagged": true - } - ] - }, - "external-self": { - "class": "SelfIp", - "address": "{{{ SELF_IP_EXTERNAL }}}", - "vlan": "external", - "allowService": "default", - "trafficGroup": "traffic-group-local-only" - }, - "myDns": { - "class": "DNS", - "nameServers": [ - "8.8.8.8" - ] - }, - "myNtp": { - "class": "NTP", - "servers": [ - "0.pool.ntp.org" - ], - "timezone": "UTC" - }, - "myProvisioning": { - "class": "Provision", - "ltm": "nominal", - "asm": "nominal" - }, - "admin": { - "class": "User", - "userType": "regular", - "password": "{{ ADMIN_PASS }}", - "shell": "bash" - }, - "vaultadmin": { - "class": "User", - "userType": "regular", - "password": "{{ ROOT_PASS }}", - "shell": "bash", - "partitionAccess": { - "all-partitions": { - "role": "admin" - } - } - }, - "vaultadmin2": { - "class": "User", - "userType": "regular", - "password": "{{ SECOND_PASS.bigiq_admin_password }}", - "shell": "bash", - "partitionAccess": { - "all-partitions": { - "role": "admin" - } - } - }, - "dbvars": { - "class": "DbVariables", - "provision.extramb": 500, - "restjavad.useextramb": true - } - } -} \ No newline at end of file diff --git a/plans/azure/main.tf b/plans/azure/main.tf deleted file mode 100644 index a3d111fc..00000000 --- a/plans/azure/main.tf +++ /dev/null @@ -1,299 +0,0 @@ -module "utils" { - source = "../../modules/utils" -} - -provider "azurerm" { - version = "=2.5.0" - features { - } - environment = var.AZURE_ENVIROMENT -} - -data "azurerm_subscription" "primary" { -} - -resource "azurerm_resource_group" "deployment" { - name = module.utils.env_prefix - location = var.location - tags = { - creator = "Terraform" - delete = "True" - } -} - - -data "template_file" "init_declaration" { - template = "${file("${path.module}/user_data.tpl")}" - vars = { - deployment_id = "${module.utils.env_prefix}" - domain = "${var.DOMAIN}" - } -} - -resource "azurerm_virtual_network" "deployment" { - name = "${module.utils.env_prefix}-network" - address_space = ["10.0.0.0/16"] - location = azurerm_resource_group.deployment.location - resource_group_name = azurerm_resource_group.deployment.name -} - -resource "azurerm_subnet" "mgmt" { - name = "mgmt" - resource_group_name = azurerm_resource_group.deployment.name - virtual_network_name = azurerm_virtual_network.deployment.name - address_prefix = "10.0.0.0/24" -} - -resource "azurerm_subnet" "external" { - name = "external" - resource_group_name = azurerm_resource_group.deployment.name - virtual_network_name = azurerm_virtual_network.deployment.name - address_prefix = "10.0.2.0/24" -} - -resource "azurerm_subnet" "internal" { - name = "internal" - resource_group_name = azurerm_resource_group.deployment.name - virtual_network_name = azurerm_virtual_network.deployment.name - address_prefix = "10.0.1.0/24" -} - -resource "azurerm_public_ip" "pip" { - name = "${module.utils.env_prefix}-mgmt-pip" - location = azurerm_resource_group.deployment.location - resource_group_name = azurerm_resource_group.deployment.name - allocation_method = "Static" -} - -resource "azurerm_network_security_group" "deployment" { - name = "${module.utils.env_prefix}-sg" - location = azurerm_resource_group.deployment.location - resource_group_name = azurerm_resource_group.deployment.name - security_rule { - name = "allow_all" - priority = 110 - direction = "Inbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} - -resource "azurerm_network_interface" "mgmt" { - name = "${module.utils.env_prefix}-mgmt" - location = azurerm_resource_group.deployment.location - resource_group_name = azurerm_resource_group.deployment.name - - ip_configuration { - name = "${module.utils.env_prefix}-mgmt" - subnet_id = azurerm_subnet.mgmt.id - private_ip_address_allocation = "Static" - private_ip_address = "10.0.0.4" - public_ip_address_id = azurerm_public_ip.pip.id - } -} - -resource "azurerm_network_interface" "external" { - name = "${module.utils.env_prefix}-ext" - location = azurerm_resource_group.deployment.location - resource_group_name = azurerm_resource_group.deployment.name - - ip_configuration { - name = "${module.utils.env_prefix}-ext" - subnet_id = azurerm_subnet.external.id - private_ip_address_allocation = "Static" - private_ip_address = "10.0.2.4" - } - - tags = { - f5_cloud_failover_label = "f5-bigip-runtime-init" - f5_cloud_failover_nic_map = "external" - } -} - -resource "azurerm_network_interface_security_group_association" "mgmt" { - network_interface_id = azurerm_network_interface.mgmt.id - network_security_group_id = azurerm_network_security_group.deployment.id -} - -resource "azurerm_network_interface_security_group_association" "external" { - network_interface_id = azurerm_network_interface.external.id - network_security_group_id = azurerm_network_security_group.deployment.id -} - -resource "azurerm_network_interface" "internal" { - name = "${module.utils.env_prefix}-int" - location = azurerm_resource_group.deployment.location - resource_group_name = azurerm_resource_group.deployment.name - - ip_configuration { - name = "${module.utils.env_prefix}-int" - subnet_id = azurerm_subnet.internal.id - private_ip_address_allocation = "Static" - private_ip_address = "10.0.1.4" - } -} - -resource "azurerm_user_assigned_identity" "user_identity" { - name = "${module.utils.env_prefix}-ident" - resource_group_name = azurerm_resource_group.deployment.name - location = azurerm_resource_group.deployment.location -} - -resource "azurerm_key_vault" "keyvault" { - name = "testvault-${module.utils.env_prefix}" - location = azurerm_resource_group.deployment.location - resource_group_name = azurerm_resource_group.deployment.name - enabled_for_disk_encryption = true - tenant_id = "${var.AZURE_TENANT_ID}" - soft_delete_enabled = true - purge_protection_enabled = false - - sku_name = "standard" - - access_policy { - tenant_id = "${var.AZURE_TENANT_ID}" - object_id = azurerm_user_assigned_identity.user_identity.principal_id - - - key_permissions = [ - "get" - ] - - secret_permissions = ["get","list","set","delete","recover","backup","restore","purge"] - - storage_permissions = [ - "get" - ] - } - - access_policy { - tenant_id = "${var.AZURE_TENANT_ID}" - object_id = "${var.AZURE_OBJECT_ID}" - - - key_permissions = [ - "get" - ] - - secret_permissions = ["get","list","set","delete","recover","backup","restore","purge"] - - storage_permissions = [ - "get" - ] - } - - network_acls { - default_action = "Allow" - bypass = "AzureServices" - } - - tags = { - environment = "f5-bigip-runtime-init-func-test" - } -} - -resource "azurerm_key_vault_secret" "adminsecret" { - name = "test-azure-admin-secret" - value = "StrongAdminPass212+" - key_vault_id = azurerm_key_vault.keyvault.id -} - -resource "azurerm_key_vault_secret" "rootsecret" { - name = "test-azure-root-secret" - value = "StrongRootPass212+" - key_vault_id = azurerm_key_vault.keyvault.id -} - - -resource "azurerm_virtual_machine" "vm" { - name = "${module.utils.env_prefix}-vm0" - location = azurerm_resource_group.deployment.location - resource_group_name = azurerm_resource_group.deployment.name - network_interface_ids = [azurerm_network_interface.mgmt.id, azurerm_network_interface.internal.id, azurerm_network_interface.external.id] - primary_network_interface_id = azurerm_network_interface.mgmt.id - vm_size = var.instance_size - delete_os_disk_on_termination = true - delete_data_disks_on_termination = true - - storage_image_reference { - publisher = var.publisher - offer = "${var.AZURE_OFFER}" - sku = "${var.AZURE_SKU}" - version = "${var.AZURE_BIGIP_VERSION}" - } - - plan { - publisher = var.publisher - product = "${var.AZURE_OFFER}" - name = "${var.AZURE_SKU}" - } - - storage_os_disk { - name = "osdisk0" - caching = "ReadWrite" - create_option = "FromImage" - managed_disk_type = "Standard_LRS" - } - - os_profile { - computer_name = "f5vm" - admin_username = var.admin_username - admin_password = module.utils.admin_password - - custom_data = "${data.template_file.init_declaration.rendered}" - } - - os_profile_linux_config { - disable_password_authentication = false - } - - identity { - type = "UserAssigned" - identity_ids = [azurerm_user_assigned_identity.user_identity.id] - } - - tags = { - testKey = "testValue" - } - -} - -resource "azurerm_virtual_machine_extension" "run_startup_cmd" { - name = "${module.utils.env_prefix}-run-startup-cmd" - virtual_machine_id = azurerm_virtual_machine.vm.id - publisher = "Microsoft.Azure.Extensions" - type = "CustomScript" - type_handler_version = "2.0" - settings = < /config/onboard_config.yaml ---- -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit-test.log - logToJson: true - extensionInstallDelayInMs: 6000 -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: KeyVault - environment: azure - vaultUrl: https://testvault-${deployment_id}.vault.${domain}.net - secretId: test-azure-admin-secret - - name: ROOT_PASS - type: secret - verifyTls: false - secretProvider: - type: Vault - environment: hashicorp - vaultServer: vault_server_public_http - secretsEngine: kv2 - secretPath: kv/data/credential - field: password - version: "1" - authBackend: - type: approle - roleId: - type: inline - value: vault_app_role - secretId: - type: inline - value: vault_secret_id - unwrap: false - - name: SECOND_PASS - type: secret - verifyTls: false - secretProvider: - type: Vault - environment: hashicorp - vaultServer: vault_server_public_http - secretsEngine: kv2 - secretPath: kv/data/credential - field: data - version: "1" - authBackend: - type: approle - roleId: - type: inline - value: vault_app_role - secretId: - type: inline - value: vault_wrapped_secret_id - unwrap: true - - name: HOST_NAME - type: metadata - metadataProvider: - environment: azure - type: compute - field: name - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 1 - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 2 - - name: GATEWAY - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 2 - ipcalc: first - - name: TEST_TAG - type: tag - tagProvider: - environment: azure - key: testKey - - name: TEST_TYPE_FILE - type: url - value: file:///tmp/pre_onboard_test_param.txt -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true - - name: create_local_parameter - type: inline - commands: - - touch /tmp/pre_onboard_test_param.txt - - chmod 777 /tmp/pre_onboard_test_param.txt - - echo "test-value" > /tmp/pre_onboard_test_param.txt -bigip_ready_enabled: - - name: provision_asm - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: example_inline_command - type: inline - commands: - - touch /tmp/pre_onboard_script.sh - - chmod 777 /tmp/pre_onboard_script.sh - - echo "touch /tmp/created_by_autogenerated_pre_local" > /tmp/pre_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/pre_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_pre_onboard.sh - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -post_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/post_onboard_script.sh - - chmod 777 /tmp/post_onboard_script.sh - - echo "touch /tmp/created_by_autogenerated_post_local" > /tmp/post_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/post_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh - verifyTls: false - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.23.0 - - extensionType: as3 - extensionVersion: 3.30.0 - verifyTls: false - extensionUrl: https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.30.0/f5-appsvcs-3.30.0-5.noarch.rpm - extensionHash: 47cc7bb6962caf356716e7596448336302d1d977715b6147a74a142dc43b391b - - extensionType: fast - extensionVersion: 1.11.0 - - extensionType: ilx - extensionUrl: file:///var/config/rest/downloads/hello-world-0.1.0-0001.noarch.rpm - extensionVerificationEndpoint: /mgmt/shared/echo - extensionVersion: 0.1.0 -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: my BIG-IP declaration for declarative onboarding - Common: - class: Tenant - hostname: '{{ HOST_NAME }}.local' - internal: - class: VLAN - tag: 4093 - mtu: 1500 - interfaces: - - name: '1.2' - tagged: true - internal-self: - class: SelfIp - address: '{{{ SELF_IP_INTERNAL }}}' - vlan: internal - allowService: default - trafficGroup: traffic-group-local-only - external: - class: VLAN - tag: 4094 - mtu: 1500 - interfaces: - - name: '1.1' - tagged: true - external-self: - class: SelfIp - address: '{{{ SELF_IP_EXTERNAL }}}' - vlan: external - allowService: default - trafficGroup: traffic-group-local-only - myDns: - class: DNS - nameServers: - - 8.8.8.8 - myNtp: - class: NTP - servers: - - 0.pool.ntp.org - timezone: UTC - myProvisioning: - class: Provision - ltm: nominal - asm: nominal - admin: - class: User - userType: regular - password: '{{ ADMIN_PASS }}' - shell: bash - vaultadmin: - class: User - userType: regular - password: '{{ ROOT_PASS }}' - shell: bash - partitionAccess: - all-partitions: - role: admin - vaultadmin2: - class: User - userType: regular - password: '{{ SECOND_PASS.bigiq_admin_password }}' - shell: bash - partitionAccess: - all-partitions: - role: admin - dbvars: - class: DbVariables - provision.extramb: 500 - restjavad.useextramb: true - - extensionType: as3 - type: url - value: https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_as3.json -post_hook: - - name: example_webhook - type: webhook - url: https://postman-echo.com/post - properties: - optionalKey1: optional_value1 - optionalKey2: optional_value2 diff --git a/plans/azure/variables.tf b/plans/azure/variables.tf deleted file mode 100644 index 8a7b781e..00000000 --- a/plans/azure/variables.tf +++ /dev/null @@ -1,48 +0,0 @@ -variable "location" { - description = "The Azure Region in which the resources in this example should exist" - default = "westus" -} - -variable "publisher" { - default = "f5-networks" -} - -variable "AZURE_OFFER" { - default = "" -} - -variable "AZURE_SKU" { - default = "" -} - -variable "AZURE_BIGIP_VERSION" { - description = "The BIG-IP version for the virtual machine" - default = "" -} - -variable "instance_size" { - description = "The instance size for the virtual machine" - default = "Standard_DS3_v2" -} - -variable "admin_username" { - description = "The admin username for the virtual machine" - default = "azureuser" -} - -variable "AZURE_TENANT_ID" { - default = "" -} - -variable "AZURE_OBJECT_ID" { - default = "" -} - -variable "AZURE_ENVIROMENT" { - default = "public" -} - - -variable "DOMAIN" { - default = "azure" -} diff --git a/plans/azure/versions.tf b/plans/azure/versions.tf deleted file mode 100644 index 8007815a..00000000 --- a/plans/azure/versions.tf +++ /dev/null @@ -1,4 +0,0 @@ -terraform { - required_version = ">= 0.12" -} - diff --git a/plans/base/main.tf b/plans/base/main.tf deleted file mode 100644 index 1864ba41..00000000 --- a/plans/base/main.tf +++ /dev/null @@ -1,295 +0,0 @@ -module "utils" { - source = "../../modules/utils" -} - -variable "global_tags" { - type = "map" - default = { - creator = "terraform" - delete = true - } -} - -locals { - hostname_suffix = "c.${var.project_id}.internal" -} - -provider "google" { - project = "${var.project_id}" - region = "${var.region}" - zone = "${var.primary_zone}" -} - -data "google_compute_image" "f5-bigip-image" { - name = "${var.bigip_version}" - project = "${var.imageProjectId}" -} - -resource "google_compute_network" "ext_network" { - name = "ext-net-${module.utils.env_prefix}" - auto_create_subnetworks = false - description = "${var.reaper_tag}" -} - -resource "google_compute_subnetwork" "ext_subnetwork" { - name = "ext-subnet-${module.utils.env_prefix}" - region = "${var.region}" - ip_cidr_range = "${var.ext-subnet-cidr-range}" - network = "${google_compute_network.ext_network.self_link}" - description = "${var.reaper_tag}" -} - -resource "google_compute_network" "mgmt_network" { - name = "mgmt-net-${module.utils.env_prefix}" - auto_create_subnetworks = false - description = "${var.reaper_tag}" -} - -resource "google_compute_subnetwork" "mgmt_subnetwork" { - name = "mgmt-subnet-${module.utils.env_prefix}" - region = "${var.region}" - ip_cidr_range = "${var.mgmt-subnet-cidr-range}" - network = "${google_compute_network.mgmt_network.self_link}" - description = "${var.reaper_tag}" -} - -resource "google_compute_network" "int_network" { - name = "int-net-${module.utils.env_prefix}" - auto_create_subnetworks = false - description = "${var.reaper_tag}" -} - -resource "google_compute_subnetwork" "int_subnetwork" { - name = "int-subnet-${module.utils.env_prefix}" - region = "${var.region}" - ip_cidr_range = "${var.int-subnet-cidr-range}" - network = "${google_compute_network.int_network.self_link}" - description = "${var.reaper_tag}" -} - -resource "google_compute_target_instance" "vm" { - name = "tf-func-test-bigip-runtime-init-${module.utils.env_prefix}" - nat_policy = "NO_NAT" - instance = "${google_compute_instance.vm.self_link}" - zone = google_compute_instance.vm.zone - description = "${var.reaper_tag}" -} - -resource "google_compute_firewall" "internal" { - name = "tf-func-test-bigip-traffic-internal-firewall-${module.utils.env_prefix}" - network = "${google_compute_network.int_network.name}" - description = "${var.reaper_tag}" - - allow { - protocol = "icmp" - } - - allow { - protocol = "tcp" - ports = ["4353"] - } - - allow { - protocol = "udp" - ports = ["1026"] - } - -} - -resource "google_compute_firewall" "mgmt" { - name = "tf-func-test-bigip-traffic-mgmt-firewall-${module.utils.env_prefix}" - network = "${google_compute_network.mgmt_network.name}" - description = "${var.reaper_tag}" - - allow { - protocol = "icmp" - } - - allow { - protocol = "tcp" - ports = ["4353"] - } - - allow { - protocol = "tcp" - ports = ["443", "22"] - } - -} - -resource "google_compute_firewall" "ext" { - name = "tf-func-test-bigip-traffic-ext-firewall-${module.utils.env_prefix}" - network = "${google_compute_network.ext_network.name}" - description = "${var.reaper_tag}" - - allow { - protocol = "tcp" - ports = ["443", "22"] - } - - allow { - protocol = "icmp" - } - -} - -resource "google_storage_bucket" "file-store" { - name = "${module.utils.env_prefix}" - force_destroy = true - - labels = merge(var.global_tags, {f5_bigip_runtime_init = "${module.utils.env_prefix}"}) -} - -data "template_file" "vm_cloud_init_script" { - template = "${file("${path.module}/user_data.tpl")}" - - vars = { - admin_username = "${var.admin_username}" - admin_password = "${module.utils.admin_password}" - ext_subnet_cidr_range = "${var.ext-subnet-cidr-range}" - int_subnet_cidr_range = "${var.int-subnet-cidr-range}" - mgmt_subnet_cidr_range = "${var.mgmt-subnet-cidr-range}" - ext_subnet_gateway = "${var.ext-subnet-getway}" - int_subnet_gateway = "${var.int-subnet-getway}" - mgmt_subnet_gateway = "${var.mgmt-subnet-getway}" - ext_private_ip = "${var.vm-ext-private-ip}" - int_private_ip = "${var.vm-int-private-ip}" - mgmt_private_ip = "${var.vm-mgmt-private-ip}/24" - hostname_suffix = "${local.hostname_suffix}" - deployment_id = "${module.utils.env_prefix}" - } -} - -resource "google_service_account" "sa" { - account_id = "tf-func-test-sa-${module.utils.env_prefix}" - display_name = "tf-func-test-sa-${module.utils.env_prefix}" - description = "${var.reaper_tag}" -} - - -resource "google_project_iam_member" "gcp_role_member_assignment" { - project = var.project_id - role = "projects/${var.project_id}/roles/tfCustomRole.${module.utils.env_prefix}" - member = "serviceAccount:${google_service_account.sa.email}" -} - -resource "google_project_iam_custom_role" "gcp_custom_roles" { - role_id = "tfCustomRole.${module.utils.env_prefix}" - title = "tfCustomRole.${module.utils.env_prefix}" - description = "${var.reaper_tag}" - permissions = ["secretmanager.versions.access"] -} - - -resource "google_secret_manager_secret" "secret-01" { - secret_id = "secret-01-${module.utils.env_prefix}" - labels = { - delete = "true" - } - replication { - automatic = true - } -} - -resource "google_secret_manager_secret_version" "secret-version-01" { - secret = google_secret_manager_secret.secret-01.id - secret_data = "StrongPassword212+" -} - -resource "google_secret_manager_secret" "secret-02" { - secret_id = "secret-02-${module.utils.env_prefix}" - labels = { - delete = "true" - } - replication { - automatic = true - } -} - -resource "google_secret_manager_secret_version" "secret-version-02" { - secret = google_secret_manager_secret.secret-02.id - secret_data = "StrongPassword212*" -} - -resource "google_compute_instance" "vm" { - name = "tf-func-test-vm-${module.utils.env_prefix}" - machine_type = "${var.instance-type}" - zone = "${var.primary_zone}" - can_ip_forward = true - description = "${var.reaper_tag}" - - labels = { - f5_bigip_runtime_init = "${module.utils.env_prefix}" - another_tag = "with_a_value" - } - - boot_disk { - initialize_params { - image = "${data.google_compute_image.f5-bigip-image.self_link}" - } - } - - network_interface { - network = "${google_compute_network.ext_network.self_link}" - subnetwork = "${google_compute_subnetwork.ext_subnetwork.self_link}" - network_ip = "${var.vm-ext-private-ip}" - - access_config { - } - } - - network_interface { - network = "${google_compute_network.mgmt_network.self_link}" - subnetwork = "${google_compute_subnetwork.mgmt_subnetwork.self_link}" - network_ip = "${var.vm-mgmt-private-ip}" - - access_config { - } - - } - - network_interface { - network = "${google_compute_network.int_network.self_link}" - subnetwork = "${google_compute_subnetwork.int_subnetwork.self_link}" - network_ip = "${var.vm-int-private-ip}" - } - - metadata = { - foo = "bar" - } - - metadata_startup_script = "${data.template_file.vm_cloud_init_script.rendered}" - - service_account { - email = google_service_account.sa.email - scopes = ["cloud-platform"] - } - -} - -resource "null_resource" "delay_five_minutes" { - provisioner "local-exec" { - command = "sleep 300" - } - depends_on = [google_compute_instance.vm] -} - -output "deployment_info" { - value = { - instances: [ - { - hostname = google_compute_instance.vm.name, - admin_username = var.admin_username, - admin_password = module.utils.admin_password, - mgmt_address = google_compute_instance.vm.network_interface.1.access_config.0.nat_ip, - mgmt_port = 443, - zone: google_compute_instance.vm.zone - } - ], - deploymentId: module.utils.env_prefix, - environment: "gcp", - region: "${var.region}", - zone: "${var.primary_zone}", - networkTopology: "sameNetwork" - } -} diff --git a/plans/base/user_data.tpl b/plans/base/user_data.tpl deleted file mode 100644 index 0030b590..00000000 --- a/plans/base/user_data.tpl +++ /dev/null @@ -1,162 +0,0 @@ - - -# Embed Post-NIC-Swap -cat << 'EOF' > /config/post-nic-swap.sh - #!/bin/bash - # STAGE 2 - source /usr/lib/bigstart/bigip-ready-functions - wait_bigip_ready - /usr/bin/setdb restjavad.useextramb true - /usr/bin/setdb provision.extramb 500 - tmsh delete sys management-route default - tmsh delete sys management-ip all - tmsh create sys management-ip $(cat /config/mgmt_private_ip.txt) - tmsh create sys management-route default network default gateway $(cat /config/mgmt_subnet_gateway.txt) - tmsh modify sys global-settings remote-host add { metadata.google.internal { hostname metadata.google.internal addr 169.254.169.254 } } - tmsh save /sys config - - tmsh create net vlan external interfaces add { 1.0 } mtu 1460 - tmsh create net self $(cat /config/ext_private_ip.txt)/32 vlan external - tmsh create net route ext_gw_int network $(cat /config/ext_subnet_gateway.txt)/32 interface external - tmsh create net route ext_rt network $(cat /config/ext_subnet_cidr_range.txt) gw $(cat /config/ext_subnet_gateway.txt) - tmsh create net route default gw $(cat /config/ext_subnet_gateway.txt) - tmsh create net vlan internal interfaces add { 1.2 } mtu 1460 - tmsh create net self $(cat /config/int_private_ip.txt)/32 vlan internal allow-service add { tcp:4353 udp:1026 } - tmsh create net route int_gw_int network $(cat /config/int_subnet_gateway.txt)/32 interface internal - tmsh create net route int_rt network $(cat /config/int_subnet_cidr_range.txt) gw $(cat /config/int_subnet_gateway.txt) - tmsh modify cm device $(cat /config/hostname.txt) unicast-address { { effective-ip $(cat /config/int_private_ip.txt) effective-port 1026 ip $(cat /config/int_private_ip.txt) } } - tmsh modify sys global-settings hostname $(cat /config/hostname.txt) - tmsh modify sys db failover.selinuxallowscripts value enable - - tmsh save /sys config - - mkdir /config/cloud - cp /config/onboard_config.yaml /config/cloud/onboard_config.yaml -EOF - -cat << 'EOF' > /config/first-run.sh - #!/bin/bash - source /usr/lib/bigstart/bigip-ready-functions - # Wait for mcpd to get ready - wait_bigip_ready - - if [ ! -f /config/first_run_flag ]; then - touch /config/first_run_flag - sleep 15 - - adminUsername='${admin_username}' - adminPassword='${admin_password}' - tmsh create auth user $${adminUsername} password $${adminPassword} shell tmsh partition-access replace-all-with { all-partitions { role admin } } - tmsh save /sys config - - echo "$(curl -s -f --retry 5 'http://metadata.google.internal/computeMetadata/v1/instance/name' -H 'Metadata-Flavor: Google').${hostname_suffix}" > /config/hostname.txt - echo ${ext_private_ip} > /config/ext_private_ip.txt - echo ${int_private_ip} > /config/int_private_ip.txt - echo ${mgmt_private_ip} > /config/mgmt_private_ip.txt - - echo ${int_subnet_gateway} > /config/int_subnet_gateway.txt - echo ${ext_subnet_gateway} > /config/ext_subnet_gateway.txt - echo ${mgmt_subnet_gateway} > /config/mgmt_subnet_gateway.txt - - echo ${int_subnet_cidr_range} > /config/int_subnet_cidr_range.txt - echo ${ext_subnet_cidr_range} > /config/ext_subnet_cidr_range.txt - echo ${mgmt_subnet_cidr_range} > /config/mgmt_subnet_cidr_range.txt - - chmod +w /config/startup - chmod +x /config/post-nic-swap.sh - echo "/config/post-nic-swap.sh" >> /config/startup - - /usr/bin/setdb provision.managementeth eth1 - tmsh save /sys config - reboot - fi -EOF - -chmod 755 /config/first-run.sh -nohup /config/first-run.sh & - -/bin/curl -L -o /tmp/hello-world-0.1.0-0001.noarch.rpm https://github.com/f5devcentral/f5-ilx-example/releases/download/v1.0.0/hello-world-0.1.0-0001.noarch.rpm -mkdir -p /var/config/rest/downloads -cp /tmp/hello-world-0.1.0-0001.noarch.rpm /var/config/rest/downloads/hello-world-0.1.0-0001.noarch.rpm - -cat << 'EOF' > /config/onboard_config.yaml ---- -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit-test.log - logToJson: true -bigip_ready_enabled: - - name: provision_asm - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true - - name: example_inline_command - type: inline - commands: - - touch /tmp/pre_onboard_script.sh - - chmod 777 /tmp/pre_onboard_script.sh - - echo "touch /tmp/created_by_autogenerated_pre_local" > /tmp/pre_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/pre_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_pre_onboard.sh - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -post_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/post_onboard_script.sh - - chmod 777 /tmp/post_onboard_script.sh - - echo "touch /tmp/created_by_autogenerated_post_local" > /tmp/post_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/post_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh - verifyTls: false - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.23.0 - - extensionType: as3 - extensionVersion: 3.30.0 - verifyTls: false - extensionUrl: https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.30.0/f5-appsvcs-3.30.0-5.noarch.rpm - extensionHash: 47cc7bb6962caf356716e7596448336302d1d977715b6147a74a142dc43b391b - - extensionType: fast - extensionVersion: 1.11.0 - - extensionType: ilx - extensionUrl: file:///var/config/rest/downloads/hello-world-0.1.0-0001.noarch.rpm - extensionVerificationEndpoint: /mgmt/shared/echo - extensionVersion: 0.1.0 -extension_services: - service_operations: - - extensionType: as3 - type: url - value: https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_as3.json -post_hook: - - name: example_webhook - type: webhook - url: https://postman-echo.com/post - properties: - optionalKey1: optional_value1 - optionalKey2: optional_value2 diff --git a/plans/base/variables.tf b/plans/base/variables.tf deleted file mode 100644 index 530db86c..00000000 --- a/plans/base/variables.tf +++ /dev/null @@ -1,97 +0,0 @@ -# Note: project_id is set via environment variable -# export TF_VAR_project_id='my_project_id' - -variable "region" { - description = "The GCP Region in which the resources in this example should exist" - default = "us-west1" -} - -variable "primary_zone" { - description = "The primary GCP Zone in which resources should exist" - default = "us-west1-a" -} - -variable "secondary_zone" { - description = "The secondary GCP Zone where resources should exist" - default = "us-west1-b" -} - -variable "instance-type" { - description = "Google Cloud instance type" - default = "n1-standard-8" -} - -variable "publisher" { - default = "f5-networks" -} - -variable "project_id" { - description = "GCP project where resources will be created (Note: This should be configured using environment variable GOOGLE_PROJECT_ID)" -} - -variable "imageProjectId" { - default = "f5-7626-networks-public" - description = "GCP project where resources will be created" -} - -variable "int-subnet-cidr-range" { - default = "10.0.2.0/24" -} - -variable "ext-subnet-cidr-range" { - default = "10.0.3.0/24" -} - -variable "mgmt-subnet-cidr-range" { - default = "10.0.1.0/24" -} - -variable "int-subnet-getway" { - default = "10.0.2.1" -} - -variable "ext-subnet-getway" { - default = "10.0.3.1" -} - -variable "mgmt-subnet-getway" { - default = "10.0.1.1" -} - - -variable "vm-mgmt-private-ip" { - default = "10.0.1.2" -} - -variable "vm-int-private-ip" { - default = "10.0.2.2" -} - -variable "vm-ext-private-ip" { - default = "10.0.3.2" -} - -variable "vm_instance01_name" { - default = "tf-func-test-runtime-init" -} - -variable "bigip_version" { - description = "The BIG-IP version for the virtual machine" - default = "f5-bigip-15-1-0-4-0-0-6-payg-best-25mbps-200618231635" -} - -variable "instance_size" { - description = "The instance size for the virtual machine" - default = "Standard_DS3_v2" -} - -variable "admin_username" { - description = "The admin username for the virtual machine" - default = "gcpuser" -} - - -variable "reaper_tag" { - description = "this value is used by resource reaper to locate resource which needs to be deleted" - default = "delete=true" -} diff --git a/plans/base/versions.tf b/plans/base/versions.tf deleted file mode 100644 index d9b6f790..00000000 --- a/plans/base/versions.tf +++ /dev/null @@ -1,3 +0,0 @@ -terraform { - required_version = ">= 0.12" -} diff --git a/plans/gcp/gcp_do_template_w_vault.json b/plans/gcp/gcp_do_template_w_vault.json deleted file mode 100644 index f0ebaf87..00000000 --- a/plans/gcp/gcp_do_template_w_vault.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "schemaVersion": "1.0.0", - "class": "Device", - "async": true, - "label": "my BIG-IP declaration for declarative onboarding", - "Common": { - "class": "Tenant", - "hostname": "{{{ HOST_NAME }}}.test", - "myProvisioning": { - "class": "Provision", - "ltm": "nominal", - "asm": "nominal" - }, - "admin": { - "class": "User", - "userType": "regular", - "password": "{{ ADMIN_PASS }}", - "shell": "bash" - }, - "vaultadmin": { - "class": "User", - "userType": "regular", - "password": "{{ ROOT_PASS }}", - "shell": "bash" - }, - "vaultadmin2": { - "class": "User", - "userType": "regular", - "password": "{{ SECOND_PASS.bigiq_admin_password }}", - "shell": "bash", - "partitionAccess": { - "all-partitions": { - "role": "admin" - } - } - }, - "dbvars": { - "class": "DbVariables", - "provision.extramb": 500, - "restjavad.useextramb": true - } - } -} \ No newline at end of file diff --git a/plans/gcp/main.tf b/plans/gcp/main.tf deleted file mode 100644 index e1327439..00000000 --- a/plans/gcp/main.tf +++ /dev/null @@ -1,297 +0,0 @@ -module "utils" { - source = "../../modules/utils" -} - -variable "global_tags" { - type = "map" - default = { - creator = "terraform" - delete = true - } -} - -locals { - hostname_suffix = "c.${var.project_id}.internal" -} - -provider "google" { - project = "${var.project_id}" - region = "${var.region}" - zone = "${var.primary_zone}" - version = "3.33" -} - -data "google_compute_image" "f5-bigip-image" { - name = "${var.bigip_version}" - project = "${var.imageProjectId}" -} - -resource "google_compute_network" "ext_network" { - name = "ext-net-${module.utils.env_prefix}" - auto_create_subnetworks = false - description = "${var.reaper_tag}" -} - -resource "google_compute_subnetwork" "ext_subnetwork" { - name = "ext-subnet-${module.utils.env_prefix}" - region = "${var.region}" - ip_cidr_range = "${var.ext-subnet-cidr-range}" - network = "${google_compute_network.ext_network.self_link}" - description = "${var.reaper_tag}" -} - -resource "google_compute_network" "mgmt_network" { - name = "mgmt-net-${module.utils.env_prefix}" - auto_create_subnetworks = false - description = "${var.reaper_tag}" -} - -resource "google_compute_subnetwork" "mgmt_subnetwork" { - name = "mgmt-subnet-${module.utils.env_prefix}" - region = "${var.region}" - ip_cidr_range = "${var.mgmt-subnet-cidr-range}" - network = "${google_compute_network.mgmt_network.self_link}" - description = "${var.reaper_tag}" -} - -resource "google_compute_network" "int_network" { - name = "int-net-${module.utils.env_prefix}" - auto_create_subnetworks = false - description = "${var.reaper_tag}" -} - -resource "google_compute_subnetwork" "int_subnetwork" { - name = "int-subnet-${module.utils.env_prefix}" - region = "${var.region}" - ip_cidr_range = "${var.int-subnet-cidr-range}" - network = "${google_compute_network.int_network.self_link}" - description = "${var.reaper_tag}" -} - -resource "google_compute_target_instance" "vm" { - name = "tf-func-test-bigip-runtime-init-${module.utils.env_prefix}" - nat_policy = "NO_NAT" - instance = "${google_compute_instance.vm.self_link}" - zone = google_compute_instance.vm.zone - description = "${var.reaper_tag}" -} - -resource "google_compute_firewall" "internal" { - name = "tf-func-test-bigip-traffic-internal-firewall-${module.utils.env_prefix}" - network = "${google_compute_network.int_network.name}" - description = "${var.reaper_tag}" - - allow { - protocol = "icmp" - } - - allow { - protocol = "tcp" - ports = ["4353"] - } - - allow { - protocol = "udp" - ports = ["1026"] - } - -} - -resource "google_compute_firewall" "mgmt" { - name = "tf-func-test-bigip-traffic-mgmt-firewall-${module.utils.env_prefix}" - network = "${google_compute_network.mgmt_network.name}" - description = "${var.reaper_tag}" - - allow { - protocol = "icmp" - } - - allow { - protocol = "tcp" - ports = ["4353"] - } - - allow { - protocol = "tcp" - ports = ["443", "22"] - } - -} - -resource "google_compute_firewall" "ext" { - name = "tf-func-test-bigip-traffic-ext-firewall-${module.utils.env_prefix}" - network = "${google_compute_network.ext_network.name}" - description = "${var.reaper_tag}" - - allow { - protocol = "tcp" - ports = ["443", "22"] - } - - allow { - protocol = "icmp" - } - -} - -resource "google_storage_bucket" "file-store" { - name = "${module.utils.env_prefix}" - force_destroy = true - - labels = merge(var.global_tags, {f5_bigip_runtime_init = "${module.utils.env_prefix}"}) -} - -data "template_file" "vm_cloud_init_script" { - template = "${file("${path.module}/user_data.tpl")}" - - vars = { - admin_username = "${var.admin_username}" - admin_password = "${module.utils.admin_password}" - ext_subnet_cidr_range = "${var.ext-subnet-cidr-range}" - int_subnet_cidr_range = "${var.int-subnet-cidr-range}" - mgmt_subnet_cidr_range = "${var.mgmt-subnet-cidr-range}" - ext_subnet_gateway = "${var.ext-subnet-getway}" - int_subnet_gateway = "${var.int-subnet-getway}" - mgmt_subnet_gateway = "${var.mgmt-subnet-getway}" - ext_private_ip = "${var.vm-ext-private-ip}" - int_private_ip = "${var.vm-int-private-ip}" - mgmt_private_ip = "${var.vm-mgmt-private-ip}/24" - hostname_suffix = "${local.hostname_suffix}" - deployment_id = "${module.utils.env_prefix}" - } -} - -resource "google_service_account" "sa" { - account_id = "tf-func-test-sa-${module.utils.env_prefix}" - display_name = "tf-func-test-sa-${module.utils.env_prefix}" - description = "${var.reaper_tag}" -} - - -resource "google_project_iam_member" "gcp_role_member_assignment" { - project = var.project_id - role = "projects/${var.project_id}/roles/tfCustomRole.${module.utils.env_prefix}" - member = "serviceAccount:${google_service_account.sa.email}" -} - -resource "google_project_iam_custom_role" "gcp_custom_roles" { - role_id = "tfCustomRole.${module.utils.env_prefix}" - title = "tfCustomRole.${module.utils.env_prefix}" - description = "${var.reaper_tag}" - permissions = ["secretmanager.versions.access", "compute.instances.get"] -} - - -resource "google_secret_manager_secret" "secret-01" { - secret_id = "secret-01-${module.utils.env_prefix}" - labels = { - delete = "true" - } - replication { - automatic = true - } -} - -resource "google_secret_manager_secret_version" "secret-version-01" { - secret = google_secret_manager_secret.secret-01.id - secret_data = "StrongPassword212+" -} - -resource "google_secret_manager_secret" "secret-02" { - secret_id = "secret-02-${module.utils.env_prefix}" - labels = { - delete = "true" - } - replication { - automatic = true - } -} - -resource "google_secret_manager_secret_version" "secret-version-02" { - secret = google_secret_manager_secret.secret-02.id - secret_data = "StrongPassword212*" -} - -resource "google_compute_instance" "vm" { - name = "tf-func-test-vm-${module.utils.env_prefix}" - machine_type = "${var.instance-type}" - zone = "${var.primary_zone}" - can_ip_forward = true - description = "${var.reaper_tag}" - - labels = { - f5_bigip_runtime_init = "${module.utils.env_prefix}" - another_tag = "with_a_value" - test_key = "test_value" - } - - boot_disk { - initialize_params { - image = "${data.google_compute_image.f5-bigip-image.self_link}" - } - } - - network_interface { - network = "${google_compute_network.ext_network.self_link}" - subnetwork = "${google_compute_subnetwork.ext_subnetwork.self_link}" - network_ip = "${var.vm-ext-private-ip}" - - access_config { - } - } - - network_interface { - network = "${google_compute_network.mgmt_network.self_link}" - subnetwork = "${google_compute_subnetwork.mgmt_subnetwork.self_link}" - network_ip = "${var.vm-mgmt-private-ip}" - - access_config { - } - - } - - network_interface { - network = "${google_compute_network.int_network.self_link}" - subnetwork = "${google_compute_subnetwork.int_subnetwork.self_link}" - network_ip = "${var.vm-int-private-ip}" - } - - metadata = { - foo = "bar" - } - - metadata_startup_script = "${data.template_file.vm_cloud_init_script.rendered}" - - service_account { - email = google_service_account.sa.email - scopes = ["cloud-platform"] - } - -} - -resource "null_resource" "delay_five_minutes" { - provisioner "local-exec" { - command = "sleep 300" - } - depends_on = [google_compute_instance.vm] -} - -output "deployment_info" { - value = { - instances: [ - { - hostname = google_compute_instance.vm.name, - admin_username = var.admin_username, - admin_password = module.utils.admin_password, - mgmt_address = google_compute_instance.vm.network_interface.1.access_config.0.nat_ip, - mgmt_port = 443, - zone: google_compute_instance.vm.zone - } - ], - deploymentId: module.utils.env_prefix, - environment: "gcp", - region: "${var.region}", - zone: "${var.primary_zone}", - networkTopology: "sameNetwork" - } -} diff --git a/plans/gcp/user_data.tpl b/plans/gcp/user_data.tpl deleted file mode 100644 index d29054ff..00000000 --- a/plans/gcp/user_data.tpl +++ /dev/null @@ -1,304 +0,0 @@ - - -# Embed Post-NIC-Swap -cat << 'EOF' > /config/post-nic-swap.sh - #!/bin/bash - # STAGE 2 - source /usr/lib/bigstart/bigip-ready-functions - wait_bigip_ready - /usr/bin/setdb restjavad.useextramb true - /usr/bin/setdb provision.extramb 500 - tmsh delete sys management-route default - tmsh delete sys management-ip all - tmsh create sys management-ip $(cat /config/mgmt_private_ip.txt) - tmsh create sys management-route default network default gateway $(cat /config/mgmt_subnet_gateway.txt) - tmsh modify sys global-settings remote-host add { metadata.google.internal { hostname metadata.google.internal addr 169.254.169.254 } } - tmsh save /sys config - - tmsh create net vlan external interfaces add { 1.0 } mtu 1460 - tmsh create net self $(cat /config/ext_private_ip.txt)/32 vlan external - tmsh create net route ext_gw_int network $(cat /config/ext_subnet_gateway.txt)/32 interface external - tmsh create net route ext_rt network $(cat /config/ext_subnet_cidr_range.txt) gw $(cat /config/ext_subnet_gateway.txt) - tmsh create net route default gw $(cat /config/ext_subnet_gateway.txt) - tmsh create net vlan internal interfaces add { 1.2 } mtu 1460 - tmsh create net self $(cat /config/int_private_ip.txt)/32 vlan internal allow-service add { tcp:4353 udp:1026 } - tmsh create net route int_gw_int network $(cat /config/int_subnet_gateway.txt)/32 interface internal - tmsh create net route int_rt network $(cat /config/int_subnet_cidr_range.txt) gw $(cat /config/int_subnet_gateway.txt) - tmsh modify cm device $(cat /config/hostname.txt) unicast-address { { effective-ip $(cat /config/int_private_ip.txt) effective-port 1026 ip $(cat /config/int_private_ip.txt) } } - tmsh modify sys global-settings hostname $(cat /config/hostname.txt) - tmsh modify sys db failover.selinuxallowscripts value enable - - tmsh save /sys config - - mkdir /config/cloud - cp /config/onboard_config.yaml /config/cloud/onboard_config.yaml -EOF - -cat << 'EOF' > /config/first-run.sh - #!/bin/bash - source /usr/lib/bigstart/bigip-ready-functions - # Wait for mcpd to get ready - wait_bigip_ready - - if [ ! -f /config/first_run_flag ]; then - touch /config/first_run_flag - sleep 15 - - adminUsername='${admin_username}' - adminPassword='${admin_password}' - tmsh create auth user $${adminUsername} password $${adminPassword} shell tmsh partition-access replace-all-with { all-partitions { role admin } } - tmsh save /sys config - - echo "$(curl -s -f --retry 5 'http://metadata.google.internal/computeMetadata/v1/instance/name' -H 'Metadata-Flavor: Google').${hostname_suffix}" > /config/hostname.txt - echo ${ext_private_ip} > /config/ext_private_ip.txt - echo ${int_private_ip} > /config/int_private_ip.txt - echo ${mgmt_private_ip} > /config/mgmt_private_ip.txt - - echo ${int_subnet_gateway} > /config/int_subnet_gateway.txt - echo ${ext_subnet_gateway} > /config/ext_subnet_gateway.txt - echo ${mgmt_subnet_gateway} > /config/mgmt_subnet_gateway.txt - - echo ${int_subnet_cidr_range} > /config/int_subnet_cidr_range.txt - echo ${ext_subnet_cidr_range} > /config/ext_subnet_cidr_range.txt - echo ${mgmt_subnet_cidr_range} > /config/mgmt_subnet_cidr_range.txt - - chmod +w /config/startup - chmod +x /config/post-nic-swap.sh - echo "/config/post-nic-swap.sh" >> /config/startup - - /usr/bin/setdb provision.managementeth eth1 - tmsh save /sys config - reboot - fi -EOF - -chmod 755 /config/first-run.sh -nohup /config/first-run.sh & - -/bin/curl -L -o /tmp/hello-world-0.1.0-0001.noarch.rpm https://github.com/f5devcentral/f5-ilx-example/releases/download/v1.0.0/hello-world-0.1.0-0001.noarch.rpm -mkdir -p /var/config/rest/downloads -cp /tmp/hello-world-0.1.0-0001.noarch.rpm /var/config/rest/downloads/hello-world-0.1.0-0001.noarch.rpm - -cat << 'EOF' > /config/onboard_config.yaml ---- -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit-test.log - logToJson: true - extensionInstallDelayInMs: 6000 -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: SecretsManager - environment: gcp - version: latest - secretId: secret-01-${deployment_id} - - name: ROOT_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: vault_server_public_http - secretsEngine: kv2 - secretPath: kv/data/credential - field: password - version: "1" - authBackend: - type: approle - roleId: - type: inline - value: vault_app_role - secretId: - type: inline - value: vault_secret_id - unwrap: false - - name: SECOND_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: vault_server_public_http - secretsEngine: kv2 - secretPath: kv/data/credential - field: data - version: "1" - authBackend: - type: approle - roleId: - type: inline - value: vault_app_role - secretId: - type: inline - value: vault_wrapped_secret_id - unwrap: true - - name: INSTANCE_ID - type: url - value: http://169.254.169.254/computeMetadata/v1/instance/id - headers: - - name: Metadata-Flavor - value: Google - - name: HOST_NAME - type: metadata - returnType: string - metadataProvider: - environment: gcp - type: compute - field: name - - name: SELF_IP_INTERNAL - type: metadata - returnType: string - metadataProvider: - environment: gcp - type: network - field: ip - index: 2 - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - - name: SELF_IP_EXTERNAL_ADDRESS - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - ipcalc: address - - name: GATEWAY - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - ipcalc: first - - name: TEST_TAG - type: tag - tagProvider: - environment: gcp - key: test_key - - name: TEST_TYPE_FILE - type: url - value: file:///tmp/pre_onboard_test_param.txt -bigip_ready_enabled: - - name: provision_modules - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -pre_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/pre_onboard_script.sh - - chmod 777 /tmp/pre_onboard_script.sh - - echo "touch /tmp/created_by_autogenerated_pre_local" > /tmp/pre_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/pre_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_pre_onboard.sh - - name: create_local_parameter - type: inline - commands: - - touch /tmp/pre_onboard_test_param.txt - - chmod 777 /tmp/pre_onboard_test_param.txt - - echo "test-value" > /tmp/pre_onboard_test_param.txt -post_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/post_onboard_script.sh - - chmod 777 /tmp/post_onboard_script.sh - - echo "touch /tmp/created_by_autogenerated_post_local" > /tmp/post_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/post_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh - verifyTls: false - - name: example_remote_exec - type: url - commands: - - https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.23.0 - - extensionType: as3 - extensionVersion: 3.30.0 - verifyTls: false - extensionUrl: https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.30.0/f5-appsvcs-3.30.0-5.noarch.rpm - extensionHash: 47cc7bb6962caf356716e7596448336302d1d977715b6147a74a142dc43b391b - - extensionType: fast - extensionVersion: 1.11.0 - - extensionType: ilx - extensionUrl: file:///var/config/rest/downloads/hello-world-0.1.0-0001.noarch.rpm - extensionVerificationEndpoint: /mgmt/shared/echo - extensionVersion: 0.1.0 -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: my BIG-IP declaration for declarative onboarding - Common: - class: Tenant - hostname: '{{{ HOST_NAME }}}.test' - myProvisioning: - class: Provision - ltm: nominal - asm: nominal - admin: - class: User - userType: regular - password: '{{ ADMIN_PASS }}' - shell: bash - vaultadmin: - class: User - userType: regular - password: '{{ ROOT_PASS }}' - shell: bash - vaultadmin2: - class: User - userType: regular - password: '{{ SECOND_PASS.bigiq_admin_password }}' - shell: bash - partitionAccess: - all-partitions: - role: admin - dbvars: - class: DbVariables - provision.extramb: 500 - restjavad.useextramb: true - - extensionType: as3 - type: url - value: https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_as3.json -post_hook: - - name: example_webhook - type: webhook - url: https://postman-echo.com/post - properties: - optionalKey1: optional_value1 - optionalKey2: optional_value2 diff --git a/plans/gcp/user_data_runtime_init.tpl b/plans/gcp/user_data_runtime_init.tpl deleted file mode 100644 index 600d27ec..00000000 --- a/plans/gcp/user_data_runtime_init.tpl +++ /dev/null @@ -1,233 +0,0 @@ -#!/bin/bash -# SUMMARY: This is an example for how to perform a NIC Swap for GCP using maximal runtime-init config instead of user-data - -mkdir -p /var/log/cloud /config/cloud /var/lib/cloud/icontrollx_installs /var/config/rest/downloads - -LOG_FILE=/var/log/cloud/startup-script-pre-nic-swap.log -[[ ! -f $LOG_FILE ]] && touch $LOG_FILE || { echo "Run Only Once. Exiting"; exit; } -npipe=/tmp/$$.tmp -trap "rm -f $npipe" EXIT -mknod $npipe p -tee <$npipe -a $LOG_FILE /dev/ttyS0 & -exec 1>&- -exec 1>$npipe -exec 2>&1 - -cat << 'EOF' > /config/first-run.sh -#!/bin/bash - -if [ ! -f /config/first_run_flag ]; then - - touch /config/first_run_flag - chmod +w /config/startup - chmod +x /config/startup-script.sh - echo "/config/startup-script.sh" >> /config/startup - - /usr/bin/setdb provision.managementeth eth1 - /usr/bin/setdb provision.extramb 1000 - /usr/bin/setdb restjavad.useextramb true - reboot -fi -EOF - -cat << 'EOF' > /config/cloud/runtime-init-conf.yaml ---- -runtime_parameters: - - name: USER_NAME - type: static - value: ${admin_username} - - name: ADMIN_PASS - type: static - value: ${admin_password} - - name: ROOT_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: vault_server_public_http - secretsEngine: kv2 - secretPath: kv/data/credential - field: password - version: "1" - authBackend: - type: approle - roleId: - type: inline - value: vault_app_role - secretId: - type: inline - value: vault_secret_id - - name: HOST_NAME - type: url - value: http://169.254.169.254/computeMetadata/v1/instance/hostname - headers: - - name: Metadata-Flavor - value: Google - - name: MGMT_GW - type: url - value: http://169.254.169.254/computeMetadata/v1/instance/network-interfaces/1/gateway - headers: - - name: Metadata-Flavor - value: Google - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 2 - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - - name: DEFAULT_GW - type: url - value: http://169.254.169.254/computeMetadata/v1/instance/network-interfaces/0/gateway - headers: - - name: Metadata-Flavor - value: Google - - name: TEST_TAG - type: tag - tagProvider: - environment: gcp - key: test_key -extension_packages: - install_operations: - - extensionType: do - extensionVersion: v1.23.0 - extensionUrl: https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.21.0/f5-declarative-onboarding-1.21.0-3.noarch.rpm - - extensionType: as3 - extensionVersion: v3.30.0 - extensionUrl: https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.30.0/f5-appsvcs-3.30.0-5.noarch.rpm - - extensionType: ts - extensionVersion: v1.20.0 - extensionUrl: https://github.com/F5Networks/f5-telemetry-streaming/releases/download/v1.20.0/f5-telemetry-1.20.0-3.noarch.rpm - - extensionType: cf - extensionVersion: v1.8.0 - extensionUrl: https://github.com/F5Networks/f5-cloud-failover-extension/releases/download/v1.8.0/f5-cloud-failover-1.8.0-0.noarch.rpm - -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: Standalone 3NIC BIG-IP declaration for Declarative Onboarding with PAYG license - Common: - class: Tenant - dbVars: - class: DbVariables - restjavad.useextramb: true - provision.extramb: 1000 - ui.advisory.enabled: true - ui.advisory.color: blue - ui.advisory.text: "BIG-IP Quickstart" - myNtp: - class: NTP - servers: - - 0.pool.ntp.org - timezone: UTC - myDns: - class: DNS - nameServers: - - 169.254.169.254 - mySystem: - autoPhonehome: true - class: System - hostname: '{{{HOST_NAME}}}' - '{{{USER_NAME}}}': - class: User - userType: regular - password: '{{{ADMIN_PASS}}}' - partitionAccess: - all-partitions: - role: admin - defaultManagementRoute: - class: ManagementRoute - mtu: 1460 - network: default - gw: '{{{MGMT_GW}}}' - external: - class: VLAN - tag: 4094 - mtu: 1500 - interfaces: - - name: '1.0' - tagged: false - external-self: - class: SelfIp - address: '{{{SELF_IP_EXTERNAL}}}' - vlan: external - allowService: none - trafficGroup: traffic-group-local-only - internal: - class: VLAN - tag: 4093 - mtu: 1500 - interfaces: - - name: '1.2' - tagged: false - internal-self: - class: SelfIp - address: '{{{SELF_IP_INTERNAL}}}' - vlan: internal - allowService: default - trafficGroup: traffic-group-local-only - default: - class: Route - gw: '{{{DEFAULT_GW}}}' - network: default - mtu: 1500 -post_onboard_enabled: - - name: create_google_routes - type: inline - commands: - - "EXT_GW=$(curl -sH 'Metadata-Flavor: Google' http://169.254.169.254/computeMetadata/v1/instance/network-interfaces/0/gateway); tmsh create net route ext_gw_int network $EXT_GW/32 interface external" - - "INT_GW=$(curl -sH 'Metadata-Flavor: Google' http://169.254.169.254/computeMetadata/v1/instance/network-interfaces/2/gateway); tmsh create net route int_gw_int network $INT_GW/32 interface internal" - - "MGMT_SELF_IP=$(curl -sH 'Metadata-Flavor: Google' http://169.254.169.254/computeMetadata/v1/instance/network-interfaces/0/ip); MGMT_MASK=$(curl -sH 'Metadata-Flavor: Google' http://169.254.169.254/computeMetadata/v1/instance/network-interfaces/0/subnetmask); MGMT_NETWORK=$(ipcalc -n $MGMT_SELF_IP $MGMT_MASK | sed -n 's/^NETWORK=\\(.*\\)/\\1/p'); MGMT_PREFIX=$(ipcalc -p $MGMT_SELF_IP $MGMT_MASK | sed -n 's/^PREFIX=\\(.*\\)/\\1/p'); tmsh create sys management-route dhclient_route1 network $MGMT_SELF_IP/32 type interface; tmsh create sys management-route dhclient_route2 gateway $MGMT_SELF_IP network $MGMT_NETWORK/$MGMT_PREFIX" - - tmsh save sys config -EOF - - -# Run startup-script post nic-swap -cat << 'EOF' > /config/startup-script.sh -#!/bin/bash - -LOG_FILE=/var/log/cloud/startup-script-post-swap-nic.log -[[ ! -f $LOG_FILE ]] && touch $LOG_FILE || { echo "Run Only Once. Exiting"; exit; } -npipe=/tmp/$$.tmp -trap "rm -f $npipe" EXIT -mknod $npipe p -tee <$npipe -a $LOG_FILE /dev/ttyS0 & -exec 1>&- -exec 1>$npipe -exec 2>&1 - -# Need to create a MGMT default route as not provided by DHCP on 2nd NIC Route name must be same as in DO config. -source /usr/lib/bigstart/bigip-ready-functions -wait_bigip_ready -# Wait until a little more until dhcp/chmand is finished re-configuring MGMT IP w/ "chmand[4267]: 012a0003:3: Mgmt Operation:0 Dest:0.0.0.0" -sleep 15 -MGMT_GW=$(egrep static-routes /var/lib/dhclient/dhclient.leases | tail -1 | grep -oE '[^ ]+$' | tr -d ';') -tmsh create sys management-route defaultManagementRoute network default gateway $MGMT_GW mtu 1460 -tmsh modify sys global-settings remote-host add { metadata.google.internal { hostname metadata.google.internal addr 169.254.169.254 } } -tmsh save /sys config - -# Begin as usual.... -for i in {1..30}; do - curl -fv --retry 1 --connect-timeout 5 -L https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.0/dist/f5-bigip-runtime-init-1.2.0-1.gz.run -o "/var/config/rest/downloads/f5-bigip-runtime-init.gz.run" && break || sleep 10 -done - -# Install -bash /var/config/rest/downloads/f5-bigip-runtime-init.gz.run -- '--cloud gcp' - -/usr/local/bin/f5-bigip-runtime-init --config-file /config/cloud/runtime-init-conf.yaml -EOF - -chmod 755 /config/first-run.sh -nohup /config/first-run.sh & diff --git a/plans/gcp/variables.tf b/plans/gcp/variables.tf deleted file mode 100644 index 672d2422..00000000 --- a/plans/gcp/variables.tf +++ /dev/null @@ -1,97 +0,0 @@ -# Note: project_id is set via environment variable -# export TF_VAR_project_id='my_project_id' - -variable "region" { - description = "The GCP Region in which the resources in this example should exist" - default = "us-west1" -} - -variable "primary_zone" { - description = "The primary GCP Zone in which resources should exist" - default = "us-west1-a" -} - -variable "secondary_zone" { - description = "The secondary GCP Zone where resources should exist" - default = "us-west1-b" -} - -variable "instance-type" { - description = "Google Cloud instance type" - default = "n1-standard-8" -} - -variable "publisher" { - default = "f5-networks" -} - -variable "project_id" { - description = "GCP project where resources will be created (Note: This should be configured using environment variable GOOGLE_PROJECT_ID)" -} - -variable "imageProjectId" { - default = "f5-7626-networks-public" - description = "GCP project where resources will be created" -} - -variable "int-subnet-cidr-range" { - default = "10.0.2.0/24" -} - -variable "ext-subnet-cidr-range" { - default = "10.0.3.0/24" -} - -variable "mgmt-subnet-cidr-range" { - default = "10.0.1.0/24" -} - -variable "int-subnet-getway" { - default = "10.0.2.1" -} - -variable "ext-subnet-getway" { - default = "10.0.3.1" -} - -variable "mgmt-subnet-getway" { - default = "10.0.1.1" -} - - -variable "vm-mgmt-private-ip" { - default = "10.0.1.2" -} - -variable "vm-int-private-ip" { - default = "10.0.2.2" -} - -variable "vm-ext-private-ip" { - default = "10.0.3.2" -} - -variable "vm_instance01_name" { - default = "tf-func-test-runtime-init" -} - -variable "bigip_version" { - description = "The BIG-IP version for the virtual machine" - default = "f5-bigip-15-1-5-1-0-0-14-payg-good-25mbps-220328014159" -} - -variable "instance_size" { - description = "The instance size for the virtual machine" - default = "Standard_DS3_v2" -} - -variable "admin_username" { - description = "The admin username for the virtual machine" - default = "gcpuser" -} - - -variable "reaper_tag" { - description = "this value is used by resource reaper to locate resource which needs to be deleted" - default = "delete=true" -} diff --git a/plans/gcp/versions.tf b/plans/gcp/versions.tf deleted file mode 100644 index d9b6f790..00000000 --- a/plans/gcp/versions.tf +++ /dev/null @@ -1,3 +0,0 @@ -terraform { - required_version = ">= 0.12" -} diff --git a/plans/vault/aws/README.md b/plans/vault/aws/README.md deleted file mode 100644 index 0db4c4bc..00000000 --- a/plans/vault/aws/README.md +++ /dev/null @@ -1,140 +0,0 @@ -# Create a Vault HA cluster on AWS using Terraform - -These assets are provided to perform the tasks described in the [Vault HA Cluster with Integrated Storage on AWS](https://learn.hashicorp.com/vault/operations/raft-storage-aws) guide. - ---- - -1. Set your AWS credentials as environment variables: - - ```plaintext - $ export AWS_ACCESS_KEY_ID = "" - $ export AWS_SECRET_ACCESS_KEY = "" - ``` - -1. Use the provided `terraform.tfvars.example` as a base to create a file named - `terraform.tfvars` and specify the `key_name`. Be sure to set the correct - [key - pair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) - name created in the AWS region that you are using. - - Example `terrafrom.tfvars`: - - ```shell - # SSH key name to access EC2 instances (should already exist) on the AWS region - key_name = "vault-test" - - # If you want to use a different AWS region - aws_region = "us-west-1" - availability_zones = "us-west-1a" - ``` - -1. Run Terraform commands to provision your cloud resources: - - ```plaintext - $ terraform init - - $ terraform plan - - $ terraform apply -auto-approve - ``` - - The Terraform output will display the IP addresses of the provisioned Vault nodes. - - ```plaintext - vault_1 (13.56.78.64) | internal: (10.0.101.21) - - Initialized and unsealed. - - The root token creates a transit key that enables the other Vaults to auto-unseal. - - Does not join the High-Availability (HA) cluster. - - vault_2 (13.56.255.200) | internal: (10.0.101.22) - - Initialized and unsealed. - - The root token and recovery key is stored in /tmp/key.json. - - K/V-V2 secret engine enabled and secret stored. - - Leader of HA cluster - - $ ssh -l ubuntu 13.56.255.200 -i - - # Root token: - $ ssh -l ubuntu 13.56.255.200 -i "cat ~/root_token" - # Recovery key: - $ ssh -l ubuntu 13.56.255.200 -i "cat ~/recovery_key" - - vault_3 (54.183.62.59) | internal: (10.0.101.23) - - Started - - You will join it to cluster started by vault_2 - - $ ssh -l ubuntu 54.183.62.59 -i - - vault_4 (13.57.235.28) | internal: (10.0.101.24) - - Started - - You will join it to cluster started by vault_2 - - $ ssh -l ubuntu 13.57.235.28 -i - ``` - -1. SSH into **vault_2**. - - ```sh - ssh -l ubuntu 13.56.255.200 -i - ``` - -1. Check the current number of servers in the HA Cluster. - - ```plaintext - $ VAULT_TOKEN=$(cat /tmp/key.json | jq -r ".root_token") vault operator raft list-peers - Node Address State Voter - ---- ------- ----- ----- - vault_2 10.0.101.22:8201 leader true - ``` - -1. Open a new terminal, SSH into **vault_3**. - - ```plaintext - $ ssh -l ubuntu 54.183.62.59 -i - ``` - -1. Join **vault_3** to the HA cluster started by **vault_2**. - - ```plaintext - $ vault operator raft join http://vault_2:8200 - ``` - -1. Open a new terminal and SSH into **vault_4** - - ```plaintext - $ ssh -l ubuntu 13.57.235.28 -i - ``` - -1. Join **vault_4** to the HA cluster started by **vault_2**. - - ```plaintext - $ vault operator raft join http://vault_2:8200 - ``` - -1. Return to the **vault_2** terminal and check the current number of servers in - the HA Cluster. - - ```plaintext - $ VAULT_TOKEN=$(cat /tmp/key.json | jq -r ".root_token") vault operator raft list-peers - - Node Address State Voter - ---- ------- ----- ----- - vault_2 10.0.101.22:8201 leader true - vault_3 10.0.101.23:8201 follower true - vault_4 10.0.101.24:8201 follower true - ``` - - You should see **vault_2**, **vault_3**, and **vault_4** in the cluster. - -**NOTE:** Using the root token stored in the `/tmp/key.json` file, you can log into **vault_3** and **vault_4** as well. - -Refer to the [Vault HA Cluster with Integrated Storage](https://learn.hashicorp.com/vault/operations/raft-storage-aws) to learn more about [taking a snapshot](https://learn.hashicorp.com/vault/operations/raft-storage-aws#raft-snapshots-for-data-recovery) and [`retry_join` configuration](https://learn.hashicorp.com/vault/operations/raft-storage-aws#retry-join). - - -# Clean up the cloud resources - -When you are done exploring, execute the `terraform destroy` command to terminal all AWS elements: - -```plaintext -$ terraform destroy -auto-approve -``` diff --git a/plans/vault/aws/iam.tf b/plans/vault/aws/iam.tf deleted file mode 100644 index 5383a958..00000000 --- a/plans/vault/aws/iam.tf +++ /dev/null @@ -1,102 +0,0 @@ -//-------------------------------------------------------------------- -// Resources - -resource "random_id" "my_id" { - byte_length = 4 -} - -## Vault Server IAM Config -resource "aws_iam_instance_profile" "vault-server" { - name = "${var.environment_name}-vault-server-instance-profile-${random_id.my_id.id}" - role = aws_iam_role.vault-server.name -} - -resource "aws_iam_role" "vault-server" { - name = "${var.environment_name}-vault-server-role-${random_id.my_id.id}" - assume_role_policy = data.aws_iam_policy_document.assume_role.json -} - -resource "aws_iam_role_policy" "vault-server" { - name = "${var.environment_name}-vault-server-role-policy" - role = aws_iam_role.vault-server.id - policy = data.aws_iam_policy_document.vault-server.json -} - -# Vault Client IAM Config -resource "aws_iam_instance_profile" "vault-transit" { - name = "${var.environment_name}-vault-transit-instance-profile-${random_id.my_id.id}" - role = aws_iam_role.vault-transit.name -} - -resource "aws_iam_role" "vault-transit" { - name = "${var.environment_name}-vault-transit-role-${random_id.my_id.id}" - assume_role_policy = data.aws_iam_policy_document.assume_role.json -} - -resource "aws_iam_role_policy" "vault-transit" { - name = "${var.environment_name}-vault-transit-role-policy-${random_id.my_id.id}" - role = aws_iam_role.vault-transit.id - policy = data.aws_iam_policy_document.vault-transit.json -} - -//-------------------------------------------------------------------- -// Data Sources - -data "aws_iam_policy_document" "assume_role" { - statement { - effect = "Allow" - actions = ["sts:AssumeRole"] - - principals { - type = "Service" - identifiers = ["ec2.amazonaws.com"] - } - } -} - -data "aws_iam_policy_document" "vault-server" { - statement { - sid = "1" - effect = "Allow" - - actions = ["ec2:DescribeInstances"] - - resources = ["*"] - } - - statement { - sid = "VaultAWSAuthMethod" - effect = "Allow" - actions = [ - "ec2:DescribeInstances", - "iam:GetInstanceProfile", - "iam:GetUser", - "iam:GetRole", - ] - resources = ["*"] - } - - statement { - sid = "VaultKMSUnseal" - effect = "Allow" - - actions = [ - "kms:Encrypt", - "kms:Decrypt", - "kms:DescribeKey", - ] - - resources = ["*"] - } -} - -data "aws_iam_policy_document" "vault-transit" { - statement { - sid = "1" - effect = "Allow" - - actions = ["ec2:DescribeInstances"] - - resources = ["*"] - } -} diff --git a/plans/vault/aws/main.tf b/plans/vault/aws/main.tf deleted file mode 100644 index ffeb5f2f..00000000 --- a/plans/vault/aws/main.tf +++ /dev/null @@ -1,87 +0,0 @@ -provider "aws" { - region = var.aws_region -} - -data "aws_ami" "ubuntu" { - most_recent = true - - filter { - name = "name" - values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"] - } - - filter { - name = "virtualization-type" - values = ["hvm"] - } - - owners = ["099720109477"] # Canonical -} - - -//-------------------------------------------------------------------- -// Master Key Encryption Provider instance -// This node does not participate in the HA clustering - -resource "aws_instance" "vault-transit" { - ami = data.aws_ami.ubuntu.id - instance_type = var.instance_type - subnet_id = module.vault_demo_vpc.public_subnets[0] - key_name = var.key_name - vpc_security_group_ids = [ aws_security_group.testing.id ] - associate_public_ip_address = true - private_ip = var.vault_transit_private_ip - iam_instance_profile = aws_iam_instance_profile.vault-transit.id - - user_data = templatefile("${path.module}/templates/userdata-vault-transit.tpl", { - tpl_vault_zip_file = var.vault_zip_file - tpl_vault_service_name = "vault-${var.environment_name}" - }) - - tags = { - Name = "${var.environment_name}-vault-transit" - delete = "True" - } - - lifecycle { - ignore_changes = [ - ami, - tags, - ] - } -} - -//-------------------------------------------------------------------- -// Vault Server Instance - -resource "aws_instance" "vault-server" { - count = length(var.vault_server_names) - ami = data.aws_ami.ubuntu.id - instance_type = var.instance_type - subnet_id = module.vault_demo_vpc.public_subnets[0] - key_name = var.key_name - vpc_security_group_ids = [ aws_security_group.testing.id ] - associate_public_ip_address = true - private_ip = var.vault_server_private_ips[count.index] - iam_instance_profile = aws_iam_instance_profile.vault-server.id - - # user_data = data.template_file.vault-server[count.index].rendered - user_data = templatefile("${path.module}/templates/userdata-vault-server.tpl", { - tpl_vault_node_name = var.vault_server_names[count.index], - tpl_vault_storage_path = "/vault/${var.vault_server_names[count.index]}", - tpl_vault_zip_file = var.vault_zip_file, - tpl_vault_service_name = "vault-${var.environment_name}", - tpl_vault_transit_addr = aws_instance.vault-transit.private_ip - tpl_vault_node_address_names = zipmap(var.vault_server_private_ips, var.vault_server_names) - }) - - tags = { - Name = "${var.environment_name}-vault-server-${var.vault_server_names[count.index]}" - cluster_name = "raft-test" - delete = "True" - } - - lifecycle { - ignore_changes = [ami, tags] - } -} diff --git a/plans/vault/aws/network.tf b/plans/vault/aws/network.tf deleted file mode 100644 index 47be15bf..00000000 --- a/plans/vault/aws/network.tf +++ /dev/null @@ -1,19 +0,0 @@ -module "vault_demo_vpc" { - source = "terraform-aws-modules/vpc/aws" - // pinning version to fix experimental variable issue - // in vpc demo module 3.10.0 + tf 0.12 - version = "3.7.0" - - name = "${var.environment_name}-vpc" - cidr = "10.0.0.0/16" - - azs = [var.availability_zones] - private_subnets = ["10.0.1.0/24"] - public_subnets = ["10.0.101.0/24"] - - tags = { - Name = "${var.environment_name}-vpc" - delete = "True" - } -} - diff --git a/plans/vault/aws/outputs.tf b/plans/vault/aws/outputs.tf deleted file mode 100644 index d739b6d0..00000000 --- a/plans/vault/aws/outputs.tf +++ /dev/null @@ -1,58 +0,0 @@ -output "endpoints" { - value = < >(tee /var/log/tf-user-data.log|logger -t user-data ) 2>&1 - -logger() { - DT=$(date '+%Y/%m/%d %H:%M:%S') - echo "$DT $0: $1" -} - -logger "Running" - -##-------------------------------------------------------------------- -## Variables - -# Get Private IP address -PRIVATE_IP=$(curl http://169.254.169.254/latest/meta-data/local-ipv4) -PUBLIC_IP=$(curl http://169.254.169.254/latest/meta-data/public-ipv4) - -VAULT_ZIP="${tpl_vault_zip_file}" - -# Detect package management system. -YUM=$(which yum 2>/dev/null) -APT_GET=$(which apt-get 2>/dev/null) - -##-------------------------------------------------------------------- -## Functions - -user_rhel() { - # RHEL/CentOS user setup - sudo /usr/sbin/groupadd --force --system $${USER_GROUP} - - if ! getent passwd $${USER_NAME} >/dev/null ; then - sudo /usr/sbin/adduser \ - --system \ - --gid $${USER_GROUP} \ - --home $${USER_HOME} \ - --no-create-home \ - --comment "$${USER_COMMENT}" \ - --shell /bin/false \ - $${USER_NAME} >/dev/null - fi -} - -user_ubuntu() { - # UBUNTU user setup - if ! getent group $${USER_GROUP} >/dev/null - then - sudo addgroup --system $${USER_GROUP} >/dev/null - fi - - if ! getent passwd $${USER_NAME} >/dev/null - then - sudo adduser \ - --system \ - --disabled-login \ - --ingroup $${USER_GROUP} \ - --home $${USER_HOME} \ - --no-create-home \ - --gecos "$${USER_COMMENT}" \ - --shell /bin/false \ - $${USER_NAME} >/dev/null - fi -} - -##-------------------------------------------------------------------- -## Install Base Prerequisites - -logger "Setting timezone to UTC" -sudo timedatectl set-timezone UTC - -if [[ ! -z $${YUM} ]]; then - logger "RHEL/CentOS system detected" - logger "Performing updates and installing prerequisites" - sudo yum-config-manager --enable rhui-REGION-rhel-server-releases-optional - sudo yum-config-manager --enable rhui-REGION-rhel-server-supplementary - sudo yum-config-manager --enable rhui-REGION-rhel-server-extras - sudo yum -y check-update - sudo yum install -q -y wget unzip bind-utils ruby rubygems ntp jq - sudo systemctl start ntpd.service - sudo systemctl enable ntpd.service -elif [[ ! -z $${APT_GET} ]]; then - logger "Debian/Ubuntu system detected" - logger "Performing updates and installing prerequisites" - sudo apt-get -qq -y update - sudo apt-get install -qq -y wget unzip dnsutils ruby rubygems ntp jq - sudo systemctl start ntp.service - sudo systemctl enable ntp.service - logger "Disable reverse dns lookup in SSH" - sudo sh -c 'echo "\nUseDNS no" >> /etc/ssh/sshd_config' - sudo service ssh restart -else - logger "Prerequisites not installed due to OS detection failure" - exit 1; -fi - -##-------------------------------------------------------------------- -## Install AWS-Specific Prerequisites - -if [[ ! -z $${YUM} ]]; then - logger "RHEL/CentOS system detected" - logger "Performing updates and installing prerequisites" - curl --silent -O https://bootstrap.pypa.io/get-pip.py - sudo python get-pip.py - sudo pip install awscli -elif [[ ! -z $${APT_GET} ]]; then - logger "Debian/Ubuntu system detected" - logger "Performing updates and installing prerequisites" - sudo apt-get -qq -y update - sudo apt-get install -qq -y awscli -else - logger "AWS Prerequisites not installed due to OS detection failure" - exit 1; -fi - - -##-------------------------------------------------------------------- -## Configure Vault user - -USER_NAME="vault" -USER_COMMENT="HashiCorp Vault user" -USER_GROUP="vault" -USER_HOME="/srv/vault" - -if [[ ! -z $${YUM} ]]; then - logger "Setting up user $${USER_NAME} for RHEL/CentOS" - user_rhel -elif [[ ! -z $${APT_GET} ]]; then - logger "Setting up user $${USER_NAME} for Debian/Ubuntu" - user_ubuntu -else - logger "$${USER_NAME} user not created due to OS detection failure" - exit 1; -fi - -##-------------------------------------------------------------------- -## Install Vault - -logger "Downloading Vault" -curl -o /tmp/vault.zip $${VAULT_ZIP} - -logger "Installing Vault" -sudo unzip -o /tmp/vault.zip -d /usr/local/bin/ -sudo chmod 0755 /usr/local/bin/vault -sudo chown vault:vault /usr/local/bin/vault -sudo mkdir -pm 0755 /etc/vault.d -sudo mkdir -pm 0755 /etc/ssl/vault - -logger "/usr/local/bin/vault --version: $(/usr/local/bin/vault --version)" - -logger "Configuring Vault" - -sudo mkdir -pm 0755 ${tpl_vault_storage_path} -sudo chown -R vault:vault ${tpl_vault_storage_path} -sudo chmod -R a+rwx ${tpl_vault_storage_path} - -sudo tee /etc/vault.d/vault.hcl < /dev/null < /tmp/key.json -sudo chown ubuntu:ubuntu /tmp/key.json - -logger "Saving root_token and recovery key to ubuntu user's home" -VAULT_TOKEN=$(cat /tmp/key.json | jq -r ".root_token") -echo $VAULT_TOKEN > /home/ubuntu/root_token -sudo chown ubuntu:ubuntu /home/ubuntu/root_token -echo $VAULT_TOKEN > /home/ubuntu/.vault-token -sudo chown ubuntu:ubuntu /home/ubuntu/.vault-token - -echo $(cat /tmp/key.json | jq -r ".recovery_keys_b64[]") > /home/ubuntu/recovery_key -sudo chown ubuntu:ubuntu /home/ubuntu/recovery_key - -logger "Setting VAULT_ADDR and VAULT_TOKEN" -export VAULT_ADDR=http://127.0.0.1:8200 -export VAULT_TOKEN=$VAULT_TOKEN - -logger "Waiting for Vault to finish preparations (10s)" -sleep 10 - -logger "Enabling kv-v2 secrets engine and inserting secret" -vault secrets enable -path=kv kv-v2 -vault kv put kv/credential password=b1gAdminPazz bigiq_admin_password=thisIsTestPassword123 bigiq_admin_username=asdasfdar212@ - -logger "Creating policy" -echo 'path "kv/*" { - capabilities = ["list", "read"] -}' | vault policy write test - - -logger "Enabling app role auth" -vault auth enable approle - -logger "Creating app role for runtime init" -vault write auth/approle/role/runtime-init-role secret_id_ttl=360m token_num_uses=100 token_ttl=60m token_max_ttl=60m secret_id_num_uses=100 policies="default","test" - -logger "Getting role-id for runtime-init-role" -role_id=$(vault read -format=json auth/approle/role/runtime-init-role/role-id > /tmp/role-id) - -logger "Creating secret-id for runtime-init role" -secret_id=$(vault write -format=json -f auth/approle/role/runtime-init-role/secret-id > /tmp/secret-id) - -logger "Creating wrapped secret-id for runtime-init role" -wrapped_secret_id=$(vault write -format=json -wrap-ttl=120m -force auth/approle/role/runtime-init-role/secret-id > /tmp/wrapped-secret-id) - -logger "Creating second wrapped secret-id for runtime-init role" -wrapped_secret_id_2=$(vault write -format=json -wrap-ttl=120m -force auth/approle/role/runtime-init-role/secret-id > /tmp/wrapped-secret-id-2) - -%{ endif } - -logger "Complete" diff --git a/plans/vault/aws/templates/userdata-vault-transit.tpl b/plans/vault/aws/templates/userdata-vault-transit.tpl deleted file mode 100644 index 38226107..00000000 --- a/plans/vault/aws/templates/userdata-vault-transit.tpl +++ /dev/null @@ -1,201 +0,0 @@ -#!/usr/bin/env bash -set -x -exec > >(tee /var/log/tf-user-data.log|logger -t user-data ) 2>&1 - -logger() { - DT=$(date '+%Y/%m/%d %H:%M:%S') - echo "$DT $0: $1" -} - -logger "Running" - -##-------------------------------------------------------------------- -## Variables - -# Get Private IP address -#HOSTNAME=$(curl http://169.254.169.254/latest/meta-data/hostname) -PRIVATE_IP=$(curl http://169.254.169.254/latest/meta-data/local-ipv4) -PUBLIC_IP=$(curl http://169.254.169.254/latest/meta-data/public-ipv4) - -VAULT_ZIP="${tpl_vault_zip_file}" - - -# Detect package management system. -YUM=$(which yum 2>/dev/null) -APT_GET=$(which apt-get 2>/dev/null) - -##-------------------------------------------------------------------- -## Functions - -user_rhel() { - # RHEL/CentOS user setup - sudo /usr/sbin/groupadd --force --system $${USER_GROUP} - - if ! getent passwd $${USER_NAME} >/dev/null ; then - sudo /usr/sbin/adduser \ - --system \ - --gid $${USER_GROUP} \ - --home $${USER_HOME} \ - --no-create-home \ - --comment "$${USER_COMMENT}" \ - --shell /bin/false \ - $${USER_NAME} >/dev/null - fi -} - -user_ubuntu() { - # UBUNTU user setup - if ! getent group $${USER_GROUP} >/dev/null - then - sudo addgroup --system $${USER_GROUP} >/dev/null - fi - - if ! getent passwd $${USER_NAME} >/dev/null - then - sudo adduser \ - --system \ - --disabled-login \ - --ingroup $${USER_GROUP} \ - --home $${USER_HOME} \ - --no-create-home \ - --gecos "$${USER_COMMENT}" \ - --shell /bin/false \ - $${USER_NAME} >/dev/null - fi -} - -##-------------------------------------------------------------------- -## Install Base Prerequisites - -logger "Setting timezone to UTC" -sudo timedatectl set-timezone UTC - -if [[ ! -z $${YUM} ]]; then - logger "RHEL/CentOS system detected" - logger "Performing updates and installing prerequisites" - sudo yum-config-manager --enable rhui-REGION-rhel-server-releases-optional - sudo yum-config-manager --enable rhui-REGION-rhel-server-supplementary - sudo yum-config-manager --enable rhui-REGION-rhel-server-extras - sudo yum -y check-update - sudo yum install -q -y wget unzip bind-utils ruby rubygems ntp jq - sudo systemctl start ntpd.service - sudo systemctl enable ntpd.service -elif [[ ! -z $${APT_GET} ]]; then - logger "Debian/Ubuntu system detected" - logger "Performing updates and installing prerequisites" - sudo apt-get -qq -y update - sudo apt-get install -qq -y wget unzip dnsutils ruby rubygems ntp jq - sudo systemctl start ntp.service - sudo systemctl enable ntp.service - logger "Disable reverse dns lookup in SSH" - sudo sh -c 'echo "\nUseDNS no" >> /etc/ssh/sshd_config' - sudo service ssh restart -else - logger "Prerequisites not installed due to OS detection failure" - exit 1; -fi - -##-------------------------------------------------------------------- -## Install AWS-Specific Prerequisites - -if [[ ! -z $${YUM} ]]; then - logger "RHEL/CentOS system detected" - logger "Performing updates and installing prerequisites" - curl --silent -O https://bootstrap.pypa.io/get-pip.py - sudo python get-pip.py - sudo pip install awscli -elif [[ ! -z $${APT_GET} ]]; then - logger "Debian/Ubuntu system detected" - logger "Performing updates and installing prerequisites" - sudo apt-get -qq -y update - sudo apt-get install -qq -y awscli -else - logger "AWS Prerequisites not installed due to OS detection failure" - exit 1; -fi - - -##-------------------------------------------------------------------- -## Configure Vault user - -USER_NAME="vault" -USER_COMMENT="HashiCorp Vault user" -USER_GROUP="vault" -USER_HOME="/srv/vault" - -if [[ ! -z $${YUM} ]]; then - logger "Setting up user $${USER_NAME} for RHEL/CentOS" - user_rhel -elif [[ ! -z $${APT_GET} ]]; then - logger "Setting up user $${USER_NAME} for Debian/Ubuntu" - user_ubuntu -else - logger "$${USER_NAME} user not created due to OS detection failure" - exit 1; -fi - -##-------------------------------------------------------------------- -## Install Vault - -logger "Downloading Vault" -curl -o /tmp/vault.zip $${VAULT_ZIP} - -logger "Installing Vault" -sudo unzip -o /tmp/vault.zip -d /usr/local/bin/ -sudo chmod 0755 /usr/local/bin/vault -sudo chown vault:vault /usr/local/bin/vault -sudo mkdir -pm 0755 /etc/vault.d -sudo mkdir -pm 0755 /etc/ssl/vault - -logger "/usr/local/bin/vault --version: $(/usr/local/bin/vault --version)" - -logger "Configuring Vault" - -sudo chown -R vault:vault /etc/vault.d /etc/ssl/vault -sudo chmod -R 0644 /etc/vault.d/* - -logger "Granting mlock syscall to vault binary" -sudo setcap cap_ipc_lock=+ep /usr/local/bin/vault - -##-------------------------------------------------------------------- -## Install Vault Systemd Service - -sudo tee /etc/systemd/system/vault.service > /dev/null < /dev/null <<"EOF" -alias v="vault" -alias vault="vault" -export VAULT_ADDR="http://127.0.0.1:8200" -export VAULT_SKIP_VERIFY=true -EOF -source /etc/profile.d/vault.sh - - -export VAULT_ADDR="http://127.0.0.1:8200" -vault login root -vault secrets enable transit -vault write -f transit/keys/unseal_key - -logger "Complete" diff --git a/plans/vault/aws/terraform.tfvars b/plans/vault/aws/terraform.tfvars deleted file mode 100644 index a5f9034b..00000000 --- a/plans/vault/aws/terraform.tfvars +++ /dev/null @@ -1,17 +0,0 @@ -# AWS EC2 Region -# default: 'us-east-1' -# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions -aws_region = "us-east-1" - -# AWS EC2 Availability Zone -# default: 'us-east-1a' -# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#using-regions-availability-zones-launching -availability_zones = "us-east-1a" - -# AWS EC2 Key Pair -# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html -key_name = "dewpt" - -# Specify a name here to tag all instances -# insert the runtime-init func test id here -environment_name = "runtime-init-test" diff --git a/plans/vault/aws/terraform.tfvars.example b/plans/vault/aws/terraform.tfvars.example deleted file mode 100644 index 082869f0..00000000 --- a/plans/vault/aws/terraform.tfvars.example +++ /dev/null @@ -1,17 +0,0 @@ -# AWS EC2 Region -# default: 'us-east-1' -# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions -aws_region = "us-east-1" - -# AWS EC2 Availability Zone -# default: 'us-east-1a' -# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#using-regions-availability-zones-launching -availability_zones = "us-east-1a" - -# AWS EC2 Key Pair -# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html -key_name = "learn-vault-key" - -# Specify a name here to tag all instances -# default: 'learn-vault-raft_storage' -environment_name = "learn-vault" diff --git a/plans/vault/aws/variables.tf b/plans/vault/aws/variables.tf deleted file mode 100644 index 5eec7cf3..00000000 --- a/plans/vault/aws/variables.tf +++ /dev/null @@ -1,47 +0,0 @@ -# AWS region and AZs in which to deploy -variable "aws_region" { - default = "us-west-2" -} - -variable "availability_zones" { - default = "us-west-2a" -} - -# All resources will be tagged with this -variable "environment_name" { - default = "raft-demo" -} - -variable "vault_transit_private_ip" { - description = "The private ip of the first Vault node for Auto Unsealing" - default = "10.0.101.21" -} - - -variable "vault_server_names" { - description = "Names of the Vault nodes that will join the cluster" - type = list(string) - default = [ "vault_2" ] -} - -variable "vault_server_private_ips" { - description = "The private ips of the Vault nodes that will join the cluster" - # @see https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html - type = list(string) - default = [ "10.0.101.22" ] -} - - -# URL for Vault OSS binary -variable "vault_zip_file" { - default = "https://releases.hashicorp.com/vault/1.6.0/vault_1.6.0_linux_amd64.zip" -} - -# Instance size -variable "instance_type" { - default = "t2.micro" -} - -# SSH key name to access EC2 instances (should already exist) in the AWS Region -variable "key_name" { -} diff --git a/plans/vault/aws/version.tf b/plans/vault/aws/version.tf deleted file mode 100644 index ac97c6ac..00000000 --- a/plans/vault/aws/version.tf +++ /dev/null @@ -1,4 +0,0 @@ - -terraform { - required_version = ">= 0.12" -} diff --git a/scripts/README_render.js b/scripts/README_render.js deleted file mode 100644 index 0f9393b7..00000000 --- a/scripts/README_render.js +++ /dev/null @@ -1,94 +0,0 @@ -'use strict'; -/* eslint-disable @typescript-eslint/explicit-function-return-type */ -/* eslint-disable @typescript-eslint/no-var-requires */ - -const fs = require('fs'); -const mustache = require('mustache'); -const {JSONSchemaMarkdown} = require('json-schema-md-doc'); -const yaml = require('js-yaml'); - -function renderDocs() { - // render README.md - const packageData = fs.readFileSync('./package.json'); - const packageInfo = JSON.parse(packageData); - const version = packageInfo.version; - const build = packageInfo.release; - let template = fs.readFileSync('./scripts/README_template.md', 'utf-8'); - fs.readdirSync('scripts/config/').forEach(file => { - if (file.indexOf('snippet_') !== -1) { - template = template.replace(`%${file.replace(/\.[^/.]+$/, "")}%`, fs.readFileSync(`scripts/config/${file}`, {encoding:'utf8', flag:'r'})) - } - }); - const output = mustache.render(template, { RELEASE_VERSION: version, RELEASE_BUILD: build, ADMIN_PASS: '{{{ ADMIN_PASS }}}', AWS_SESSION_TOKEN: '{{{AWS_SESSION_TOKEN}}}' }); - fs.writeFileSync('./README.md', output); - - // render SCHEMA.md - const schema = require('../src/schema/base_schema.json'); - const attributes = Object.keys(schema.properties); - console.log(`Discovered these attributes: ${attributes}`); - class MyDoccer extends JSONSchemaMarkdown { - constructor(){ - super(); - this.footer = ""; - } - }; - - - const completeExamples = yaml.safeLoad(fs.readFileSync(`./scripts/config/complete_examples.yaml`, 'utf8')); - fs.readdirSync('scripts/config/').forEach(file => { - if (file.indexOf('example_') !== -1) { - completeExamples[file.replace(/\.[^/.]+$/, "")]['runtime_config'] = yaml.safeLoad(fs.readFileSync(`scripts/config/${file}`, {encoding:'utf8', flag:'r'})) - } - }); - - // grab each chunk of schema and append example - function renderSchema(attribute) { - try { - let attributeExample; - if ( attribute == 'extension_packages' ) { - attributeExample = yaml.safeLoad(fs.readFileSync(`./scripts/config/extension_packages.yaml`, 'utf8')); - fs.readdirSync('examples/runtime_configs/snippets/').forEach(file => { - if (file.indexOf('extension_packages_') !== -1) { - attributeExample[file.replace(/\.[^/.]+$/, "").split('_')[2]] = yaml.safeLoad(fs.readFileSync(`examples/runtime_configs/snippets/${file}`, {encoding:'utf8', flag:'r'})) - } - }); - } else if ( attribute == 'extension_services' ) { - attributeExample = yaml.safeLoad(fs.readFileSync(`./scripts/config/extension_services.yaml`, 'utf8')); - fs.readdirSync('examples/runtime_configs/snippets/').forEach(file => { - if (file.indexOf('extension_services_') !== -1) { - attributeExample[file.replace(/\.[^/.]+$/, "").split('_')[2]] = yaml.safeLoad(fs.readFileSync(`examples/runtime_configs/snippets/${file}`, {encoding:'utf8', flag:'r'})) - } - }); - } else { - attributeExample = yaml.safeLoad(fs.readFileSync(`./scripts/config/${attribute}.yaml`, 'utf8')); - } - const Doccer = new MyDoccer(); - Doccer.load(schema.properties[attribute]); - Doccer.generate(); - fs.appendFileSync('./SCHEMA.md', `### ${attribute}: Schema\r\n\r\n`); - fs.appendFileSync('./SCHEMA.md', Doccer.markdown); - fs.appendFileSync('./SCHEMA.md', '\r\n\r\n'); - fs.appendFileSync('./SCHEMA.md', `### ${attribute}: Configuration Examples\r\n\r\n`); - fs.appendFileSync('./SCHEMA.md', '```yaml\r\n'); - fs.appendFileSync('./SCHEMA.md', yaml.safeDump(attributeExample)); - fs.appendFileSync('./SCHEMA.md', '\r\n```\r\n'); - fs.appendFileSync('./SCHEMA.md', '***\r\n'); - } catch (e) { - console.error(`Attribute ${attribute} is missing an example. Please add at least one example to /scripts/config.`, e); - process.exit(1); - } - } - - fs.writeFileSync('./SCHEMA.md', '## F5 BIG-IP Runtime Init Schema and Examples\r\n\r\n'); - attributes.forEach(attribute => renderSchema(attribute)); - fs.appendFileSync('./SCHEMA.md', `## Additional Examples\r\n\r\n`); - fs.appendFileSync('./SCHEMA.md', `### Automated Toolchain declarations referenced here are available in the examples/automation_toolchain_declarations folder.\r\n\r\n`); - fs.appendFileSync('./SCHEMA.md', '```yaml\r\n'); - fs.appendFileSync('./SCHEMA.md', yaml.safeDump(completeExamples)); - fs.appendFileSync('./SCHEMA.md', '\r\n```\r\n'); -} - - - -renderDocs(); - diff --git a/scripts/README_template.md b/scripts/README_template.md deleted file mode 100755 index ebcb438d..00000000 --- a/scripts/README_template.md +++ /dev/null @@ -1,1412 +0,0 @@ -# BIG-IP Runtime Init - -[![Releases](https://img.shields.io/github/release/f5networks/f5-bigip-runtime-init.svg)](https://github.com/f5networks/f5-bigip-runtime-init/releases) -[![Issues](https://img.shields.io/github/issues/f5networks/f5-bigip-runtime-init.svg)](https://github.com/f5networks/f5-bigip-runtime-init/issues) - - -## Contents -- [BIG-IP Runtime Init](#big-ip-runtime-init) - - [Contents](#contents) - - [Introduction](#introduction) - - [Overview](#overview) - - [Features](#features) - - [Prerequisites](#prerequisites) - - [Caveats and Limitations](#caveats-and-limitations) - - [Validated BIG-IP versions](#validated-big-ip-versions) - - [Installer](#installer) - - [Downloads](#downloads) - - [Configuration](#configuration) - - [Configuration Examples and Schema Documentation](#configuration-examples-and-schema-documentation) - - [controls](#controls) - - [pre_onboard_enabled](#pre\_onboard\_enabled) - - [runtime_parameters](#runtime\_parameters) - - [bigip_ready_enabled](#bigip\_ready\_enabled) - - [extension_packages](#extension\_packages) - - [extension_services](#extension\_services) - - [post_onboard_enableds](#post\_onboard\_enabled) - - [post_hook](#post\_hook) - - [Usage Examples](#usage-examples) - - [Terraform](#terraform) - - [Azure snippet](#azure-terraform-snippet) - - [Azure (ARM Template) snippet](#azure-arm-template-snippet) - - [Download BIG-IP Runtime Config from a URL](#download-big-ip-runtime-config-from-a-url) - - [Inline BIG-IP Runtime Config](#inline-big-ip-runtime-config) - - [Native Template Examples](#native-template-examples) - - [Private Environments](#private-environments) - - [Disable Calls from the Installer](#disable-calls-from-the-installer) - - [Disable Calls from the Command](#disable-calls-from-the-command) - - [Troubleshooting](#troubleshooting) - - [Log to the Serial Console](#log-to-the-serial-console) - - [F5 Automation Toolchain Components](#f5-automation-toolchain-components) - - [Extension metadata file](#extension-metadata-file) - - [Documentation](#documentation) - - [Getting Help](#getting-help) - - [Filing Issues](#filing-issues) - - [Copyright](#copyright) - - [License](#license) - - [Apache V2.0](#apache-v20) - - -## Introduction - -BIG-IP Runtime Init is a tool that aims to simplify startup scripts for BIG-IP Virtual Edition. It does this by providing a single convenient YAML (1.2 spec) or JSON-based configuration file, which -* leverages [F5 Automation Tool Chain](https://www.f5.com/pdf/products/automation-toolchain-overview.pdf) declarations that are easier to author, validate, and maintain as code (vs. bigip.conf files); -* renders secrets from public cloud vaults; and -* renders runtime variables from metadata services. - -The result is a complete overlay deployment tool for configuring a BIG-IP instance. This allows us to extend our cloud solutions from native templates to other instance provisioning tools, such as Terraform and Ansible. For more information regarding sending startup scripts to BIG-IP VE, see [VE documentation](https://clouddocs.f5.com/cloud/public/v1/shared/cloudinit.html). - - -![BIG-IP Runtime Init](diagrams/f5_bigip_runtime_init_animated.gif) - - -## Overview - -From a high-level, using this tool involves three steps: - -- **Step 1**: Download and Install BIG-IP Runtime Init using the self-extracting installer: - ```sh - curl -o /tmp/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run && bash /tmp/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -- '--cloud [aws|azure|gcp]' - ``` - - See [installer](#installer) details and [downloads](#downloads) below. - -- **Step 2**: Download OR Render inline a Runtime Init configuration file (runtime-init-conf.yaml). - ```sh - curl -o /config/cloud/runtime-init-conf.yaml https://my-source-host/my-repo/bigip-configs/0.0.1/runtime-init-conf.yaml - ``` - - See [configuration](#configuration) details below. - -- **Step 3**: Load the configuration file: - ```sh - f5-bigip-runtime-init --config-file /config/cloud/runtime-init-conf.yaml - ``` - - - See usage [examples](#usage-examples) below. - -## Features -This repository includes both the BIG-IP Runtime Init source code and a self-extracting installer script for installing the main package. - -The installer script will do the following: - -- Determine the cloud environment where the script is running -- Extract and verify the appropriate cloud-specific package archive -- Install the package archive and create a command alias for f5-bigip-runtime-init - -Based on the content of the provided YAML or JSON configuration file, BIG-IP Runtime Init will do the following: - -- Download, verify, and install F5 Automation Toolchain packages (DO, AS3, FAST, TS, and CFE) from default package metadata, URLs, or local files. -- Download, verify, and install custom iApp LX packages from URLs or local files. -- Accept Automation Toolchain declarations from URLs or local files (must be valid JSON or YAML declarations). -- Get secrets from cloud provider secret management APIs (Azure KeyVault, AWS Secret Manager, GCP Secrets Manager, HashiCorp Vault). -- Get select attributes from cloud provider instance and network metadata. -- Render valid Automation Toolchain declarations based on rendered runtime variables (such as secrets and metadata attributes above) and provided declarations. -- POST rendered declarations to Automation Toolchain endpoints and verify success or failure. -- Run user-specified pre-onboard and post-onboard commands. -- Send a webhook with a customizable telemetry data to a user-specified endpoint. - - -## Prerequisites -- BIG-IP 14.1.2.6 or newer. -- A mechanism to copy the configuration file to the BIG-IP instance (cloud-init, user data, provider-specific methods). -- Access to the Internet (or other network location if files are locally hosted) for downloading the self-extracting installer package, RPM files, and SHA256 checksums for package verification. -- Access to the cloud provider metadata service if you rendering metadata runtime parameters. -- An IAM identity associated to the BIG-IP instance(s) with sufficient roles/permissions for accessing cloud provider APIs. - - -## Caveats and Limitations -- If leveraging the `extension_services` parameter to send DO declarations, the declarations cannot contain directives that will trigger a reboot. For example, a reboot would occur for any declaration that: - - contains a disk_class - - provisions a module (for example, APM) that creates a disk volume - -## Validated BIG-IP versions -BIG-IP Runtime Init has been tested and validated with the following versions of BIG-IP: - -| BIG-IP Version | Build Number | -| --- | --- | -| 15.1.2.1 | 0.0.10 | -| 14.1.3 | 0.0.7 | - -Newer versions are expected to work but have not been specifically tested. -## Installer - -The self-extracting installer accepts the following parameters: - -``` ---cloud | -c : Specifies cloud provider name. Allowed values: (aws, azure or gcp) ---key | -k : Provides location for GPG key used for verifying signature on RPM file ---skip-verify : Disables RPM signature verification ---toolchain-metadata-file-url : Provides overriding delivery URL for toolchain extension metadata file ---skip-toolchain-metadata-sync : Disables downloading automation toolchain metadata from the Internet ---telemetry-params : Specifies telemetry parameters as key:value pairs; (key01:value01,key02:value02). For sending F5 additional usage data. -``` - - -*NOTE*: Runtime Init can be installed generically on a cloud or environment not listed above by omitting the ``--cloud | -c`` parameter. For example, it can also be used in a VMware environment to install the F5 Automation Tool Chain packages and declarations. When omitted, Runtime Init's cloud specific integrations (runtime_parameters: ```type: secret``` and ```type: metadata``` ) will be disabled. See [runtime_parameters](#runtime\_parameters) section for details. - - -The installer also allows you to configure request retries to make the installation robust and tolerant to network instability. This can be done using the following environment variables: - -| Environment variable | Description | Default Value | -| --- | --- | --- | -| HTTP_RETRY | Number of retries before script will fail. | 12 | -| HTTP_RETRY_MAX_TIME | The retry timer (in seconds) is reset before the first transfer attempt. | 60 | -| HTTP_MAX_TIME | Maximum time (in seconds) that you allow the whole operation to take. | 5 | - - -**Examples:** - -Using `--cloud` parameter for basic AWS install: -``` - curl https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -o f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run && bash f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -- '--cloud aws' -``` - -See [Private Environments](#private-environments) section below for more install examples. - -## Downloads -Self-extracting installer, RPMs, and file hashes are available from the following locations: - -| Cloud | Type | Location | -| --- | --- | --- | -| All | Self-extracting installer | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run | -| All | SHA256 | https://github.com/f5networks/f5-bigip-runtime-init/releases/download/{{ RELEASE_VERSION }}/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run.sha256 | -| All | RPM | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-all-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm | -| All | SHA256 | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-all-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm.sha256 | -| AWS | RPM | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-aws-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm | -| AWS | SHA256 | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-aws-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm.sha256 | -| Azure | RPM | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-azure-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm | -| Azure | SHA256 | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-azure-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm.sha256 | -| GCP | RPM | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-gcp-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm | -| GCP | SHA256 | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-gcp-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm.sha256 | -| None | RPM | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-base-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm | -| None | SHA256 | https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/rpms/f5-bigip-runtime-init-base-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}-signed.noarch.rpm.sha256 | - - -## Configuration - -The BIG-IP Runtime Init configuration consists of the following attributes: - -| Attribute | Default Value | Required | Description | -| --- | --- | --- | --- | -| [controls](#controls) | none | No | List of runtime controls settings. | -| [pre_onboard_enabled](#pre\_onboard\_enabled) | none | No | List of commands to run that do not check if BIG-IP and MCPD are up and running. However, execution before BIG-IP is ready depends on cloud agent/download times/etc. | -| [runtime_parameters](#runtime\_parameters) | none | No | List of runtime parameters to gather. | -| [bigip_ready_enabled](#bigip\_ready\_nabled) | none | No | List of commands to run after BIG-IP and MCPD are up and running. Example: TMSH commands, misc optimizations, etc. | -| [extension_packages](#extension\_packages) | none | No | List of iControl Lx packages to download and install. | -| [extension_services](#extension\_ervices) | none | No | List of iControl Lx declarations to configure. | -| [post_onboard_enabled](#post\_onboard\_enabled) | none | No | List of commands to run after sending iControl LX declarations. | -| [post_hook](#post\_hook) | none | No | Webhook to send upon completion. | - -#### Configuration Examples and Schema Documentation - -A basic Runtime Init configuration file *(YAML)*. - -```yaml -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: ts - extensionVersion: 1.28.0 - - extensionType: fast - extensionVersion: 1.17.0 -``` - -See [SCHEMA.md](https://github.com/F5Networks/f5-bigip-runtime-init/blob/main/SCHEMA.md) for complete schema documentation and [/examples/runtime_configs](examples/runtime_configs/) for additional examples. - -### Controls -Runtime Init provides a list of controls intended for tuning Runtime Init execution as well as helping with troubleshooting issues: - -*NOTE:* These can also be set at runtime using an environment variable. For example: - -```bash -export F5_BIGIP_RUNTIME_INIT_LOG_LEVEL=silly && f5-bigip-runtime-init --config-file /config/cloud/runtime-init-conf.yaml -``` - - - **logLevel** - - *Description:* Defines log level. Allowed values are `error`, `warn`, `info`, `debug` and `silly`. *NOTE: F5 recommends putting Runtime Init in `silly` first. Although this results in large amounts of logs, it is generally more useful for troubleshooting initial deployments / new configurations.* - - *Default:* `info`. - - *Environment Variable:* F5_BIGIP_RUNTIME_INIT_LOG_LEVEL (string) - -- **logFilename** - - - *Description:* Defines the location of Runtime Init's log file. - - *Default:* `/var/log/cloud/bigIpRuntimeInit.log` - - *Environment Variable:* F5_BIGIP_RUNTIME_INIT_LOG_FILENAME (string) - - - - **logToJson** - - *Description:* Defines when log is outputted into JSON format. For example, - ```json - {"message":"this is a json message","level":"info","timestamp":"2020-08-04T00:22:28.069Z"} - ``` - - *Default:* `false` - - *Environment Variable:* F5_BIGIP_RUNTIME_INIT_LOG_TO_JSON (boolean) - - - - **extensionInstallDelayInMs** - - *Description:* Defines a delay between extensions installations. - - *Default:* `10000` - - *Environment Variable:* F5_BIGIP_RUNTIME_EXTENSION_INSTALL_DELAY_IN_MS (number) - - -***Examples:*** - -```yaml -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log - logToJson: true - extensionInstallDelayInMs: 60000 -``` - - -### pre_onboard_enabled - -*Description:* A list of commands to run that do NOT check if BIG-IP and MCPD are up and running. However, execution of before or after BIG-IP is ready depends on cloud agent/download times/etc. For instance, when Runtime-Init and/or files are baked directly into the BIG-IP Image using the [BIG-IP Image Generator](https://github.com/f5devcentral/f5-bigip-image-generator/). - - - -Allowed types are `inline`, `file` and `url`. - -***Examples:*** - - - **inline** - - ```yaml - pre_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/pre_onboard_script.sh - - chmod 777 /tmp/pre_onboard_script.sh - - echo "touch /tmp/create_by_autogenerated_pre_local" > /tmp/pre_onboard_script.sh - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true - ``` - - - **file** - - ```yaml - pre_onboard_enabled: - - name: example_local_exec - type: file - commands: - - /tmp/pre_onboard_script.sh - ``` - - - **url** - - ```yaml - pre_onboard_enabled: - - name: example_remote_exec - type: url - commands: - - https://the-delivery-location.com/remote_pre_onboard.sh - ``` - - -*NOTE:* Each command is executed independently from each other. For example, a bash variable in one command cannot be referenced by the following command. See the other command based attributes (ex. [bigip_ready_enabled](#bigip\_ready\_enabled), [post_onboard_enabled](#post\_onboard\_enabled) for more advanced command examples. - - -### runtime_parameters - - -*Description:* A list of parameters discovered at run (or deploy) time which are substituted *(using mustache handlebars)* in subsequent eligible runtime attributes: -* bigip_ready_enabled *(commands)* -* extension_services *(declarations sent to the Tool Chain endpoints)* -* post_onboard_enabled: *(commands)* -* post_hook - -Parameters can be dependent on each other, so one parameter value can be used within another parameter (see examples below for more details). - -Allowed types are `secret`, `tag`, `metadata`, `url` and `static`. - -- **secret** - - *Description:* Fetches a secret from a provider vault. This type requires the BIG-IP instance to have IAM **READ** permissions for the secrets. See the respective Cloud Provider's official documentation for additional information. For basic examples, see the [Terraform examples](examples/terraform). - - Allowed environments are `aws`, `azure`, `gcp` and `hashicorp`. - - ***Examples:*** - - **AWS:** - ```yaml - runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: SecretsManager - environment: aws - version: AWSCURRENT - secretId: mysecret - ``` - - **IAM Permissions:** - ```text - "secretsmanager:GetSecretValue", - "secretsmanager:DescribeSecret", - "secretsmanager:ListSecretVersionIds" - ``` - *For more information, see [AWS documentation](https://docs.aws.amazon.com/mediaconnect/latest/ug/iam-policy-examples-asm-secrets.html).* -
- - **Azure:** - ```yaml - runtime_parameters: - - name: AZURE_SERVICE_PRINCIPAL - type: secret - secretProvider: - type: KeyVault - environment: azure - vaultUrl: https://my-keyvault.vault.azure.net - secretId: mysecret - ``` - **IAM Permissions:** - ```text - key_permissions = ["get"] - secret_permissions = ["get","list"] - storage_permissions = ["get"] - ``` - *For more information, see [Azure documentation](https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets#secret-access-control).* -
- - **GCP:** - - ```yaml - runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: SecretsManager - environment: gcp - version: latest - secretId: mysecret - ``` - - **IAM Permissions:** - ```text - "secretmanager.versions.access" - "secretmanager.versions.list" - "secretmanager.versions.get" - "compute.instances.get" - ``` - *For more information, see [GCP documentation](https://cloud.google.com/secret-manager/docs/access-control).* -
- - **HashiCorp (using App Role authentication):** - - The following example uses the special value **data** in the field attribute to retrieve the entire secret response, which can then be referenced inside mustache handlebars inside the configuration. When referencing multiple secret values from a single response, this limits client requests to the Vault server to a minimum (you may also create a unique runtime parameter for each secret stored in Vault, using the provided examples). - - {{=<% %>=}} - ```yaml - runtime_parameters: - - name: ADMIN_PASS - type: secret - verifyTls: true - trustedCertBundles: ['/config/ssl/ssl.crt/my-ca-bundle.crt'] - secretProvider: - type: Vault - environment: hashicorp - vaultServer: https://127.0.0.1:8200 - appRolePath: /v1/auth/approle/login - secretsEngine: kv2 - secretId: secret/credential - field: data - version: 1 - authBackend: - type: approle - roleId: - type: url - value: file:///path/to/role-id - secretId: - type: inline - value: secret-id - unwrap: true - ... - extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: my BIG-IP declaration for declarative onboarding - Common: - class: Tenant - hostname: '{{{ HOST_NAME }}}.local' - foo: - class: User - userType: regular - password: '{{{ ADMIN_PASS.foo_password }}}' - shell: bash - partitionAccess: - all-partitions: - role: admin - bar: - class: User - userType: regular - password: '{{{ ADMIN_PASS.bar_password }}}' - shell: bash - partitionAccess: - all-partitions: - role: admin - ``` - <%={{ }}=%> - - *NOTE*: - - When the authBackend.secretId.unwrap attribute is set to `true` (recommended), the secretId value must be in the form of a wrapping token. BIG-IP Runtime Init will unwrap this token to retrieve the actual secret ID. This eliminates the need to pass the secret ID in the declaration. For more information, See the [HashiCorp AppRole documentation](https://learn.hashicorp.com/tutorials/vault/approle-best-practices#approle-response-wrapping) - - - This example also demonstrates how to use custom PKI certs for https requests to HashiCorp Vault server when verifyTls set to `true`. -
- - *For more information, see [HashiCorp documentation](https://www.vaultproject.io/docs/concepts/policies#policy-syntax).* -
- - - - - ##### Security - Masking Secrets - - By default, runtime will mask out (ex. \"password\":\"******\") the following common fields in declarations when logging: - - ```json - [ - "password", - "localPassword", - "remotePassword", - "bigIqPassword", - "bigIpPassword", - "passphrase", - "cookiePassphrase", - "certificate", - "privateKey", - "ciphertext", - "protected", - "secret", - "sharedSecret", - "secretAccessKey", - "apiAccessKey", - "encodedCredentials", - "encodedToken", - "oldPassword", - "newPassword", - "bindPassword", - "checkBindPassword", - "md5SignaturePassphrase" - ] - ``` - However, it is possible to extend this list by providing an additional (***field***) attribute for the Secret object: - - ```yaml - runtime_parameters: - - name: MY_SECRET - type: secret - secretProvider: - environment: azure - type: KeyVault - vaultUrl: https://my-keyvault.vault.azure.net - secretId: mySecret01 - field: newCustomSecretField - ``` - - This example shows instructing Runtime Init to also mask out the value for ```newCustomSecretField``` seen in any declarations. - - - **tag** - - *Description:* fetches a tag value from public cloud virtual machine resource. - - The example below demonstrates how to fetch the value for the tag, with the key "CustomTag", applied to the EC2 instance: - - ```yaml - runtime_parameters: - - name: TAG_VALUE - type: tag - tagProvider: - environment: aws - key: CustomTag - ``` - - *NOTE:* - - In Azure, Runtime-Init will gather tags from the metadata service and doesn't require any additional permissions. - - In AWS and GCP, Runtime-Init will gather them from the Cloud API which requires additional IAM permissions. - - - * AWS: - - ```text - "ec2:DescribeTags" - ``` - * GCP (Labels): - - ```text - "compute.instances.get" - ``` - * GCP also has several different types of tags (Labels, Network Tags, and Metadata Tags - ad hoc key/value pairs embedded in Metadata). As the Metadata Tags can be fetched using the generic `url` type if needed, this type leverages IAM roles to enable fetching "Labels". - - - **metadata** - - *Description:* Convenience function to grab common onboarding items from the Metadata Service. - - Allowed types are `network` and `uri`. - - For example, type `network` returns addresses reformatted in CIDR notation so you can use for Self-IPs. - - For more examples, see the [examples/runtime_configs](examples/runtime_configs/snippets) directory - - ***Examples:*** - - *AWS Self-IP* - ```yaml - runtime_parameters: - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - type: network - environment: aws - field: local-ipv4s - index: 1 - ``` - - *Azure Self-IP* - ```yaml - runtime_parameters: - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - type: network - environment: azure - field: ipv4 - index: 1 - ``` - - *GCP Self-IP* - ```yaml - runtime_parameters: - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - ``` - - Returns the CIDR address (ex. `10.0.0.5/24`) which is required by the Self-IP. - - The output can be further transformed using ipcalc functionality: - - - The ipcalc functionality provides the following transformation options: - - **address** - The provided address without netmask prefix. - - **base** - The base address of the network block as a string (eg: 216.240.32.0). Base does not give an indication of the size of the network block. - - **mask** - The netmask as a string (eg: 255.255.255.0). - - **hostmask** - The host mask which is the opposite of the netmask (eg: 0.0.0.255). - - **bitmask** - The netmask as a number of bits in the network portion of the address for this block (eg: 24). - - **size** - The number of IP addresses in a block (eg: 256). - - **broadcast** - The blocks broadcast address (eg: 192.168.1.0/24 => 192.168.1.255). - - **first** - First useable address. - - **last** - Last useable address. - - - The following example uses ipcalc to get the first useable IPv4 address using the CIDR of the first AWS subnet and resolves it to a runtime parameter named `GATEWAY`. - - ```yaml - runtime_parameters: - - name: GATEWAY - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 0 - ipcalc: first - ``` - This example returns `10.0.0.1` for the Self-IP `10.0.0.5/24`. - - The next example uses ipcalc to get the bitmask using the CIDR of the first AWS subnet and resolves it to a runtime parameter named as BITMASK. - - ```yaml - runtime_parameters: - - name: BITMASK - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 0 - ipcalc: bitmask - ``` - This example returns `24` for the Self-IP `10.0.0.5/24`. - - For fetching **AWS** Metadata, Runtime Init allows you use a custom URI. By default, Runtime Init uses AWS IMDSv2 to get AWS metadata: - - ```yaml - runtime_parameters: - - name: ACCOUNT_ID - type: metadata - metadataProvider: - environment: aws - type: uri - value: /latest/dynamic/instance-identity/document - query: accountId - ``` - - In the case where JSON response is returned, this type allows you to provide a [JMESPath](https://jmespath.org/) query filter. In example above, the response queries for the `accountId` key. - - - **url** - - *Description:* Defines a generic URL to fetch a runtime parameter. - - This type can be useful when gathering custom metadata not covered in the `metadataProvider` above, data from custom locations, session based URLs, etc. - - This type allows you to provide HTTP headers as well as a [JMESPath](https://jmespath.org/) query filter for JSON responses. The headers and query fields are *optional*. - -
- The following examples demonstrates how to fetch hostnames or virtual machine names for AWS, GCP and Azure: - - *AWS Hostname* - ```yaml - runtime_parameters: - - name: HOST_NAME - type: url - value: http://169.254.169.254/latest/meta-data/hostname - ``` - - *GCP Hostname* - ```yaml - runtime_parameters: - - name: HOST_NAME - type: url - value: http://169.254.169.254/computeMetadata/v1/instance/hostname - headers: - - name: Metadata-Flavor - value: Google - ``` - - *Azure Virtual Machine Name* - ```yaml - runtime_parameters: - - name: NAME - type: url - value: 'http://169.254.169.254/metadata/instance/compute?api-version=2020-09-01' - query: name - headers: - - name: Metadata - value: true - ``` - - The following AWS URL example has been superseded by the metadata `uri` type above but demonstrates linking Runtime Parameters together (to provide a session-based request). It first fetches an AWS Session token and leverages the JMESPath `query` field to filter for the `region` key. - - AWS: - - ```yaml - runtime_parameters: - - name: AWS_SESSION_TOKEN - type: url - value: http://169.254.169.254/latest/api/token - headers: - - name: Content-Type - value: json - - name: User-Agent - value: some-user-agent - - name: method - value: PUT - - name: X-aws-ec2-metadata-token-ttl-seconds - value: 21600 - - name: REGION - type: url - value: http://169.254.169.254/latest/dynamic/instance-identity/document - query: region - headers: - - name: Content-Type - value: json - - name: User-Agent - value: some-user-agent - - name: X-aws-ec2-metadata-token - value: "{{{AWS_SESSION_TOKEN}}}" - ``` - - The `url` type also allows you to provide a local file location using the "file://" schema. The example below demonstrates how to get a parameter value from the /config/cloud/paramter-file.txt file: - - ```yaml - runtime_parameters: - - name: SOME_PARAM - type: url - value: file:///config/cloud/paramter-file.txt - ``` - - - - **static** - - *Description:* defines a static value. - - Examples: - - This example replaces AVAILABILITY_ZONE token with "us-west-2a" string. - - ```yaml - runtime_parameters: - - name: AVAILABILITY_ZONE - type: static - value: us-west-2a - ``` - -### bigip_ready_enabled - - -*Description:* List of commands to run after BIG-IP and MCPD are up and running. Example: TMSH commands, misc optimizations, etc. - -Allowed types are `inline`, `file` and `url`. - -***Examples:*** - - - - **inline** - - ```yaml - bigip_ready_enabled: - # Dependent on GUI being up - - name: icontrol_settings - type: inline - commands: - - '/usr/bin/curl -s -f -u admin: -H "Content-Type: application/json" -d ''{"maxMessageBodySize":134217728}'' -X POST http://localhost:8100/mgmt/shared/server/messaging/settings/8100 | jq .' - # Dependent on MCPD being up - - name: using_runtime_variables - type: inline - commands: - - f5mku -r {{{ ADMIN_PASS }}} - # Dependent on TMSH / MCPD being up - - name: using_bash_variables_in_commands - type: inline - commands: - - "EXT_GW=$(curl -sH 'Metadata-Flavor: Google' http://169.254.169.254/computeMetadata/v1/instance/network-interfaces/0/gateway); tmsh create net route ext_gw_int network $EXT_GW/32 interface external" - - "INT_GW=$(curl -sH 'Metadata-Flavor: Google' http://169.254.169.254/computeMetadata/v1/instance/network-interfaces/2/gateway); tmsh create net route int_gw_int network $INT_GW/32 interface internal" - ``` - - -*NOTE:* Each command is executed in a separate shell context from each other. For example, a bash variable in one command cannot be referenced by the following command. For instance, in the example above, the command with the `$INT_GW` variable would not be able to render the `$EXT_GW` variable from command above it. For more examples, see the [examples/runtime_configs](examples/runtime_configs/snippets) directory. - - -### extension_packages - -*Description:* List of iControl Lx packages to download and install. - -Allowed extensionTypes are `do`, `as3`, `ts`, `fast` and `cfe`. - -***Examples:*** - - - *minimal* - - ```yaml - extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: ts - extensionVersion: 1.28.0 - - extensionType: fast - extensionVersion: 1.17.0 - ``` - - - *with hash checking* - - ```yaml - extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - extensionHash: c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f - - extensionType: as3 - extensionVersion: 3.36.0 - extensionHash: f7d88910535b97e024b7208b521c9f1a802d39176dc0f81da0ed166abc1617e0 - - extensionType: ts - extensionVersion: 1.28.0 - extensionHash: c3dc9cd67ef89815c58da4a148080744ef7b4337e53d67f00a46c8b591fb8187 - - extensionType: fast - extensionVersion: 1.17.0 - extensionHash: 94109f1c3e1180080779de91a5a91ff7baf6dfb9b373396d2b785f886c92550a - ``` - - - *custom from URL* - - ```yaml - extension_packages: - install_operations: - - extensionType: do - extensionUrl: https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.29.0/f5-declarative-onboarding-1.29.0-8.noarch.rpm - extensionVersion: 1.29.0 - - extensionType: as3 - extensionUrl: file:///var/config/rest/downloads/f5-appsvcs-3.36.0-6.noarch.rpm - extensionVersion: 3.36.0 - - extensionType: fast - extensionUrl: https://github.com/F5Networks/f5-appsvcs-templates/releases/download/v1.17.0/f5-appsvcs-templates-1.17.0-1.noarch.rpm - extensionVersion: 1.17.0 - ``` - - *NOTE: ```extensionVersion``` is not required when used with the ```extensionUrl``` field.* - - -For more examples, see the [examples/runtime_configs](examples/runtime_configs/snippets) directory. - - -### extension_services - -*Description:* List of iControl Lx declarations to configure. - -Allowed extensionTypes are `do`, `as3`, `ts` and `cfe`. - -Allowed value types are `inline`, `file` and `url`. - -***Examples:*** - - - - **inline** - - ```yaml - extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - label: >- - Quickstart 1NIC BIG-IP declaration for Declarative Onboarding with BYOL - license - async: true - Common: - class: Tenant - My_DbVariables: - class: DbVariables - provision.extramb: 1000 - restjavad.useextramb: true - ui.advisory.enabled: true - ui.advisory.color: blue - ui.advisory.text: BIG-IP Quickstart - My_Provisioning: - class: Provision - asm: nominal - ltm: nominal - My_Ntp: - class: NTP - servers: - - 169.254.169.253 - timezone: UTC - My_Dns: - class: DNS - nameServers: - - 169.254.169.253 - My_License: - class: License - licenseType: regKey - regKey: 'AAAAA-BBBBB-CCCCC-DDDDD-EEEEEEE' - My_System: - class: System - autoPhonehome: true - hostname: bigip.example.com - quickstart: - class: User - partitionAccess: - all-partitions: - role: admin - password: 'BIGIP_PASSWORD' - shell: bash - userType: regular - - extensionType: as3 - type: inline - value: - class: AS3 - action: deploy - persist: true - declaration: - class: ADC - schemaVersion: 3.0.0 - label: Sample 1 - remark: Simple HTTP Service with Round-Robin Load Balancing - Sample_01: - class: Tenant - A1: - class: Application - template: http - serviceMain: - class: Service_HTTP - virtualAddresses: - - 10.0.1.10 - pool: web_pool - web_pool: - class: Pool - monitors: - - http - members: - - servicePort: 80 - serverAddresses: - - 192.0.1.10 - - 192.0.1.11 - ``` - - - **url** - - ```yaml - extension_services: - service_operations: - - extensionType: do - type: url - value: https://cdn.f5.com/product/cloudsolutions/declarations/template2-0/autoscale-waf/autoscale_do_payg.json - verifyTls: false - - extensionType: as3 - type: url - value: file:///examples/automation_toolchain_declarations/as3.json - ``` - -*NOTE:* - - *If using the `url` type, the declarations can be in JSON or YAML format.* - -For more examples, see the [examples/runtime_configs](examples/runtime_configs/snippets) directory. - -*TIP*: - - If creating multiple service extension services, you may need to order them in a particular sequence. For example, if creating a cluster with Declarative Onboarding (DO) and additional extension services, run the first Declarative Onboarding declaration without the device service clustering elements, then run the additional services, and finally, the Declarative Onboarding declaration again with the clustering elements. - - For examples, see `failover` solutions in the [Native Template Examples](#native-template-examples). - - -### post_onboard_enabled - -*Description:* List of commands to run after sending iControl LX declarations. - -Allowed types are `inline`, `file` and `url`. - - -***Examples:*** - - - **inline** - - ```yaml - post_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/post_onboard_script.sh - - chmod 777 /tmp/post_onboard_script.sh - - echo "touch /tmp/create_by_autogenerated_post_local" > /tmp/post_onboard_script.sh - ``` - - -*NOTE:* Each command is executed independently from each other. For example, a bash variable in one command cannot be referenced by the following command. For more examples, see the [examples/runtime_configs](examples/runtime_configs/snippets) directory. - -### post_hook - -*Description:* Webhook to send upon completion. - -***Examples:*** - -```yaml -post_hook: - - name: example_webhook - type: webhook - url: https://webhook.site - properties: - optionalKey1: optional_value1 - optionalKey2: optional_value2 -``` - -For more examples, see the [examples/runtime_configs](examples/runtime_configs/snippets) directory. - - -## Usage Examples -### Terraform - -Terraform plans will generally consist of the following: - - - a startup_script template (.tpl) - - passing the rendered startup script to the instance's startup script parameter - - -#### Azure snippet - -In this snippet: - -``` -resource "azurerm_linux_virtual_machine" "vm" { - name = "vm-${module.utils.env_unique_id}-bigip" - resource_group_name = azurerm_resource_group.rg.name - location = azurerm_resource_group.rg.location - size = var.instance_size - admin_username = var.admin_username - - admin_ssh_key { - username = var.admin_username - public_key = file(var.f5_ssh_publickey) - } - - os_disk { - caching = "ReadWrite" - storage_account_type = "Standard_LRS" - } - - source_image_reference { - publisher = var.publisher - offer = var.offer - sku = var.sku - version = var.bigip_version - } - - plan { - publisher = var.publisher - product = var.offer - name = var.sku - } - - boot_diagnostics { - storage_account_uri = var.boot_diagnostics ? join(",", azurerm_storage_account.vm_sa.*.primary_blob_endpoint) : "" - } - - network_interface_ids = [ - azurerm_network_interface.nic_mgmt.id, - azurerm_network_interface.nic_external.id, - azurerm_network_interface.nic_internal.id - ] - - identity { - type = "UserAssigned" - identity_ids = [azurerm_user_assigned_identity.user_identity.id] - } - - custom_data = base64encode(templatefile("${path.module}/startup-script.tpl", { - admin_username: var.admin_username, - bigip_vault_name: "key-vault-${module.utils.env_unique_id}-bigip", - secret_id: "secret-${module.utils.env_unique_id}-bigIpPassword", - package_url: var.bigip_runtime_init_package_url, - })) - - tags = merge(var.global_tags, { Name="vm-${module.utils.env_unique_id}-bigip" }) - -} -``` - -The startup script is templatized in startup-script.tpl and sent using the VM's ```custom_data``` parameter. On BIG-IP versions 15.1+, Cloud-Init will execute this script directly. However, for earlier versions, azurerm_virtual_machine_extension is used to run it. See [BIG-IP Cloud-Init documentation](!https://clouddocs.f5.com/cloud/public/v1/shared/cloudinit.html) for more information. - - -The Terraform template for the startup script contains the following contents. - -```sh -#!/bin/bash -x - -# Send output to log file and serial console -mkdir -p /var/log/cloud /config/cloud /var/config/rest/downloads -LOG_FILE=/var/log/cloud/startup-script.log -[[ ! -f $LOG_FILE ]] && touch $LOG_FILE || { echo "Run Only Once. Exiting"; exit; } -npipe=/tmp/$$.tmp -trap "rm -f $npipe" EXIT -mknod $npipe p -tee <$npipe -a $LOG_FILE /dev/ttyS0 & -exec 1>&- -exec 1>$npipe -exec 2>&1 - -# Download or Render BIG-IP Runtime Init Config -cat << 'EOF' > /config/cloud/runtime-init-conf.yaml ---- -%readme_snippet_01% - -EOF - - - -# Download -for i in {1..30}; do - curl -fv --retry 1 --connect-timeout 5 -L "${package_url}" -o "/var/config/rest/downloads/f5-bigip-runtime-init.gz.run" && break || sleep 10 -done -# Install -bash /var/config/rest/downloads/f5-bigip-runtime-init.gz.run -- "--cloud azure" -# Run -f5-bigip-runtime-init --config-file /config/cloud/runtime-init-conf.yaml - -``` - -*NOTE:* - - ```--cloud azure``` is passed to the installer to specify the environment. - - Terraform templates use the `${variable}` syntax for variables. To preserve a bash variable in the rendered script, it uses the escape syntax `$${bash_variable}`. - - When BIG-IP is launched, Terraform renders the template's `${secret_id}` variable. For example, the rendered file on BIG-IP will contain: - ```yaml - runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - environment: azure - type: KeyVault - vaultUrl: 'https://key-vault-1cqephd9-bigip.vault.azure.net' - secretId: secret-1cqephd9-bigIpPassword - ``` - When Runtime Init runs, it will fetch the **value** for that secret named `secret-1cqephd9-bigIpPassword` and set the runtime variable ``ADMIN_PASS``. Runtime Init will then render any tool chain declarations with the mustache variable ```{{{ ADMIN_PASS }}}``` with the secret **value** (i.e. the actual admin password) in its POST payload to the Tool Chain service endpoint. For example: - ``` - ... - 2022-03-16T22:19:06.147Z [10306]: info: Creating - do 1.27.0 {"schemaVersion":"1.0.0","class":"Device", - ... - "admin":{"class":"User","userType":"regular","partitionAccess":{"all-partitions":{"role":"admin"}},"password":"********","shell":"bash"}, - ... - ``` - -For similar **AWS** and **GCP** examples, see the [examples/terraform](examples/terraform) directory. - -### Azure (ARM Template) snippet -#### Download BIG-IP Runtime Config from URL -```json -"commandToExecute": "concat('mkdir -p /config/cloud; mkdir -p /var/log/cloud/azure; cp $(ls -v | tail -n1)/runtime-init-conf.yaml /config/cloud/runtime-init-conf.yaml; curl -L https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -o f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run && bash f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -- ', variables('singleQuote'), '--cloud azure', variables('singleQuote'), ' 2>&1')", -"fileUris": [ - "https://example.com/runtime-init-conf.yaml" -] -``` -#### Inline BIG-IP Runtime Config -```json -"commandToExecute": "[concat('mkdir -p /config/cloud; mkdir -p /var/log/cloud/azure; echo -e ', variables('singleQuote'), parameters('runtimeConfig'), variables('singleQuote'), ' > /config/cloud/runtime-init-conf.yaml; curl -L https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v{{ RELEASE_VERSION }}/dist/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -o f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run; bash f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -- ', variables('singleQuote'), '--cloud azure', variables('singleQuote'), ' 2>&1; f5-bigip-runtime-init --config-file /config/cloud/runtime-init-conf.yaml 2>&1')]" -``` - -### Native Template Examples - -For more native template examples, see: -- [Azure ARM Templates](https://github.com/F5Networks/f5-azure-arm-templates-v2/) -- [AWS CloudFormation Templates](https://github.com/F5Networks/f5-aws-cloudformation-v2) -- [Google Deployment Manager Templates](https://github.com/F5Networks/f5-google-gdm-templates-v2) - -For example runtime-init configurations, go to the `/bigip-configurations` directory in a solution folder. For example, see `failover` examples in `examples/failover/bigip-configurations`. - -## Private Environments - -Some environments may not allow BIG-IPs to have any access to the Internet. In these cases, startup scripts can be customized to download packages and/or config files from locally hosted URLs. By default, the installer makes calls to the Internet to download a [GPG key](https://f5-cft.s3.amazonaws.com/f5-bigip-runtime-init/gpg.key) to verify RPM signatures, find the latest Automation Tool Chain packages, and send usage data. To disable calls to the Internet, you can use the examples below: - -#### Disable Internet Calls from the Installer - -Example (secure) of hosting the GPG key locally and disabling checking for latest Automation Tool Chain packages. -``` - curl https://myprivatehost/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -o f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run && bash f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -- '--cloud aws --key https://mylocalhost/gpg.key --skip-toolchain-metadata-sync' -``` - -Example (thisisinsecure) of skipping downloading the GPG key entirely and checking for latest Automation Tool Chain packages, using a local copy of the metadata instead. -``` -curl https://myprivatehost/f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -o f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -o f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run && bash f5-bigip-runtime-init-{{ RELEASE_VERSION }}-{{ RELEASE_BUILD }}.gz.run -- '--cloud aws --skip-verify --skip-toolchain-metadata-sync' -``` - -#### Disable Internet Calls from the Command - -To disable the f5-bigip-runtime-init command from sending usage reporting, you can include the '--skip-telemetry' parameter. -``` -f5-bigip-runtime-init -c /config/cloud/runtime-init-conf.yaml --skip-telemetry -``` - -If using the `extension_services` feature to send Declarative Onboarding declarations, you can alternatively set the [autoPhonehome property](https://clouddocs.f5.com/products/extensions/f5-declarative-onboarding/latest/schema-reference.html#system) to disabled. Using the [autoPhonehome property](https://clouddocs.f5.com/products/extensions/f5-declarative-onboarding/latest/schema-reference.html#system) will prevent BIG-IP from sending telemetry data globally. For more information on how to disable Automatic Phone Home, see this [Overview of the Automatic Update Check and Automatic Phone Home features](https://support.f5.com/csp/article/K15000#1). - -Here is an example of the payload that is sent by F5 TEEM -```json - -"telemetryRecords": [ - { - "platform": "BIG-IP", - "platformVersion": "14.1.4.4", - "nicConfiguration": "multi", - "cloudAccountId": "", - "regkey": "", - "platformDetails": { - "platform": "BIG-IP", - "platformVersion": "14.1.4.4", - "platformId": "Z100", - "system": { - "cpuCount": 4, - "memory": 15753, - "diskSize": 77824 - }, - "nicCount": 2, - "modules": { - "ltm": "nominal" - }, - "packages": {}, - "environment": { - "pythonVersion": "Python 2.7.5", - "pythonVersionDetailed": "2.7.5 (default, Aug 12 2021, 23:00:20) \n[GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]", - "nodeVersion": "v6.9.1", - "libraries": { - "ssh": "OpenSSH_7.4p1, OpenSSL 1.0.2s-fips 28 May 2019" - } - } - }, - "templateInfo": { - "install": "All operations finished successfully", - "templateName": "bigip-standalone.yaml", - "templateVersion": "v1.1.0.0", - "nicCount": 2, - "cloud": "aws", - "region": "us-west-2", - "localization": "en-US" - }, - "product": { - "version": "1.3.2", - "locale": "en-US", - "installDate": "2021-11-18T19:29:45.486Z", - "installationId": "f4573f4e-dcd7-4a91-8a0a-3704fca5255f", - "installedComponents": { - "commander": "^4.1.0", - "winston": "^3.3.3", - "get-user-locale": "^1.4.0", - "uuid": "^8.2.0", - "@f5devcentral/f5-teem": "^1.4.6", - "js-yaml": "^3.13.1", - "mustache": "^4.0.0", - "request": "^2.88.0", - "jmespath": "^0.15.0", - "netmask": "^2.0.2", - "aws-sdk": "^2.610.0", - "lodash.where": "^3.1.0" - } - }, - "operation": { - "clientRequestId": "0a1bad90-2feb-4eb8-afd6-c851b3b4ffce", - "rawCommand": "f5-runtime-init -c /config/cloud/onboard_config.yaml", - "pre_onboard_enabled": { - "commands": 1 - }, - "runtime_params": { - "secrets": 3, - "metadata": 6 - }, - "vaults": { - "aws": 1, - "azure": 0, - "gcp": 0, - "hashicorp": 2 - }, - "userAgent": "f5-bigip-runtime-init/1.3.2", - "extension_packages": { - "do": "1.23.0", - "fast": "1.11.0", - "ilx": "0.1.0" - }, - "extension_services": { - "do": true, - "as3": true - }, - "post_onboard_enabled": { - "commands": 3, - "postHooks": 0 - }, - "result": "FAILURE", - "resultSummary": "All operations finished successfully", - "startTime": "2021-11-18T19:29:43.325Z", - "endTime": "2021-11-18T19:29:43.387Z", - "installParams": [ - { - "key": "templateName", - "value": "v1.1.0.0/examples/modules/bigip-standalone/bigip-standalone.yaml" - } - ] - } - } - ] -``` - - -## Troubleshooting - -### Log to the Serial Console - -F5 first recommends adding the following to the beginning of your startup scripts to log the Serial Console as well as provide a consistent logging location. - -``` -mkdir -p /var/log/cloud -LOG_FILE=/var/log/cloud/startup-script.log -npipe=/tmp/$$.tmp -trap "rm -f $npipe" EXIT -mknod $npipe p -tee <$npipe -a $LOG_FILE /dev/ttyS0 & -exec 1>&- -exec 1>$npipe -exec 2>&1 -``` - -Some environments have additional resource requirements for the instance to enable the Serial Console/Logging. For instance, see this [Azure example](https://github.com/F5Networks/f5-bigip-runtime-init/blob/main/examples/terraform/azure). - - -If the BIG-IP or Service is not reachable, first review the console logs (see your cloud provider for details) for any errors. - -If possible, try to log in to the BIG-IP instance via SSH (mgmt interface) to examine the logs. Serial console login may also be possible but only for partial onboarding successes where passwords were configured successfully (ex. with Declarative Onboarding). To verify the BIG-IP deployment, perform the following steps: - -- Check the `startup-script` sent to user_data to make sure it was installed/interpolated correctly: - - AWS: - - ```cat /opt/cloud/instance/user-data.txt``` - - Azure: - - ```cat /var/lib/waagent/CustomData | base64 -d``` - - GCP: - - Option Not Available -- Check the logs (in order of invocation): - - waagent logs: - - */var/log/waagent.log* *(Azure Only)* - - cloud-init logs: - - */var/log/boot.log* - - */var/log/cloud-init.log* - - */var/log/cloud-init-output.log* - - runtime-init logs: - - */var/log/cloud/startup-script.log*: This file contains events that happen prior to execution of f5-bigip-runtime-init. For example, if the Runtime Init package failed to download, the installer failed to download a file, etc. - - */var/log/cloud/bigipRuntimeInit.log*: This file contains events logged by the f5-bigip-runtime-init onboarding utility. If the configuration is invalid causing onboarding to fail, you will see those events logged here. If the deployment is successful, you will see an event with the body "All operations completed successfully". - - Automation Tool Chain logs: - - */var/log/restnoded/restnoded.log*: This file contains events logged by the BIG-IP Automation Toolchain components. If an Automation Toolchain declaration fails to deploy, you will see more details for those events logged here. - -- *GENERAL LOG TIP*: Search for the most critical error level errors first (for example, `egrep -i err /var/log/[log name]`). - - -### BIG-IP Automation Toolchain Components - -Help with troubleshooting individual Automation Toolchain components can be found at F5's [Public Cloud Docs](http://clouddocs.f5.com/cloud/public/v1/): -- DO: https://clouddocs.f5.com/products/extensions/f5-declarative-onboarding/latest/troubleshooting.html -- AS3: https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/userguide/troubleshooting.html -- FAST: https://clouddocs.f5.com/products/extensions/f5-appsvcs-templates/latest/userguide/troubleshooting.html -- TS: https://clouddocs.f5.com/products/extensions/f5-telemetry-streaming/latest/userguide/troubleshooting.html -- CFE: https://clouddocs.f5.com/products/extensions/f5-cloud-failover/latest/userguide/troubleshooting.html - -### Extension metadata file -BIG-IP Runtime Init uses the "extension metadata" file (JSON document) to identify package delivery URL for each BIG-IP Automation Toolchain extension. Each Runtime Init build includes an extension metadata file and it is stored under the following directory: src/lib/bigip/toolchain/toolchain_metadata.json - -The latest "extension metadata" file is published on F5 CDN under the following location: https://cdn.f5.com/product/cloudsolutions/f5-extension-metadata/latest/metadata.json -As a part of the installation workflow, by default, Runtime Init will attempt to fetch the latest available version of the extension metadata from the Internet and will replace the built-in file; however, providing `--skip-toolchain-metadata-sync` flag to the Runtime Init installation allows you to skip extension metadata sync and fall back to the built-in extension metadata file. - -In a situation, when custom extension_metadata file needs to be used, Runtime Init installation allows to override delivery URL for the "extension metadata" file using the `--toolchain-metadata-file-url` parameter. See the [Installer](#installer) section for more details. - - - -## Documentation -For more information on BIG-IP cloud solutions, including manual configuration procedures for some deployment scenarios, see F5's [Public Cloud Docs](http://clouddocs.f5.com/cloud/public/v1/). - - -## Getting Help -The example declarations in this document are intended to provide reference onboarding configurations for BIG-IP Virtual Editions. Read more about [Support Policies](https://www.f5.com/company/policies/support-policies). - -### Filing Issues -If you find an issue, we would love to hear about it. - -- Use the **Issues** link on the GitHub menu bar in this repository for items such as enhancement or feature requests and non-urgent bug fixes. Tell us as much as you can about what you found and how you found it. - - -## Copyright -Copyright 2014-2022 F5 Networks Inc. - - -## License - -#### Apache V2.0 - -Licensed under the Apache License, Version 2.0 (the "License"); you may not use -this file except in compliance with the License. You may obtain a copy of the -License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and limitations -under the License. diff --git a/scripts/auditProcessor.js b/scripts/auditProcessor.js deleted file mode 100755 index 27ea7292..00000000 --- a/scripts/auditProcessor.js +++ /dev/null @@ -1,129 +0,0 @@ -/** - * Copyright 2020 F5 Networks, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * - * Note: This is a light wrapper around "npm audit" to support features such as: - * - Whitelisting specific vulnerabilities (typically until fix is released in downstream package) - * - Providing options in package.json inside "auditProcessor" property - * - * Usage: node auditProcessor.js --help - */ - -'use strict'; - -const fs = require('fs'); -const path = require('path'); -const yargs = require('yargs'); - -const PACKAGE_JSON = path.join(process.cwd(), 'package.json'); -const AUDIT_REPORT = path.join(process.cwd(), '.auditReport.json'); -const DEFAULT_EXIT_CODE = 0; - - -class AuditProcessor { - constructor() { - this.report = {}; - this.vulnerabilities = []; - this.exitCode = DEFAULT_EXIT_CODE; - } - - log(msg) { - console.log(msg); // eslint-disable-line no-console - } - - /** - * Load report - Loads "npm audit --json" output - * - * @returns {Void} - */ - loadReport() { - if (!fs.existsSync(AUDIT_REPORT)) { - throw new Error('Please run "npm audit" first.'); - } - this.report = JSON.parse(fs.readFileSync(AUDIT_REPORT, 'utf-8')); - } - - /** - * Process report - * - * @param {Object} options - function options - * @param {Array} [options.whitelist] - array containing zero or more ID's to ignore - * - * @returns {Void} - */ - processReport(options) { - options = options || {}; - const whitelist = options.whitelist || []; - - // parse out vulnerabilities - this.report.actions.forEach((action) => { - action.resolves.forEach((item) => { - this.vulnerabilities.push({ - module: action.module, - path: item.path, - vulnerability: { - id: item.id, - url: this.report.advisories[item.id].url, - recommendation: this.report.advisories[item.id].recommendation - } - }); - }); - }); - // determine if any vulnerabilities should be ignored - if (whitelist.length) { - this.vulnerabilities = this.vulnerabilities.filter(vuln => !whitelist.includes(vuln.vulnerability.id)); - } - } - - /** - * Notify - Determine exit code, what should be logged - * - * @returns {Void} - */ - notify() { - // check for vulnerabilities and act accordingly - if (this.vulnerabilities.length) { - this.log(this.vulnerabilities); - this.log(`IMPORTANT: ${this.vulnerabilities.length} vulnerabilities exist, please resolve them!`); - process.exit(1); - } - // good to go - this.log('No dependency vulnerabilities exist!'); - process.exit(this.exitCode); - } -} - -function main() { - const argv = yargs - .version('1.0.0') - .command('whitelist', 'Whitelist specific vulnerabilities by ID') - .example('$0 --whitelist 1234,1235', 'Whitelist vulnerabilities 1234 and 1235') - .help('help') - .argv; - - const optionsFromConfig = JSON.parse(fs.readFileSync(PACKAGE_JSON, 'utf-8')).auditProcessor; - const parsedArgs = { - whitelist: argv.whitelist || optionsFromConfig.whitelist || '' - }; - - const auditProcessor = new AuditProcessor(); - auditProcessor.loadReport(); - auditProcessor.processReport({ - whitelist: parsedArgs.whitelist.toString().split(',').map(item => parseInt(item, 10)) - }); - auditProcessor.notify(); -} - -main(); diff --git a/scripts/build_package.sh b/scripts/build_package.sh deleted file mode 100755 index 4fce233b..00000000 --- a/scripts/build_package.sh +++ /dev/null @@ -1,95 +0,0 @@ -#!/bin/bash - -MAINDIR="$(dirname $0)/.." -NAME=$(cat ${MAINDIR}/package.json | jq .name -r) -CLOUDS=(azure aws gcp all base) -COMMON_DEPENDENCIES=$(cat ${MAINDIR}/package.json | jq -r ".dependencyMap.common") -VERSION=$(cat ${MAINDIR}/package.json | jq -r ".version") -RELEASE=$(cat ${MAINDIR}/package.json | jq -r ".release") - -echo "*** Clean up dist/ directory" -rm -r dist/ -echo "*** Generate JS code using tsc command" -tsc - -echo "*** Set persmissions on scripts" -chmod -R 744 ${MAINDIR}/scripts/* - -echo "*** Create dist/rpms directory" -mkdir -p dist/rpms -for cloud in "${CLOUDS[@]}"; do - echo "*** Create ${cloud} artifact directory" - mkdir -p dist/${cloud}/rpmbuild - mkdir -p dist/working/${cloud} - - echo "*** Build cloud-specific package.json" - if [[ ${cloud} == "all" ]]; then - # Package for all supported public clouds (AWS, Azure, GCP) - cp ${MAINDIR}/dist/package.json ${MAINDIR}/dist/working/${cloud} - elif [[ ${cloud} == "base" ]]; then - # Package without any Public Cloud SDKs - final_dependencies=$(jq --argjson common "${COMMON_DEPENDENCIES}" -n '$common') - jq --argjson final "${final_dependencies}" '.dependencies = $final' ${MAINDIR}/dist/package.json > ${MAINDIR}/dist/working/${cloud}/package.json - else - # Cloud Specific package - cloud_dependencies=$(cat ${MAINDIR}/dist/package.json | jq -r ".dependencyMap.${cloud}") - final_dependencies=$(jq --argjson common "${COMMON_DEPENDENCIES}" --argjson cloud "${cloud_dependencies}" -n '$common + $cloud') - jq --argjson final "${final_dependencies}" '.dependencies = $final' ${MAINDIR}/dist/package.json > ${MAINDIR}/dist/working/${cloud}/package.json - fi - - echo "*** Install cloud-specific dependencies" - npm install --prefix ${MAINDIR}/dist/working/${cloud} --production - - echo "*** Copy source code to working" - cp -r ${MAINDIR}/dist/src ${MAINDIR}/dist/working/${cloud} - - echo "*** Generate RPM Package" - rpmbuild --quiet -bb \ - --define "main $(pwd)" \ - --define "_topdir %{main}/dist/${cloud}/rpmbuild" \ - --define "_name ${NAME}-${cloud}" \ - --define "_version ${VERSION}" \ - --define "_release ${RELEASE}" \ - --define "cloud ${cloud}" \ - f5-bigip-runtime-init.spec - OUTPUT=$(ls -t dist/${cloud}/rpmbuild/RPMS/noarch/*.rpm 2>/dev/null | head -1) - cp ${OUTPUT} ${MAINDIR}/dist/${cloud} - echo "*** Built RPM: ${OUTPUT##*/}" - - echo "*** Sign package titled as ${NAME}-${cloud}-${VERSION}-${RELEASE}.noarch.rpm" - curl -sk -X POST -H "Authorization: Bearer $CM_SIGNER_ACCESS_TOKEN" -F "file=@dist/${cloud}/${NAME}-${cloud}-${VERSION}-${RELEASE}.noarch.rpm" -o "dist/rpms/${NAME}-${cloud}-${VERSION}-${RELEASE}-signed.noarch.rpm" "https://${RPM_SIGNER}/api/v1/sign/rpm" - echo "*** Set execution permission ${NAME}-${cloud}-${VERSION}-${RELEASE}-signed.noarch.rpm" - chmod +x dist/rpms/${NAME}-${cloud}-${VERSION}-${RELEASE}-signed.noarch.rpm - echo "*** Completed signing packge. Deleting original package: ${NAME}-${cloud}-${VERSION}-${RELEASE}.noarch.rpm" - rm dist/${cloud}/${NAME}-${cloud}-${VERSION}-${RELEASE}.noarch.rpm - - echo "*** Validate signed RPM Package" - rpm -qipvv dist/rpms/${NAME}-${cloud}-${VERSION}-${RELEASE}-signed.noarch.rpm - if [[ $? -ne 0 ]]; then - echo "Couldn't validate the signed RPM package" - fi - echo "*** Finished validating signed RPM Package" - - echo "*** Create SHA-256 file" - cd dist/rpms/ - sha256sum ${NAME}-${cloud}-${VERSION}-${RELEASE}-signed.noarch.rpm > ${NAME}-${cloud}-${VERSION}-${RELEASE}-signed.noarch.rpm.sha256 - cd ../.. - echo "*** Created SHA-256 checksum files" - - echo "*** Cleanup for ${cloud} cloud ..." - rm -r dist/${cloud} - rm -r dist/working/${cloud} -done - -echo "*** Remove working files from dist/" -rm -r dist/working -rm -r dist/src -rm -r dist/package.json - -echo "*** Start creating makeself package" -echo "*** Copy over install script" -cp ${MAINDIR}/scripts/install_rpm.sh ${MAINDIR}/dist/rpms -echo "*** Set permissions on install script to allow exectuon" -chmod +x ${MAINDIR}/dist/rpms/install_rpm.sh -echo "*** Generate makeself package" -${MAINDIR}/scripts/makeself.sh ${MAINDIR}/dist/rpms dist/${NAME}-${VERSION}-${RELEASE}.gz.run "F5 BIGIP Runtime Init installation" ./install_rpm.sh diff --git a/scripts/config/bigip_ready_enabled.yaml b/scripts/config/bigip_ready_enabled.yaml deleted file mode 100644 index f22b8c06..00000000 --- a/scripts/config/bigip_ready_enabled.yaml +++ /dev/null @@ -1,21 +0,0 @@ -inline: - description: Runs commands specified inline - bigip_ready_enabled: - - name: set_message_size - type: inline - commands: - - '/usr/bin/curl -s -f -u admin: -H "Content-Type: application/json" -d ''{"maxMessageBodySize":134217728}'' -X POST http://localhost:8100/mgmt/shared/server/messaging/settings/8100 | jq .' -local_exec: - description: Runs commands from a local file - bigip_ready_enabled: - - name: example_local_exec - type: file - commands: - - /tmp/bigip_ready_enabled.sh -remote_exec: - description: Runs commands from a URL - bigip_ready_enabled: - - name: example_remote_exec - type: url - commands: - - https://the-delivery-location.com/bigip_ready_enabled.sh \ No newline at end of file diff --git a/scripts/config/cloud_config_hashicorp_secret.yaml b/scripts/config/cloud_config_hashicorp_secret.yaml deleted file mode 100644 index 72acb871..00000000 --- a/scripts/config/cloud_config_hashicorp_secret.yaml +++ /dev/null @@ -1,53 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: http://1.1.11.11:8200 - secretsEngine: kv2 - secretPath: kv/data/credential - field: password - version: '1' - authBackend: - type: approle - roleId: - type: inline - value: qwer-asd-qweq-qwe - secretId: - type: inline - value: s.VowcfLdzY0qD8DnfDc0w - unwrap: true -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -bigip_ready_enabled: - - name: provision_asm_module - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -post_onboard_enabled: [] -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: https://cdn.f5.com/product/cloudsolutions/f5-azure-arm-templates/examples/modules/autoscale_bigip/do.json - - extensionType: as3 - type: url - value: https://cdn.f5.com/product/cloudsolutions/f5-azure-arm-templates/examples/modules/autoscale_bigip/as3.json diff --git a/scripts/config/cloud_config_install_only.json b/scripts/config/cloud_config_install_only.json deleted file mode 100644 index 47a0c00f..00000000 --- a/scripts/config/cloud_config_install_only.json +++ /dev/null @@ -1,60 +0,0 @@ -{ - "controls": { - "logLevel": "silly", - "logFilename": "/var/log/cloud/bigIpRuntimeInit.log" - }, - "runtime_parameters": [], - "pre_onboard_enabled": [ - { - "name": "provision_rest", - "type": "inline", - "commands": [ - "/usr/bin/setdb provision.extramb 500", - "/usr/bin/setdb restjavad.useextramb true" - ] - } - ], - "bigip_ready_enabled": [ - { - "name": "provision_asm_module", - "type": "inline", - "commands": [ - "tmsh modify sys provision asm level nominal" - ] - }, - { - "name": "save_sys_config", - "type": "inline", - "commands": [ - "tmsh save sys config" - ] - } - ], - "extension_packages": { - "install_operations": [ - { - "extensionType": "do", - "extensionVersion": "1.29.0", - "extensionUrl": "file:///var/config/rest/downloads/f5-declarative-onboarding-1.29.0-8.noarch.rpm", - "extensionHash": "c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f" - }, - { - "extensionType": "as3", - "extensionVersion": "3.36.0", - "extensionUrl": "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.36.0/f5-appsvcs-3.36.0-6.noarch.rpm", - "extensionHash": "f7d88910535b97e024b7208b521c9f1a802d39176dc0f81da0ed166abc1617e0" - }, - { - "extensionType": "fast", - "extensionVersion": "1.17.0", - "extensionUrl": "https://github.com/F5Networks/f5-appsvcs-templates/releases/download/v1.17.0/f5-appsvcs-templates-1.17.0-1.noarch.rpm", - "extensionHash": "94109f1c3e1180080779de91a5a91ff7baf6dfb9b373396d2b785f886c92550a" - }, - { - "extensionType": "ilx", - "extensionUrl": "file:///var/config/rest/downloads/myIlxApp.rpm", - "extensionVerificationEndpoint": "/mgmt/shared/myIlxApp/info" - } - ] - } -} diff --git a/scripts/config/cloud_config_install_only.yaml b/scripts/config/cloud_config_install_only.yaml deleted file mode 100644 index 47a0c00f..00000000 --- a/scripts/config/cloud_config_install_only.yaml +++ /dev/null @@ -1,60 +0,0 @@ -{ - "controls": { - "logLevel": "silly", - "logFilename": "/var/log/cloud/bigIpRuntimeInit.log" - }, - "runtime_parameters": [], - "pre_onboard_enabled": [ - { - "name": "provision_rest", - "type": "inline", - "commands": [ - "/usr/bin/setdb provision.extramb 500", - "/usr/bin/setdb restjavad.useextramb true" - ] - } - ], - "bigip_ready_enabled": [ - { - "name": "provision_asm_module", - "type": "inline", - "commands": [ - "tmsh modify sys provision asm level nominal" - ] - }, - { - "name": "save_sys_config", - "type": "inline", - "commands": [ - "tmsh save sys config" - ] - } - ], - "extension_packages": { - "install_operations": [ - { - "extensionType": "do", - "extensionVersion": "1.29.0", - "extensionUrl": "file:///var/config/rest/downloads/f5-declarative-onboarding-1.29.0-8.noarch.rpm", - "extensionHash": "c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f" - }, - { - "extensionType": "as3", - "extensionVersion": "3.36.0", - "extensionUrl": "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.36.0/f5-appsvcs-3.36.0-6.noarch.rpm", - "extensionHash": "f7d88910535b97e024b7208b521c9f1a802d39176dc0f81da0ed166abc1617e0" - }, - { - "extensionType": "fast", - "extensionVersion": "1.17.0", - "extensionUrl": "https://github.com/F5Networks/f5-appsvcs-templates/releases/download/v1.17.0/f5-appsvcs-templates-1.17.0-1.noarch.rpm", - "extensionHash": "94109f1c3e1180080779de91a5a91ff7baf6dfb9b373396d2b785f886c92550a" - }, - { - "extensionType": "ilx", - "extensionUrl": "file:///var/config/rest/downloads/myIlxApp.rpm", - "extensionVerificationEndpoint": "/mgmt/shared/myIlxApp/info" - } - ] - } -} diff --git a/scripts/config/cloud_config_local.json b/scripts/config/cloud_config_local.json deleted file mode 100644 index bb46331e..00000000 --- a/scripts/config/cloud_config_local.json +++ /dev/null @@ -1,124 +0,0 @@ -{ - "controls": { - "logLevel": "silly", - "logFilename": "/var/log/cloud/bigIpRuntimeInit.log" - }, - "runtime_parameters": [ - { - "name": "AZURE_SERVICE_PRINCIPAL", - "type": "secret", - "secretProvider": { - "environment": "azure", - "type": "KeyVault", - "vaultUrl": "https://my-keyvault.vault.azure.net", - "secretId": "my_azure_admin_secret", - "version": "6e86876be4ce46a49ec578dfda897593" - } - }, - { - "name": "GCP_ROOT_PASSWORD", - "type": "secret", - "secretProvider": { - "environment": "gcp", - "type": "SecretManager", - "secretId": "my-secret-id-02", - "version": "latest" - } - }, - { - "name": "AWS_ADMIN_PASSWORD", - "type": "secret", - "secretProvider": { - "environment": "aws", - "type": "SecretsManager", - "secretId": "my_azure_root_secret", - "version": "AWSCURRENT" - } - }, - { - "name": "HOST_NAME", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "compute", - "field": "name" - } - }, - { - "name": "SELF_IP_INTERNAL", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "network", - "field": "ipv4", - "index": 1 - } - }, - { - "name": "SELF_IP_EXTERNAL", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "network", - "field": "ipv4", - "index": 2 - } - } - ], - "pre_onboard_enabled": [ - { - "name": "provision_rest", - "type": "inline", - "commands": [ - "/usr/bin/setdb provision.extramb 500", - "/usr/bin/setdb restjavad.useextramb true" - ] - } - ], - "bigip_ready_enabled": [ - { - "name": "provision_asm_module", - "type": "inline", - "commands": [ - "tmsh modify sys provision asm level nominal" - ] - }, - { - "name": "save_sys_config", - "type": "inline", - "commands": [ - "tmsh save sys config" - ] - } - ], - "post_onboard_enabled": [], - "extension_packages": { - "install_operations": [ - { - "extensionType": "do", - "extensionVersion": "1.29.0", - "extensionHash": "c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f", - "extensionUrl": "https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.29.0/f5-declarative-onboarding-1.29.0-8.noarch.rpm" - }, - { - "extensionType": "as3", - "extensionVersion": "3.36.0", - "extensionUrl": "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.36.0/f5-appsvcs-3.36.0-6.noarch.rpm" - } - ] - }, - "extension_services": { - "service_operations": [ - { - "extensionType": "do", - "type": "url", - "value": "https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_do.json" - }, - { - "extensionType": "as3", - "type": "url", - "value": "file:///var/tmp/as3_example.json" - } - ] - } -} diff --git a/scripts/config/cloud_config_local.yaml b/scripts/config/cloud_config_local.yaml deleted file mode 100644 index cbb1fbac..00000000 --- a/scripts/config/cloud_config_local.yaml +++ /dev/null @@ -1,77 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: AZURE_SERVICE_PRINCIPAL - type: secret - secretProvider: - environment: azure - type: KeyVault - vaultUrl: https://my-keyvault.vault.azure.net - secretId: my_azure_admin_secret - version: 6e86876be4ce46a49ec578dfda897593 - - name: GCP_ROOT_PASSWORD - type: secret - secretProvider: - environment: gcp - type: SecretManager - secretId: my-secret-id-02 - version: latest - - name: AWS_ADMIN_PASSWORD - type: secret - secretProvider: - environment: aws - type: SecretsManager - secretId: my_azure_root_secret - version: AWSCURRENT - - name: HOST_NAME - type: metadata - metadataProvider: - environment: azure - type: compute - field: name - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 1 - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 2 -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -bigip_ready_enabled: - - name: provision_asm_module - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -post_onboard_enabled: [] -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - extensionHash: c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f - - extensionType: as3 - extensionVersion: 3.36.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_do.json - - extensionType: as3 - type: url - value: file:///var/tmp/as3_example.json diff --git a/scripts/config/cloud_config_local_w_as3.json b/scripts/config/cloud_config_local_w_as3.json deleted file mode 100644 index 54454ebe..00000000 --- a/scripts/config/cloud_config_local_w_as3.json +++ /dev/null @@ -1,163 +0,0 @@ -{ - "controls": { - "logLevel": "silly", - "logFilename": "/var/log/cloud/bigIpRuntimeInit.log" - }, - "runtime_parameters": [ - { - "name": "AZURE_SERVICE_PRINCIPAL", - "type": "secret", - "secretProvider": { - "environment": "azure", - "type": "KeyVault", - "vaultUrl": "https://my-keyvault.vault.azure.net", - "secretId": "my_azure_admin_secret", - "version": "6e86876be4ce46a49ec578dfda897593" - } - }, - { - "name": "GCP_ROOT_PASSWORD", - "type": "secret", - "secretProvider": { - "environment": "gcp", - "type": "SecretManager", - "secretId": "my-secret-id-02", - "version": "latest" - } - }, - { - "name": "AWS_ADMIN_PASSWORD", - "type": "secret", - "secretProvider": { - "environment": "aws", - "type": "SecretsManager", - "secretId": "my_azure_root_secret", - "version": "AWSCURRENT" - } - }, - { - "name": "HOST_NAME", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "compute", - "field": "name" - } - }, - { - "name": "SELF_IP_INTERNAL", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "network", - "field": "ipv4", - "index": 1 - } - }, - { - "name": "SELF_IP_EXTERNAL", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "network", - "field": "ipv4", - "index": 2 - } - } - ], - "pre_onboard_enabled": [ - { - "name": "provision_rest", - "type": "inline", - "commands": [ - "/usr/bin/setdb provision.extramb 500", - "/usr/bin/setdb restjavad.useextramb true" - ] - } - ], - "bigip_ready_enabled": [ - { - "name": "provision_asm_module", - "type": "inline", - "commands": [ - "tmsh modify sys provision asm level nominal" - ] - }, - { - "name": "save_sys_config", - "type": "inline", - "commands": [ - "tmsh save sys config" - ] - } - ], - "post_onboard_enabled": [], - "extension_packages": { - "install_operations": [ - { - "extensionType": "do", - "extensionVersion": "1.29.0", - "extensionHash": "c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f", - "extensionUrl": "https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.29.0/f5-declarative-onboarding-1.29.0-8.noarch.rpm" - }, - { - "extensionType": "as3", - "extensionVersion": "3.36.0", - "extensionUrl": "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.36.0/f5-appsvcs-3.36.0-6.noarch.rpm" - } - ] - }, - "extension_services": { - "service_operations": [ - { - "extensionType": "do", - "type": "url", - "value": "https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_do.json" - }, - { - "extensionType": "as3", - "type": "inline", - "value": { - "class": "AS3", - "action": "deploy", - "persist": true, - "declaration": { - "class": "ADC", - "schemaVersion": "3.0.0", - "label": "Sample 1", - "remark": "Simple HTTP Service with Round-Robin Load Balancing", - "Sample_01": { - "class": "Tenant", - "A1": { - "class": "Application", - "template": "http", - "serviceMain": { - "class": "Service_HTTP", - "virtualAddresses": [ - "10.0.1.10" - ], - "pool": "web_pool" - }, - "web_pool": { - "class": "Pool", - "monitors": [ - "http" - ], - "members": [ - { - "servicePort": 80, - "serverAddresses": [ - "192.0.1.10", - "192.0.1.11" - ] - } - ] - } - } - } - } - } - } - ] - } -} diff --git a/scripts/config/cloud_config_local_w_as3.yaml b/scripts/config/cloud_config_local_w_as3.yaml deleted file mode 100644 index 59c4d5b5..00000000 --- a/scripts/config/cloud_config_local_w_as3.yaml +++ /dev/null @@ -1,108 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: AZURE_SERVICE_PRINCIPAL - type: secret - secretProvider: - environment: azure - type: KeyVault - vaultUrl: https://my-keyvault.vault.azure.net - secretId: my_azure_admin_secret - version: 6e86876be4ce46a49ec578dfda897593 - - name: GCP_ROOT_PASSWORD - type: secret - secretProvider: - environment: gcp - type: SecretManager - secretId: my-secret-id-02 - version: latest - - name: AWS_ADMIN_PASSWORD - type: secret - secretProvider: - environment: aws - type: SecretsManager - secretId: my_azure_root_secret - version: AWSCURRENT - - name: HOST_NAME - type: metadata - metadataProvider: - environment: azure - type: compute - field: name - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 1 - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 2 -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true - - name: provision_modules - type: inline - commands: - - echo 'sys provision asm { level nominal }' >> bigip_base.conf -bigip_ready_enabled: - - name: provision_asm_module - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -post_onboard_enabled: [] -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - extensionHash: c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f - - extensionType: as3 - extensionVersion: 3.36.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_do.json - - extensionType: as3 - type: inline - value: - class: AS3 - action: deploy - persist: true - declaration: - class: ADC - schemaVersion: 3.0.0 - label: Sample 1 - remark: Simple HTTP Service with Round-Robin Load Balancing - Sample_01: - class: Tenant - A1: - class: Application - template: http - serviceMain: - class: Service_HTTP - virtualAddresses: - - 10.0.1.10 - pool: web_pool - web_pool: - class: Pool - monitors: - - http - members: - - servicePort: 80 - serverAddresses: - - 192.0.1.10 - - 192.0.1.11 diff --git a/scripts/config/cloud_config_local_w_as3_w_runtime_param.yaml b/scripts/config/cloud_config_local_w_as3_w_runtime_param.yaml deleted file mode 100644 index cfc7e370..00000000 --- a/scripts/config/cloud_config_local_w_as3_w_runtime_param.yaml +++ /dev/null @@ -1,107 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: AZURE_SERVICE_PRINCIPAL - type: secret - secretProvider: - environment: azure - type: KeyVault - vaultUrl: https://my-keyvault.vault.azure.net - secretId: my_azure_admin_secret - version: 6e86876be4ce46a49ec578dfda897593 - - name: LABEL_NAME - type: static - value: Sample 1 - - name: GCP_ROOT_PASSWORD - type: secret - secretProvider: - environment: gcp - type: SecretManager - secretId: my-secret-id-02 - version: latest - - name: AWS_ADMIN_PASSWORD - type: secret - secretProvider: - environment: aws - type: SecretsManager - secretId: my_azure_root_secret - version: AWSCURRENT - - name: HOST_NAME - type: metadata - metadataProvider: - environment: azure - type: compute - field: name - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 1 - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 2 -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -bigip_ready_enabled: - - name: provision_asm_module - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -post_onboard_enabled: [] -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - extensionHash: c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f - - extensionType: as3 - extensionVersion: 3.36.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_do.json - - extensionType: as3 - type: inline - value: - class: AS3 - action: deploy - persist: true - declaration: - class: ADC - schemaVersion: 3.0.0 - label: "{{{ LABEL_NAME }}}" - remark: Simple HTTP Service with Round-Robin Load Balancing - Sample_01: - class: Tenant - A1: - class: Application - template: http - serviceMain: - class: Service_HTTP - virtualAddresses: - - 10.0.1.10 - pool: web_pool - web_pool: - class: Pool - monitors: - - http - members: - - servicePort: 80 - serverAddresses: - - 192.0.1.10 - - 192.0.1.11 diff --git a/scripts/config/cloud_config_local_w_do.yaml b/scripts/config/cloud_config_local_w_do.yaml deleted file mode 100644 index 721a4bc7..00000000 --- a/scripts/config/cloud_config_local_w_do.yaml +++ /dev/null @@ -1,93 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: HOST_NAME - type: metadata - metadataProvider: - environment: azure - type: compute - field: name - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 2 - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 1 -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -bigip_ready_enabled: - - name: provision_asm_module - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: my BIG-IP declaration for declarative onboarding - Common: - class: Tenant - hostname: "{{{ HOST_NAME }}}.local" - internal: - class: VLAN - tag: 4093 - mtu: 1500 - interfaces: - - name: '1.2' - tagged: true - internal-self: - class: SelfIp - address: "{{{ SELF_IP_INTERNAL }}}" - vlan: internal - allowService: default - trafficGroup: traffic-group-local-only - external: - class: VLAN - tag: 4094 - mtu: 1500 - interfaces: - - name: '1.1' - tagged: true - external-self: - class: SelfIp - address: "{{{ SELF_IP_EXTERNAL }}}" - vlan: external - allowService: none - trafficGroup: traffic-group-local-only - provision: - class: Provision - ltm: nominal - gtm: minimum -post_hook: - - name: example_webhook - type: webhook - url: https://postman-echo.com/post - verifyTls: true - properties: - optionalKey1: optional_value1 - optionalKey2: optional_value2 diff --git a/scripts/config/cloud_config_secret.yaml b/scripts/config/cloud_config_secret.yaml deleted file mode 100644 index 5b4aae71..00000000 --- a/scripts/config/cloud_config_secret.yaml +++ /dev/null @@ -1,41 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: AZURE_SERVICE_PRINCIPAL - type: secret - secretProvider: - type: KeyVault - environment: azure - vault: my-keyvault.vault.azure.net - secretName: my_azure_secret -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -bigip_ready_enabled: - - name: provision_asm_module - type: inline - commands: - - tmsh modify sys provision asm level nominal - - name: save_sys_config - type: inline - commands: - - tmsh save sys config -post_onboard_enabled: [] -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: https://cdn.f5.com/product/cloudsolutions/f5-azure-arm-templates/examples/modules/autoscale_bigip/do.json - - extensionType: as3 - type: url - value: https://cdn.f5.com/product/cloudsolutions/f5-azure-arm-templates/examples/modules/autoscale_bigip/as3.json diff --git a/scripts/config/complete_examples.yaml b/scripts/config/complete_examples.yaml deleted file mode 100644 index fd76d18f..00000000 --- a/scripts/config/complete_examples.yaml +++ /dev/null @@ -1,39 +0,0 @@ -example_1: - description: Verifies and installs Automation Toolchain components (DO, AS3, FAST) on a local BIG-IP and then configures AS3 from a local declaration file. - runtime_config: -example_2: - description: Verifies and installs DO and myIlxApp RPMs from local directories and configures DO from a local declaration file. Install operations with an extensionUrl value that points to a local file stored on BIG-IP system. - runtime_config: -example_3: - description: Installs DO, AS3, and FAST on a local BIG-IP and renders the Azure service principal secret into an AS3 declaration downloaded from a URL. - runtime_config: -example_4: - description: Renders secret referenced within DO declaration to configure the admin password on a BIG-IP device in AWS. - runtime_config: -example_5: - description: Renders secret referenced within DO declaration to configure the admin password on a BIG-IP device in GCP. - runtime_config: -example_6: - description: Replaces variables used within DO and AS3 declarations with properties from instance metadata to configure hostname, self IP addresses and pool members on BIG-IP device. - runtime_config: -example_7: - description: Installs AS3, DO, and FAST and uses an inline AS3 declaration to setup the BIG-IP. - runtime_config: -example_8: - description: Using runtime parameters with inline Automation Toolchain declarations. - runtime_config: -example_9: - description: Using custom pre-onboard and post-onboard commands. - runtime_config: -example_10: - description: Sending a customized webhook on completion. - runtime_config: -example_11: - description: 'Overrides default certificate validation/verification using the verifyTls parameter. The following attributes support verifyTls: pre_onboard_enabled, post_onboard_enabled, extension_packages.install_operations, extension_services.service_operations, and post_hook.' - runtime_config: -example_12: - description: Licenses BIG-IP device using BIG-IQ utility offering and authenticating with credentials stored in Azure KeyVault. - runtime_config: -example_13: - description: Renders the admin password using Hashicorp Vault approle authentication. - runtime_config: diff --git a/scripts/config/controls.yaml b/scripts/config/controls.yaml deleted file mode 100644 index 948d10f5..00000000 --- a/scripts/config/controls.yaml +++ /dev/null @@ -1,5 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit-test.log - logToJson: true - extensionInstallDelayInMs: 60000 diff --git a/scripts/config/example_1.yaml b/scripts/config/example_1.yaml deleted file mode 100644 index fcd6658f..00000000 --- a/scripts/config/example_1.yaml +++ /dev/null @@ -1,32 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -bigip_ready_enabled: - - name: set_message_size - type: inline - commands: - - '/usr/bin/curl -s -f -u admin: -H "Content-Type: application/json" -d ''{"maxMessageBodySize":134217728}'' - -X POST http://localhost:8100/mgmt/shared/server/messaging/settings/8100 | - jq .' -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - extensionHash: c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f - - extensionType: as3 - extensionVersion: 3.36.0 - extensionHash: f7d88910535b97e024b7208b521c9f1a802d39176dc0f81da0ed166abc1617e0 - - extensionType: fast - extensionVersion: 1.17.0 - extensionHash: 94109f1c3e1180080779de91a5a91ff7baf6dfb9b373396d2b785f886c92550a -extension_services: - service_operations: - - extensionType: as3 - type: url - value: file:///examples/automation_toolchain_declarations/as3.json diff --git a/scripts/config/example_10.yaml b/scripts/config/example_10.yaml deleted file mode 100644 index 1d774c5b..00000000 --- a/scripts/config/example_10.yaml +++ /dev/null @@ -1,25 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -post_hook: - - name: example_webhook - type: webhook - url: https://webhook.site - verifyTls: true - properties: - optionalKey1: optional_value1 - optionalKey2: optional_value2 diff --git a/scripts/config/example_11.yaml b/scripts/config/example_11.yaml deleted file mode 100644 index 4c643efb..00000000 --- a/scripts/config/example_11.yaml +++ /dev/null @@ -1,19 +0,0 @@ -controls: {logLevel: "silly", logFilename: "/var/log/cloud/bigIpRuntimeInit.log"} -extension_packages: {install_operations: [{extensionType: "do", extensionVersion: "1.29.0", - extensionHash: "c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f"}, - {extensionType: "as3", extensionUrl: "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.36.0/f5-appsvcs-3.36.0-6.noarch.rpm", - extensionVersion: "3.36.0", verifyTls: false}, {extensionType: "ilx", extensionUrl: "file:///var/config/rest/downloads/myIlxApp.rpm", - extensionVersion: "1.0.0", extensionVerificationEndpoint: "/mgmt/shared/myIlxApp/info"}]} -extension_services: {service_operations: [{extensionType: "do", type: "url", value: "https://cdn.f5.com/product/cloudsolutions/declarations/autoscale-waf/autoscale_do_payg.json", - verifyTls: false}, {extensionType: "as3", type: "url", value: "https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_as3.json"}]} -post_hook: [{name: "example_webhook", type: "webhook", url: "https://postman-echo.com/post", - verifyTls: false, properties: {optionalKey1: "optional_value1", optionalKey2: "optional_value2"}}] -post_onboard_enabled: [{name: "example_inline_command", type: "inline", commands: [ - "touch /tmp/post_onboard_script.sh", "chmod 777 /tmp/post_onboard_script.sh", - "echo \"touch /tmp/created_by_autogenerated_post_local\" > /tmp/post_onboard_script.sh"]}, - {name: "example_local_exec", type: "file", commands: ["/tmp/post_onboard_script.sh"]}, - {name: "example_remote_exec", type: "url", verifyTls: false, commands: ["https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh"]}, - {name: "example_remote_exec", type: "url", commands: ["https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh"]}] -pre_onboard_enabled: [{name: "example_remote_exec", type: "url", commands: ["https://ak-metadata-package-poc.s3.amazonaws.com/remote_pre_onboard.sh"]}, - {name: "provision_rest", type: "inline", commands: ["/usr/bin/setdb provision.extramb\ - \ 500", "/usr/bin/setdb restjavad.useextramb true"]}] diff --git a/scripts/config/example_12.yaml b/scripts/config/example_12.yaml deleted file mode 100644 index 240fdd49..00000000 --- a/scripts/config/example_12.yaml +++ /dev/null @@ -1,36 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: HOST_NAME - type: metadata - metadataProvider: - environment: azure - type: compute - field: name - - name: BIGIQ_ADMIN_PASS - type: secret - secretProvider: - type: KeyVault - environment: azure - vaultUrl: https://my-keyvault.vault.azure.net - secretId: my_azure_secret -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: file:///examples/automation_toolchain_declarations/example_7_do.json diff --git a/scripts/config/example_13.yaml b/scripts/config/example_13.yaml deleted file mode 100644 index 3df430b0..00000000 --- a/scripts/config/example_13.yaml +++ /dev/null @@ -1,84 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: http://127.0.0.1:8200 - secretsEngine: kv2 - secretId: secret/foo - field: password - version: 1 - authBackend: - type: approle - roleId: - type: url - value: file:///path/to/role-id - secretId: - type: inline - value: secret-id - unwrap: true - - name: SECOND_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: http://127.0.0.1:8200 - secretsEngine: kv2 - secretId: secret/bar - field: data - version: 1 - authBackend: - type: approle - roleId: - type: url - value: file:///path/to/role-id - secretId: - type: inline - value: secret-id -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: my BIG-IP declaration for declarative onboarding - Common: - class: Tenant - hostname: '{{ HOST_NAME }}.local' - admin: - class: User - userType: regular - password: '{{ ADMIN_PASS }}' - shell: bash - admin2: - class: User - userType: regular - password: '{{ SECOND_PASS.admin2_password }}' - shell: bash - partitionAccess: - all-partitions: - role: admin - dbvars: - class: DbVariables - provision.extramb: 500 - restjavad.useextramb: true diff --git a/scripts/config/example_2.yaml b/scripts/config/example_2.yaml deleted file mode 100644 index 4f67e9d4..00000000 --- a/scripts/config/example_2.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{ - "controls": { - "logLevel": "silly", - "logFilename": "/var/log/cloud/bigIpRuntimeInit.log" - }, - "pre_onboard_enabled": [ - { - "name": "provision_rest", - "type": "inline", - "commands": [ - "/usr/bin/setdb provision.extramb 500", - "/usr/bin/setdb restjavad.useextramb true" - ] - } - ], - "extension_packages": { - "install_operations": [ - { - "extensionType": "do", - "extensionUrl": "file:///var/config/rest/downloads/f5-declarative-onboarding-1.29.0-8.noarch.rpm", - "extensionHash": "c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f", - "extensionVersion": "1.29.0" - }, - { - "extensionType": "ilx", - "extensionUrl": "file:///var/config/rest/downloads/myIlxApp.rpm", - "extensionVersion": "1.0.0", - "extensionVerificationEndpoint": "/mgmt/shared/myIlxApp/info", - "extensionHash": "de615341b91beaed59195dceefc122932580d517600afce1ba8d3770dfe42d28" - } - ] - }, - "extension_services": { - "service_operations": [ - { - "extensionType": "do", - "type": "url", - "value": "file:///var/config/rest/downloads/do.json" - } - ] - } -} diff --git a/scripts/config/example_3.yaml b/scripts/config/example_3.yaml deleted file mode 100644 index 1e4ef407..00000000 --- a/scripts/config/example_3.yaml +++ /dev/null @@ -1,33 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: AZURE_SERVICE_PRINCIPAL - type: secret - secretProvider: - type: KeyVault - environment: azure - vaultUrl: https://my-keyvault.vault.azure.net - secretId: my_azure_secret -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_do.json - - extensionType: as3 - type: url - value: file:///examples/automation_toolchain_declarations/example_3_as3.json diff --git a/scripts/config/example_4.yaml b/scripts/config/example_4.yaml deleted file mode 100644 index 228de4ad..00000000 --- a/scripts/config/example_4.yaml +++ /dev/null @@ -1,37 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: SecretManager - environment: aws - version: AWSCURRENT - secretId: test-document-01 - - name: ROOT_PASS - type: secret - secretProvider: - type: SecretManager - environment: aws - version: AWSCURRENT - secretId: test-document-02 -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: file:///examples/automation_toolchain_declarations/example_4_do.json diff --git a/scripts/config/example_5.yaml b/scripts/config/example_5.yaml deleted file mode 100644 index 52a2ace7..00000000 --- a/scripts/config/example_5.yaml +++ /dev/null @@ -1,37 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: SecretsManager - environment: gcp - version: latest - secretId: my-secret-id-01 - - name: ROOT_PASS - type: secret - secretProvider: - type: SecretsManager - environment: gcp - version: latest - secretId: my-secret-id-02 -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: file:///examples/automation_toolchain_declarations/example_5_do.json diff --git a/scripts/config/example_6.yaml b/scripts/config/example_6.yaml deleted file mode 100644 index a32d8a3a..00000000 --- a/scripts/config/example_6.yaml +++ /dev/null @@ -1,62 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: HOST_NAME - type: metadata - metadataProvider: - environment: aws - type: compute - field: hostname - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 1 - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 2 - - name: DEFAULT_ROUTE - type: metadata - metadataProvider: - environment: aws - type: network - field: subnet-ipv4-cidr-block - index: 1 - - name: REGION - type: url - value: http://169.254.169.254/latest/dynamic/instance-identity/document - query: region - headers: - - name: Content-type - value: json - - name: User-Agent - value: bigip-ve -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -extension_services: - service_operations: - - extensionType: do - type: url - value: file:///examples/automation_toolchain_declarations/example_6_do.json - - extensionType: as3 - type: url - value: file:///examples/automation_toolchain_declarations/example_7_as3.json diff --git a/scripts/config/example_7.yaml b/scripts/config/example_7.yaml deleted file mode 100644 index a9877037..00000000 --- a/scripts/config/example_7.yaml +++ /dev/null @@ -1,50 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -extension_services: - service_operations: - - extensionType: as3 - type: inline - value: - class: AS3 - action: deploy - persist: true - declaration: - class: ADC - schemaVersion: 3.0.0 - id: urn:uuid:33045210-3ab8-4636-9b2a-c98d22ab915d - label: Sample 1 - remark: Simple HTTP Service with Round-Robin Load Balancing - Sample_01: - class: Tenant - A1: - class: Application - template: http - serviceMain: - class: Service_HTTP - virtualAddresses: - - 10.0.1.10 - pool: web_pool - web_pool: - class: Pool - monitors: - - http - members: - - servicePort: 80 - serverAddresses: - - 192.0.1.10 - - 192.0.1.11 diff --git a/scripts/config/example_8.yaml b/scripts/config/example_8.yaml deleted file mode 100644 index e356f1b4..00000000 --- a/scripts/config/example_8.yaml +++ /dev/null @@ -1,83 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: SCHEMA_VERSION - type: static - value: 3.0.0 - - name: HOST_NAME - type: static - value: bigip1.example.com -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: "{{{ SCHEMA_VERSION }}}" - class: Device - async: true - label: my BIG-IP declaration for declarative onboarding - Common: - class: Tenant - hostname: "{{{ HOST_NAME }}}" - myDns: - class: DNS - nameServers: - - 8.8.8.8 - myNtp: - class: NTP - servers: - - 0.pool.ntp.org - timezone: UTC - myProvisioning: - class: Provision - ltm: nominal - asm: nominal - dbvars: - class: DbVariables - provision.extramb: 500 - restjavad.useextramb: true - - extensionType: as3 - type: inline - value: - class: AS3 - action: deploy - persist: true - declaration: - class: ADC - schemaVersion: "{{{ SCHEMA_VERSION }}}" - label: Sample 1 - remark: Simple HTTP Service with Round-Robin Load Balancing - Sample_01: - class: Tenant - A1: - class: Application - template: http - serviceMain: - class: Service_HTTP - virtualAddresses: - - 10.0.1.10 - pool: web_pool - web_pool: - class: Pool - monitors: - - http - members: - - servicePort: 80 - serverAddresses: - - 192.0.1.10 - - 192.0.1.11 diff --git a/scripts/config/example_9.yaml b/scripts/config/example_9.yaml deleted file mode 100644 index 2bd6f7c7..00000000 --- a/scripts/config/example_9.yaml +++ /dev/null @@ -1,46 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -pre_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/pre_onboard_script.sh - - chmod 777 /tmp/pre_onboard_script.sh - - echo "touch /tmp/create_by_autogenerated_pre_local" > /tmp/pre_onboard_script.sh - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true - - name: example_local_exec - type: file - commands: - - /tmp/pre_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://the-delivery-location.com/remote_pre_onboard.sh -post_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/post_onboard_script.sh - - chmod 777 /tmp/post_onboard_script.sh - - echo "touch /tmp/create_by_autogenerated_post_local" > /tmp/post_onboard_script.sh - - name: example_local_exec - type: file - commands: - - /tmp/post_onboard_script.sh - - name: example_remote_exec - type: url - commands: - - https://the-delivery-location.com/remote_post_onboard.sh -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 diff --git a/scripts/config/extension_packages.yaml b/scripts/config/extension_packages.yaml deleted file mode 100644 index fe911b48..00000000 --- a/scripts/config/extension_packages.yaml +++ /dev/null @@ -1,5 +0,0 @@ -default: -versioned: -hashed: -url: -ilx: diff --git a/scripts/config/extension_services.yaml b/scripts/config/extension_services.yaml deleted file mode 100644 index 9164b619..00000000 --- a/scripts/config/extension_services.yaml +++ /dev/null @@ -1,3 +0,0 @@ -url: -file: -inline: \ No newline at end of file diff --git a/scripts/config/post_hook.yaml b/scripts/config/post_hook.yaml deleted file mode 100644 index a79bcfb9..00000000 --- a/scripts/config/post_hook.yaml +++ /dev/null @@ -1,15 +0,0 @@ -webhook: - description: Sends webhook payload to specified URL - post_hook: - - name: example_webhook - type: webhook - url: https://webhook.site -custom_properties: - description: Sends webhook payload with user-specified custom properties - post_hook: - - name: example_webhook - type: webhook - url: https://webhook.site - properties: - optionalKey1: optional_value1 - optionalKey2: optional_value2 \ No newline at end of file diff --git a/scripts/config/post_onboard_enabled.yaml b/scripts/config/post_onboard_enabled.yaml deleted file mode 100644 index 521781f9..00000000 --- a/scripts/config/post_onboard_enabled.yaml +++ /dev/null @@ -1,23 +0,0 @@ -inline: - description: Runs commands specified inline - post_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/post_onboard_script.sh - - chmod 777 /tmp/post_onboard_script.sh - - echo "touch /tmp/create_by_autogenerated_post_local" > /tmp/post_onboard_script.sh -local_exec: - description: Runs commands from a local file - post_onboard_enabled: - - name: example_local_exec - type: file - commands: - - /tmp/post_onboard_script.sh -remote_exec: - description: Runs commands from a URL - post_onboard_enabled: - - name: example_remote_exec - type: url - commands: - - https://the-delivery-location.com/remote_post_onboard.sh \ No newline at end of file diff --git a/scripts/config/pre_onboard_enabled.yaml b/scripts/config/pre_onboard_enabled.yaml deleted file mode 100644 index 2b04b9e1..00000000 --- a/scripts/config/pre_onboard_enabled.yaml +++ /dev/null @@ -1,25 +0,0 @@ -inline: - description: Runs commands specified inline. For improved performance, F5 recommends including pre_onboard commands to increase provisioning of the REST framework, and to pre-provision the ASM module when deploying WAF. - pre_onboard_enabled: - - name: example_inline_command - type: inline - commands: - - touch /tmp/pre_onboard_script.sh - - chmod 777 /tmp/pre_onboard_script.sh - - echo "touch /tmp/create_by_autogenerated_pre_local" > /tmp/pre_onboard_script.sh - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -local_exec: - description: Runs commands from a local file - pre_onboard_enabled: - - name: example_local_exec - type: file - commands: - - /tmp/pre_onboard_script.sh -remote_exec: - description: Runs commands from a URL - pre_onboard_enabled: - - name: example_remote_exec - type: url - commands: - - https://the-delivery-location.com/remote_pre_onboard.sh \ No newline at end of file diff --git a/scripts/config/readme_snippet_01.yaml b/scripts/config/readme_snippet_01.yaml deleted file mode 100644 index 421a1d40..00000000 --- a/scripts/config/readme_snippet_01.yaml +++ /dev/null @@ -1,161 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -pre_onboard_enabled: [] -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - environment: azure - type: KeyVault - vaultUrl: 'https://${bigip_vault_name}.vault.azure.net' - secretId: ${secret_id} - - name: HOST_NAME - type: metadata - metadataProvider: - environment: azure - type: compute - field: name - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 1 - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 2 - - name: DEFAULT_GW - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 1 - ipcalc: first - - name: MGMT_GW - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 0 - ipcalc: first -bigip_ready_enabled: [] -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - extensionHash: c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f - - extensionType: as3 - extensionVersion: 3.36.0 - extensionHash: f7d88910535b97e024b7208b521c9f1a802d39176dc0f81da0ed166abc1617e0 - - extensionType: ts - extensionVersion: 1.28.0 - extensionHash: c3dc9cd67ef89815c58da4a148080744ef7b4337e53d67f00a46c8b591fb8187 - - extensionType: fast - extensionVersion: 1.17.0 - extensionHash: 94109f1c3e1180080779de91a5a91ff7baf6dfb9b373396d2b785f886c92550a -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: Example 3NIC BIG-IP with Runtime-Init - Common: - class: Tenant - My_DbVariables: - class: DbVariables - provision.extramb: 1000 - restjavad.useextramb: true - ui.advisory.enabled: true - ui.advisory.color: blue - ui.advisory.text: BIG-IP VE Runtime Init Example - config.allow.rfc3927: enable - dhclient.mgmt: disable - My_System: - class: System - hostname: '{{{ HOST_NAME }}}.local' - cliInactivityTimeout: 1200 - consoleInactivityTimeout: 1200 - autoPhonehome: true - My_Dns: - class: DNS - nameServers: - - 168.63.129.16 - My_Ntp: - class: NTP - servers: - - 0.pool.ntp.org - timezone: UTC - My_Provisioning: - class: Provision - ltm: nominal - admin: - class: User - userType: regular - partitionAccess: - all-partitions: - role: admin - password: '{{{ ADMIN_PASS }}}' - shell: bash - ${admin_username}: - class: User - userType: regular - partitionAccess: - all-partitions: - role: admin - password: '{{{ ADMIN_PASS }}}' - shell: bash - external: - class: VLAN - tag: 4094 - mtu: 1500 - interfaces: - - name: '1.1' - tagged: false - internal: - class: VLAN - tag: 4093 - mtu: 1500 - interfaces: - - name: '1.2' - tagged: false - default: - class: ManagementRoute - gw: '{{{ MGMT_GW }}}' - network: default - dhclient_route1: - class: ManagementRoute - gw: '{{{ MGMT_GW }}}' - network: 168.63.129.16/32 - azureMetadata: - class: ManagementRoute - gw: '{{{ MGMT_GW }}}' - network: 169.254.169.254/32 - external-self: - class: SelfIp - address: '{{{ SELF_IP_EXTERNAL }}}' - vlan: external - allowService: default - trafficGroup: traffic-group-local-only - internal-self: - class: SelfIp - address: '{{{ SELF_IP_INTERNAL }}}' - vlan: internal - allowService: default - trafficGroup: traffic-group-local-only - defaultRoute: - class: Route - gw: '{{{ DEFAULT_GW }}}' - network: default - mtu: 1500 -post_onboard_enabled: [] diff --git a/scripts/config/readme_snippet_02.yaml b/scripts/config/readme_snippet_02.yaml deleted file mode 100644 index d144b631..00000000 --- a/scripts/config/readme_snippet_02.yaml +++ /dev/null @@ -1,133 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -pre_onboard_enabled: [] -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - environment: aws - type: SecretsManager - version: AWSCURRENT - field: password - secretId: ${secret_id} - - name: HOST_NAME - type: metadata - metadataProvider: - environment: aws - type: uri - value: /latest/meta-data/hostname - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 1 - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 2 - - name: DEFAULT_GW - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 1 - ipcalc: first -bigip_ready_enabled: [] -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - extensionHash: c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f - - extensionType: as3 - extensionVersion: 3.36.0 - extensionHash: f7d88910535b97e024b7208b521c9f1a802d39176dc0f81da0ed166abc1617e0 - - extensionType: ts - extensionVersion: 1.28.0 - extensionHash: c3dc9cd67ef89815c58da4a148080744ef7b4337e53d67f00a46c8b591fb8187 - - extensionType: fast - extensionVersion: 1.17.0 - extensionHash: 94109f1c3e1180080779de91a5a91ff7baf6dfb9b373396d2b785f886c92550a -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: Example 3NIC BIG-IP with Runtime-Init - Common: - class: Tenant - My_DbVariables: - class: DbVariables - provision.extramb: 1000 - restjavad.useextramb: true - ui.advisory.enabled: true - ui.advisory.color: blue - ui.advisory.text: BIG-IP VE Runtime Init Example - My_System: - class: System - hostname: '{{{ HOST_NAME }}}' - cliInactivityTimeout: 1200 - consoleInactivityTimeout: 1200 - autoPhonehome: true - My_Dns: - class: DNS - nameServers: - - 169.254.169.253 - My_Ntp: - class: NTP - servers: - - 169.254.169.253 - timezone: UTC - My_Provisioning: - class: Provision - ltm: nominal - gtm: nominal - admin: - class: User - userType: regular - partitionAccess: - all-partitions: - role: admin - password: '{{{ ADMIN_PASS }}}' - shell: bash - external: - class: VLAN - tag: 4094 - mtu: 1500 - interfaces: - - name: '1.1' - tagged: false - internal: - class: VLAN - tag: 4093 - mtu: 1500 - interfaces: - - name: '1.2' - tagged: false - external-self: - class: SelfIp - address: '{{{ SELF_IP_EXTERNAL }}}' - vlan: external - allowService: default - trafficGroup: traffic-group-local-only - internal-self: - class: SelfIp - address: '{{{ SELF_IP_INTERNAL }}}' - vlan: internal - allowService: default - trafficGroup: traffic-group-local-only - default: - class: Route - gw: '{{{ DEFAULT_GW }}}' - mtu: 1500 - network: default -post_onboard_enabled: [] diff --git a/scripts/config/readme_snippet_03.yaml b/scripts/config/readme_snippet_03.yaml deleted file mode 100644 index d0c97fd7..00000000 --- a/scripts/config/readme_snippet_03.yaml +++ /dev/null @@ -1,239 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -pre_onboard_enabled: [] -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - environment: gcp - type: SecretsManager - version: latest - secretId: ${secret_id} - - name: HOST_NAME - type: url - value: http://169.254.169.254/computeMetadata/v1/instance/hostname - headers: - - name: Metadata-Flavor - value: Google - - name: MGMT_IP - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 1 - ipcalc: address - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - ipcalc: address - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 2 - ipcalc: address - - name: MGMT_GW - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 1 - ipcalc: first - - name: EXTERNAL_GW - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - ipcalc: first - - name: INTERNAL_GW - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 2 - ipcalc: first - - name: MGMT_BITMASK - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 1 - ipcalc: bitmask - - name: EXTERNAL_BITMASK - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - ipcalc: bitmask - - name: INTERNAL_BITMASK - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 2 - ipcalc: bitmask - - name: MGMT_NETWORK - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 1 - ipcalc: base - - name: EXTERNAL_NETWORK - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 0 - ipcalc: base - - name: INTERNAL_NETWORK - type: metadata - metadataProvider: - environment: gcp - type: network - field: ip - index: 2 - ipcalc: base -bigip_ready_enabled: [] -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - extensionHash: c0bd44f0d63e6bc25a5066d74c20cb6c86d3faad2c4eaa0cd04a47eb30ca104f - - extensionType: as3 - extensionVersion: 3.36.0 - extensionHash: f7d88910535b97e024b7208b521c9f1a802d39176dc0f81da0ed166abc1617e0 - - extensionType: ts - extensionVersion: 1.28.0 - extensionHash: c3dc9cd67ef89815c58da4a148080744ef7b4337e53d67f00a46c8b591fb8187 - - extensionType: fast - extensionVersion: 1.17.0 - extensionHash: 94109f1c3e1180080779de91a5a91ff7baf6dfb9b373396d2b785f886c92550a -extension_services: - service_operations: - - extensionType: do - type: inline - value: - schemaVersion: 1.0.0 - class: Device - async: true - label: Example 3NIC BIG-IP with Runtime-Init - Common: - class: Tenant - My_DbVariables: - class: DbVariables - provision.extramb: 1000 - restjavad.useextramb: true - ui.advisory.enabled: true - ui.advisory.color: blue - ui.advisory.text: BIG-IP VE Runtime Init Example - My_System: - class: System - hostname: '{{{ HOST_NAME }}}' - cliInactivityTimeout: 1200 - consoleInactivityTimeout: 1200 - autoPhonehome: true - My_Dns: - class: DNS - nameServers: - - 169.254.169.254 - My_Ntp: - class: NTP - servers: - - 0.pool.ntp.org - timezone: UTC - My_Provisioning: - class: Provision - ltm: nominal - admin: - class: User - userType: regular - partitionAccess: - all-partitions: - role: admin - password: '{{{ ADMIN_PASS }}}' - shell: bash - dhclient_route1: - class: ManagementRoute - network: '{{{MGMT_IP}}}/32' - type: interface - dhclient_route2: - class: ManagementRoute - network: '{{{MGMT_NETWORK}}}/{{{MGMT_BITMASK}}}' - gw: '{{{MGMT_IP}}}' - default: - class: ManagementRoute - mtu: 1460 - network: default - gw: '{{{MGMT_GW}}}' - external: - class: VLAN - tag: 4094 - mtu: 1500 - interfaces: - - name: '1.0' - tagged: false - internal: - class: VLAN - tag: 4093 - mtu: 1500 - interfaces: - - name: '1.2' - tagged: false - external-self: - class: SelfIp - address: '{{{ SELF_IP_EXTERNAL }}}/32' - vlan: external - allowService: none - trafficGroup: traffic-group-local-only - internal-self: - class: SelfIp - address: '{{{ SELF_IP_INTERNAL }}}/32' - vlan: internal - allowService: default - trafficGroup: traffic-group-local-only - externalGwRoute: - class: Route - target: external - network: '{{{EXTERNAL_GW}}}/32' - mtu: 1460 - externalIntRoute: - class: Route - gw: '{{{EXTERNAL_GW}}}' - network: '{{{EXTERNAL_NETWORK}}}/{{{EXTERNAL_BITMASK}}}' - mtu: 1460 - internalGwRoute: - class: Route - target: internal - network: '{{{INTERNAL_GW}}}/32' - mtu: 1460 - internalIntRoute: - class: Route - gw: '{{{EXTERNAL_GW}}}' - network: '{{{INTERNAL_NETWORK}}}/{{{INTERNAL_BITMASK}}}' - mtu: 1460 - defaultGateway: - class: Route - gw: '{{{EXTERNAL_GW}}}' - network: default - mtu: 1460 -post_onboard_enabled: [] - userType: regular diff --git a/scripts/config/readme_snippet_04.yaml b/scripts/config/readme_snippet_04.yaml deleted file mode 100644 index 6537ac14..00000000 --- a/scripts/config/readme_snippet_04.yaml +++ /dev/null @@ -1,40 +0,0 @@ -controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log -runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: http://127.0.0.1:8200 - appRolePath: /v1/auth/approle/login - secretsEngine: kv2 - secretId: secret/foo - field: password - version: 1 - authBackend: - type: approle - roleId: - type: url - value: file:///path/to/role-id - secretId: - type: inline - value: secret-id - unwrap: true -pre_onboard_enabled: - - name: provision_rest - type: inline - commands: - - /usr/bin/setdb provision.extramb 500 - - /usr/bin/setdb restjavad.useextramb true -extension_packages: - install_operations: - - extensionType: do - extensionVersion: 1.29.0 - - extensionType: as3 - extensionVersion: 3.36.0 - - extensionType: fast - extensionVersion: 1.17.0 - - extensionType: ts - extensionVersion: 1.28.0 diff --git a/scripts/config/runtime_parameters.yaml b/scripts/config/runtime_parameters.yaml deleted file mode 100644 index c98b1516..00000000 --- a/scripts/config/runtime_parameters.yaml +++ /dev/null @@ -1,124 +0,0 @@ -aws: - description: AWS Example - controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log - runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: SecretManager - environment: aws - version: AWSCURRENT - secretId: test-document-01 - - name: HOST_NAME - type: metadata - metadataProvider: - environment: aws - type: compute - field: hostname - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 1 - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: aws - type: network - field: local-ipv4s - index: 2 - - name: DEFAULT_ROUTE - type: metadata - metadataProvider: - environment: aws - type: network - field: subnet-ipv4-cidr-block - index: 1 -azure: - description: Azure Example - controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log - runtime_parameters: - - name: AZURE_SERVICE_PRINCIPAL - type: secret - secretProvider: - type: KeyVault - environment: azure - vaultUrl: https://my-keyvault.vault.azure.net - secretId: my_azure_secret - - name: HOST_NAME - type: metadata - metadataProvider: - environment: azure - type: compute - field: name - - name: SELF_IP_INTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 1 - - name: SELF_IP_EXTERNAL - type: metadata - metadataProvider: - environment: azure - type: network - field: ipv4 - index: 2 -gcp: - description: Google Example - controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log - runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: SecretsManager - environment: gcp - version: latest - secretId: my-secret-id-01 - - name: ROOT_PASS - type: secret - secretProvider: - type: SecretsManager - environment: gcp - version: latest - secretId: my-secret-id-02 - - name: HOST_NAME - type: metadata - metadataProvider: - environment: gcp - type: compute - field: name -hashicorp: - description: Hashicorp Vault Example - controls: - logLevel: silly - logFilename: /var/log/cloud/bigIpRuntimeInit.log - runtime_parameters: - - name: ADMIN_PASS - type: secret - secretProvider: - type: Vault - environment: hashicorp - vaultServer: http://127.0.0.1:8200 - secretsEngine: kv2 - secretId: secret/foo - field: password - version: 1 - authBackend: - type: approle - roleId: - type: url - value: file:///path/to/role-id - secretId: - type: inline - value: secret-id - unwrap: true diff --git a/scripts/deploy_source.sh b/scripts/deploy_source.sh deleted file mode 100755 index 8d656b0e..00000000 --- a/scripts/deploy_source.sh +++ /dev/null @@ -1,86 +0,0 @@ -#!/usr/bin/env bash - -# usage examples -# deploy with deployment-info.json -# ./deploy_source.sh -c azure -f cloud_config_install_only.yaml -d deployment-info.json - -# deploy with local RPM packages and passing credentials -# ./deploy_source.sh -c azure -r /Users/shimkus/Downloads/RPMs/ -f cloud_config_install_only.yaml -u azureuser -p Pass1word -m mydeployment.westus.cloudapp.azure.com - -# deploy with a specific version -# ./deploy_source.sh -c azure -f cloud_config_install_only.yaml -d deployment-info.json -v 0.9.0 -e 1 - -# deploy skipping build process (for changes to config file, for example) -# ./deploy_source.sh -c azure -f cloud_config_install_only.yaml -u azureuser -p Pass1word -m mydeployment.westus.cloudapp.azure.com -b false - -CLOUD='all' -CONFIG_FILE='cloud_config_local.yaml' -VERSION='0.9.0' -RELEASE='1' -BUILD='true' - -while getopts d:m:u:p:c:f:r:v:e:b: option - do case "$option" in - d) PATH_TO_DEPLOYMENT_INFO=$OPTARG;; - m) MGMT_IP=$OPTARG;; - u) USERNAME=$OPTARG;; - p) PASSWORD=$OPTARG;; - c) CLOUD=$OPTARG;; - f) CONFIG_FILE=$OPTARG;; - r) PATH_TO_RPMS=$OPTARG;; - v) VERSION=$OPTARG;; - e) RELEASE=$OPTARG;; - b) BUILD=$OPTARG;; - esac -done - -if [[ $BUILD == 'true' ]]; then - npm run build -fi - -if [[ -n $PATH_TO_DEPLOYMENT_INFO ]]; then - MGMT_IP=$(cat ${PATH_TO_DEPLOYMENT_INFO} | jq .instances[].mgmt_address -r) - USERNAME=$(cat ${PATH_TO_DEPLOYMENT_INFO}| jq .instances[].admin_username -r) - PASSWORD=$(cat ${PATH_TO_DEPLOYMENT_INFO} | jq .instances[].admin_password -r) -fi - -# DO workaround -sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "modify sys global-settings mgmt-dhcp disabled" -sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "save sys config" - -# clean up -sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "bash -c 'rm -rf /tmp/f5-bigip-runtime-init'" - -echo "Unistalling all available packages" -installed_packages=$(curl -k -u ${USERNAME}:${PASSWORD} https://${MGMT_IP}/mgmt/shared/iapp/global-installed-packages | jq .items[].packageName) -echo "Packages for un-installation: ${installed_packages}" -for packageName in $installed_packages -do - echo "Uninstalling package ${packageName}" - echo $(curl -H "Content-Type: application/json" -k -u $USERNAME:$PASSWORD -X POST -d "{'operation': 'UNINSTALL','packageName': ${packageName}}" https://${MGMT_IP}/mgmt/shared/iapp/package-management-tasks | jq .) -done - -# edit scp whitelist -sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "bash -c 'echo /config/cloud/ >> /config/ssh/scp.whitelist'" - -if [[ -n $PATH_TO_RPMS ]]; then - sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "bash -c 'echo /var/lib/cloud/icontrollx_installs/ >> /config/ssh/scp.whitelist'" -fi - -sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "bash -c 'bigstart restart sshd'" - -# copy new -sshpass -p ${PASSWORD} scp -o StrictHostKeyChecking=no dist/f5-bigip-runtime-init-$VERSION-$RELEASE.gz.run $USERNAME@$MGMT_IP:/var/tmp/ -sshpass -p ${PASSWORD} scp -o StrictHostKeyChecking=no scripts/config/* ${USERNAME}@${MGMT_IP}:/config/cloud/ - -if [[ -n $PATH_TO_RPMS ]]; then - sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "bash -c 'mkdir -p /var/lib/cloud/icontrollx_installs'" - sshpass -p ${PASSWORD} scp -o StrictHostKeyChecking=no ${PATH_TO_RPMS}* ${USERNAME}@${MGMT_IP}:/var/lib/cloud/icontrollx_installs/ -fi - -# install -sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no $USERNAME@$MGMT_IP "bash /var/tmp/f5-bigip-runtime-init-$VERSION-$RELEASE.gz.run ${CLOUD}" -sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "bash -c 'bigstart restart restnoded'" -sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no ${USERNAME}@${MGMT_IP} "bash f5-bigip-runtime-init -c /config/cloud/${CONFIG_FILE}" - -echo "script execution completed" diff --git a/scripts/install.sh b/scripts/install.sh deleted file mode 100755 index 20ca1713..00000000 --- a/scripts/install.sh +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright 2020 F5 Networks, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# USAGE: curl https://raw.githubusercontent.com///v0.9.0/scripts/install.sh | bash - -# catch 22, we do not have package.json prior to install from remote so we cannot do below -# TODO: figure out alternate mechanism to avoid version drift -# -# MAINDIR="$(dirname $0)/.." -# NAME=$(cat ${MAINDIR}/package.json | jq .name -r) -# VERSION=$(cat ${MAINDIR}/package.json | jq .version -r) - -NAME="f5-bigip-runtime-init" -VERSION="0.9.0" -SVC_ACCOUNT="f5devcentral" - -# usage: logger "log message" -logger() { - echo "${1}" -} - -# usage: platform_check -# returns: LINUX|BIGIP -platform_check() { - platform="LINUX" - if [ -f "/VERSION" ]; then - platform="BIGIP" - fi - echo ${platform} -} - -logger "Package name: ${NAME}" -logger "Package version: ${VERSION}" - -install_location="/tmp/${NAME}" -mkdir -p ${install_location} - -# discover cloud environment from instance metadata availability -declare -A CLOUD_MAP=( [azure]='http://169.254.169.254/metadata/instance?api-version=2019-06-01 -H Metadata:true' \ -[aws]='http://169.254.169.254/latest/meta-data/' \ -[gcp]='http://metadata.google.internal/computeMetadata/v1/instance/ -H Metadata-Flavor:Google' ) - -# loop until we find a cloud or time out and give up -COUNTER=0 -until [[ -n ${CLOUD} ]] || [[ ${COUNTER} -gt 12 ]]; do - for KEY in "${!CLOUD_MAP[@]}"; do - echo $KEY is ${CLOUD_MAP[$KEY]}; - VALUE=${CLOUD_MAP[$KEY]} - RESPONSE=$(curl -s -o /dev/null -w '%{http_code}' ${VALUE} | grep 200) - if [[ $RESPONSE == "200" ]]; then - echo "FOUND CLOUD: ${KEY}" - CLOUD=$KEY - break - fi - done - ((COUNTER++)) - sleep 5 -done - -# write environment to file for use by onboarder -if [[ -z ${CLOUD} ]]; then - echo "Could not find a cloud, install all libraries." - CLOUD="all" -fi -echo ${CLOUD} > /config/cloud/environment - -download_location="/tmp/${NAME}-${CLOUD}.tar.gz" - -CLOUD_PACKAGE_NAME=${NAME}-${CLOUD} -curl --location https://github.com/${SVC_ACCOUNT}/${NAME}/releases/download/v${VERSION}/${CLOUD_PACKAGE_NAME}.tar.gz --output ${download_location} -curl --location https://github.com/${SVC_ACCOUNT}/${NAME}/releases/download/v${VERSION}/${CLOUD_PACKAGE_NAME}.tar.gz.sha256 --output ${download_location}.sha256 - -# verify package -dir=$(pwd) -cd /tmp && cat ${download_location}.sha256 | sha256sum -c | grep OK -if [[ $? -ne 0 ]]; then - echo "Couldn't verify the f5-bigip-runtime-init package, exiting." - exit 1 -fi -cd $dir - -# unzip package -tar xfz ${download_location} --directory ${install_location} - -# try to get the latest metadata -curl --location https://cdn.f5.com/product/cloudsolutions/f5-extension-metadata/latest/metadata.json --output toolchain_metadata_tmp.json -cat toolchain_metadata_tmp.json | jq empty > /dev/null 2>&1 -if [[ $? -eq 0 ]]; then - diff=$(jq -n --slurpfile latest toolchain_metadata_tmp.json --slurpfile current ${install_location}/src/lib/bigip/toolchain/toolchain_metadata.json '$latest != $current') - if [[ $diff == "true" ]]; then - cp toolchain_metadata_tmp.json ${install_location}/src/lib/bigip/toolchain/toolchain_metadata.json - rm toolchain_metadata_tmp.json - fi -else - echo "Couldn't get the latest toolchain metadata, using local copy." -fi - -# create command line utility -utility_location="/usr/local/bin/${NAME}" -if [[ "$(platform_check)" == "LINUX" ]]; then - echo "node ${install_location}/src/cli.js \"\$@\"" > ${utility_location} - chmod 744 ${utility_location} -else - mount -o remount,rw /usr - echo "f5-rest-node ${install_location}/src/cli.js \"\$@\"" > ${utility_location} - chmod 744 ${utility_location} - mount -o remount,ro /usr -fi diff --git a/scripts/install_rpm.sh b/scripts/install_rpm.sh deleted file mode 100755 index 2f2b2837..00000000 --- a/scripts/install_rpm.sh +++ /dev/null @@ -1,200 +0,0 @@ -#!/usr/bin/env bash -# Copyright 2020 F5 Networks, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -CLOUD="base" -SUPPORTED_CLOUDS=(aws azure gcp all base) -GPG_PUB_KEY_LOCATION="https://f5-cft.s3.amazonaws.com/f5-bigip-runtime-init/gpg.key" -TOOLCHAIN_METADATA_FILE_URL="https://cdn.f5.com/product/cloudsolutions/f5-extension-metadata/latest/metadata.json" -SKIP_VERIFICATION="" - -# usage: logger "log message" -logger() { - echo "$(date "+%Y-%m-%dT%H:%M:%S") - ${1}" -} - -# Retries settings for making https requests using curl command line tool -RETRY=${HTTP_RETRY:-3} -RETRY_MAX_TIME=${HTTP_RETRY_MAX_TIME:-180} -MAX_TIME=${HTTP_MAX_TIME:-5} -RETRY_DELAY=${HTTP_RETRY_DELAY:-60} - -logger "HTTP Retry Settings:" -logger "RETRY: $RETRY" -logger "RETRY_MAX_TIME: $RETRY_MAX_TIME" -logger "MAX_TIME: $MAX_TIME" -logger "RETRY_DELAY: $RETRY_DELAY" - -HELP_MENU() -{ - echo "Usage: $0 [params]" - echo "params can be one or more of the following:" - echo " --cloud | -c : Specifies cloud provider name. Allowed values: ( all, aws, azure, or gcp ). When not provided, integrations with Public Clouds (AWS, Azure or/and GCP) are disabled" - echo " --key | -k : Provides location for GPG key used for verifying signature on RPM file" - echo " --toolchain-metadata-file-url : Provides overriding delivery url for toolchain extension metadata file" - echo " --skip-verify : Disables RPM signature verification and AT metadata verification" - echo " --skip-toolchain-metadata-sync : Disables automation toolchains metadata sync" - echo " --telemetry-params : Specifies telemerty parameters" - exit 1 -} - -while true -do - case "$1" in - --cloud | -c) - CLOUD="$2" - if ! shift 2; then HELP_MENU; exit 1; fi - ;; - --key | -k) - GPG_PUB_KEY_LOCATION="$2" - if ! shift 2; then HELP_MENU; exit 1; fi - ;; - --toolchain-metadata-file-url ) - TOOLCHAIN_METADATA_FILE_URL="$2" - if ! shift 2; then HELP_MENU; exit 1; fi - ;; - --skip-verify) - SKIP_VERIFICATION=y - shift - ;; - --skip-toolchain-metadata-sync) - SKIP_AT_METADATA_SYNC=y - shift - ;; - --telemetry-params) - TELEMETRY_PARAMS=$2 - shift - ;; - -h | --help) - HELP_MENU - ;; - -*) - echo Unrecognized flag : "$1" - HELP_MENU - ;; - *) - break - ;; - esac -done - -if [[ ! "${SUPPORTED_CLOUDS[@]}" =~ "${CLOUD}" ]]; then - logger "--cloud parameter value is not in one of allowed values. Please see help menu for more details" - HELP_MENU - exit 1; -fi - -NAME="f5-bigip-runtime-init" - -# Processing TELEMETRY parameters and storing them into file for future use -rm /config/cloud/telemetry_install_params.tmp 2> /dev/null -for string in $(echo $TELEMETRY_PARAMS | tr ',' '\n') -do - echo $string >> /config/cloud/telemetry_install_params.tmp -done - -rpm_filename=$(ls | grep $CLOUD | grep -v "sha256") -rpm_sha256_filename=$(ls | grep $CLOUD | grep "sha256") -install_location="/tmp/${NAME}" -utility_location="/usr/local/bin/${NAME}" - -# usage: platform_check -# returns: LINUX|BIGIP -platform_check() { - platform="LINUX" - if [ -f "/VERSION" ]; then - platform="BIGIP" - fi - logger ${platform} -} - -logger "Running RPM install script." - -logger "Verifying RPM file integrity..." -cat $rpm_sha256_filename | sha256sum -c | grep OK -if [[ $? -ne 0 ]]; then - logger "Couldn't verify the f5-bigip-runtime-init package, exiting." - exit 1 -fi - -if [[ -z $SKIP_VERIFICATION ]]; then - logger "Verifying signature..." - logger "GPG PUB Key location: $GPG_PUB_KEY_LOCATION" - for i in {1..24}; do - curl --retry-delay $RETRY_DELAY --retry $RETRY --retry-max-time $RETRY_MAX_TIME --max-time $MAX_TIME --location $GPG_PUB_KEY_LOCATION --output /var/tmp/gpg.key && break || sleep 5 - done - rpm --import /var/tmp/gpg.key - rpm --checksig $rpm_filename | grep "rsa sha1 (md5) pgp md5 OK" - if [[ $? -ne 0 ]]; then - logger "Couldn't verify the f5-bigip-runtime-init package signature" - exit 1 - fi -else - logger "Skipping RPM signature verification" -fi - -logger "Checking if package is already installed" -if [[ -d $install_location && -f $utility_location && ! -z "$(ls -A $install_location)" ]]; then - logger "Package is already installed and utility is created. Exiting with status:0" - exit 0 -else - logger "Package is not installed. Preparing for installation." - if [[ -d $install_location ]]; then - logger "Install location $install_location already exists" - logger "Clearing out install location: $install_location" - find ${install_location} -type f -delete - sleep 1 - else - logger "Install location $install_location does not exist. Creating install location." - mkdir -p $install_location - fi -fi - -logger "Install package $rpm_filename" -rpm2cpio $rpm_filename | cpio -idmv -mv $NAME-$CLOUD/* /tmp/$NAME - -if [[ -z $SKIP_AT_METADATA_SYNC ]]; then - logger "Getting lastest AT metadata at $TOOLCHAIN_METADATA_FILE_URL" - touch toolchain_metadata_tmp.json - # try to get the latest metadata - for i in {1..24}; do - curl --retry-delay $RETRY_DELAY --retry $RETRY --retry-max-time $RETRY_MAX_TIME --max-time $MAX_TIME --location $TOOLCHAIN_METADATA_FILE_URL --output toolchain_metadata_tmp.json && break || sleep 5 - done - cat toolchain_metadata_tmp.json | jq empty > /dev/null 2>&1 - if [[ $? -eq 0 ]]; then - diff=$(jq -n --slurpfile latest toolchain_metadata_tmp.json --slurpfile current ${install_location}/src/lib/bigip/toolchain/toolchain_metadata.json '$latest != $current') - if [[ $diff == "true" ]]; then - cp toolchain_metadata_tmp.json ${install_location}/src/lib/bigip/toolchain/toolchain_metadata.json - fi - - else - logger "Couldn't get the latest toolchain metadata, using local copy." - fi - rm toolchain_metadata_tmp.json -else - logger "Skipping verification for AT Metadata, using local copy." -fi - -logger "Creating command utility." -if [[ "$(platform_check)" == "LINUX" ]]; then - echo "node ${install_location}/src/cli.js \"\$@\"" > ${utility_location} - chmod 744 ${utility_location} -else - mount -o remount,rw /usr - echo "f5-rest-node ${install_location}/src/cli.js \"\$@\"" > ${utility_location} - chmod 744 ${utility_location} - mount -o remount,ro /usr -fi -logger "RPM installation is completed." diff --git a/scripts/link_checker/link_checker.sh b/scripts/link_checker/link_checker.sh deleted file mode 100755 index bfcf8f3e..00000000 --- a/scripts/link_checker/link_checker.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# usage: ./link_checker.sh . "exclude_me and_me" - -SEARCH_DIR="$1" -EXCLUDE_PATTERNS="$2" - -script_location=$(dirname "$0") -link_checker_exec=${script_location}/node_modules/markdown-link-check/markdown-link-check -errors=0 - -find $SEARCH_DIR -name \*.md | while read LINE; do - file="${LINE}" - # ignore certain files that match an exclude pattern - match=false - for pattern in ${EXCLUDE_PATTERNS}; do - if [[ $file =~ $pattern ]]; then - match=true - fi - done - if $match; then - continue - fi - # now run - ${link_checker_exec} -q -c ${script_location}/link_checker_config.json "${file}" - if [ $? -ne 0 ]; then - errors=$((errors + 1)) - fi -done - -if [[ $errors -gt 0 ]]; then - echo "Link check failed with ${errors} errors, exiting." - exit 1 -else - echo "Success" -fi diff --git a/scripts/link_checker/link_checker_config.json b/scripts/link_checker/link_checker_config.json deleted file mode 100644 index 0eff6749..00000000 --- a/scripts/link_checker/link_checker_config.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "ignorePatterns": [ - { - "pattern": "^https://example.com" - }, - { - "pattern": "^http://example.com" - }, - { - "pattern": "^https://localhost" - }, - { - "pattern": "^http://localhost" - }, - { - "pattern": "^https://10.*" - }, - { - "pattern": "^https://solutiontemplates.visualstudio.com" - }, - { - "pattern": "http://www.f5.com/about/guidelines-policies/" - }, - { - "pattern": "https://my-keyvault.vault.*" - }, - { - "pattern": "https://the-delivery-location.com.*" - } - - ], - "replacementPatterns": [ - { - "pattern": """, - "replacement": " " - } - ], - "httpHeaders": [] -} diff --git a/scripts/link_checker/package-lock.json b/scripts/link_checker/package-lock.json deleted file mode 100644 index 222c744d..00000000 --- a/scripts/link_checker/package-lock.json +++ /dev/null @@ -1,483 +0,0 @@ -{ - "name": "link_checker", - "version": "0.1.0", - "lockfileVersion": 1, - "requires": true, - "dependencies": { - "ajv": { - "version": "6.10.1", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.1.tgz", - "integrity": "sha512-w1YQaVGNC6t2UCPjEawK/vo/dG8OOrVtUmhBT1uJJYxbl5kU2Tj3v6LGqBcsysN1yhuCStJCCA3GqdvKY8sqXQ==", - "requires": { - "fast-deep-equal": "^2.0.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "requires": { - "color-convert": "^1.9.0" - } - }, - "asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, - "async": { - "version": "2.6.2", - "resolved": "https://registry.npmjs.org/async/-/async-2.6.2.tgz", - "integrity": "sha512-H1qVYh1MYhEEFLsP97cVKqCGo7KfCyTt6uEWqsTBr9SO84oK9Uwbyd/yCW+6rKJLHksBNUVWZDAjfS+Ccx0Bbg==", - "requires": { - "lodash": "^4.17.11" - } - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" - }, - "aws4": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz", - "integrity": "sha512-ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "commander": { - "version": "2.20.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.0.tgz", - "integrity": "sha512-7j2y+40w61zy6YC2iRNpUe/NwhNyoXrYpHMrSunaMG64nRnaf96zO/KMQR4OyN/UnE5KLyEBnKHd4aG3rskjpQ==" - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=" - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, - "fast-deep-equal": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz", - "integrity": "sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk=" - }, - "fast-json-stable-stringify": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz", - "integrity": "sha1-1RQsDK7msRifh9OnYREGT4bIu/I=" - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.3", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz", - "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==", - "requires": { - "ajv": "^6.5.5", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=" - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "is-absolute-url": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-absolute-url/-/is-absolute-url-2.1.0.tgz", - "integrity": "sha1-UFMN+4T8yap9vnhS6Do3uTufKqY=" - }, - "is-relative-url": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-relative-url/-/is-relative-url-2.0.0.tgz", - "integrity": "sha1-cpAtf+BLPUeS59sV+duEtyBMnO8=", - "requires": { - "is-absolute-url": "^2.0.0" - } - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "isemail": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/isemail/-/isemail-3.2.0.tgz", - "integrity": "sha512-zKqkK+O+dGqevc93KNsbZ/TqTUFd46MwWjYOoMrjIMZ51eU7DtQG3Wmd9SQQT7i7RVnuTPEiYEWHU3MSbxC1Tg==", - "requires": { - "punycode": "2.x.x" - } - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "json-schema": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", - "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "jsprim": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", - "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.2.3", - "verror": "1.10.0" - } - }, - "link-check": { - "version": "4.4.5", - "resolved": "https://registry.npmjs.org/link-check/-/link-check-4.4.5.tgz", - "integrity": "sha512-csF0k7MAQjyDLkrZfsAJNkTav/vvATMYkm9dAstzmu60vzNGlgvWd3SgBTFH9KLWOO1hUuVxgSEPuWv+fdyuaQ==", - "requires": { - "is-relative-url": "^2.0.0", - "isemail": "^3.2.0", - "ms": "^2.1.1", - "request": "^2.88.0" - } - }, - "lodash": { - "version": "4.17.11", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz", - "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==" - }, - "markdown-link-check": { - "version": "3.7.3", - "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.7.3.tgz", - "integrity": "sha512-X/HWomzeox5HtkKLupin4affBXHq22r7RNqiSKsxlgZQMSU9n+zpGY0sbzJr1IycB6FXpKUZet1VH3Rs1/8WQg==", - "requires": { - "async": "^2.6.1", - "chalk": "^2.4.2", - "commander": "^2.20.0", - "link-check": "^4.4.5", - "lodash": "^4.17.11", - "markdown-link-extractor": "^1.2.1", - "progress": "^2.0.3", - "request": "^2.88.0" - } - }, - "markdown-link-extractor": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-1.2.1.tgz", - "integrity": "sha512-eo4hXLZC6/NrVimHqEu0X029ymIreg0VQjlWudGtOg1FiiZYPwU+Sh1CP3CQqP16woyCsDplVfqPD2Oi8JRpdw==", - "requires": { - "marked": "^0.6.2" - } - }, - "marked": { - "version": "0.6.3", - "resolved": "https://registry.npmjs.org/marked/-/marked-0.6.3.tgz", - "integrity": "sha512-Fqa7eq+UaxfMriqzYLayfqAE40WN03jf+zHjT18/uXNuzjq3TY0XTbrAoPeqSJrAmPz11VuUA+kBPYOhHt9oOQ==" - }, - "mime-db": { - "version": "1.40.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.40.0.tgz", - "integrity": "sha512-jYdeOMPy9vnxEqFRRo6ZvTZ8d9oPb+k18PKoYNYUe2stVEBPPwsln/qWzdbmaIvnhZ9v2P+CuecK+fpUfsV2mA==" - }, - "mime-types": { - "version": "2.1.24", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.24.tgz", - "integrity": "sha512-WaFHS3MCl5fapm3oLxU4eYDw77IQM2ACcxQ9RIxfaC3ooc6PFuBMGZZsYpvoXS5D5QTWPieo1jjLdAm3TBP3cQ==", - "requires": { - "mime-db": "1.40.0" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "progress": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", - "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==" - }, - "psl": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.2.0.tgz", - "integrity": "sha512-GEn74ZffufCmkDDLNcl3uuyF/aSD6exEyh1v/ZSdAomB82t6G9hzJVRx0jBmLDW+VfZqks3aScmMw9DszwUalA==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "qs": { - "version": "6.5.2", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", - "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" - }, - "request": { - "version": "2.88.0", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.0.tgz", - "integrity": "sha512-NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.0", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.4.3", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - } - }, - "safe-buffer": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", - "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "requires": { - "has-flag": "^3.0.0" - } - }, - "tough-cookie": { - "version": "2.4.3", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz", - "integrity": "sha512-Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==", - "requires": { - "psl": "^1.1.24", - "punycode": "^1.4.1" - }, - "dependencies": { - "punycode": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz", - "integrity": "sha1-wNWmOycYgArY4esPpSachN1BhF4=" - } - } - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "uri-js": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", - "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.3.2", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", - "integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA==" - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - } - } -} diff --git a/scripts/link_checker/package.json b/scripts/link_checker/package.json deleted file mode 100755 index c3408d51..00000000 --- a/scripts/link_checker/package.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "name": "link_checker", - "version": "0.1.0", - "author": "F5 Networks", - "license": "Apache-2.0", - "dependencies": { - "markdown-link-check": "^3.7.3" - } -} diff --git a/scripts/local_install.sh b/scripts/local_install.sh deleted file mode 100755 index 8a7d5b02..00000000 --- a/scripts/local_install.sh +++ /dev/null @@ -1,73 +0,0 @@ -# Copyright 2020 F5 Networks, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -NAME="f5-bigip-runtime-init" -CLOUD=$1 - -# usage: logger "log message" -logger() { - echo "${1}" -} - -# usage: platform_check -# returns: LINUX|BIGIP -platform_check() { - platform="LINUX" - if [ -f "/VERSION" ]; then - platform="BIGIP" - fi - echo ${platform} -} - -install_location='/tmp/f5-bigip-runtime-init' -download_location="/var/tmp/f5-bigip-runtime-init-${CLOUD}.tar.gz" - -# Creating install location -mkdir $install_location - -# verify package -dir=$(pwd) -cd /var/tmp && cat ${download_location}.sha256 | sha256sum -c | grep OK -if [[ $? -ne 0 ]]; then - echo "Couldn't verify the f5-bigip-runtime-init package, exiting." - exit 1 -fi -cd $dir - -# unzip package -tar xfz ${download_location} --directory ${install_location} - -# try to get the latest metadata -curl --location https://cdn.f5.com/product/cloudsolutions/f5-extension-metadata/latest/metadata.json --output toolchain_metadata_tmp.json -cat toolchain_metadata_tmp.json | jq empty > /dev/null 2>&1 -if [[ $? -eq 0 ]]; then - diff=$(jq -n --slurpfile latest toolchain_metadata_tmp.json --slurpfile current ${install_location}/src/lib/bigip/toolchain/toolchain_metadata.json '$latest != $current') - if [[ $diff == "true" ]]; then - cp toolchain_metadata_tmp.json ${install_location}/src/lib/bigip/toolchain/toolchain_metadata.json - rm toolchain_metadata_tmp.json - fi -else - echo "Couldn't get the latest toolchain metadata, using local copy." -fi - -# create command line utility -utility_location="/usr/local/bin/${NAME}" -if [[ "$(platform_check)" == "LINUX" ]]; then - echo "node ${install_location}/src/cli.js \"\$@\"" > ${utility_location} - chmod 744 ${utility_location} -else - mount -o remount,rw /usr - echo "f5-rest-node ${install_location}/src/cli.js \"\$@\"" > ${utility_location} - chmod 744 ${utility_location} - mount -o remount,ro /usr -fi diff --git a/scripts/makeself-header.sh b/scripts/makeself-header.sh deleted file mode 100755 index d1244f79..00000000 --- a/scripts/makeself-header.sh +++ /dev/null @@ -1,401 +0,0 @@ -cat << EOF > "$archname" -#!/bin/sh -# This script was generated using Makeself $MS_VERSION - -CRCsum="$CRCsum" -MD5="$MD5sum" -TMPROOT=\${TMPDIR:=/tmp} - -label="$LABEL" -script="$SCRIPT" -scriptargs="$SCRIPTARGS" -targetdir="$archdirname" -filesizes="$filesizes" -keep=$KEEP - -print_cmd_arg="" -if type printf > /dev/null; then - print_cmd="printf" -elif test -x /usr/ucb/echo; then - print_cmd="/usr/ucb/echo" -else - print_cmd="echo" -fi - -unset CDPATH - -MS_Printf() -{ - \$print_cmd \$print_cmd_arg "\$1" -} - -MS_Progress() -{ - while read a; do - MS_Printf . - done -} - -MS_diskspace() -{ - ( - if test -d /usr/xpg4/bin; then - PATH=/usr/xpg4/bin:\$PATH - fi - df -kP "\$1" | tail -1 | awk '{print \$4}' - ) -} - -MS_dd() -{ - blocks=\`expr \$3 / 1024\` - bytes=\`expr \$3 % 1024\` - dd if="\$1" ibs=\$2 skip=1 obs=1024 conv=sync 2> /dev/null | \\ - { test \$blocks -gt 0 && dd ibs=1024 obs=1024 count=\$blocks ; \\ - test \$bytes -gt 0 && dd ibs=1 obs=1024 count=\$bytes ; } 2> /dev/null -} - -MS_Help() -{ - cat << EOH >&2 -Makeself version $MS_VERSION - 1) Getting help or info about \$0 : - \$0 --help Print this message - \$0 --info Print embedded info : title, default target directory, embedded script ... - \$0 --lsm Print embedded lsm entry (or no LSM) - \$0 --list Print the list of files in the archive - \$0 --check Checks integrity of the archive - - 2) Running \$0 : - \$0 [options] [--] [additional arguments to embedded script] - with following options (in that order) - --confirm Ask before running embedded script - --noexec Do not run embedded script - --keep Do not erase target directory after running - the embedded script - --nox11 Do not spawn an xterm - --nochown Do not give the extracted files to the current user - --target NewDirectory Extract in NewDirectory - --tar arg1 [arg2 ...] Access the contents of the archive through the tar command - -- Following arguments will be passed to the embedded script -EOH -} - -MS_Check() -{ - OLD_PATH="\$PATH" - PATH=\${GUESS_MD5_PATH:-"\$OLD_PATH:/bin:/usr/bin:/sbin:/usr/local/ssl/bin:/usr/local/bin:/opt/openssl/bin"} - MD5_ARG="" - MD5_PATH=\`exec <&- 2>&-; which md5sum || type md5sum\` - test -x "\$MD5_PATH" || MD5_PATH=\`exec <&- 2>&-; which md5 || type md5\` - test -x "\$MD5_PATH" || MD5_PATH=\`exec <&- 2>&-; which digest || type digest\` - PATH="\$OLD_PATH" - - MS_Printf "Verifying archive integrity..." - offset=\`head -n $SKIP "\$1" | wc -c | tr -d " "\` - verb=\$2 - i=1 - for s in \$filesizes - do - crc=\`echo \$CRCsum | cut -d" " -f\$i\` - if test -x "\$MD5_PATH"; then - if test \`basename \$MD5_PATH\` = digest; then - MD5_ARG="-a md5" - fi - md5=\`echo \$MD5 | cut -d" " -f\$i\` - if test \$md5 = "00000000000000000000000000000000"; then - test x\$verb = xy && echo " \$1 does not contain an embedded MD5 checksum." >&2 - else - md5sum=\`MS_dd "\$1" \$offset \$s | eval "\$MD5_PATH \$MD5_ARG" | cut -b-32\`; - if test "\$md5sum" != "\$md5"; then - echo "Error in MD5 checksums: \$md5sum is different from \$md5" >&2 - exit 2 - else - test x\$verb = xy && MS_Printf " MD5 checksums are OK." >&2 - fi - crc="0000000000"; verb=n - fi - fi - if test \$crc = "0000000000"; then - test x\$verb = xy && echo " \$1 does not contain a CRC checksum." >&2 - else - sum1=\`MS_dd "\$1" \$offset \$s | CMD_ENV=xpg4 cksum | awk '{print \$1}'\` - if test "\$sum1" = "\$crc"; then - test x\$verb = xy && MS_Printf " CRC checksums are OK." >&2 - else - echo "Error in checksums: \$sum1 is different from \$crc" - exit 2; - fi - fi - i=\`expr \$i + 1\` - offset=\`expr \$offset + \$s\` - done - echo " All good." -} - -UnTAR() -{ - tar \$1vf - 2>&1 || { echo Extraction failed. > /dev/tty; kill -15 \$$; } -} - -finish=true -xterm_loop= -nox11=$NOX11 -copy=$COPY -ownership=y -verbose=n - -initargs="\$@" - -while true -do - case "\$1" in - -h | --help) - MS_Help - exit 0 - ;; - --info) - echo Identification: "\$label" - echo Target directory: "\$targetdir" - echo Uncompressed size: $USIZE KB - echo Compression: $COMPRESS - echo Date of packaging: $DATE - echo Built with Makeself version $MS_VERSION on $OSTYPE - echo Build command was: "$MS_COMMAND" - if test x\$script != x; then - echo Script run after extraction: - echo " " \$script \$scriptargs - fi - if test x"$copy" = xcopy; then - echo "Archive will copy itself to a temporary location" - fi - if test x"$KEEP" = xy; then - echo "directory \$targetdir is permanent" - else - echo "\$targetdir will be removed after extraction" - fi - exit 0 - ;; - --dumpconf) - echo LABEL=\"\$label\" - echo SCRIPT=\"\$script\" - echo SCRIPTARGS=\"\$scriptargs\" - echo archdirname=\"$archdirname\" - echo KEEP=$KEEP - echo COMPRESS=$COMPRESS - echo filesizes=\"\$filesizes\" - echo CRCsum=\"\$CRCsum\" - echo MD5sum=\"\$MD5\" - echo OLDUSIZE=$USIZE - echo OLDSKIP=`expr $SKIP + 1` - exit 0 - ;; - --lsm) -cat << EOLSM -EOF -eval "$LSM_CMD" -cat << EOF >> "$archname" -EOLSM - exit 0 - ;; - --list) - echo Target directory: \$targetdir - offset=\`head -n $SKIP "\$0" | wc -c | tr -d " "\` - for s in \$filesizes - do - MS_dd "\$0" \$offset \$s | eval "$GUNZIP_CMD" | UnTAR t - offset=\`expr \$offset + \$s\` - done - exit 0 - ;; - --tar) - offset=\`head -n $SKIP "\$0" | wc -c | tr -d " "\` - arg1="\$2" - shift 2 - for s in \$filesizes - do - MS_dd "\$0" \$offset \$s | eval "$GUNZIP_CMD" | tar "\$arg1" - \$* - offset=\`expr \$offset + \$s\` - done - exit 0 - ;; - --check) - MS_Check "\$0" y - exit 0 - ;; - --confirm) - verbose=y - shift - ;; - --noexec) - script="" - shift - ;; - --keep) - keep=y - shift - ;; - --target) - keep=y - targetdir=\${2:-.} - shift 2 - ;; - --nox11) - nox11=y - shift - ;; - --nochown) - ownership=n - shift - ;; - --xwin) - finish="echo Press Return to close this window...; read junk" - xterm_loop=1 - shift - ;; - --phase2) - copy=phase2 - shift - ;; - --) - shift - break ;; - -*) - echo Unrecognized flag : "\$1" >&2 - MS_Help - exit 1 - ;; - *) - break ;; - esac -done - -case "\$copy" in -copy) - tmpdir=\$TMPROOT/makeself.\$RANDOM.\`date +"%y%m%d%H%M%S"\`.\$\$ - mkdir "\$tmpdir" || { - echo "Could not create temporary directory \$tmpdir" >&2 - exit 1 - } - SCRIPT_COPY="\$tmpdir/makeself" - echo "Copying to a temporary location..." >&2 - cp "\$0" "\$SCRIPT_COPY" - chmod +x "\$SCRIPT_COPY" - cd "\$TMPROOT" - exec "\$SCRIPT_COPY" --phase2 -- \$initargs - ;; -phase2) - finish="\$finish ; rm -rf \`dirname \$0\`" - ;; -esac - -if test "\$nox11" = "n"; then - if tty -s; then # Do we have a terminal? - : - else - if test x"\$DISPLAY" != x -a x"\$xterm_loop" = x; then # No, but do we have X? - if xset q > /dev/null 2>&1; then # Check for valid DISPLAY variable - GUESS_XTERMS="xterm rxvt dtterm eterm Eterm kvt konsole aterm" - for a in \$GUESS_XTERMS; do - if type \$a >/dev/null 2>&1; then - XTERM=\$a - break - fi - done - chmod a+x \$0 || echo Please add execution rights on \$0 - if test \`echo "\$0" | cut -c1\` = "/"; then # Spawn a terminal! - exec \$XTERM -title "\$label" -e "\$0" --xwin "\$initargs" - else - exec \$XTERM -title "\$label" -e "./\$0" --xwin "\$initargs" - fi - fi - fi - fi -fi - -if test "\$targetdir" = "."; then - tmpdir="." -else - if test "\$keep" = y; then - echo "Creating directory \$targetdir" >&2 - tmpdir="\$targetdir" - dashp="-p" - else - tmpdir="\$TMPROOT/selfgz\$\$\$RANDOM" - dashp="" - fi - mkdir \$dashp \$tmpdir || { - echo 'Cannot create target directory' \$tmpdir >&2 - echo 'You should try option --target OtherDirectory' >&2 - eval \$finish - exit 1 - } -fi - -location="\`pwd\`" -if test x\$SETUP_NOCHECK != x1; then - MS_Check "\$0" -fi -offset=\`head -n $SKIP "\$0" | wc -c | tr -d " "\` - -if test x"\$verbose" = xy; then - MS_Printf "About to extract $USIZE KB in \$tmpdir ... Proceed ? [Y/n] " - read yn - if test x"\$yn" = xn; then - eval \$finish; exit 1 - fi -fi - -MS_Printf "Uncompressing \$label" -res=3 -if test "\$keep" = n; then - trap 'echo Signal caught, cleaning up >&2; cd \$TMPROOT; /bin/rm -rf \$tmpdir; eval \$finish; exit 15' 1 2 3 15 -fi - -leftspace=\`MS_diskspace \$tmpdir\` -if test \$leftspace -lt $USIZE; then - echo - echo "Not enough space left in "\`dirname \$tmpdir\`" (\$leftspace KB) to decompress \$0 ($USIZE KB)" >&2 - if test "\$keep" = n; then - echo "Consider setting TMPDIR to a directory with more free space." - fi - eval \$finish; exit 1 -fi - -for s in \$filesizes -do - if MS_dd "\$0" \$offset \$s | eval "$GUNZIP_CMD" | ( cd "\$tmpdir"; UnTAR x ) | MS_Progress; then - if test x"\$ownership" = xy; then - (PATH=/usr/xpg4/bin:\$PATH; cd "\$tmpdir"; chown -R \`id -u\` .; chgrp -R \`id -g\` .) - fi - else - echo - echo "Unable to decompress \$0" >&2 - eval \$finish; exit 1 - fi - offset=\`expr \$offset + \$s\` -done -echo - -cd "\$tmpdir" -res=0 -if test x"\$script" != x; then - if test x"\$verbose" = xy; then - MS_Printf "OK to execute: \$script \$scriptargs \$* ? [Y/n] " - read yn - if test x"\$yn" = x -o x"\$yn" = xy -o x"\$yn" = xY; then - eval \$script \$scriptargs \$*; res=\$?; - fi - else - eval \$script \$scriptargs \$*; res=\$? - fi - if test \$res -ne 0; then - test x"\$verbose" = xy && echo "The program '\$script' returned an error code (\$res)" >&2 - fi -fi -if test "\$keep" = n; then - cd \$TMPROOT - /bin/rm -rf \$tmpdir -fi -eval \$finish; exit \$res -EOF diff --git a/scripts/makeself.sh b/scripts/makeself.sh deleted file mode 100755 index bdd59788..00000000 --- a/scripts/makeself.sh +++ /dev/null @@ -1,760 +0,0 @@ -#!/bin/sh -# -# Makeself version 2.4.x -# by Stephane Peter -# -# Utility to create self-extracting tar.gz archives. -# The resulting archive is a file holding the tar.gz archive with -# a small Shell script stub that uncompresses the archive to a temporary -# directory and then executes a given script from withing that directory. -# -# Makeself home page: http://makeself.io/ -# -# Version 2.0 is a rewrite of version 1.0 to make the code easier to read and maintain. -# -# Version history : -# - 1.0 : Initial public release -# - 1.1 : The archive can be passed parameters that will be passed on to -# the embedded script, thanks to John C. Quillan -# - 1.2 : Package distribution, bzip2 compression, more command line options, -# support for non-temporary archives. Ideas thanks to Francois Petitjean -# - 1.3 : More patches from Bjarni R. Einarsson and Francois Petitjean: -# Support for no compression (--nocomp), script is no longer mandatory, -# automatic launch in an xterm, optional verbose output, and -target -# archive option to indicate where to extract the files. -# - 1.4 : Improved UNIX compatibility (Francois Petitjean) -# Automatic integrity checking, support of LSM files (Francois Petitjean) -# - 1.5 : Many bugfixes. Optionally disable xterm spawning. -# - 1.5.1 : More bugfixes, added archive options -list and -check. -# - 1.5.2 : Cosmetic changes to inform the user of what's going on with big -# archives (Quake III demo) -# - 1.5.3 : Check for validity of the DISPLAY variable before launching an xterm. -# More verbosity in xterms and check for embedded command's return value. -# Bugfix for Debian 2.0 systems that have a different "print" command. -# - 1.5.4 : Many bugfixes. Print out a message if the extraction failed. -# - 1.5.5 : More bugfixes. Added support for SETUP_NOCHECK environment variable to -# bypass checksum verification of archives. -# - 1.6.0 : Compute MD5 checksums with the md5sum command (patch from Ryan Gordon) -# - 2.0 : Brand new rewrite, cleaner architecture, separated header and UNIX ports. -# - 2.0.1 : Added --copy -# - 2.1.0 : Allow multiple tarballs to be stored in one archive, and incremental updates. -# Added --nochown for archives -# Stopped doing redundant checksums when not necesary -# - 2.1.1 : Work around insane behavior from certain Linux distros with no 'uncompress' command -# Cleaned up the code to handle error codes from compress. Simplified the extraction code. -# - 2.1.2 : Some bug fixes. Use head -n to avoid problems. -# - 2.1.3 : Bug fixes with command line when spawning terminals. -# Added --tar for archives, allowing to give arbitrary arguments to tar on the contents of the archive. -# Added --noexec to prevent execution of embedded scripts. -# Added --nomd5 and --nocrc to avoid creating checksums in archives. -# Added command used to create the archive in --info output. -# Run the embedded script through eval. -# - 2.1.4 : Fixed --info output. -# Generate random directory name when extracting files to . to avoid problems. (Jason Trent) -# Better handling of errors with wrong permissions for the directory containing the files. (Jason Trent) -# Avoid some race conditions (Ludwig Nussel) -# Unset the $CDPATH variable to avoid problems if it is set. (Debian) -# Better handling of dot files in the archive directory. -# - 2.1.5 : Made the md5sum detection consistent with the header code. -# Check for the presence of the archive directory -# Added --encrypt for symmetric encryption through gpg (Eric Windisch) -# Added support for the digest command on Solaris 10 for MD5 checksums -# Check for available disk space before extracting to the target directory (Andreas Schweitzer) -# Allow extraction to run asynchronously (patch by Peter Hatch) -# Use file descriptors internally to avoid error messages (patch by Kay Tiong Khoo) -# - 2.1.6 : Replaced one dot per file progress with a realtime progress percentage and a spining cursor (Guy Baconniere) -# Added --noprogress to prevent showing the progress during the decompression (Guy Baconniere) -# Added --target dir to allow extracting directly to a target directory (Guy Baconniere) -# - 2.2.0 : Many bugfixes, updates and contributions from users. Check out the project page on Github for the details. -# - 2.3.0 : Option to specify packaging date to enable byte-for-byte reproducibility. (Marc Pawlowsky) -# - 2.4.0 : Optional support for SHA256 checksums in archives. -# - 2.4.2 : Add support for threads for several compressors. (M. Limber) -# Added zstd support. -# -# (C) 1998-2020 by Stephane Peter -# -# This software is released under the terms of the GNU GPL version 2 and above -# Please read the license at http://www.gnu.org/copyleft/gpl.html -# Self-extracting archives created with this script are explictly NOT released under the term of the GPL -# - -MS_VERSION=2.4.2 -MS_COMMAND="$0" -unset CDPATH - -for f in ${1+"$@"}; do - MS_COMMAND="$MS_COMMAND \\\\ - \\\"$f\\\"" -done - -# For Solaris systems -if test -d /usr/xpg4/bin; then - PATH=/usr/xpg4/bin:$PATH - export PATH -fi - -# Procedures - -MS_Usage() -{ - echo "Usage: $0 [params] archive_dir file_name label startup_script [args]" - echo "params can be one or more of the following :" - echo " --version | -v : Print out Makeself version number and exit" - echo " --help | -h : Print out this help message" - echo " --tar-quietly : Suppress verbose output from the tar command" - echo " --quiet | -q : Do not print any messages other than errors." - echo " --gzip : Compress using gzip (default if detected)" - echo " --pigz : Compress with pigz" - echo " --zstd : Compress with zstd" - echo " --bzip2 : Compress using bzip2 instead of gzip" - echo " --pbzip2 : Compress using pbzip2 instead of gzip" - echo " --xz : Compress using xz instead of gzip" - echo " --lzo : Compress using lzop instead of gzip" - echo " --lz4 : Compress using lz4 instead of gzip" - echo " --compress : Compress using the UNIX 'compress' command" - echo " --complevel lvl : Compression level for gzip pigz zstd xz lzo lz4 bzip2 and pbzip2 (default 9)" - echo " --threads thds : Number of threads to be used by compressors that support parallelization." - echo " Omit to use compressor's default. Most useful (and required) for opting" - echo " into xz's threading, usually with '--threads=0' for all available cores." - echo " pbzip2 and pigz are parallel by default, and setting this value allows" - echo " limiting the number of threads they use." - echo " --base64 : Instead of compressing, encode the data using base64" - echo " --gpg-encrypt : Instead of compressing, encrypt the data using GPG" - echo " --gpg-asymmetric-encrypt-sign" - echo " : Instead of compressing, asymmetrically encrypt and sign the data using GPG" - echo " --gpg-extra opt : Append more options to the gpg command line" - echo " --ssl-encrypt : Instead of compressing, encrypt the data using OpenSSL" - echo " --ssl-passwd pass : Use the given password to encrypt the data using OpenSSL" - echo " --ssl-pass-src src : Use the given src as the source of password to encrypt the data" - echo " using OpenSSL. See \"PASS PHRASE ARGUMENTS\" in man openssl." - echo " If this option is not supplied, the user will be asked to enter" - echo " encryption password on the current terminal." - echo " --ssl-no-md : Do not use \"-md\" option not supported by older OpenSSL." - echo " --nochown : Do not give the target folder to the current user (default)" - echo " --chown : Give the target folder to the current user recursively" - echo " --nocomp : Do not compress the data" - echo " --notemp : The archive will create archive_dir in the" - echo " current directory and uncompress in ./archive_dir" - echo " --needroot : Check that the root user is extracting the archive before proceeding" - echo " --copy : Upon extraction, the archive will first copy itself to" - echo " a temporary directory" - echo " --append : Append more files to an existing Makeself archive" - echo " The label and startup scripts will then be ignored" - echo " --target dir : Extract directly to a target directory" - echo " directory path can be either absolute or relative" - echo " --nooverwrite : Do not extract the archive if the specified target directory exists" - echo " --current : Files will be extracted to the current directory" - echo " Both --current and --target imply --notemp" - echo " --tar-extra opt : Append more options to the tar command line" - echo " --untar-extra opt : Append more options to the during the extraction of the tar archive" - echo " --nomd5 : Don't calculate an MD5 for archive" - echo " --nocrc : Don't calculate a CRC for archive" - echo " --sha256 : Compute a SHA256 checksum for the archive" - echo " --header file : Specify location of the header script" - echo " --cleanup file : Specify a cleanup script that executes on interrupt and when finished successfully." - echo " --follow : Follow the symlinks in the archive" - echo " --noprogress : Do not show the progress during the decompression" - echo " --nox11 : Disable automatic spawn of a xterm" - echo " --nowait : Do not wait for user input after executing embedded" - echo " program from an xterm" - echo " --lsm file : LSM file describing the package" - echo " --license file : Append a license file" - echo " --help-header file : Add a header to the archive's --help output" - echo " --packaging-date date" - echo " : Use provided string as the packaging date" - echo " instead of the current date." - echo - echo " --keep-umask : Keep the umask set to shell default, rather than overriding when executing self-extracting archive." - echo " --export-conf : Export configuration variables to startup_script" - echo - echo "Do not forget to give a fully qualified startup script name" - echo "(i.e. with a ./ prefix if inside the archive)." - exit 1 -} - -# Default settings -if type gzip > /dev/null 2>&1; then - COMPRESS=gzip -else - COMPRESS=Unix -fi -ENCRYPT=n -PASSWD="" -PASSWD_SRC="" -OPENSSL_NO_MD=n -COMPRESS_LEVEL=9 -DEFAULT_THREADS=123456 # Sentinel value -THREADS=$DEFAULT_THREADS -KEEP=n -CURRENT=n -NOX11=n -NOWAIT=n -APPEND=n -TAR_QUIETLY=n -KEEP_UMASK=n -QUIET=n -NOPROGRESS=n -COPY=none -NEED_ROOT=n -TAR_ARGS=rvf -TAR_EXTRA="" -GPG_EXTRA="" -DU_ARGS=-ks -HEADER=`dirname "$0"`/makeself-header.sh -TARGETDIR="" -NOOVERWRITE=n -DATE=`LC_ALL=C date` -EXPORT_CONF=n -SHA256=n -OWNERSHIP=n - -# LSM file stuff -LSM_CMD="echo No LSM. >> \"\$archname\"" - -while true -do - case "$1" in - --version | -v) - echo Makeself version $MS_VERSION - exit 0 - ;; - --pbzip2) - COMPRESS=pbzip2 - shift - ;; - --bzip2) - COMPRESS=bzip2 - shift - ;; - --gzip) - COMPRESS=gzip - shift - ;; - --pigz) - COMPRESS=pigz - shift - ;; - --zstd) - COMPRESS=zstd - shift - ;; - --xz) - COMPRESS=xz - shift - ;; - --lzo) - COMPRESS=lzo - shift - ;; - --lz4) - COMPRESS=lz4 - shift - ;; - --compress) - COMPRESS=Unix - shift - ;; - --base64) - COMPRESS=base64 - shift - ;; - --gpg-encrypt) - COMPRESS=gpg - shift - ;; - --gpg-asymmetric-encrypt-sign) - COMPRESS=gpg-asymmetric - shift - ;; - --gpg-extra) - GPG_EXTRA="$2" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --ssl-encrypt) - ENCRYPT=openssl - shift - ;; - --ssl-passwd) - PASSWD=$2 - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --ssl-pass-src) - PASSWD_SRC=$2 - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --ssl-no-md) - OPENSSL_NO_MD=y - shift - ;; - --nocomp) - COMPRESS=none - shift - ;; - --complevel) - COMPRESS_LEVEL="$2" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --threads) - THREADS="$2" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --nochown) - OWNERSHIP=n - shift - ;; - --chown) - OWNERSHIP=y - shift - ;; - --notemp) - KEEP=y - shift - ;; - --copy) - COPY=copy - shift - ;; - --current) - CURRENT=y - KEEP=y - shift - ;; - --tar-extra) - TAR_EXTRA="$2" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --untar-extra) - UNTAR_EXTRA="$2" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --target) - TARGETDIR="$2" - KEEP=y - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --nooverwrite) - NOOVERWRITE=y - shift - ;; - --needroot) - NEED_ROOT=y - shift - ;; - --header) - HEADER="$2" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --cleanup) - CLEANUP_SCRIPT="$2" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --license) - # We need to escape all characters having a special meaning in double quotes - LICENSE=$(sed 's/\\/\\\\/g; s/"/\\\"/g; s/`/\\\`/g; s/\$/\\\$/g' "$2") - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --follow) - TAR_ARGS=rvhf - DU_ARGS=-ksL - shift - ;; - --noprogress) - NOPROGRESS=y - shift - ;; - --nox11) - NOX11=y - shift - ;; - --nowait) - NOWAIT=y - shift - ;; - --nomd5) - NOMD5=y - shift - ;; - --sha256) - SHA256=y - shift - ;; - --nocrc) - NOCRC=y - shift - ;; - --append) - APPEND=y - shift - ;; - --lsm) - LSM_CMD="cat \"$2\" >> \"\$archname\"" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --packaging-date) - DATE="$2" - if ! shift 2; then MS_Usage; exit 1; fi - ;; - --help-header) - HELPHEADER=`sed -e "s/'/'\\\\''/g" $2` - if ! shift 2; then MS_Usage; exit 1; fi - [ -n "$HELPHEADER" ] && HELPHEADER="$HELPHEADER -" - ;; - --tar-quietly) - TAR_QUIETLY=y - shift - ;; - --keep-umask) - KEEP_UMASK=y - shift - ;; - --export-conf) - EXPORT_CONF=y - shift - ;; - -q | --quiet) - QUIET=y - shift - ;; - -h | --help) - MS_Usage - ;; - -*) - echo Unrecognized flag : "$1" - MS_Usage - ;; - *) - break - ;; - esac -done - -if test $# -lt 1; then - MS_Usage -else - if test -d "$1"; then - archdir="$1" - else - echo "Directory $1 does not exist." >&2 - exit 1 - fi -fi -archname="$2" - -if test "$QUIET" = "y" || test "$TAR_QUIETLY" = "y"; then - if test "$TAR_ARGS" = "rvf"; then - TAR_ARGS="rf" - elif test "$TAR_ARGS" = "rvhf";then - TAR_ARGS="rhf" - fi -fi - -if test "$APPEND" = y; then - if test $# -lt 2; then - MS_Usage - fi - - # Gather the info from the original archive - OLDENV=`sh "$archname" --dumpconf` - if test $? -ne 0; then - echo "Unable to update archive: $archname" >&2 - exit 1 - else - eval "$OLDENV" - fi -else - if test "$KEEP" = n -a $# = 3; then - echo "ERROR: Making a temporary archive with no embedded command does not make sense!" >&2 - echo >&2 - MS_Usage - fi - # We don't want to create an absolute directory unless a target directory is defined - if test "$CURRENT" = y; then - archdirname="." - elif test x"$TARGETDIR" != x; then - archdirname="$TARGETDIR" - else - archdirname=`basename "$1"` - fi - - if test $# -lt 3; then - MS_Usage - fi - - LABEL="$3" - SCRIPT="$4" - test "x$SCRIPT" = x || shift 1 - shift 3 - SCRIPTARGS="$*" -fi - -if test "$KEEP" = n -a "$CURRENT" = y; then - echo "ERROR: It is A VERY DANGEROUS IDEA to try to combine --notemp and --current." >&2 - exit 1 -fi - -case $COMPRESS in -gzip) - GZIP_CMD="gzip -c$COMPRESS_LEVEL" - GUNZIP_CMD="gzip -cd" - ;; -pigz) - GZIP_CMD="pigz -$COMPRESS_LEVEL" - if test $THREADS -ne $DEFAULT_THREADS; then # Leave as the default if threads not indicated - GZIP_CMD="$GZIP_CMD --processes $THREADS" - fi - GUNZIP_CMD="gzip -cd" - ;; -zstd) - GZIP_CMD="zstd -$COMPRESS_LEVEL" - GUNZIP_CMD="zstd -cd" - ;; -pbzip2) - GZIP_CMD="pbzip2 -c$COMPRESS_LEVEL" - if test $THREADS -ne $DEFAULT_THREADS; then # Leave as the default if threads not indicated - GZIP_CMD="$GZIP_CMD -p$THREADS" - fi - GUNZIP_CMD="bzip2 -d" - ;; -bzip2) - GZIP_CMD="bzip2 -$COMPRESS_LEVEL" - GUNZIP_CMD="bzip2 -d" - ;; -xz) - GZIP_CMD="xz -c$COMPRESS_LEVEL" - # Must opt-in by specifying a value since not all versions of xz support threads - if test $THREADS -ne $DEFAULT_THREADS; then - GZIP_CMD="$GZIP_CMD --threads=$THREADS" - fi - GUNZIP_CMD="xz -d" - ;; -lzo) - GZIP_CMD="lzop -c$COMPRESS_LEVEL" - GUNZIP_CMD="lzop -d" - ;; -lz4) - GZIP_CMD="lz4 -c$COMPRESS_LEVEL" - GUNZIP_CMD="lz4 -d" - ;; -base64) - GZIP_CMD="base64" - GUNZIP_CMD="base64 --decode -i -" - ;; -gpg) - GZIP_CMD="gpg $GPG_EXTRA -ac -z$COMPRESS_LEVEL" - GUNZIP_CMD="gpg -d" - ENCRYPT="gpg" - ;; -gpg-asymmetric) - GZIP_CMD="gpg $GPG_EXTRA -z$COMPRESS_LEVEL -es" - GUNZIP_CMD="gpg --yes -d" - ENCRYPT="gpg" - ;; -Unix) - GZIP_CMD="compress -cf" - GUNZIP_CMD="exec 2>&-; uncompress -c || test \\\$? -eq 2 || gzip -cd" - ;; -none) - GZIP_CMD="cat" - GUNZIP_CMD="cat" - ;; -esac - -if test x"$ENCRYPT" = x"openssl"; then - if test x"$APPEND" = x"y"; then - echo "Appending to existing archive is not compatible with OpenSSL encryption." >&2 - fi - - ENCRYPT_CMD="openssl enc -aes-256-cbc -salt" - DECRYPT_CMD="openssl enc -aes-256-cbc -d" - - if test x"$OPENSSL_NO_MD" != x"y"; then - ENCRYPT_CMD="$ENCRYPT_CMD -md sha256" - DECRYPT_CMD="$DECRYPT_CMD -md sha256" - fi - - if test -n "$PASSWD_SRC"; then - ENCRYPT_CMD="$ENCRYPT_CMD -pass $PASSWD_SRC" - elif test -n "$PASSWD"; then - ENCRYPT_CMD="$ENCRYPT_CMD -pass pass:$PASSWD" - fi -fi - -tmpfile="${TMPDIR:-/tmp}/mkself$$" - -if test -f "$HEADER"; then - oldarchname="$archname" - archname="$tmpfile" - # Generate a fake header to count its lines - SKIP=0 - . "$HEADER" - SKIP=`cat "$tmpfile" |wc -l` - # Get rid of any spaces - SKIP=`expr $SKIP` - rm -f "$tmpfile" - if test "$QUIET" = "n";then - echo "Header is $SKIP lines long" >&2 - fi - - archname="$oldarchname" -else - echo "Unable to open header file: $HEADER" >&2 - exit 1 -fi - -if test "$QUIET" = "n";then - echo -fi - -if test "$APPEND" = n; then - if test -f "$archname"; then - echo "WARNING: Overwriting existing file: $archname" >&2 - fi -fi - -USIZE=`du $DU_ARGS "$archdir" | awk '{print $1}'` - -if test "." = "$archdirname"; then - if test "$KEEP" = n; then - archdirname="makeself-$$-`date +%Y%m%d%H%M%S`" - fi -fi - -test -d "$archdir" || { echo "Error: $archdir does not exist."; rm -f "$tmpfile"; exit 1; } -if test "$QUIET" = "n"; then - echo "About to compress $USIZE KB of data..." - echo "Adding files to archive named \"$archname\"..." -fi - -tmparch="${TMPDIR:-/tmp}/mkself$$.tar" -( - if test "$APPEND" = "y"; then - tail -n "+$OLDSKIP" "$archname" | $GUNZIP_CMD > "$tmparch" - fi - cd "$archdir" - find . ! -type d -o -links 2 \ - | LC_ALL=C sort \ - | sed 's/./\\&/g' \ - | xargs tar $TAR_EXTRA -$TAR_ARGS "$tmparch" -) || { - echo "ERROR: failed to create temporary archive: $tmparch" - rm -f "$tmparch" "$tmpfile" - exit 1 -} - -USIZE=`du $DU_ARGS "$tmparch" | awk '{print $1}'` - -eval "$GZIP_CMD" <"$tmparch" >"$tmpfile" || { - echo "ERROR: failed to create temporary file: $tmpfile" - rm -f "$tmparch" "$tmpfile" - exit 1 -} -rm -f "$tmparch" - -if test x"$ENCRYPT" = x"openssl"; then - echo "About to encrypt archive \"$archname\"..." - { eval "$ENCRYPT_CMD -in $tmpfile -out ${tmpfile}.enc" && mv -f ${tmpfile}.enc $tmpfile; } || \ - { echo Aborting: could not encrypt temporary file: "$tmpfile".; rm -f "$tmpfile"; exit 1; } -fi - -fsize=`cat "$tmpfile" | wc -c | tr -d " "` - -# Compute the checksums - -shasum=0000000000000000000000000000000000000000000000000000000000000000 -md5sum=00000000000000000000000000000000 -crcsum=0000000000 - -if test "$NOCRC" = y; then - if test "$QUIET" = "n";then - echo "skipping crc at user request" - fi -else - crcsum=`CMD_ENV=xpg4 cksum < "$tmpfile" | sed -e 's/ /Z/' -e 's/ /Z/' | cut -dZ -f1` - if test "$QUIET" = "n";then - echo "CRC: $crcsum" - fi -fi - -if test "$SHA256" = y; then - SHA_PATH=`exec <&- 2>&-; which shasum || command -v shasum || type shasum` - if test -x "$SHA_PATH"; then - shasum=`eval "$SHA_PATH -a 256" < "$tmpfile" | cut -b-64` - else - SHA_PATH=`exec <&- 2>&-; which sha256sum || command -v sha256sum || type sha256sum` - shasum=`eval "$SHA_PATH" < "$tmpfile" | cut -b-64` - fi - if test "$QUIET" = "n"; then - if test -x "$SHA_PATH"; then - echo "SHA256: $shasum" - else - echo "SHA256: none, SHA command not found" - fi - fi -fi -if test "$NOMD5" = y; then - if test "$QUIET" = "n";then - echo "Skipping md5sum at user request" - fi -else - # Try to locate a MD5 binary - OLD_PATH=$PATH - PATH=${GUESS_MD5_PATH:-"$OLD_PATH:/bin:/usr/bin:/sbin:/usr/local/ssl/bin:/usr/local/bin:/opt/openssl/bin"} - MD5_ARG="" - MD5_PATH=`exec <&- 2>&-; which md5sum || command -v md5sum || type md5sum` - test -x "$MD5_PATH" || MD5_PATH=`exec <&- 2>&-; which md5 || command -v md5 || type md5` - test -x "$MD5_PATH" || MD5_PATH=`exec <&- 2>&-; which digest || command -v digest || type digest` - PATH=$OLD_PATH - if test -x "$MD5_PATH"; then - if test `basename ${MD5_PATH}`x = digestx; then - MD5_ARG="-a md5" - fi - md5sum=`eval "$MD5_PATH $MD5_ARG" < "$tmpfile" | cut -b-32` - if test "$QUIET" = "n";then - echo "MD5: $md5sum" - fi - else - if test "$QUIET" = "n";then - echo "MD5: none, MD5 command not found" - fi - fi -fi - -if test "$APPEND" = y; then - mv "$archname" "$archname".bak || exit - - # Prepare entry for new archive - filesizes="$fsize" - CRCsum="$crcsum" - MD5sum="$md5sum" - SHAsum="$shasum" - # Generate the header - . "$HEADER" - # Append the new data - cat "$tmpfile" >> "$archname" - - chmod +x "$archname" - rm -f "$archname".bak - if test "$QUIET" = "n";then - echo "Self-extractable archive \"$archname\" successfully updated." - fi -else - filesizes="$fsize" - CRCsum="$crcsum" - MD5sum="$md5sum" - SHAsum="$shasum" - - # Generate the header - . "$HEADER" - - # Append the compressed tar data after the stub - if test "$QUIET" = "n";then - echo - fi - cat "$tmpfile" >> "$archname" - chmod +x "$archname" - if test "$QUIET" = "n";then - echo Self-extractable archive \"$archname\" successfully created. - fi -fi -rm -f "$tmpfile" diff --git a/scripts/publish_github.sh b/scripts/publish_github.sh deleted file mode 100755 index 9b042020..00000000 --- a/scripts/publish_github.sh +++ /dev/null @@ -1,87 +0,0 @@ -#!/usr/bin/env bash - - -###################### -echo "*** Configuring SSH" -eval $(ssh-agent -s) -test "$GIT_SSH_USER_PRIVATE_KEY" && (echo "$GIT_SSH_USER_PRIVATE_KEY" | tr -d '\r' | ssh-add -) -mkdir -p ~/.ssh -chmod 700 ~/.ssh -echo "$GIT_SSH_USER_PUBLIC_KEY" >> ~/.ssh/id_rsa.pub -echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config -git config user.name $GITLAB_USER_LOGIN -git config user.email $GITLAB_USER_EMAIL -###################### - -RELEASE_VERSION=$(echo $CI_COMMIT_REF_NAME | awk -F"-" '{ print $2 }') -RELEASE_BUILD=$(echo $CI_COMMIT_REF_NAME | awk -F"-" '{ print $3 }') -ALLOWED_DIRS=(src examples diagrams) -ALLOWED_FILES=(.gitignore .gitallowed package.json package-lock.json README.md SUPPORT.md SCHEMA.md tsconfig.json LICENSE) - - -echo "*** Setting git origin" -git remote rm origin && git remote add origin git@github.com:f5networks/f5-bigip-runtime-init.git -echo "*** Removing everything from local git" -git rm -rf . - -echo "*** Adding allowed directories" -for dir in "${ALLOWED_DIRS[@]}"; do - git checkout HEAD ${dir} - git add ${dir} -done - -echo "*** Adding allowed files" -for file in "${ALLOWED_FILES[@]}"; do - git checkout HEAD ${file} - git add ${file} -done - -echo "*** Committing source code" -git status -git commit -m "Release commited to $RELEASE_VERSION tag" || echo "No changes, nothing to commit!" -git push -u origin HEAD:main -f - -echo "*** Publishing tag" -git tag -a $RELEASE_VERSION -m "Release of version $RELEASE_VERSION" -git push origin $RELEASE_VERSION - - -echo "*** Creating release using GIT APIs" -git config --global github.token $GITHUB_API_TOKEN - -echo "*** Getting release info" -release_description=$(curl -sk --header "PRIVATE-TOKEN: $GITLAB_PRIVATE_TOKEN_AK" "https://${GITLAB_API_URL_RUNTIME_INIT}/releases/$CI_COMMIT_REF_NAME" | jq .description) -echo "*** Release description: $release_description" -version=$RELEASE_VERSION - -generate_post_data() -{ - cat < f5-bigip-runtime-init-$RELEASE_VERSION-$RELEASE_BUILD.gz.run.sha256 -curl --header "Authorization: token $GITHUB_API_TOKEN" --header "Content-Type:application/txt" --upload-file f5-bigip-runtime-init-$RELEASE_VERSION-$RELEASE_BUILD.gz.run.sha256 -X POST "https://uploads.github.com/repos/f5networks/f5-bigip-runtime-init/releases/$release_id/assets?name=f5-bigip-runtime-init-$RELEASE_VERSION-$RELEASE_BUILD.gz.run.sha256" - -echo "*** Publishing to github is completed." diff --git a/scripts/ssh_to_instance.sh b/scripts/ssh_to_instance.sh deleted file mode 100755 index 59bd9c54..00000000 --- a/scripts/ssh_to_instance.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env bash -# usage: ./ssh_to_instance.sh - -INSTANCE_TO_USE=${1:-primary} -PATH_TO_DEPLOYMENT_INFO='deployment_info.json' - -INSTANCES=$(cat $PATH_TO_DEPLOYMENT_INFO | jq .instances -r) -USERNAME=$(echo $INSTANCES | jq '.[0] | .admin_username' -r) -PASSWORD=$(echo $INSTANCES | jq '.[0] | .admin_password' -r) -HOST=$(echo $INSTANCES | jq '.[0] | .mgmt_address' -r) -sshpass -p $PASSWORD ssh -o "StrictHostKeyChecking no" ${USERNAME}@${HOST} diff --git a/scripts/sync_at_components_metadata.sh b/scripts/sync_at_components_metadata.sh deleted file mode 100755 index 5660fbf3..00000000 --- a/scripts/sync_at_components_metadata.sh +++ /dev/null @@ -1,178 +0,0 @@ -#!/usr/bin/env bash - -# This script is intended to update all AT Components defined under the followings: -# 1. Toolchain config file src/lib/bigip/toolchain/toolchain_metadata.json -# 2. Config examples -# 3. Test plans - -echo "***** Phase 1. Fetching most recent AT Components metadata from the following location https://cdn.f5.com/product/cloudsolutions/f5-extension-metadata/latest/metadata.json" -remote_toolChain_metadata=$(curl --retry 3 --retry-max-time 15 --max-time 5 --location https://cdn.f5.com/product/cloudsolutions/f5-extension-metadata/latest/metadata.json | yq .) - -update_config_file() -{ - file_path=$1 - extension_type=$2 - latest_version=$3 - - echo ">>>> Discovered outdated version. Preparing for updates..." - echo ">>>> Extension Type: $extension_type" - echo ">>>> Latest available version: $latest_version" - index=$(cat $file_path | yq ".extension_packages.install_operations | map (.extensionType == $extension_type) | index(true)") - currentExtUrl=$(cat $file_path | yq ".extension_packages.install_operations[$index].extensionUrl" | tr -d '"') - currExtensionVersion=$(cat $file_path | yq ".extension_packages.install_operations[$index].extensionVersion") - currExtensionHash=$(cat $file_path | yq ".extension_packages.install_operations[$index].extensionHash") - echo ">>>> Generating hash value for latest version" - downloadUrl=$(echo $remote_toolChain_metadata | yq " .components.$extension_type.versions.$latest_version.downloadUrl" | tr -d '"') - shaUrl="${downloadUrl}.sha256" - extensionHash=$(curl --retry 3 --retry-max-time 15 --max-time 5 -L -s ${shaUrl} | cut -f1 -d" ") - if [[ $extensionHash =~ "Not" ]]; then - echo ">>>> Default extension hash is not valid for $extension_type, trying text file..." - extensionHash=$(curl --retry 3 --retry-max-time 15 --max-time 5 -L -s ${shaUrl}.txt | cut -f1 -d" ") - fi - echo ">>>> Gathering packageName" - packageName=$(echo $remote_toolChain_metadata | yq " .components.$extension_type.versions.$latest_version.packageName" | tr -d '"') - echo ">>>> Updating extensionVersion" - if [[ $filename == *".json"* ]]; then - yq ".extension_packages.install_operations[$index].extensionVersion = $latest_version" $file_path > tempFile.$$.json && mv tempFile.$$.json $file_path - if [[ $currExtensionHash != "null" ]]; then - echo ">>>> Updating extensionHash" - yq ".extension_packages.install_operations[$index].extensionHash = \"$extensionHash\"" $file_path > tempFile.$$.json && mv tempFile.$$.json $file_path - fi - if [[ $currentExtUrl != "null" ]]; then - echo ">>>> Updating extensionUrl" - if [[ $currentExtUrl == "file://"* ]]; then - newExtensionUrl=${currentExtUrl%/*}/${downloadUrl##*/} - yq ".extension_packages.install_operations[$index].extensionUrl = \"$newExtensionUrl\"" $file_path > tempFile.$$.json && mv tempFile.$$.json $file_path - else - yq ".extension_packages.install_operations[$index].extensionUrl = \"$downloadUrl\"" $file_path > tempFile.$$.json && mv tempFile.$$.json $file_path - fi - fi - elif [[ $filename == *".yaml"* ]]; then - yq -Y ".extension_packages.install_operations[$index].extensionVersion = $latest_version" $file_path > tempFile.$$.json && mv tempFile.$$.json $file_path - if [[ $currExtensionHash != "null" ]]; then - echo ">>>> Updating extensionHash" - yq -Y ".extension_packages.install_operations[$index].extensionHash = \"$extensionHash\"" $file_path > tempFile.$$.json && mv tempFile.$$.json $file_path - fi - if [[ $currentExtUrl != "null" ]]; then - echo ">>>> Updating extensionUrl" - if [[ $currentExtUrl == "file://"* ]]; then - newExtensionUrl=${currentExtUrl%/*}/${downloadUrl##*/} - yq ".extension_packages.install_operations[$index].extensionUrl = \"$newExtensionUrl\"" $file_path > tempFile.$$.json && mv tempFile.$$.json $file_path - else - yq ".extension_packages.install_operations[$index].extensionUrl = \"$downloadUrl\"" $file_path > tempFile.$$.json && mv tempFile.$$.json $file_path - fi - fi - fi -} - -echo "***** Phase 2. Discovering the latest available versions for AT Components" -component_version_map=() -component_names=$(echo $remote_toolChain_metadata | yq '.components | keys | .[]') -for name in ${component_names[@]}; do - version_metadata=$(echo $remote_toolChain_metadata | yq " .components.$name.versions | to_entries | .[].value | select(.latest == true)") - packageName=$(echo $version_metadata | yq '.packageName') - version=""; - versions=$(echo $remote_toolChain_metadata | yq " .components.$name.versions | to_entries | .[].key") - for item in ${versions[@]}; do - trimmedVersion=$(echo $item | tr -d '"') - if [[ $packageName == *$trimmedVersion* ]]; then - version=$item - fi - done - if [[ ! -z $version ]]; then - component_version_map+=($name:$version) - fi -done - -echo ">>>>> Generated package to latest version map: ${component_version_map[@]}" - -echo "***** Phase 3. Syncing local config to match remote" -echo $remote_toolChain_metadata | yq . > src/lib/bigip/toolchain/toolchain_metadata.json - -echo "***** Phase 4. Syncing all config examples to use lastest version" -config_files=$(ls examples/runtime_configs/) -for filename in $config_files; do - echo ">>>> Processing file: examples/runtime_configs/$filename" - isRuntimeConfig=$(cat examples/runtime_configs/$filename | yq ".extension_packages.install_operations") - if [[ "$isRuntimeConfig" != "null" ]]; then - for item in ${component_version_map[@]}; do - latestVersion=${item##*:} - extensionType=${item%:*} - currUsedVersion=$(cat examples/runtime_configs/$filename | yq ".extension_packages.install_operations[] | select (.extensionType == $extensionType) | .extensionVersion") - if [[ ! -z $currUsedVersion ]]; then - if [[ $currUsedVersion != $latestVersion ]]; then - update_config_file "examples/runtime_configs/$filename" $extensionType $latestVersion - fi - fi - done - else - echo ">>>>> WARNING: Found config file without install_operations defined - ${filename}" - fi -done - -config_files=$(ls examples/runtime_configs/snippets/) -for filename in $config_files; do - echo ">>>> Processing file: examples/runtime_configs/snippets/$filename" - isRuntimeConfig=$(cat examples/runtime_configs/snippets/$filename | yq ".extension_packages.install_operations") - if [[ "$isRuntimeConfig" != "null" ]]; then - for item in ${component_version_map[@]}; do - latestVersion=${item##*:} - extensionType=${item%:*} - currUsedVersion=$(cat examples/runtime_configs/snippets/$filename | yq ".extension_packages.install_operations[] | select (.extensionType == $extensionType) | .extensionVersion") - if [[ ! -z $currUsedVersion ]]; then - if [[ $currUsedVersion != $latestVersion ]]; then - update_config_file "examples/runtime_configs/snippets/$filename" $extensionType $latestVersion - fi - fi - done - else - echo ">>>>> WARNING: Found config file without install_operations defined - ${filename}" - fi -done - -config_files=$(ls scripts/config/) -for filename in $config_files; do - echo ">>>> Processing file: scripts/config/$filename" - isRuntimeConfig=$(cat scripts/config/$filename | yq ".extension_packages.install_operations") - if [[ "$isRuntimeConfig" != "null" ]]; then - for item in ${component_version_map[@]}; do - latestVersion=${item##*:} - extensionType=${item%:*} - currUsedVersion=$(cat scripts/config/$filename | yq ".extension_packages.install_operations[] | select (.extensionType == $extensionType) | .extensionVersion") - if [[ ! -z $currUsedVersion ]]; then - if [[ $currUsedVersion != $latestVersion ]]; then - update_config_file "scripts/config/$filename" $extensionType $latestVersion - fi - fi - done - else - echo ">>>>> WARNING: Found config file without install_operations defined - ${filename}" - fi -done - - -echo "***** Phase 5. Checking all configs used by functional tests" -SUPPORTED_CLOUDS=(aws azure gcp base) - -for cloud in ${SUPPORTED_CLOUDS[@]}; do - echo ">>>>> Verifying user-data used for $cloud functional tests" - grep "\-\-\-" plans/${cloud}/user_data.tpl -A 150 > temp_$cloud.yaml - for item in ${component_version_map[@]}; do - latestVersion=${item##*:} - extensionType=${item%:*} - currUsedVersion=$(cat temp_$cloud.yaml | yq ".extension_packages.install_operations[] | select (.extensionType == $extensionType) | .extensionVersion") - if [[ ! -z $currUsedVersion ]]; then - if [[ $currUsedVersion != $latestVersion ]]; then - echo ">>>> WARNING: Update user-data, used for $cloud functional tests, with new version ($latestVersion) of AT Component: $extensionType" - touch $cloud.update - fi - fi - done - rm temp_$cloud.yaml -done - - - - - - diff --git a/test_file.txt b/test_file.txt deleted file mode 100644 index e69de29b..00000000 diff --git a/tests/README.md b/tests/README.md deleted file mode 100644 index c62415c5..00000000 --- a/tests/README.md +++ /dev/null @@ -1,71 +0,0 @@ -# Introduction - -This directory contains all of the tests for this project. This documentation is designed to make clear things that would otherwise be unclear. - -## Unit - -All unit tests are written using the [mocha](https://mochajs.org) framework, and run using ```npm run test``` during automated or manual test. - -Triggered: Every commit pushed to central repository. - -Best practices: - -- Create a separate ```*Test.js``` for each source file being tested. -- Use a standard mocker: Prefer [sinon](https://sinonjs.org) for all mocks and [nock](https://github.com/nock/nock) for HTTP mocks. -- Monitor and enforce coverage, but avoid writing tests simply to increase coverage when there is no other perceived value. -- With that being said, **enforce coverage** in automated test. - -## Functional - -See README under functional test directoy for more details around functonal tests - -## Publish - -'publish_rpms_dev_cdn' ci job runs under the following conditions: -
-* commit branch is develop -* variable PUBLISH_RPM_DEVELOP is set to true -* commit message is equal to 'smart:run_publish_develop_cdn' - -Binaries from build process are placed onto CDN. - -Development RPM's, file hashes, and installer are located on cdn using the following url's: -* Pattern: https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/\/f5-bigip-runtime-init-\-\.gz.run -* Examples using version v1.2.1 release 1 and commit on branch ESECLDTPLT-2170 - * [f5-bigip-runtime-init installer](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/f5-bigip-runtime-init-1.2.1-0.gz.run) - * RPMS & checksum file - * [All clouds rpm](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/dist/rpms/f5-bigip-runtime-init-all-1.2.1-0-signed.noarch.rpm) - * [All checksum](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/dist/rpms/f5-bigip-runtime-init-all-1.2.1-0-signed.noarch.rpm.sha256) - * [Azure rpm](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/dist/rpms/f5-bigip-runtime-init-azure-1.2.1-0-signed.noarch.rpm) - * [Azure checksum](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/dist/rpms/f5-bigip-runtime-init-azure-1.2.1-0-signed.noarch.rpm.sha256) - * [AWS rpm](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/dist/rpms/f5-bigip-runtime-init-aws-1.2.1-0-signed.noarch.rpm) - * [AWS checksum](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/dist/rpms/f5-bigip-runtime-init-aws-1.2.1-0-signed.noarch.rpm.sha256) - * [GCP rpm](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/dist/rpms/f5-bigip-runtime-init-gcp-1.2.1-0-signed.noarch.rpm) - * [GCP checksum](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/develop/ESECLDTPLT-2170/dist/rpms/f5-bigip-runtime-init-gcp-1.2.1-0-signed.noarch.rpm.sha256) - - -'publish_rpms_cdn' ci job runs under the following conditions: -
-* commit branch is master -* variable PUBLISH_RPM is set to true -* commit message is equal to 'smart:run_publish_cdn' - -Binaries from build process are placed onto CDN. - -Production RPM's, file hashes, and installer are located on cdn using the following url's: -* Pattern: https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/\/f5-bigip-runtime-init-\-\.gz.run -* Examples using version v1.2.1 release 1 - * [f5-bigip-runtime-init installer](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/f5-bigip-runtime-init-1.2.1-0.gz.run) - * RPMS & checksum file - * [All clouds rpm](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/rpms/f5-bigip-runtime-init-all-1.2.1-1-signed.noarch.rpm) - * [All checksum](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/rpms/f5-bigip-runtime-init-all-1.2.1-1-signed.noarch.rpm.sha256) - * [Azure rpm](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/rpms/f5-bigip-runtime-init-azure-1.2.1-1-signed.noarch.rpm) - * [Azure checksum](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/rpms/f5-bigip-runtime-init-azure-1.2.1-1-signed.noarch.rpm.sha256) - * [AWS rpm](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/rpms/f5-bigip-runtime-init-aws-1.2.1-1-signed.noarch.rpm) - * [AWS checksum](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/rpms/f5-bigip-runtime-init-aws-1.2.1-1-signed.noarch.rpm.sha256) - * [GCP rpm](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/rpms/f5-bigip-runtime-init-gcp-1.2.1-1-signed.noarch.rpm) - * [GCP checksum](https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/rpms/f5-bigip-runtime-init-gcp-1.2.1-1-signed.noarch.rpm.sha256) - - -'cleanup_publish_rpms_dev_cdn' ci job is scheduled to run daily. -* Removes binaries from develop CDN when branch is no longer present \ No newline at end of file diff --git a/tests/constants.js b/tests/constants.js deleted file mode 100644 index f35a2305..00000000 --- a/tests/constants.js +++ /dev/null @@ -1,59 +0,0 @@ -/** - * Copyright 2020 F5 Networks, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -'use strict'; - -const path = require('path'); -const PKG_JSON = require('../package.json'); - - -/** - * Constants used across two or more files - * - * @module - */ -module.exports = { - PKG_NAME: PKG_JSON.name, - PKG_VERSION: PKG_JSON.version, - PKG_MIN_VERSION: '0.0.1', - ARTIFACTS_LOGS_DIR: path.join(process.cwd(), 'logs'), - REQUEST: { - PORT: 443, - PROTOCOL: 'https' - }, - PACKAGES_URI: { - as3: '/mgmt/shared/appsvcs/declare', - do: '/mgmt/shared/declarative-onboarding/inspect' - }, - DEPLOYMENT_FILE_VAR: 'BIGIP_RUNTIME_INIT_DEPLOYMENT_FILE', - DEPLOYMENT_FILE: 'deployment_info.json', - DECLARATION_FILE: 'f5-bigip-runtime-declaration.yaml', - DECLARATION_FILE_VAR: 'BIGIP_RUNTIME_INIT_DECLARATION_FILE', - AT_PACKAGES_METADATA_URI: 'https://cdn.f5.com/product/cloudsolutions/f5-extension-metadata/latest/metadata.json', - RETRIES: { - LONG: 500, - MEDIUM: 100, - SHORT: 10 - }, - LOG_LEVELS: { - silly: 0, - verbose: 1, - debug: 2, - info: 3, - warning: 4, - error: 5 - } -}; diff --git a/tests/functional/.mocha.opts b/tests/functional/.mocha.opts deleted file mode 100644 index 8dcda623..00000000 --- a/tests/functional/.mocha.opts +++ /dev/null @@ -1,4 +0,0 @@ -# mocha.opts - --timeout 300000 - --slow 180000 - --retries 30 diff --git a/tests/functional/README.md b/tests/functional/README.md deleted file mode 100644 index c5c84d28..00000000 --- a/tests/functional/README.md +++ /dev/null @@ -1,46 +0,0 @@ -# Overview - - This page provides details around functional testing - - -# Components - - * Gitlab CI/CD - as tasks scheduling and execution mechanism - * Deployment-tool docker image: - - Includes Terraform; tool for provisioning cloud resources - - Terrafrom plans defined under the following repo: /automation-sdk/deployment-tool - - Other CLI tools, such as sshpass and jq - * Mocha tests used for verifing installed extensions and posted declarations - - -# Workflow - - The functional tests pipeline consists of three phases: - 1. Init - provisioning cloud resources using Terraform as well as service installation - 2. Execute - mocha tests execution - 3. Cleanup - deprovisioning of cloud resources using Terraform - - -# Triggers - - There are a few ways to trigger functional tests pipeline: - - - Commit/Merge to develop or master branches - - Using smart commit; commit message must include the following string: ```/smart:run_functional_tests/``` - - Using schedule with ```$RUN_FUNCTIONAL_TESTS == "true"``` - - Note: there a few environment variables which are used for triggering functional tests for different clouds as well as BIG-IP versions: - - BIGIP_VERSION - specifies BIG-IP version used in testing; possible values (14, 15 or all) - - TEST_SUITE - specifies Public Cloud against which functional testing will be done; possilbe values ( aws, azure, azure_gov, gcp, or all). - - *Example:* Specifying `TEST_SUITE: all and BIGIP_VESION: all` will trigger 8 tests pipelines to test each supported BIG-IP version (v14 and v15) against each supported Public Cloud (aws, gcp, azure, and azure_gov) - -# Test cases - - All tests can be splitted on two categories: - - 1. System specific: - - Verify installed packages - - Verify installed declarations - 2. Cloud specific - - Verify cloud resources; however f5-bigip-runtime-init does not make any changes on cloud resources - diff --git a/tests/functional/providers/aws/tests.js b/tests/functional/providers/aws/tests.js deleted file mode 100644 index 4376aa1d..00000000 --- a/tests/functional/providers/aws/tests.js +++ /dev/null @@ -1,119 +0,0 @@ -/* - * Copyright 2020. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -const assert = require('assert'); - -/* eslint-disable import/no-extraneous-dependencies */ -const AWS = require('aws-sdk'); - -const funcUtils = require('../../util.js'); - -const duts = funcUtils.getHostInfo(); -const firstDut = duts[0]; -const env = funcUtils.getEnvironmentInfo(); - -describe('Provider: AWS', () => { - let testSecretValue; - let testNewAuthData; - let testHostName; - let testMgmtIp; - let as3Declaration; - before(function () { - this.timeout(80000); - - const client = new AWS.SecretsManager({ region: env.region }); - const secret = client.getSecretValue({ SecretId: env.secret_id }); - var promise = secret.promise(); - - return promise - .then( - function(data) { - testSecretValue = data.SecretString; - }, - function(error) { - Promise.reject(error); - } - ) - .then(() => { - return funcUtils.getAuthToken(firstDut.ip, firstDut.port, firstDut.username, firstDut.password); - }) - .then((data) => { - testNewAuthData = data; - // getting Global Settings - return funcUtils.getGlobalSettings(firstDut.ip, firstDut.port, testNewAuthData.token) - }) - .then((response) => { - testHostName = response.hostname; - }) - .then(() => { - const mgmtUri = '/mgmt/tm/sys/management-ip'; - // getting mgmt-ip - return funcUtils.getBigipApi(firstDut.ip, firstDut.port, testNewAuthData.token, mgmtUri); - }) - .then((response) => { - testMgmtIp = response.items[0].name.substring(0, response.items[0].name.length -3).replace(/[.]/g,'-') - return Promise.resolve(); - }) - .then(() => { - return funcUtils.getInstalledDeclaration( - firstDut.ip, - firstDut.port, - testNewAuthData.token, - 'as3' - ) - }) - .then((data) => { - as3Declaration = data - }) - .catch(err => Promise.reject(err)); - }); - - after(() => { - Object.keys(require.cache).forEach((key) => { - delete require.cache[key]; - }); - }); - - it('should confirm stored password in SecretsManager', () => { - assert.strictEqual(testSecretValue, 'StrongPassword2010!'); - }); - - it('should login using new admin password', () => funcUtils.getAuthToken(firstDut.ip, firstDut.port, 'admin', 'StrongPassword2010!') - .then((data) => { - assert.ok('token' in data); - }) - .catch((err) => { - assert.ok(!err); - })); - - it('should login using new vaultadmin password', () => funcUtils.getAuthToken(firstDut.ip, firstDut.port, 'vaultadmin', 'b1gAdminPazz') - .then((data) => { - assert.ok('token' in data); - }) - .catch((err) => { - assert.ok(!err); - })); - - it('should login using new vaultadmin2 password', () => funcUtils.getAuthToken(firstDut.ip, firstDut.port, 'vaultadmin2', 'thisIsTestPassword123') - .then((data) => { - assert.ok('token' in data); - }) - .catch((err) => { - assert.ok(!err); - })); - - it('should confirm hostname was updated using DO', () => { - assert.strictEqual(testHostName, 'ip-' + testMgmtIp + '.' + env.region + '.compute.internal'); - }); - - it ('should validate that runtime init resolve region correctly', () => { - assert.ok(!JSON.stringify(as3Declaration).includes('{{{REGION}}}')) - }); -}); diff --git a/tests/functional/providers/azure/tests.js b/tests/functional/providers/azure/tests.js deleted file mode 100644 index 3681927e..00000000 --- a/tests/functional/providers/azure/tests.js +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright 2020. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -const assert = require('assert'); - -/* eslint-disable import/no-extraneous-dependencies */ -const { DefaultAzureCredential } = require('@azure/identity'); -const { SecretClient } = require('@azure/keyvault-secrets'); - -const funcUtils = require('../../util.js'); - -const duts = funcUtils.getHostInfo(); -const firstDut = duts[0]; -let testSecretValue; - -describe('Provider: Azure', () => { - before(function () { - this.timeout(80000); - - let credential; - let keyVaultClient; - const clientId = process.env.AZURE_CLIENT_ID; - const clientSecret = process.env.AZURE_CLIENT_SECRET; - const tenantId = process.env.AZURE_TENANT_ID; - const subscriptionId = process.env.AZURE_SUBSCRIPTION_ID; - - if (clientId && clientSecret && subscriptionId && tenantId) { - if (funcUtils.getEnvironmentInfo().domain == 'azure') { - credential = new DefaultAzureCredential(); - } else { - credential = new DefaultAzureCredential({ authorityHost: 'https://login.microsoftonline.us' }); - } - keyVaultClient = new SecretClient(`https://testvault-${funcUtils.getEnvironmentInfo().deploymentId}.vault.${funcUtils.getEnvironmentInfo().domain}.net/`, credential); - } - - return keyVaultClient.getSecret('test-azure-admin-secret') - .then((testSecret) => { - if (testSecret) { - testSecretValue = testSecret.value; - } - return funcUtils.getAuthToken(firstDut.ip, firstDut.port, firstDut.username, - firstDut.password); - }) - .then((data) => { - firstDut.authData = data; - - - return Promise.resolve(); - }) - .catch(err => Promise.reject(err)); - }); - - after(() => { - Object.keys(require.cache).forEach((key) => { - delete require.cache[key]; - }); - }); - - it('should confirm stored password in Key Vault', () => { - assert.strictEqual(testSecretValue, 'StrongAdminPass212+'); - }); - - it('should login using new admin password', () => funcUtils.getAuthToken(firstDut.ip, firstDut.port, 'admin', 'StrongAdminPass212+') - .then((data) => { - assert.ok('token' in data); - }) - .catch((err) => { - assert.ok(!err); - })); - - it('should login using new vaultadmin password', () => funcUtils.getAuthToken(firstDut.ip, firstDut.port, 'vaultadmin', 'b1gAdminPazz') - .then((data) => { - assert.ok('token' in data); - }) - .catch((err) => { - assert.ok(!err); - })); - - it('should login using new vaultadmin2 password', () => funcUtils.getAuthToken(firstDut.ip, firstDut.port, 'vaultadmin2', 'thisIsTestPassword123') - .then((data) => { - assert.ok('token' in data); - }) - .catch((err) => { - assert.ok(!err); - })); -}); diff --git a/tests/functional/providers/gcp/tests.js b/tests/functional/providers/gcp/tests.js deleted file mode 100644 index 584a9446..00000000 --- a/tests/functional/providers/gcp/tests.js +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright 2020. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ -'use strict'; - -const assert = require('assert'); - -/* eslint-disable import/no-extraneous-dependencies */ -const { google } = require('googleapis'); -const secretManager = google.secretmanager('v1'); -const fs = require('fs'); - -const funcUtils = require('../../util.js'); - -const duts = funcUtils.getHostInfo(); -const firstDut = duts[0]; -let testSecretValue; - - -function configureAuth() { - // To run this in local environment, make sure to export the environmental variable - // GOOGLE_CREDENTIALS and CI_PROJECT_DIR - if (process.env.GOOGLE_CREDENTIALS) { - const tmpCredsFile = `${process.env.CI_PROJECT_DIR}/gcloud_creds.json`; - fs.writeFileSync(tmpCredsFile, process.env.GOOGLE_CREDENTIALS); - process.env.GOOGLE_APPLICATION_CREDENTIALS = tmpCredsFile; - return google.auth.getClient({ - scopes: ['https://www.googleapis.com/auth/cloud-platform'] - }); - } - return Promise.reject(new Error('gcloud creds are not provided via env variable titled as GOOGLE_CREDENTIALS')); -} - - -describe('Provider: Google', () => { - let authClient; - let adminPass; - let testNewAuthData; - let testHostName; - before(() => { - return configureAuth() - .then((createdAuthClient) => { - authClient = createdAuthClient; - return funcUtils.getAuthToken(firstDut.ip, firstDut.port, firstDut.username, firstDut.password); - }) - .then((data) => { - firstDut.authData = data; - const params = { - auth: authClient, - name: `projects/${authClient.projectId}/secrets/secret-01-${funcUtils.getEnvironmentInfo().deploymentId}/versions/latest` - }; - return secretManager.projects.secrets.versions.access(params) - }) - .then((response) => { - const buff = Buffer.from(response.data.payload.data, 'base64'); - adminPass = buff.toString('ascii'); - return funcUtils.getAuthToken(firstDut.ip, firstDut.port, firstDut.username, firstDut.password); - }) - .then((data) => { - testNewAuthData = data; - // getting Global Settings - return funcUtils.getGlobalSettings(firstDut.ip, firstDut.port, testNewAuthData.token) - }) - .then((response) => { - testHostName = response.hostname; - }) - .catch(err => Promise.reject(err)); - }); - - after(() => { - Object.keys(require.cache).forEach((key) => { - delete require.cache[key]; - }); - }); - - it('should confirm stored password in Key Vault', () => { - assert.strictEqual(adminPass, 'StrongPassword212+'); - }); - - it('should confirm new admin credentials are valid', () => { - assert.ok('token' in testNewAuthData); - }); - - it('should confirm hostname was updated using DO', () => { - assert.ok(testHostName.includes('.test')); - }); - - it('should login using new vaultadmin password', () => funcUtils.getAuthToken(firstDut.ip, firstDut.port, 'vaultadmin', 'b1gAdminPazz') - .then((data) => { - assert.ok('token' in data); - }) - .catch((err) => { - assert.ok(!err); - })); - - it('should login using new vaultadmin2 password', () => funcUtils.getAuthToken(firstDut.ip, firstDut.port, 'vaultadmin2', 'thisIsTestPassword123') - .then((data) => { - assert.ok('token' in data); - }) - .catch((err) => { - assert.ok(!err); - })); -}); diff --git a/tests/functional/systemTests.js b/tests/functional/systemTests.js deleted file mode 100644 index a22e96e5..00000000 --- a/tests/functional/systemTests.js +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -/* eslint-disable global-require */ - -const assert = require('assert'); -const funcUtils = require('./util.js'); - -const duts = funcUtils.getHostInfo(); -const firstDut = duts[0]; - -describe('System tests', () => { - let installedPackages = []; - let availablePackages = {}; - let postedBigIpRunTimeInitDeclaration = {}; - let installedExtDeclarations = []; - let customOnboardResultsCount; - let logFileSize = 0; - - before(function () { - this.timeout(80000); - return funcUtils.getAuthToken(firstDut.ip, firstDut.port, firstDut.username, firstDut.password) - .then((data) => { - const options = funcUtils.makeOptions({ authToken: data.token }); - options.port = firstDut.port; - firstDut.authData = data; - return funcUtils.queryPackages(firstDut.ip, firstDut.port, data.token); - }) - .then((data) => { - if (data && data.queryResponse) { - installedPackages = data.queryResponse; - } - return funcUtils.getPackagesMetadata(); - }) - .then((data) => { - if (data && data.components) { - availablePackages = data; - } - return funcUtils.getDeclaration(); - }) - .then((data) => { - postedBigIpRunTimeInitDeclaration = data; - const promises = []; - for ( - let idx = 0; - idx < postedBigIpRunTimeInitDeclaration.extension_services.service_operations.length; - idx += 1) { - promises.push(funcUtils.getInstalledDeclaration( - firstDut.ip, - firstDut.port, - firstDut.authData.token, - postedBigIpRunTimeInitDeclaration.extension_services.service_operations[idx].extensionType - )); - } - return Promise.all(promises); - }) - .then((response) => { - installedExtDeclarations = response.filter(item => item); - return funcUtils.runShellCommand(`sshpass -p ${firstDut.password} ssh -o StrictHostKeyChecking=no ${firstDut.username}@${firstDut.ip} "bash -c 'ls -l /tmp/created_by* | wc -l'"`); - }) - .then((response) => { - customOnboardResultsCount = response.trim(); - return funcUtils.runShellCommand(`sshpass -p ${firstDut.password} ssh -o StrictHostKeyChecking=no ${firstDut.username}@${firstDut.ip} "bash -c 'du -k /var/log/cloud/bigIpRuntimeInit.log | cut -f1'"`); - - }) - .then((response) => { - logFileSize = parseInt(response.trim()); - return Promise.resolve(); - }) - .catch(err => Promise.reject(err)); - }); - after(() => { - Object.keys(require.cache).forEach((key) => { - delete require.cache[key]; - }); - }); - - it('should verify AS3 installed', () => { - const declaredAs3Version = postedBigIpRunTimeInitDeclaration.extension_packages.install_operations.filter(item => item.extensionType === 'as3')[0].extensionVersion; - if (declaredAs3Version !== undefined) { - const declaredPackageName = availablePackages.components.as3.versions[declaredAs3Version].packageName; - assert.ok(installedPackages.filter(item => item.packageName === declaredPackageName).length > 0); - assert.ok(installedPackages.filter(item => item.version === declaredAs3Version).length > 0); - } - assert.ok(installedPackages.filter(item => item.name === 'f5-appsvcs').length > 0); - - }); - - it('should verify DO installed', () => { - const declaredDoVersion = postedBigIpRunTimeInitDeclaration.extension_packages.install_operations.filter(item => item.extensionType === 'do')[0].extensionVersion; - const declaredPackageName = availablePackages.components.do.versions[declaredDoVersion].packageName; - - assert.ok(installedPackages.filter(item => item.name === 'f5-declarative-onboarding').length > 0); - assert.ok(installedPackages.filter(item => item.packageName === declaredPackageName).length > 0); - assert.ok(installedPackages.filter(item => item.version === declaredDoVersion).length > 0); - }); - - it('should verify FAST installed', () => { - const declaredFastVersion = postedBigIpRunTimeInitDeclaration.extension_packages.install_operations.filter(item => item.extensionType === 'fast')[0].extensionVersion; - if (declaredFastVersion !== undefined) { - const declaredPackageName = availablePackages.components.fast.versions[declaredFastVersion].packageName; - assert.ok(installedPackages.filter(item => item.packageName === declaredPackageName).length > 0); - assert.ok(installedPackages.filter(item => item.version === declaredFastVersion).length > 0); - } - assert.ok(installedPackages.filter(item => item.name === 'f5-appsvcs-templates').length > 0); - - }); - - it('should verify iLX installed', () => { - const declaredPackageName = 'hello-world-0.1.0-0001.noarch'; - - assert.ok(installedPackages.filter(item => item.name === 'hello-world').length > 0); - assert.ok(installedPackages.filter(item => item.packageName === declaredPackageName).length > 0); - }); - - it('should verify successfully installed declarations', () => { - assert.strictEqual( - postedBigIpRunTimeInitDeclaration.extension_services.service_operations.length, - installedExtDeclarations.length - ); - }); - - it('should verify successful execution of pre and post onboards commands', () => { - assert.strictEqual(parseInt(customOnboardResultsCount), 4); - }); - - it('should validate log file created and written', () => { - assert.ok(logFileSize > 0); - }); -}); diff --git a/tests/functional/testRunner.js b/tests/functional/testRunner.js deleted file mode 100644 index 7c36af55..00000000 --- a/tests/functional/testRunner.js +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright 2020. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -/* eslint-disable global-require */ -/* eslint-disable import/no-dynamic-require */ -const funcUtils = require('./util.js'); - -/* This test runner will run test files in a defined order: - * - System Tests - * - Provider Tests - * - Cleanup Tests - * - * Some of the tests can be optionally disable to speed up - * local testing iterations -*/ - -const testFiles = []; -if (process.env.ENV_SYSTEM_TESTS !== 'ignore') { - testFiles.push('./systemTests.js'); -} -if (process.env.ENV_PROVIDER_TESTS !== 'ignore') { - testFiles.push(`./providers/${funcUtils.getEnvironmentInfo().environment}/tests.js`); -} - -testFiles.forEach((file) => { - require(file); -}); diff --git a/tests/functional/util.js b/tests/functional/util.js deleted file mode 100644 index 1669c677..00000000 --- a/tests/functional/util.js +++ /dev/null @@ -1,384 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -const fs = require('fs'); -const path = require('path'); -const request = require('request'); -const yaml = require('js-yaml'); -const icrdk = require('icrdk'); // eslint-disable-line import/no-extraneous-dependencies -const constants = require('../constants.js'); -const q = require('q'); -const childProcess = require('child_process'); - -const deploymentFile = process.env[constants.DEPLOYMENT_FILE_VAR] - || path.join(process.cwd(), constants.DEPLOYMENT_FILE); - -const declarationFile = process.env[constants.DECLARATION_FILE_VAR] - || path.join(process.cwd(), constants.DECLARATION_FILE); - -module.exports = { - /** - * Get host info - * - * @returns {Object} Returns - * [ { ip: x.x.x.x, username: admin, password: admin, primary: true } ] - */ - getHostInfo() { - // eslint-disable-next-line import/no-dynamic-require, global-require - const hosts = require(deploymentFile).instances.map((item) => { - item = { - ip: item.mgmt_address, - port: item.mgmt_port, - username: item.admin_username, - password: item.admin_password - }; - return item; - }); - return hosts; - }, - - - /** - * Get installed declaration - * - * @returns {Object} declaration for the - * - */ - - getInstalledDeclaration(host, port, authToken, packageName) { - const opts = { - HOST: host, - PORT: port, - AUTH_TOKEN: authToken, - headers: { - 'x-f5-auth-token': authToken - } - }; - - return this.makeRequest(host, constants.PACKAGES_URI[packageName], opts) - .then(data => (data)) - .catch((err) => { - const msg = `getInstalledDeclaration: ${err}`; - throw new Error(msg); - }); - }, - - /** - * Get delcaration used with deployment - * - * @returns {Object} JSON version of YAML file used during deployment - * - */ - - getDeclaration() { - return yaml.safeLoad(fs.readFileSync(declarationFile, 'utf8')); - }, - - /** - * Get package metadata - * - * @returns {Object} Returns metadata for AT packages - * - */ - getPackagesMetadata() { - const requestOptions = { - uri: constants.AT_PACKAGES_METADATA_URI, - method: 'GET', - body: undefined, - headers: {}, - strictSSL: false - }; - - return new Promise((resolve, reject) => { - request(requestOptions, (err, res, body) => { - if (err) { - reject(new Error(`HTTP error for '${constants.AT_PACKAGES_METADATA_URI}' : ${err}`)); - } else if (res.statusCode >= 200 && res.statusCode <= 299) { - try { - resolve(JSON.parse(body)); - } catch (e) { - resolve(body); - } - } else { - const msg = `Bad status code: ${res.statusCode} ${res.statusMessage} ${res.body} for '${constants.AT_PACKAGES_METADATA_URI}'`; - err = new Error(msg); - err.statusCode = res.statusCode; - err.statusMessage = res.statusMessage; - reject(err); - } - }); - }); - }, - - /** - * Get environment info - * - * @returns {Object} Returns: - * { - * deploymentId: 'foo', - * environment: 'foo', - * region: 'foo', - * zone: 'foo', - * networkTopology: 'foo' - * } - */ - getEnvironmentInfo() { - // eslint-disable-next-line import/no-dynamic-require, global-require - const deploymentInfo = require(deploymentFile); - return { - environment: deploymentInfo.environment, - deploymentId: deploymentInfo.deploymentId, - region: deploymentInfo.region || null, // optional: used by AWS|GCP - zone: deploymentInfo.zone || null, // optional: used by GCP - networkTopology: deploymentInfo.networkTopology || null, // optional: used by AWS - secret_id: deploymentInfo.secret_id || null, // optional: used by AWS - domain: deploymentInfo.domain || null // optional: used by Azure - }; - }, - - /** - * Make options (HTTP) - * - * @param {Object} options - function options - * @param {String} [options.authToken] - Authentication token - * - * @returns {Object} - */ - makeOptions(options) { - options = options || {}; - const retOptions = {}; - if (options.authToken) { - retOptions.headers = { - 'x-f5-auth-token': options.authToken - }; - } - return retOptions; - }, - - /** - * Perform HTTP request - * - * @param {String} host - HTTP host - * @param {String} uri - HTTP uri - * @param {Object} options - function options - * @param {Integer} [options.port] - HTTP port, default is 443 - * @param {String} [options.protocol] - HTTP protocol, default is https - * @param {String} [options.method] - HTTP method, default is GET - * @param {String} [options.body] - HTTP body - * @param {Object} [options.headers] - HTTP headers - * - * @returns {Object} Returns promise resolved with response - */ - makeRequest(host, uri, options) { - options = options || {}; - const port = options.port === undefined ? constants.REQUEST.PORT : options.port; - const protocol = options.protocol === undefined ? constants.REQUEST.PROTOCOL : options.protocol; - - host = host.endsWith('/') ? host.slice(0, host.length - 1) : host; - uri = uri || ''; - uri = uri.startsWith('/') ? uri : `/${uri}`; - - const fullUri = `${protocol}://${host}:${port}${uri}`; - const requestOptions = { - uri: fullUri, - method: options.method || 'GET', - body: options.body ? this.stringify(options.body) : undefined, - headers: options.headers || {}, - strictSSL: false - }; - - return new Promise((resolve, reject) => { - request(requestOptions, (err, res, body) => { - if (err) { - reject(new Error(`HTTP error for '${fullUri}' : ${err}`)); - } else if (res.statusCode >= 200 && res.statusCode <= 299) { - try { - resolve(JSON.parse(body)); - } catch (e) { - resolve(body); - } - } else { - const msg = `Bad status code: ${res.statusCode} ${res.statusMessage} ${res.body} for '${fullUri}'`; - err = new Error(msg); - err.statusCode = res.statusCode; - err.statusMessage = res.statusMessage; - reject(err); - } - }); - }); - }, - - /** - * Get auth token - * - * @param {String} host - host - * @param {String} port - port - * @param {String} username - username - * @param {String} password - password - * - * @returns {Promise} Returns promise resolved with auth token: { token: 'token' } - */ - getAuthToken(host, port, username, password) { - const uri = '/mgmt/shared/authn/login'; - const body = this.stringify({ - username, - password, - loginProviderName: 'tmos' - }); - const postOptions = { - port, - method: 'POST', - body - }; - - return this.makeRequest(host, uri, postOptions) - .then(data => ({ token: data.token.token })) - .catch((err) => { - const msg = `getAuthToken: ${err}`; - throw new Error(msg); - }); - }, - - /** - * Query installed ILX packages - * - * @param {String} host - host - * @param {String} port - port - * @param {String} authToken - auth token - * - * @returns {Promise} Returns promise resolved upon completion - */ - queryPackages(host, port, authToken) { - const opts = { - HOST: host, - PORT: port, - AUTH_TOKEN: authToken, - // below should not be required, there is a bug in icrdk - // https://github.com/f5devcentral/f5-icontrollx-dev-kit/blob/master/lib/util.js#L322 - headers: { - 'x-f5-auth-token': authToken - } - }; - - return new Promise((resolve, reject) => { - icrdk.queryInstalledPackages(opts, (err, results) => { - if (err) { - reject(err); - } - resolve(results); - }); - }); - }, - - /** Create directory - * - * @param {String} path - file path - */ - createDirectory(_path) { - if (!fs.existsSync(_path)) { - try { - fs.mkdirSync(_path); - } catch (err) { - if (err.code !== 'EEXIST') { - throw err; - } - } - } - }, - - /** - * Stringify a message - * - * @param {Object|String} msg - message to stringify - * - * @returns {Object} Stringified message - */ - stringify(msg) { - if (typeof msg === 'object') { - try { - msg = JSON.stringify(msg); - } catch (e) { - // just leave original message intact - } - } - return msg; - }, - - /** - * Runs a shell command and returns the output - * - * @param {String} commands - Command to run - * - * @returns {Promise} A promise which is resolved with the results of the - * command or rejected if an error occurs. - */ - runShellCommand(command) { - const deferred = q.defer(); - childProcess.exec(command, (error, stdout, stderr) => { - if (error) { - deferred.reject(new Error(`${error}:${stderr}`)); - } else { - deferred.resolve(stdout); - } - }); - return deferred.promise; - }, - - getGlobalSettings(host, port, authToken){ - const uri = '/mgmt/tm/sys/global-settings'; - const requestOptions = { - method: 'GET', - AUTH_TOKEN: authToken, - PORT: port, - HOST: host, - headers: { - 'x-f5-auth-token': authToken - }, - strictSSL: false - }; - - return this.makeRequest(host, uri, requestOptions) - .then(data => data) - .catch((err) => { - const msg = `can't get global settings: ${err}`; - throw new Error(msg); - }); - }, - - /** - * Runs n API get to bigip and returns output - * - * @param {String} host - host - * @param {Integer} port - mgmt port - * @param {String} authToken - authentication token - * @param {String} uri - endpoint uri - * @returns {Promise} A promise which is resolved with the results of the - * endpoint specified or rejected if an error occurs. - */ - getBigipApi(host, port, authToken, uri){ - const requestOptions = { - method: 'GET', - AUTH_TOKEN: authToken, - PORT: port, - HOST: host, - headers: { - 'x-f5-auth-token': authToken - }, - strictSSL: false - }; - - return this.makeRequest(host, uri, requestOptions) - .then(data => data) - .catch((err) => { - const msg = `can't GET endpoint: ${err}`; - throw new Error(msg); - }); - } -}; diff --git a/tests/scripts/validate_lx_extension_installation.sh b/tests/scripts/validate_lx_extension_installation.sh deleted file mode 100755 index 486500ec..00000000 --- a/tests/scripts/validate_lx_extension_installation.sh +++ /dev/null @@ -1,110 +0,0 @@ -#!/usr/bin/env bash - -echo "$(date "+%Y-%m-%dT%H:%M:%S") - Starting test" - -COUNT=0 - -echo "$(date "+%Y-%m-%dT%H:%M:%S") - PHASE #1: Preparation" - -mkdir -p /var/lib/cloud/icontrollx_installs/ -echo "$(date "+%Y-%m-%dT%H:%M:%S") - Downloading LX Extensions RPMs" -echo "$(date "+%Y-%m-%dT%H:%M:%S") - Downloading AS3 for local installation" -curl -sk -L -o /var/lib/cloud/icontrollx_installs/f5-appsvcs-3.27.0-3.noarch.rpm https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.27.0/f5-appsvcs-3.27.0-3.noarch.rpm -chmod +x /var/lib/cloud/icontrollx_installs/f5-appsvcs-3.27.0-3.noarch.rpm - -echo "$(date "+%Y-%m-%dT%H:%M:%S") - Downloading DO for local installation" -curl -sk -L -o /var/lib/cloud/icontrollx_installs/f5-declarative-onboarding-1.20.0-2.noarch.rpm https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.20.0/f5-declarative-onboarding-1.20.0-2.noarch.rpm -chmod +x /var/lib/cloud/icontrollx_installs/f5-declarative-onboarding-1.20.0-2.noarch.rpm - -echo "$(date "+%Y-%m-%dT%H:%M:%S") - Downloading FAST for local installation" -curl -sk -L -o /var/lib/cloud/icontrollx_installs/f5-appsvcs-templates-1.8.1-1.noarch.rpm https://github.com/F5Networks/f5-appsvcs-templates/releases/download/v1.8.1/f5-appsvcs-templates-1.8.1-1.noarch.rpm -chmod +x /var/lib/cloud/icontrollx_installs/f5-appsvcs-templates-1.8.1-1.noarch.rpm - -echo "$(date "+%Y-%m-%dT%H:%M:%S") - Downloading TS for local installation" -curl -sk -L -o /var/lib/cloud/icontrollx_installs/f5-telemetry-1.19.0-3.noarch.rpm https://github.com/F5Networks/f5-telemetry-streaming/releases/download/v1.19.0/f5-telemetry-1.19.0-3.noarch.rpm -chmod +x /var/lib/cloud/icontrollx_installs/f5-telemetry-1.19.0-3.noarch.rpm - -echo "$(date "+%Y-%m-%dT%H:%M:%S") - Starting while loop..." - -while true; -do - ((COUNT=COUNT+1)) - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Test attempt : $COUNT" - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - PHASE #2: Unistalling all available packages..." - installed_packages=$(curl -sk -u admin: http://localhost:8100/mgmt/shared/iapp/global-installed-packages | jq .items[].packageName) - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Packages for un-installation: ${installed_packages}" - for packageName in $installed_packages - do - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Uninstalling package ${packageName}" - echo $(curl -H "Content-Type: application/json" -sk -u admin: -X POST -d "{'operation': 'UNINSTALL','packageName': ${packageName}}" http://localhost:8100/mgmt/shared/iapp/package-management-tasks | jq .) - done - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Finished un-install. Sleeping for 60 seconds." - sleep 60 - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - PHASE #3: Installing LX extensions..." - - curl -sk -u admin: -d '{"operation": "INSTALL","packageFilePath": "/var/lib/cloud/icontrollx_installs/f5-declarative-onboarding-1.20.0-2.noarch.rpm"}' http://localhost:8100/mgmt/shared/iapp/package-management-tasks - sleep 15 - curl -sk -u admin: -d '{"operation": "INSTALL","packageFilePath": "/var/lib/cloud/icontrollx_installs/f5-appsvcs-3.27.0-3.noarch.rpm"}' http://localhost:8100/mgmt/shared/iapp/package-management-tasks - sleep 15 - curl -sk -u admin: -d '{"operation": "INSTALL","packageFilePath": "/var/lib/cloud/icontrollx_installs/f5-telemetry-1.19.0-3.noarch.rpm"}' http://localhost:8100/mgmt/shared/iapp/package-management-tasks - sleep 15 - curl -sk -u admin: -d '{"operation": "INSTALL","packageFilePath": "/var/lib/cloud/icontrollx_installs/f5-appsvcs-templates-1.8.1-1.noarch.rpm"}' http://localhost:8100/mgmt/shared/iapp/package-management-tasks - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Finished LX Extension installation" - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Sleeping for 30 seconds" - sleep 30 - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - PHASE #4: Validating restnoded logs before BIGIP restart" - - response=$(egrep '(Startup Failed|Failed to complete|failed to register)' /var/log/restnoded/restnoded.log) - echo "$(date "+%Y-%m-%dT%H:%M:%S") - RESPONSE FROM RESTNODED LOG GREP: $response" - if [[ ! -z $response ]]; then - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Got repro before restart... Checking extensions availability" - response=$(curl -s -u admin: http://localhost:8100/mgmt/shared/declarative-onboarding/info | jq .) - echo "DO ext RESPONSE: $response" - response="FOO" - response=$(curl -s -u admin: http://localhost:8100/mgmt/shared/appsvcs/info | jq .) - echo "AS3 ext RESPONSE: $response" - response="FOO" - response=$(curl -s -u admin: http://localhost:8100/mgmt/shared/telemetry/info | jq .) - echo "TS ext RESPONSE: $response" - response="FOO" - response=$(curl -s -u admin: http://localhost:8100/mgmt/shared/fast/info | jq .) - echo "FAST ext RESPONSE: $response" - break; - fi - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Sleeping for 60 seconds" - sleep 60 - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - PHASE #5: Restarting BIGIP" - bigstart restart - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Sleeping for 60 seconds..." - sleep 60 - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - PHASE #6: Validating restnoded logs after BIGIP restart" - - response=$(egrep '(Startup Failed|Failed to complete|failed to register)' /var/log/restnoded/restnoded.log) - echo "$(date "+%Y-%m-%dT%H:%M:%S") - RESPONSE FROM RESTNODED LOG GREP: $response" - - if [[ ! -z $response ]]; then - echo "$(date "+%Y-%m-%dT%H:%M:%S") - Got repro after restart... Checking extensions availability" - response=$(curl -s -u admin: http://localhost:8100/mgmt/shared/declarative-onboarding/info | jq .) - echo "DO ext RESPONSE: $response" - response="FOO" - response=$(curl -s -u admin: http://localhost:8100/mgmt/shared/appsvcs/info | jq .) - echo "AS3 ext RESPONSE: $response" - response="FOO" - response=$(curl -s -u admin: http://localhost:8100/mgmt/shared/telemetry/info | jq .) - echo "TS ext RESPONSE: $response" - response="FOO" - response=$(curl -s -u admin: http://localhost:8100/mgmt/shared/fast/info | jq .) - echo "FAST ext RESPONSE: $response" - break; - fi - - echo "$(date "+%Y-%m-%dT%H:%M:%S") - No repro this time. Continue...." -done; diff --git a/tests/scripts/verify_bash_available.sh b/tests/scripts/verify_bash_available.sh deleted file mode 100755 index 19668fc2..00000000 --- a/tests/scripts/verify_bash_available.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/env bash - -checks=0 -exitCode=1 -while [ $checks -lt 120 ]; -do - response=$(sshpass -p ${PASSWORD} ssh -o StrictHostKeyChecking=no -o ConnectionAttempts=120 ${USERNAME}@${MGMT_IP} "bash --version") - if [[ ! -z $response ]]; then - echo 'BIGIP is ready to accept bash commands. Continue installation...' - exitCode=0 - break - else - echo 'BIGIP is not ready to accept bash commands' - exitCode=1 - ((checks=checks+1)) - fi - done - -echo "verify_bash_availability: exitCode: $exitCode" -exit $exitCode diff --git a/tests/unit/bigip/managementClientTests.ts b/tests/unit/bigip/managementClientTests.ts deleted file mode 100644 index be8b4b46..00000000 --- a/tests/unit/bigip/managementClientTests.ts +++ /dev/null @@ -1,107 +0,0 @@ -/** - * Copyright 2020 F5 Networks, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -'use strict'; - -import sinon from 'sinon'; -import assert from 'assert'; -import nock from 'nock'; - -import { ManagementClient } from '../../../src/lib/bigip/managementClient'; - -const standardOptions = { - port: 8100, - user: 'admin', - password: 'admin', - verifyTls: false, - maxRetries: 2, - retryInterval: 2500 -}; -sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'info' }); - -describe('BIG-IP Management Client', () => { - afterEach(() => { - sinon.restore(); - }); - - it('should validate constructor with defaults', () => { - const mgmtClient = new ManagementClient(); - - assert.strictEqual(mgmtClient.port, 8100); - assert.strictEqual(mgmtClient.user, 'admin'); - assert.strictEqual(mgmtClient.password, 'admin'); - assert.strictEqual(mgmtClient.verifyTls, false); - }); - - it('should validate constructor', () => { - const mgmtClient = new ManagementClient(standardOptions); - - assert.strictEqual(mgmtClient.port, standardOptions.port); - assert.strictEqual(mgmtClient.user, standardOptions.user); - assert.strictEqual(mgmtClient.password, standardOptions.password); - assert.strictEqual(mgmtClient.verifyTls, standardOptions.verifyTls); - }); - - - it('should perform ready check', async () => { - const mgmtClient = new ManagementClient(standardOptions); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/ready') - .reply(200, { - entries: { - 'https://localhost/mgmt/tm/sys/ready/0': { - nestedStats: { - entries: { - system: { - description: 'yes' - } - } - } - } - } - }); - - const response = await mgmtClient.isReady(); - assert.strictEqual(response, true); - }); - - it('should validate ready check for failed case', async () => { - const mgmtClient = new ManagementClient(standardOptions); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/ready') - .times(102) - .reply(200, { - entries: { - 'https://localhost/mgmt/tm/sys/ready/0': { - nestedStats: { - entries: { - system: { - description: 'not' - } - } - } - } - } - }); - try { - await mgmtClient.isReady(); - } catch (err) { - assert.ok(err.message.includes('Ready check failed')); - } - }).timeout(30000000); -}); diff --git a/tests/unit/bigip/toolchain/toolChainClientTests.ts b/tests/unit/bigip/toolchain/toolChainClientTests.ts deleted file mode 100644 index c850ab27..00000000 --- a/tests/unit/bigip/toolchain/toolChainClientTests.ts +++ /dev/null @@ -1,724 +0,0 @@ -/** - * Copyright 2020 F5 Networks, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -'use strict'; - -import sinon from 'sinon'; -import assert from 'assert'; -import mock from 'mock-fs'; -import nock from 'nock'; - -import * as constants from '../../../../src/constants'; -import { ManagementClient } from '../../../../src/lib/bigip/managementClient'; -import { ToolChainClient } from '../../../../src/lib/bigip/toolchain/toolChainClient'; -import * as installedPackages from '../../payloads/bigip_mgmt_shared_installed_packages.json'; -sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'info' }); -const standardMgmtOptions = { - port: 8100, - user: 'admin', - password: 'admin', - verifyTls: false -}; - -const standardToolchainOptions = { - extensionVersion: '3.17.0', - extensionHash: '41151962912408d9fc6fc6bde04c006b6e4e155fc8cc139d1797411983b7afa6', - maxRetries: 3, - retryInterval: 2500, - verifyTls: true, - trustedCertBundles: ['/config/fake-ssl/ca-bundle.crt'] -}; - -const ilxToolchainOptions = { - extensionVersion: '0.1.0', - extensionUrl: 'file:///var/lib/cloud/icontrollx_installs/hello-world-0.1.0-0001.noarch.rpm', - extensionVerificationEndpoint: '/mgmt/shared/echo', - maxRetries: 3, - retryInterval: 2500 -}; - -describe('BIG-IP Metadata Client', () => { - it('should validate constructor', () => { - const component = 'as3'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, standardToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.component, component); - assert.strictEqual(toolChainClient._metadataClient.version, standardToolchainOptions.extensionVersion); - assert.strictEqual(toolChainClient._metadataClient.hash, standardToolchainOptions.extensionHash); - }); - - it('should return the component name', () => { - const component = 'do'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, standardToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getComponentName(), component); - }); - - it('should return the component version', () => { - const component = 'as3'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, standardToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getComponentVersion(), standardToolchainOptions.extensionVersion); - }); - - it('should return the component hash', () => { - const component = 'as3'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, standardToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getComponentHash(), standardToolchainOptions.extensionHash); - }); - - it('should return the download URL for an AT package', () => { - const component = 'as3'; - const url = 'https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.17.0/f5-appsvcs-3.17.0-3.noarch.rpm'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, standardToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getDownloadUrl(), url); - }); - - it('should return the download URL for an iLX package', () => { - const component = 'ilx'; - const url = 'file:///var/lib/cloud/icontrollx_installs/hello-world-0.1.0-0001.noarch.rpm'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, ilxToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getDownloadUrl(), url); - }); - - it('should return the download package name', () => { - const component = 'as3'; - const packageName = 'f5-appsvcs-3.17.0-3.noarch.rpm'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, standardToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getDownloadPackageName(), packageName); - }); - - it('should return the configuration endpoint', () => { - const component = 'as3'; - const configEndpoint = '/mgmt/shared/appsvcs/declare'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, standardToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getConfigurationEndpoint().endpoint, configEndpoint); - }); - - it('should return the info endpoint for an AT package', () => { - const component = 'as3'; - const infoEndpoint = '/mgmt/shared/appsvcs/info'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, standardToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getInfoEndpoint().endpoint, infoEndpoint); - }); - - it('should return the info endpoint for an iLX package', () => { - const component = 'ilx'; - const infoEndpoint = '/mgmt/shared/echo'; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, component, ilxToolchainOptions); - - assert.strictEqual(toolChainClient._metadataClient.getInfoEndpoint().endpoint, infoEndpoint); - }); -}); - -describe('BIG-IP Package Client', () => { - afterEach(() => { - mock.restore(); - if(!nock.isDone()) { - throw new Error(`Not all nock interceptors were used: ${nock.pendingMocks()}`) - } - nock.cleanAll(); - sinon.restore(); - }); - - beforeEach(() => { - nock.cleanAll(); - }); - - it('should validate constructor', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - - assert.strictEqual(packageClient.component, 'as3'); - assert.strictEqual(packageClient.version, standardToolchainOptions.extensionVersion); - }); - - it('should validate isInstalled method when package is not installed', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/global-installed-packages') - .reply(200, installedPackages); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.17.0-3.noarch.rpm': '1' - }, - '/config/fake-ssl' : { - 'ca-bundle.crt': '1' - } - }); - return packageClient.isInstalled() - .then((response) => { - assert.ok(!response.isInstalled); - assert.ok(!response.reinstallRequired); - nock.cleanAll(); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate isInstalled method when package installed but not required update', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainOptions = { - extensionType: 'as3', - extensionVersion: '3.20.0', - extensionUrl: 'https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.20.0/f5-appsvcs-3.20.0-3.noarch.rpm', - extensionHash: 'ba2db6e1c57d2ce6f0ca20876c820555ffc38dd0a714952b4266c4daf959d987', - maxRetries: 3, - retryInterval: 2500, - verifyTls: true, - trustedCertBundles: ['/config/fake-ssl/ca-bundle.crt'] - }; - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', toolChainOptions); - const packageClient = toolChainClient.package; - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/global-installed-packages') - .reply(200, installedPackages); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.20.0-3.noarch': '1' - }, - '/config/fake-ssl' : { - 'ca-bundle.crt': '1' - } - }); - return packageClient.isInstalled() - .then((response) => { - assert.ok(response.isInstalled); - assert.ok(!response.reinstallRequired); - nock.cleanAll(); - }) - .catch(err => Promise.reject(err)); - }); - - - it('should validate isInstalled method when package installed and required update', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainOptions = { - extensionType: 'as3', - extensionVersion: '3.17.0', - extensionUrl: 'https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.20.0/f5-appsvcs-3.20.0-3.noarch.rpm', - extensionHash: 'ba2db6e1c57d2ce6f0ca20876c820555ffc38dd0a714952b4266c4daf959d987', - maxRetries: 3, - retryInterval: 2500, - verifyTls: true, - trustedCertBundles: ['/config/fake-ssl/ca-bundle.crt'] - }; - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', toolChainOptions); - const packageClient = toolChainClient.package; - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/global-installed-packages') - .reply(200, installedPackages); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.20.0-3.noarch': '1' - }, - '/config/fake-ssl' : { - 'ca-bundle.crt': '1' - } - }); - return packageClient.isInstalled() - .then((response) => { - assert.ok(response.isInstalled); - assert.ok(response.reinstallRequired); - nock.cleanAll(); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate install failure with downloadToFile', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - constants.RETRY.SHORT_COUNT = 5; - nock('https://github.com') - .get('/F5Networks/f5-appsvcs-extension/releases/download/v3.17.0/f5-appsvcs-3.17.0-3.noarch.rpm') - .times(constants.RETRY.SHORT_COUNT) - .replyWithError('ECONNRESET'); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.17.0-3.noarch.rpm': '1' - }, - '/config/fake-ssl' : { - 'ca-bundle.crt': '1' - } - }); - return packageClient.install() - .then(() => { - assert.fail(); - nock.cleanAll(); - }) - .catch((err) => { - assert.ok(err.message.indexOf('ECONNRESET') !== -1 ); - constants.RETRY.SHORT_COUNT = 50; - nock.cleanAll(); - }); - }).timeout(300000); - - it('should validate uninstall method', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - mock({ - '/config/fake-ssl' : { - 'ca-bundle.crt': '1' - } - }); - nock('http://localhost:8100') - .post('/mgmt/shared/iapp/package-management-tasks') - .reply(201); - return packageClient.uninstall() - .then(() => { - assert.ok(true); - }) - .catch(err => Promise.reject(err)); - - }); - - it('should validate install failure with via URL', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const tempStandardToolchainOptions = standardToolchainOptions; - tempStandardToolchainOptions.trustedCertBundles = undefined; - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - nock('http://localhost:8100') - .post('/mgmt/shared/iapp/package-management-tasks') - .reply(200, { - id: "1" - }); - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/package-management-tasks/1') - .reply(200, { - id: '1', - status: 'FINISHED' - }); - nock('http://localhost:8100') - .get('/mgmt/shared/file-transfer/uploads/') - .reply(200); - nock('http://localhost:8100') - .post('/mgmt/shared/file-transfer/uploads/f5-appsvcs-3.17.0-3.noarch.rpm') - .times(30) - .reply(200, { - id: '1' - }); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.17.0-3.noarch.rpm': '1' - } - }); - return packageClient.install() - .then((response) => { - assert.strictEqual(response.component, 'as3'); - assert.strictEqual(response.version, '3.17.0'); - assert.ok(response.installed); - nock.cleanAll(); - }) - .catch(err => Promise.reject(err)); - }).timeout(300000); - - it('should validate install done via URL', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - nock('http://localhost:8100') - .post('/mgmt/shared/iapp/package-management-tasks') - .reply(200, { - id: "1" - }); - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/package-management-tasks/1') - .reply(200, { - id: '1', - status: 'FINISHED' - }); - nock('http://localhost:8100') - .get('/mgmt/shared/file-transfer/uploads/') - .reply(200); - nock('http://localhost:8100') - .post('/mgmt/shared/file-transfer/uploads/f5-appsvcs-3.17.0-3.noarch.rpm') - .times(30) - .reply(200, { - id: '1' - }); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.17.0-3.noarch.rpm': '1' - }, - '/config/fake-ssl' : { - 'ca-bundle.crt': '1' - } - }); - return packageClient.install() - .then((response) => { - assert.strictEqual(response.component, 'as3'); - assert.strictEqual(response.version, '3.17.0'); - assert.ok(response.installed); - nock.cleanAll(); - }) - .catch(err => Promise.reject(err)); - }).timeout(300000); - - - it('should validate install done via FILE', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', ilxToolchainOptions); - const packageClient = toolChainClient.package; - nock('http://localhost:8100') - .post('/mgmt/shared/iapp/package-management-tasks') - .reply(200, { - id: "1" - }); - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/package-management-tasks/1') - .reply(200, { - id: '1', - status: 'FINISHED' - }); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'hello-world-0.1.0-0001.noarch.rpm': '12345' - }, - '/config/fake-ssl' : { - 'ca-bundle.crt': '1' - } - }); - return packageClient.install() - .then((response) => { - assert.strictEqual(response.component, 'as3'); - assert.strictEqual(response.version,'0.1.0'); - assert.ok(response.installed); - }) - .catch(err => Promise.reject(err)); - }).timeout(300000); - - it('should validate installation failure due to FAILED status', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - constants.RETRY.SHORT_COUNT = 5; - nock('http://localhost:8100') - .post('/mgmt/shared/iapp/package-management-tasks') - .times(constants.RETRY.SHORT_COUNT) - .reply(200, { - id: "1" - }); - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/package-management-tasks/1') - .times(constants.RETRY.SHORT_COUNT) - .reply(200, { - id: '1', - status: 'FAILED' - }); - nock('http://localhost:8100') - .get('/mgmt/shared/file-transfer/uploads/') - .times(constants.RETRY.SHORT_COUNT) - .reply(200); - nock('http://localhost:8100') - .post('/mgmt/shared/file-transfer/uploads/f5-appsvcs-3.17.0-3.noarch.rpm') - .times(constants.RETRY.SHORT_COUNT) - .times(30) - .reply(200, { - id: '1' - }); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.17.0-3.noarch.rpm': '12345' - }, - '/config/fake-ssl' : { - 'ca-bundle.crt': '1' - } - }); - return packageClient.install() - .catch((err) => { - assert.ok(err.message.includes('RPM installation failed')); - constants.RETRY.SHORT_COUNT = 50; - nock.cleanAll(); - }); - }).timeout(300000); - - it('should validate install failure when package hash is not matching', () => { - const standardToolchainOptions = { - extensionVersion: '3.17.0', - extensionHash: 'wrongHashValueHere', - maxRetries: 3, - retryInterval: 2500, - verifyTls: true - }; - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - nock('http://localhost:8100') - .post('/mgmt/shared/iapp/package-management-tasks') - .reply(200, { - id: "1" - }); - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/package-management-tasks/1') - .reply(200, { - id: '1', - status: 'FINISHED' - }); - nock('http://localhost:8100') - .get('/mgmt/shared/file-transfer/uploads/') - .reply(200); - nock('http://localhost:8100') - .post('/mgmt/shared/file-transfer/uploads/f5-appsvcs-3.17.0-3.noarch.rpm') - .times(30) - .reply(200, { - id: '1' - }); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.17.0-3.noarch.rpm': '1' - } - }); - return packageClient.install() - .then(() => { - assert.fail(); - }) - .catch((err) => { - assert.ok(err.message.indexOf('failed because RPM hash is not valid') !== -1); - nock.cleanAll(); - }); - }).timeout(300000); - - it('should validate installation failure due to max retries', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const packageClient = toolChainClient.package; - nock('http://localhost:8100') - .post('/mgmt/shared/iapp/package-management-tasks') - .reply(200, { - id: "1" - }); - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/package-management-tasks/1') - .times(4) - .reply(200, { - id: '1', - status: 'FOO' - }); - nock('http://localhost:8100') - .get('/mgmt/shared/file-transfer/uploads/') - .reply(200); - nock('http://localhost:8100') - .post('/mgmt/shared/file-transfer/uploads/f5-appsvcs-3.17.0-3.noarch.rpm') - .times(40) - .reply(200, { - id: '1' - }); - mock({ - '/var/lib/cloud/icontrollx_installs': { - 'f5-appsvcs-3.17.0-3.noarch.rpm': '12345' - } - }); - return packageClient.install() - .catch((err) => { - console.log(err.message); - assert.ok(err.message.includes('Max count exceeded')); - nock.cleanAll(); - }); - }).timeout(300000); -}); - -describe('BIG-IP Service Client', () => { - afterEach(function() { - if(!nock.isDone()) { - throw new Error(`Not all nock interceptors were used: ${nock.pendingMocks()}`) - } - nock.cleanAll(); - sinon.restore(); - }); - - it('should validate constructor', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const serviceClient = toolChainClient.service; - - assert.strictEqual(serviceClient.component, 'as3'); - assert.strictEqual(serviceClient.version, standardToolchainOptions.extensionVersion); - }); - - it('should validate isAvailable method', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const serviceClient = toolChainClient.service; - nock('http://localhost:8100') - .get('/mgmt/shared/appsvcs/info') - .reply(200); - return serviceClient.isAvailable() - .catch(err => Promise.reject(err)); - }); - - it('should validate failure for isAvailable method', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const serviceClient = toolChainClient.service; - nock('http://localhost:8100') - .get('/mgmt/shared/appsvcs/info') - .times(3) - .reply(400); - return serviceClient.isAvailable() - .catch((err) => { - assert.ok(err.message.includes('Is available check failed')); - }) - }).timeout(3000000); - - - it('should validate create method', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const serviceClient = toolChainClient.service; - nock('http://localhost:8100') - .post('/mgmt/shared/appsvcs/declare') - .reply(202, { - selfLink: 'https://localhost/tasks/myTask/1', - }); - nock('http://localhost:8100') - .get('/tasks/myTask/1') - .reply(200); - return serviceClient.create() - .then((resp) => { - assert.strictEqual(resp.code, 202); - }) - .catch(err => Promise.reject(err)); - }); - - - it('should validate create method when task is unprocessable', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const serviceClient = toolChainClient.service; - nock('http://localhost:8100') - .post('/mgmt/shared/appsvcs/declare') - .reply(202, { - selfLink: 'https://localhost/tasks/myTask/1', - }); - nock('http://localhost:8100') - .get('/tasks/myTask/1') - .reply(422); - return serviceClient.create() - .then(() => { - assert.fail() - }) - .catch((err) => { - assert.ok(err.message.indexOf('Task with error') !== -1); - }); - }); - - it('should validate create method when internal error for task', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const serviceClient = toolChainClient.service; - nock('http://localhost:8100') - .post('/mgmt/shared/appsvcs/declare') - .reply(202, { - selfLink: 'https://localhost/tasks/myTask/1', - }); - nock('http://localhost:8100') - .get('/tasks/myTask/1') - .reply(503); - return serviceClient.create() - .then(() => { - assert.fail() - }) - .catch((err) => { - assert.ok(err.message.indexOf('Task with error') !== -1); - }); - }); - - it('should validate create method with retries', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const serviceClient = toolChainClient.service; - nock('http://localhost:8100') - .post('/mgmt/shared/appsvcs/declare') - .reply(202, { - selfLink: 'https://localhost/tasks/myTask/1', - }); - nock('http://localhost:8100') - .get('/tasks/myTask/1') - .reply(202) - .get('/tasks/myTask/1') - .reply(200); - return serviceClient.create() - .then((resp) => { - assert.strictEqual(resp.code, 202); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate create method promise rejection on 400s', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - const serviceClient = toolChainClient.service; - nock('http://localhost:8100') - .post('/mgmt/shared/appsvcs/declare') - .reply(400, 'This is test error message'); - return serviceClient.create() - .then(() => { - assert.fail(); - }) - .catch((err) => { - assert.ok(err.message.indexOf('This is test error message') !== -1); - }); - }); -}); - -describe('BIG-IP Toolchain Client', () => { - afterEach(() => { - sinon.restore(); - }); - - it('should validate constructor for AT package', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'as3', standardToolchainOptions); - - assert.strictEqual(toolChainClient._mgmtClient, mgmtClient); - assert.strictEqual(toolChainClient.component, 'as3'); - assert.strictEqual(toolChainClient.version, standardToolchainOptions.extensionVersion); - assert.strictEqual(toolChainClient.hash, standardToolchainOptions.extensionHash); - assert.ok(toolChainClient._metadataClient !== null); - }); - - it('should validate constructor for iLX package', () => { - const mgmtClient = new ManagementClient(standardMgmtOptions); - const toolChainClient = new ToolChainClient(mgmtClient, 'ilx', ilxToolchainOptions); - - assert.strictEqual(toolChainClient._mgmtClient, mgmtClient); - assert.strictEqual(toolChainClient.component, 'ilx'); - assert.strictEqual(toolChainClient.url, ilxToolchainOptions.extensionUrl); - assert.strictEqual(toolChainClient.infoEndpoint, ilxToolchainOptions.extensionVerificationEndpoint); - assert.ok(toolChainClient._metadataClient !== null); - }); -}); diff --git a/tests/unit/cloud/abstractCloudClient.ts b/tests/unit/cloud/abstractCloudClient.ts deleted file mode 100644 index 5d813894..00000000 --- a/tests/unit/cloud/abstractCloudClient.ts +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -import assert from 'assert'; -import sinon from 'sinon'; -import { AbstractCloudClient } from '../../../src/lib/cloud/abstract/cloudClient'; - -/* eslint-disable global-require */ - -describe('Cloud Client - Abstract', () => { - after(() => { - Object.keys(require.cache).forEach((key) => { - delete require.cache[key]; - }); - }); - - it('should instantiate cloudClient', () => { - const logger = sinon.stub(); - const cloudClient = new AbstractCloudClient('aws', logger); - - // check abstract methods that should throw - const methods = [ - 'getSecret', - 'getMetadata', - 'getTagValue', - 'init', - 'getCustomerId', - 'getCloudName', - 'getRegion' - ]; - methods.forEach((func) => { - assert.throws( - () => { - cloudClient[func](); - }, - (err) => { - if (err.message.includes('must be implemented in child class')) { - return true; - } - return false; - }, - 'unexpected error' - ); - }); - }); - - it('should instantiate cloudClient without provided logger', () => { - const cloudClient = new AbstractCloudClient('aws', null); - // check abstract methods that should throw - const methods = [ - 'getSecret' - ]; - methods.forEach((func) => { - assert.throws( - () => { - cloudClient[func](); - }, - (err) => { - if (err.message.includes('must be implemented in child class')) { - return true; - } - return false; - }, - 'unexpected error' - ); - }); - }); -}); diff --git a/tests/unit/cloud/awsCloudClient.ts b/tests/unit/cloud/awsCloudClient.ts deleted file mode 100644 index c8d67335..00000000 --- a/tests/unit/cloud/awsCloudClient.ts +++ /dev/null @@ -1,655 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -/* eslint-disable global-require */ - -import assert from 'assert'; -import sinon from 'sinon'; -import nock from 'nock'; -import { AwsCloudClient } from '../../../src/lib/cloud/aws/cloudClient'; -import * as bigipMgmtNetInterfacesResponse from '../payloads/bigip_mgmt_net_interface.json'; -const cloud = 'aws'; - -describe('CloudClient - AWS', () => { - let cloudClient; - let metadataPathRequest; - after(() => { - Object.keys(require.cache) - .forEach((key) => { - delete require.cache[key]; - }); - }); - - beforeEach(() => { - cloudClient = new AwsCloudClient(); - cloudClient.accountId = '1234543'; - cloudClient.customerId = '1234543'; - cloudClient.region = 'us-west'; - cloudClient.secretsManager = sinon.stub(); - cloudClient._sessionToken = 'TEST_SESSION_TOKEN'; - cloudClient.secretsManager.getSecretValue = sinon.stub().callsFake(() => ({ - promise(): Promise{ - return Promise.resolve({ SecretString: 'StrongPassword2010!' }); - } - })); - cloudClient.logger = sinon.stub(); - cloudClient.logger.info = sinon.stub(); - cloudClient.secretsManager.getSecretValue = sinon.stub().callsFake(() => ({ - promise(): Promise{ - return Promise.resolve({ SecretString: 'StrongPassword2010!' }); - } - })); - }); - - afterEach(() => { - sinon.restore(); - }); - - it('should validate constructor', () => { - assert.strictEqual(cloudClient.environment, cloud); - }); - - it('should validate init', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, JSON.stringify({ - region: 'some-aws-region', - instanceId: 'some-instance-id', - secretsManager: sinon.stub() - })); - }); - cloudClient._getInstanceIdentityDoc = sinon.stub().resolves({ - region: 'some-aws-region', - instanceId: 'some-instance-id' - }); - cloudClient._fetchMetadataSessionToken = sinon.stub().resolves('TEST_SESSION_TOKEN'); - return cloudClient.init() - .then(() => { - assert.strictEqual(cloudClient.region, 'some-aws-region'); - }); - }); - - it('should validate init metadata request promise rejection', () => { - cloudClient._fetchMetadataSessionToken = sinon.stub().resolves('TEST_SESSION_TOKEN'); - cloudClient._getInstanceIdentityDoc = sinon.stub().rejects(new Error('Test Rejection')); - return cloudClient.init() - .then(() => { - assert.ok(false); - }).catch((err) => { - assert.ok(err.message.includes('Test Rejection')); - }); - }); - - it('should call _getInstanceIdentityDoc to get instance data', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, JSON.stringify({ - region: 'some-aws-region', - instanceId: 'some-instance-id', - secretsManager: sinon.stub() - })); - }); - cloudClient._getInstanceIdentityDoc() - .then(() => { - assert.strictEqual(metadataPathRequest, '/latest/dynamic/instance-identity/document'); - }) - .catch((err) => { - assert.fail(); - }); - }); - - it('_metadata should reject upon error with _getInstanceIdentityDoc', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, JSON.stringify({ - region: 'some-aws-region', - instanceId: 'some-instance-id', - secretsManager: sinon.stub() - })); - }); - const expectedError = 'cannot contact AWS metadata service'; - return cloudClient.init() - .then(() => { - // eslint-disable-next-line arrow-body-style - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - callback(new Error(expectedError)); - }); - return cloudClient._getInstanceIdentityDoc(); - }) - .then(() => { - assert.ok(false, 'should have rejected'); - }) - .catch((err) => { - assert.strictEqual(err.message, expectedError); - }); - }); - - it('should validate getCustomerId', () => { - assert.strictEqual(cloudClient.getCustomerId(), '1234543'); - }); - - it('should validate getRegion', () => { - assert.strictEqual(cloudClient.getRegion(), 'us-west'); - }); - - it('should validate getCloudName', () => { - assert.strictEqual(cloudClient.getCloudName(), cloud); - }); - - it('should validate getSecret when secret exists', () => cloudClient.getSecret( - 'the-secret-name', { - version: 'some-version' - } - ) - .then((secret) => { - assert.strictEqual(secret, 'StrongPassword2010!'); - })); - - it('should validate getSecret when secret exists and version default used', () => cloudClient.getSecret( - 'the-secret-name' - ) - .then((secret) => { - assert.strictEqual(secret, 'StrongPassword2010!'); - })); - - it('should validate getSecret when secret does not exists', () => { - cloudClient.secretsManager.getSecretValue = sinon.stub().callsFake(() => ({ - promise(): Promise { - return Promise.resolve(); - } - })); - cloudClient.getSecret( - 'incorrect-secret-name', - { - version: 'some-version' - } - ) - .then((secret) => { - assert.strictEqual(secret, ''); - }); - }); - - it('should validate getSecret promise rejection', () => { - cloudClient.secretsManager.getSecretValue = sinon.stub().callsFake(() => ({ - promise(): Promise { - return Promise.reject(new Error('Test rejection')); - } - })); - return cloudClient.getSecret( - 'incorrect-secret-name', - { - version: 'some-version' - } - ) - .then(() => { - assert.ok(false); - }) - .catch((err) => { - assert.ok(err.message.includes('Test rejection')); - }); - }); - - it('should validate getSecret throws error when secret metadata is not provided', () => { - cloudClient.getSecret().catch((err) => { - if (err.message.includes('secert id is missing')) { - assert.ok(true); - } - }); - }); - - it('should fail getMetadata when field is missing', () => { - cloudClient.getMetadata('', { type: 'compute' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata field is missing')); - }); - }); - - it('should fail getMetadata when type is missing', () => { - cloudClient.getMetadata('hostname') - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata type is missing')); - }); - }); - - it('should fail getMetadata when index is missing', () => { - cloudClient.getMetadata('local-ipv4s', { type: 'network' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata index is missing')); - }); - }); - - it('should fail getMetadata when wrong type is provided', () => { - cloudClient.getMetadata('hostname', { type: 'bar' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata type is unknown')); - }); - }); - - it('should validate getMetadata when compute type is provided', () => { - cloudClient._sessionToken = 'TEST_SESSION_TOKEN'; - nock('https://169.254.169.254') - .get('/latest/meta-data/hostname') - .reply(200, 'ru65wrde_vm0' ); - cloudClient.getMetadata('hostname', { type: 'compute' }) - .then((result) => { - assert.strictEqual(result, 'ru65wrde-vm0'); - }) - .catch((error) => { - assert.fail(error); - }); - }); - - it('should call _fetchMetadataSessionToken to get session token', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, 'TEST_SESSION_TOKEN'); - }); - cloudClient._fetchMetadataSessionToken() - .then(() => { - assert.strictEqual(metadataPathRequest, '/latest/api/token'); - assert.strictEqual(cloudClient._sessionToken, 'TEST_SESSION_TOKEN'); - }) - .catch(() => { - assert.fail(); - }); - }); - - it('should call _fetchMetadataSessionToken to validate error case', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(true, 'TEST_SESSION_TOKEN'); - }); - cloudClient._fetchMetadataSessionToken() - .then(() => { - assert.fail(); - }) - .catch(() => { - assert.ok(true); - }); - }); - - it('should call _fetchUri to validate function without query', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, 'pass'); - }); - cloudClient._fetchUri('/latest/meta-data/hostname') - .then((result) => { - assert.strictEqual(result,'pass'); - }) - .catch(() => { - assert.fail(); - }); - }); - - it('should call _fetchUri to validate function with query', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, "{\"test\" : \"pass\"}"); - }); - cloudClient._fetchUri('/latest/meta-data/hostname', 'test') - .then((result) => { - assert.strictEqual(result,'pass'); - }) - .catch((err) => { - assert.fail(err); - }); - }); - - it('should call _getInstanceCompute to get instance data', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, 'ru65wrde-vm0'); - }); - cloudClient._getInstanceCompute('hostname') - .then(() => { - assert.strictEqual(metadataPathRequest, '/latest/meta-data/hostname'); - }) - .catch(() => { - assert.fail(); - }); - }); - - it('should validate _getInstanceCompute reject', () => { - cloudClient._getInstanceCompute = sinon.stub().rejects(new Error('Test Rejection')); - cloudClient._getInstanceCompute('hostname') - .then((result) => { - assert.fail(result); - }) - .catch((err) => { - assert.ok(err.message.includes('Test Rejection')); - }); - }); - it('_metadata should reject upon error when using _getInstanceCompute', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, JSON.stringify({ - region: 'some-aws-region', - instanceId: 'some-instance-id', - secretsManager: sinon.stub() - })); - }); - const expectedError = 'cannot contact AWS metadata service'; - return cloudClient.getMetadata('hostname', { type: 'compute'}) - .then(() => { - // eslint-disable-next-line arrow-body-style - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - callback(new Error(expectedError)); - }); - return cloudClient._getInstanceCompute('hostname'); - }) - .then(() => { - assert.ok(false, 'should have rejected'); - }) - .catch((err) => { - assert.strictEqual(err.message, expectedError); - }); - }); - - it('should validate getMetadata when network type is provided with local-ipv4s using index other than 0', () => { - nock('https://169.254.169.254') - .get('/latest/meta-data/network/interfaces/macs/fa:16:3e:c5:be:3d/local-ipv4s') - .reply(200, '10.0.1.4'); - nock('https://169.254.169.254') - .get('/latest/meta-data/network/interfaces/macs/fa:16:3e:c5:be:3d/subnet-ipv4-cidr-block') - .reply(200, '10.0.1.0/24'); - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - cloudClient.getMetadata('local-ipv4s', { type: 'network', index: 1 }) - .then((result) => { - assert.strictEqual(result, '10.0.1.4/24'); - }) - .catch((error) => { - assert.fail(error); - }); - }); - - it('should validate getMetadata when network type is provided with subnet-ipv4-cidr-block using index 0', () => { - cloudClient._getInstanceNetwork = sinon.stub().resolves('10.0.33.8/29'); - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - cloudClient.getMetadata('subnet-ipv4-cidr-block', { type: 'network', index: 0 }) - .then((result) => { - assert.strictEqual(result, '10.0.33.9'); - }) - .catch((error) => { - assert.fail(error); - }); - }); - - it('should validate getMetadata when network type is provided with subnet-ipv4-cidr-block using index 0', () => { - nock('https://169.254.169.254') - .get('/latest/meta-data/network/interfaces/macs/fa:16:3e:d0:b0:df/subnet-ipv4-cidr-block') - .reply(200, '10.0.1.0/24'); - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - cloudClient.getMetadata('subnet-ipv4-cidr-block', { type: 'network', index: 0 }) - .then((result) => { - assert.strictEqual(result, '10.0.1.1'); - }) - .catch((error) => { - assert.fail(error); - }); - }); - - it('should validate getMetadata when type is uri and with query', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, "{\"test\" : \"pass\"}"); - }); - cloudClient.getMetadata('/latest/meta-data/hostname', { type: 'uri', query: 'test'}) - .then((result) => { - assert.strictEqual(result, 'pass'); - }) - .catch((error) => { - assert.fail(error); - }); - }); - - it('should validate getTagValue method call', () => { - cloudClient._ec2 = sinon.stub(); - cloudClient._ec2.describeTags = sinon.stub().callsFake(() => ({ - promise(): Promise { - return Promise.resolve({ Tags: [{Value:"testValue"}]}); - } - })); - cloudClient.getTagValue('myTestKeyName', {}) - .then((tagValue) => { - assert.strictEqual(tagValue, 'testValue'); - }) - .catch(() => { - assert.fail(); - }); - }); - - - it('should validate getTagValue method call when no matching Tags', () => { - cloudClient._ec2 = sinon.stub(); - cloudClient._ec2.describeTags = sinon.stub().callsFake(() => ({ - promise(): Promise { - return Promise.resolve({ Tags: []}); - } - })); - cloudClient.getTagValue('myTestKeyName', {}) - .then((tagValue) => { - assert.strictEqual(tagValue, ''); - }) - .catch((err) => { - assert.fail(); - }); - }); - - it('should validate getTagValue method call when no Tags property recieved', () => { - cloudClient._ec2 = sinon.stub(); - cloudClient._ec2.describeTags = sinon.stub().callsFake(() => ({ - promise(): Promise { - return Promise.resolve({}); - } - })); - cloudClient.getTagValue('myTestKeyName', {}) - .then((tagValue) => { - assert.strictEqual(tagValue, ''); - }) - .catch((err) => { - assert.fail(); - }); - }); - - it('should validate getMetadata rejection when type is uri and with query', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(true, null); - }); - cloudClient.getMetadata('/latest/meta-data/hostname', { type: 'uri', query: 'test'}) - .then(() => { - assert.fail(); - }) - .catch(() => { - assert.ok(true); - }); - }); - - it('should validate getMetadata when network type is provided with interface-id using index 0', () => { - nock('https://169.254.169.254') - .get('/latest/meta-data/network/interfaces/macs/fa:16:3e:d0:b0:df/interface-id') - .reply(200, 'some-id'); - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - cloudClient.getMetadata('interface-id', { type: 'network', index: 0 }) - .then((result) => { - assert.strictEqual(result, 'some-id'); - }) - .catch((error) => { - assert.fail(error); - }); - }); - - it('should call _getInstanceNetwork to get instance data', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, '10.0.0.1'); - }); - cloudClient._getInstanceNetwork('subnet-ipv4-cidr-block', 'network', 'fa:16:3e:d0:b0:df') - .then(() => { - assert.strictEqual(metadataPathRequest, '/latest/meta-data/network/interfaces/macs/fa:16:3e:d0:b0:df/subnet-ipv4-cidr-block'); - }) - .catch(() => { - assert.fail(); - }); - }); - - it('should validate _getInstanceNetwork reject', () => { - cloudClient._getInstanceNetwork = sinon.stub().rejects(new Error('Test Rejection')); - cloudClient._getInstanceNetwork('subnet-ipv4-cidr-block', { type: 'network', index: 0 }) - .then((result) => { - assert.fail(result); - }) - .catch((err) => { - assert.ok(err.message.includes('Test Rejection')); - }); - }); - it('_metadata should reject upon error when using _getInstanceNetwork', () => { - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, JSON.stringify({ - region: 'some-aws-region', - instanceId: 'some-instance-id', - secretsManager: sinon.stub() - })); - }); - const expectedError = 'cannot contact AWS metadata service'; - return cloudClient.getMetadata('interface-id', { type: 'network', index: 1 }) - .then(() => { - // eslint-disable-next-line arrow-body-style - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - callback(new Error(expectedError)); - }); - return cloudClient._getInstanceNetwork('interface-id'); - }) - .then(() => { - assert.ok(false, 'should have rejected'); - }) - .catch((err) => { - assert.strictEqual(err.message, expectedError); - }); - }); - - it('_metadata should reject upon error when using _getInstanceNetwork with local-ipv4s', () => { - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, JSON.stringify({ - region: 'some-aws-region', - instanceId: 'some-instance-id', - secretsManager: sinon.stub() - })); - }); - const expectedError = 'cannot contact AWS metadata service'; - return cloudClient.getMetadata('local-ipv4s', { type: 'network', index: 1 }) - .then(() => { - // eslint-disable-next-line arrow-body-style - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - callback(new Error(expectedError)); - }); - return cloudClient._getInstanceNetwork('local-ipv4s'); - }) - .then(() => { - assert.ok(false, 'should have rejected'); - }) - .catch((err) => { - assert.strictEqual(err.message, expectedError); - }); - }); - - it('_metadata should reject upon error when using _getInstanceNetwork with subnet-ipv4-cidr-block', () => { - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - metadataPathRequest = path; - callback(null, JSON.stringify({ - region: 'some-aws-region', - instanceId: 'some-instance-id', - secretsManager: sinon.stub() - })); - }); - const expectedError = 'Invalid net address: {"region":"some-aws-region","instanceId":"some-instance-id"}'; - return cloudClient.getMetadata('subnet-ipv4-cidr-block', { type: 'network', index: 1 }) - .then(() => { - // eslint-disable-next-line arrow-body-style - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - callback(new Error(expectedError)); - }); - return cloudClient._getInstanceNetwork('subnet-ipv4-cidr-block'); - }) - .then(() => { - assert.ok(false, 'should have rejected'); - }) - .catch((err) => { - assert.strictEqual(err.message, expectedError); - }); - }); -}); diff --git a/tests/unit/cloud/azureCloudClient.ts b/tests/unit/cloud/azureCloudClient.ts deleted file mode 100644 index a5dc1dd8..00000000 --- a/tests/unit/cloud/azureCloudClient.ts +++ /dev/null @@ -1,266 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -import assert from 'assert'; -import sinon from 'sinon'; -import nock from 'nock'; -import { AzureCloudClient } from '../../../src/lib/cloud/azure/cloudClient' -import * as bigipMgmtNetInterfacesResponse from '../payloads/bigip_mgmt_net_interface.json'; -const cloud = 'azure'; - -describe('CloudClient - Azure', () => { - let cloudClient; - after(() => { - Object.keys(require.cache) - .forEach((key) => { - delete require.cache[key]; - }); - }); - - beforeEach(() => { - cloudClient = new AzureCloudClient(); - cloudClient._credentials = sinon.stub(); - cloudClient.subscriptionId = '1234543'; - cloudClient._metadata = { - subscriptionId: '1234543', - location: 'us-west', - tags: "key01:value02;key02:value02" - }; - cloudClient.SecretClient = sinon.stub().returns({ - getSecret: sinon.stub().resolves({ value: 'StrongPassword2010!' }) - }); - nock('http://169.254.169.254') - .get('/metadata/instance?api-version=2017-08-01') - .reply(200, { compute: { subscriptionId: '1234543', tags: "key01:value02;key02:value02"} }); - cloudClient.logger = sinon.stub(); - cloudClient.logger.info = sinon.stub(); - }); - - afterEach(() => { - sinon.restore(); - }); - - it('should validate constructor', () => { - assert.strictEqual(cloudClient.environment, cloud); - }); - - it('should validate init', () => cloudClient.init()); - - it('should validate getCustomerId', () => { - assert.strictEqual(cloudClient.getCustomerId(), '1234543'); - }); - - it('should validate getRegion', () => { - assert.strictEqual(cloudClient.getRegion(), 'us-west'); - }); - - it('should validate getCloudName', () => { - assert.strictEqual(cloudClient.getCloudName(), cloud); - }); - - it('should validate getTagValue method returns correct tag value', () => { - cloudClient.getTagValue('key01', {}) - .then((tagValye) => { - assert.strictEqual(tagValye, 'value02') - }) - .catch(() => { - assert.fail(); - }); - }); - - it('should validate getTagValue method returns no tag value', () => { - cloudClient.getTagValue('invalidKey', {}) - .then((tagValye) => { - assert.strictEqual(tagValye, '') - }) - .catch(() => { - assert.fail(); - }); - }); - - it('should validate getSecret when secret exists', () => cloudClient.getSecret( - 'the-secret-name', { - vaultUrl: 'https://hello-kv.vault.azure.net', - version: '6e86876be4ce46a49ec578dfda897593' - } - ) - .then((secret) => { - assert.strictEqual(secret, 'StrongPassword2010!'); - })); - - it('should validate getSecret when secret exists and version default used', () => cloudClient.getSecret( - 'the-secret-name', { - vaultUrl: 'https://hello-kv.vault.azure.net' - } - ) - .then((secret) => { - assert.strictEqual(secret, 'StrongPassword2010!'); - })); - - it('should validate getSecret when secret does not exist', () => { - cloudClient._getKeyVaultSecret = sinon.stub().callsFake(() => Promise.resolve('secret')); - cloudClient.getSecret( - 'incorrect-secret-name', { - vaultUrl: 'https://hello-kv.vault.azure.net', - version: '6e86876be4ce46a49ec578dfda897593' - } - ) - .then((secret) => { - assert.strictEqual(secret, undefined); - }); - }); - - it('should validate getSecret promise rejection', () => { - cloudClient._getKeyVaultSecret = sinon.stub().callsFake(() => Promise.reject(new Error('Test rejection'))); - return cloudClient.getSecret( - 'incorrect-secret-name', { - vaultUrl: 'https://hello-kv.vault.azure.net', - version: '6e86876be4ce46a49ec578dfda897593' - } - ) - .then(() => { - assert.ok(false); - }) - .catch((err) => { - assert.ok(err.message.includes('Test rejection')); - }); - }); - - it('should validate getSecret throws error when vault url is not provided', () => { - assert.throws(() => { - cloudClient.getSecret('incorrect-secret-name'); - }, (err) => { - if (err.message.includes('vault url is missing')) { - return true; - } - return false; - }, 'unexpected error'); - }); - - it('should validate getSecret throws error when secret id is not provided', () => { - assert.throws(() => { - cloudClient.getSecret('', { - vaultUrl: 'https://hello-kv.vault.azure.net' - }); - }, (err) => { - if (err.message.includes('secret id is missing')) { - return true; - } - return false; - }, 'unexpected error'); - }); - - it('should fail getMetadata when field is missing', () => { - cloudClient.getMetadata('', { type: 'compute' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata field is missing')); - }); - }); - - it('should fail getMetadata when type is missing', () => { - cloudClient.getMetadata('name') - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata type is missing')); - }); - }); - - it('should fail getMetadata when index is missing', () => { - cloudClient.getMetadata('ipv4', { type: 'network' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata index is missing')); - }); - }); - - it('should fail getMetadata when wrong type is provided', () => { - cloudClient.getMetadata('name', { type: 'bar' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata type is unknown')); - }); - }); - - it('should validate getMetadata when compute type name field is provided', () => { - nock('http://169.254.169.254') - .get('/metadata/instance/compute?api-version=2017-08-01') - .reply(200, { name: 'ru65wrde-vm0' }); - - cloudClient.getMetadata('name', { type: 'compute' }) - .then((result) => { - assert.strictEqual(result, 'ru65wrde-vm0'); - }); - }); - - it('should validate getMetadata when compute type vmId field is provided', () => { - nock('http://169.254.169.254') - .get('/metadata/instance/compute?api-version=2017-08-01') - .reply(200, { vmId: 'XXXX-XXXX-XXXX-XXXX' }); - - cloudClient.getMetadata('vmId', { type: 'compute' }) - .then((result) => { - assert.strictEqual(result, 'XXXX-XXXX-XXXX-XXXX'); - }); - }); - - it('should fail getMetadata when mac address is not matched', () => { - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - nock('http://169.254.169.254') - .get('/metadata/instance/network?api-version=2017-08-01') - .reply(200, { interface: [{ ipv4: { ipAddress: [{ privateIpAddress: '10.0.0.4' }], subnet: [{ address: '10.0.0.0', prefix: '24' }] }, macAddress:'FA163ED0B0DF' }, { ipv4: { ipAddress: [{ privateIpAddress: '10.0.1.4' }], subnet: [{ address: '10.0.1.0', prefix: '24' }] } , macAddress:'abcdexp'}] }); - - cloudClient.getMetadata('ipv4', { type: 'network', index: 1 }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('Could not get value from Azure metadata')); - }); - }); - - it('should validate getMetadata when network type is provided for mgmt interface', () => { - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - nock('http://169.254.169.254') - .get('/metadata/instance/network?api-version=2017-08-01') - .reply(200, { interface: [{ ipv4: { ipAddress: [{ privateIpAddress: '10.0.0.4' }], subnet: [{ address: '10.0.0.0', prefix: '24' }] }, macAddress:'FA163ED0B0DF' }, { ipv4: { ipAddress: [{ privateIpAddress: '10.0.1.4' }], subnet: [{ address: '10.0.1.0', prefix: '24' }] } , macAddress:'FA163EC5BE3D'}] }); - - cloudClient.getMetadata('ipv4', { type: 'network', index: 0 }) - .then((result) => { - assert.strictEqual(result, '10.0.0.4/24'); - }); - }); - - it('should validate getMetadata when network type is provided', () => { - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse ); - nock('http://169.254.169.254') - .get('/metadata/instance/network?api-version=2017-08-01') - .reply(200, { interface: [{ ipv4: { ipAddress: [{ privateIpAddress: '10.0.0.4' }], subnet: [{ address: '10.0.0.0', prefix: '24' }] }, macAddress:'FA163ED0B0DF' }, { ipv4: { ipAddress: [{ privateIpAddress: '10.0.1.4' }], subnet: [{ address: '10.0.1.0', prefix: '24' }] } , macAddress:'FA163EC5BE3D'}] }); - - cloudClient.getMetadata('ipv4', { type: 'network', index: 1 }) - .then((result) => { - assert.strictEqual(result, '10.0.1.4/24'); - }); - }); -}); diff --git a/tests/unit/cloud/cloudFactoryTests.ts b/tests/unit/cloud/cloudFactoryTests.ts deleted file mode 100644 index 56311119..00000000 --- a/tests/unit/cloud/cloudFactoryTests.ts +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -import * as assert from 'assert'; -import * as cloudFactory from '../../../src/lib/cloud/cloudFactory'; -describe('Cloud Factory', () => { - after(() => { - Object.keys(require.cache).forEach((key) => { - delete require.cache[key]; - }); - }); - - it('should get each available cloud provider', async () => { - ['aws', 'azure', 'gcp'].forEach(async (cloud) => { - const cloudClient = await cloudFactory.getCloudProvider(cloud); - assert.strictEqual(cloudClient.environment, cloud); - }); - }); - - it('should get unsupported cloud provider', () => { - return cloudFactory.getCloudProvider('foo').catch((err) => { - assert.ok(err.message.includes('Unsupported cloud')); - }); - }); -}); diff --git a/tests/unit/cloud/gcpCloudClient.ts b/tests/unit/cloud/gcpCloudClient.ts deleted file mode 100644 index 4a381071..00000000 --- a/tests/unit/cloud/gcpCloudClient.ts +++ /dev/null @@ -1,343 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -import assert from 'assert'; -import sinon from 'sinon'; -import nock from 'nock'; -import { GcpCloudClient } from '../../../src/lib/cloud/gcp/cloudClient'; -const cloud = 'gcp'; - -describe('CloudClient - GCP', () => { - let cloudClient; - after(() => { - Object.keys(require.cache) - .forEach((key) => { - delete require.cache[key]; - }); - }); - - beforeEach(() => { - cloudClient = new GcpCloudClient(); - cloudClient.logger = sinon.stub(); - cloudClient.logger.info = sinon.stub(); - }); - - afterEach(() => { - sinon.restore(); - }); - - it('should validate constructor', () => { - assert.strictEqual(cloudClient.environment, cloud); - }); - - it('should validate init', () => { - cloudClient._getProjectId = sinon.stub().resolves('my-project'); - cloudClient._getAuthToken = sinon.stub().resolves('my-token'); - cloudClient._getRegion = sinon.stub().resolves('my-region'); - return cloudClient.init() - .then(() => { - assert.strictEqual(cloudClient.projectId, 'my-project'); - }) - .then(() => { - assert.strictEqual(cloudClient.authToken, 'my-token'); - }) - .then(() => { - assert.strictEqual(cloudClient.region, 'my-region'); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate init metadata request promise rejection _getProjectId', () => { - cloudClient._getProjectId = sinon.stub().rejects(new Error('Test Rejection')); - cloudClient._getAuthToken = sinon.stub().resolves('my-token'); - cloudClient._getRegion = sinon.stub().resolves('my-region'); - return cloudClient.init() - .then(() => { - assert.ok(false); - }).catch((err) => { - assert.ok(err.message.includes('Test Rejection')); - }); - }); - - it('should validate init metadata request promise rejection _getAuthToken', () => { - cloudClient._getAuthToken = sinon.stub().rejects(new Error('Test Rejection')); - cloudClient._getProjectId = sinon.stub().resolves('my-project'); - cloudClient._getRegion = sinon.stub().resolves('my-region'); - return cloudClient.init() - .then(() => { - assert.ok(false); - }).catch((err) => { - assert.ok(err.message.includes('Test Rejection')); - }); - }); - - it('should validate getCloudName', () => { - assert.strictEqual(cloudClient.getCloudName(), cloud); - }); - - it('should validate getCustomerId', () => { - cloudClient._getProjectId = sinon.stub().resolves('my-project'); - cloudClient._getAuthToken = sinon.stub().resolves('my-token'); - cloudClient._getRegion = sinon.stub().resolves('my-region'); - return cloudClient.init() - .then(() => { - assert.strictEqual(cloudClient.getCustomerId(), 'my-project'); - }) - .catch(err => Promise.reject(err)); - - }); - - it('should validate getRegion', () => { - cloudClient._getProjectId = sinon.stub().resolves('my-project'); - cloudClient._getAuthToken = sinon.stub().resolves('my-token'); - cloudClient._getRegion = sinon.stub().resolves('my-region'); - return cloudClient.init() - .then(() => { - assert.strictEqual(cloudClient.getRegion(), 'my-region'); - }) - .catch(err => Promise.reject(err)); - - }); - - it('should validate _getRegion', () => { - nock('http://metadata.google.internal') - .get('/computeMetadata/v1/instance/zone') - .reply(200, 'projects/121231/zones/us-west-2'); - return cloudClient._getRegion() - .then((region) => { - assert.strictEqual(region, 'us-west-2'); - }) - .catch(err => Promise.reject(err)); - - }); - - it('should validate _getProject', () => { - cloudClient.google = sinon.stub(); - cloudClient.google.auth = sinon.stub(); - cloudClient.google.auth.getProjectId = sinon.stub().resolves('my-project'); - return cloudClient._getProjectId() - .then((projectId) => { - assert.strictEqual(projectId, 'my-project'); - }); - }); - - it('should validate _getProject promise rejection', () => { - cloudClient.google = sinon.stub(); - cloudClient.google.auth = sinon.stub(); - cloudClient.google.auth.getProjectId = sinon.stub().rejects(); - return cloudClient._getProjectId() - .then(() => { - assert.ok(false); - }) - .catch((err) => { - assert.ok(err.message.includes('Error getting project id')); - }); - }); - - it('should validate _getAuthToken', () => { - cloudClient.google = sinon.stub(); - cloudClient.google.auth = sinon.stub(); - cloudClient.google.auth.getClient = sinon.stub().resolves('my-token'); - return cloudClient._getAuthToken() - .then((authToken) => { - assert.strictEqual(authToken, 'my-token'); - }); - }); - - it('should validate _getAuthToken promise rejection', () => { - cloudClient.google = sinon.stub(); - cloudClient.google.auth = sinon.stub(); - cloudClient.google.auth.getClient = sinon.stub().rejects(); - return cloudClient._getAuthToken() - .then(() => { - assert.ok(false); - }) - .catch((err) => { - assert.ok(err.message.includes('Error getting auth token')); - }); - }); - - it('should validate getTagValue method returns tagValue', () => { - nock('http://metadata.google.internal') - .get('/computeMetadata/v1/instance/name') - .reply(200, 'test_vm_name-01'); - cloudClient.compute = sinon.stub(); - cloudClient.compute.zone = sinon.stub().returns({ - vm: sinon.stub().returns({ - getMetadata: sinon.stub().resolves([{labels: {myTestKeyName: 'testValue'}}]) - }) - }); - cloudClient.getTagValue('myTestKeyName') - .then((tagValue) => { - assert.strictEqual(tagValue, 'testValue'); - }) - .catch(() => { - assert.fail(); - }); - }); - - it('should validate getTagValue method when no tag matching', () => { - nock('http://metadata.google.internal') - .get('/computeMetadata/v1/instance/name') - .reply(200, 'test_vm_name-01'); - cloudClient.compute = sinon.stub(); - cloudClient.compute.zone = sinon.stub().returns({ - vm: sinon.stub().returns({ - getMetadata: sinon.stub().resolves([{labels: {}}]) - }) - }); - cloudClient.getTagValue('myTestKeyName') - .then((tagValue) => { - assert.strictEqual(tagValue, ''); - }) - .catch((err) => { - assert.fail(); - }); - }); - - it('should validate getTagValue method call', () => { - cloudClient._metadata = sinon.stub(); - cloudClient._metadata.request = sinon.stub() - .callsFake((path, headers, callback) => { - callback(true, null); - }); - cloudClient.getTagValue('myTestKeyName', { }) - .then(() => { - assert.fail(); - }) - .catch(() => { - assert.ok(true); - }); - }); - - it('should validate getSecret promise rejection', () => { - cloudClient.secretmanager.projects.secrets.versions.access = sinon.stub().rejects(); - return cloudClient.getSecret( - 'incorrect-secret-name', - 'some-version' - ) - .then(() => { - assert.ok(false); - }) - .catch((err) => { - assert.ok(err.message.includes('Error getting secret from')); - }); - }); - - it('should validate getSecret throws error when secret metadata is not provided', () => { - assert.throws(() => { - cloudClient.getSecret(); - }, (err) => { - if (err.message.includes('GCP Cloud Client secret id is missing')) { - return true; - } - return false; - }, 'unexpected error'); - }); - - it('should validate getSecret when secret exists', () => { - cloudClient.secretmanager.projects.secrets.versions.access = sinon.stub().resolves({ - data: { - payload: { - data: 'U3Ryb25nUGFzc3dvcmQh' - } - } - }); - return cloudClient.getSecret( - 'the-secret-name', - 'some-version' - ) - .then((secret) => { - assert.strictEqual(secret, 'StrongPassword!'); - }); - }); - - it('should validate getSecret when secret exists no version included', () => { - cloudClient.secretmanager.projects.secrets.versions.access = sinon.stub().resolves({ - data: { - payload: { - data: 'U3Ryb25nUGFzc3dvcmQh' - } - } - }); - return cloudClient.getSecret( - 'the-secret-name' - ) - .then((secret) => { - assert.strictEqual(secret, 'StrongPassword!'); - }); - }); - - it('should validate getMetadata returns compute name field value', () => { - nock('http://metadata.google.internal') - .get('/computeMetadata/v1/instance/name') - .reply(200, 'test_vm_name-01'); - cloudClient.getMetadata('name', { type: 'compute' }) - .then((response) => { - assert.strictEqual(response, 'test-vm-name-01'); - }) - .catch(err => Promise.reject(err)); - }); - - - it('should validate getMetadata returns network ip field value', () => { - nock('http://metadata.google.internal') - .get('/computeMetadata/v1/instance/network-interfaces/0/ip') - .reply(200, '10.0.3.2'); - nock('http://metadata.google.internal') - .get('/computeMetadata/v1/instance/network-interfaces/0/subnetmask') - .reply(200, '255.255.255.0'); - cloudClient.getMetadata('ip', { type: 'network', index: 0 }) - .then((response) => { - assert.strictEqual(response, '10.0.3.2/24'); - }) - .catch(err => Promise.reject(err)); - }); - - it('should fail getMetadata when field is missing', () => { - cloudClient.getMetadata('', { type: 'compute' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata field is missing')); - }); - }); - - it('should fail getMetadata when type is missing', () => { - cloudClient.getMetadata('name') - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata type is missing')); - }); - }); - - it('should fail getMetadata when index is missing', () => { - cloudClient.getMetadata('ipv4', { type: 'network' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata index is missing')); - }); - }); - - it('should fail getMetadata when wrong type is provided', () => { - cloudClient.getMetadata('name', { type: 'bar' }) - .then(() => { - assert.fail(); - }) - .catch((error) => { - assert.ok(error.message.includes('metadata type is unknown')); - }); - }); -}); diff --git a/tests/unit/loggerTests.ts b/tests/unit/loggerTests.ts deleted file mode 100644 index a9cd6b27..00000000 --- a/tests/unit/loggerTests.ts +++ /dev/null @@ -1,176 +0,0 @@ -/* - * Copyright 2020. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -import sinon from 'sinon'; -import assert from 'assert'; -import Logger from '../../src/lib/logger'; -import * as fs from 'fs'; - -describe('Logger', function() { - - let logger: Logger; - - beforeEach(function() { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'silly' }); - }); - afterEach(function() { - sinon.restore(); - }); - - ['error', 'warn', 'info', 'debug'].forEach((logLevel) => { - it(`should log ${logLevel} message`, function() { - logger = Logger.getLogger(); - logger[logLevel]('msg'); - }); - }); - - it('should validate that silly and debug messages are not shown', function() { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'info' }); - logger = Logger.getLogger(); - assert.strictEqual(Logger.winstonLogger.level, 'info'); - logger.info('this is info message'); - logger.debug('this is debug message'); - logger.silly('this is silly message'); - }); - - it('should validate when no message is set', function() { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'info' }); - logger = Logger.getLogger(); - assert.strictEqual(Logger.winstonLogger.level, 'info'); - logger.info(''); - }); - - it('should validate that silly and debug messages are shown', function() { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'silly' }); - logger = Logger.getLogger(); - logger.info('this is info message'); - logger.debug('this is debug message'); - logger.silly('this is silly message'); - }); - - it('should log validate log to json format', function() { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_TO_JSON: true }); - logger = Logger.getLogger(); - logger.info('this is json message'); - }); - - it('should log validate log filename setting', function() { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_FILENAME: 'tmp/test.log' }); - logger = Logger.getLogger(); - logger.info('custom log file msg'); - assert.ok(true); - }); - - it('should validate custom log creation', function(done) { - this.timeout(10000); - setTimeout(() => { - assert.ok(fs.existsSync('tmp/test.log')); - fs.unlinkSync('tmp/test.log'); - fs.rmdirSync('tmp/'); - done(); - }, 5000); - }); - - it('should validate sensitive field is hidden for default log format', function(done) { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_FILENAME: 'tmp/test_sensitive_default_format.log' }); - const logMessage = '{"schemaVersion":"1.0.0","class":"Device","async":true,"label":"my BIG-IP declaration for declarative onboarding","Common":{"class":"Tenant","mySystem":{"class":"System","hostname":"ip-10-0-0-215.us-west-2.compute.internal","cliInactivityTimeout":1200,"consoleInactivityTimeout":1200,"autoPhonehome":false},"myDns":{"class":"DNS","nameServers":["8.8.8.8"]},"myNtp":{"class":"NTP","servers":["0.pool.ntp.org"],"timezone":"UTC"},"admin":{"class":"User","userType":"regular","password":"SomeSensitiveValue","shell":"bash"},"vaultadmin":{"class":"User","userType":"regular","password":"b1gAdminPazz","shell":"bash","partitionAccess":{"all-partitions":{"role":"admin"}}},"myProvisioning":{"class":"Provision","ltm":"nominal","asm":"nominal"},"external":{"class":"VLAN","tag":4094,"mtu":1500,"interfaces":[{"name":"1.1","tagged":true}]},"external-self":{"class":"SelfIp","address":"10.0.1.32/24","vlan":"external","allowService":"default","trafficGroup":"traffic-group-local-only"},"dbvars":{"class":"DbVariables","provision.extramb":500,"restjavad.useextramb":true}}}'; - logger = Logger.getLogger(); - logger.info(logMessage); - this.timeout(10000); - setTimeout(() => { - assert.ok(fs.existsSync('tmp/test_sensitive_default_format.log')); - const logMessage = fs.readFileSync('tmp/test_sensitive_default_format.log').toString('utf8'); - assert.strictEqual(logMessage.split("********").length, 3); - fs.unlinkSync('tmp/test_sensitive_default_format.log'); - fs.rmdirSync('tmp/'); - done(); - }, 5000); - }); - - it('should validate sensitive field is hidden for default debug format', function(done) { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_FILENAME: 'tmp/test_sensitive_default_format.log', F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'debug' }); - const logMessage = '{"schemaVersion":"1.0.0","class":"Device","async":true,"label":"my BIG-IP declaration for declarative onboarding","Common":{"class":"Tenant","mySystem":{"class":"System","hostname":"ip-10-0-0-215.us-west-2.compute.internal","cliInactivityTimeout":1200,"consoleInactivityTimeout":1200,"autoPhonehome":false},"myDns":{"class":"DNS","nameServers":["8.8.8.8"]},"myNtp":{"class":"NTP","servers":["0.pool.ntp.org"],"timezone":"UTC"},"admin":{"class":"User","userType":"regular","password":"SomeSensitiveValue","shell":"bash"},"vaultadmin":{"class":"User","userType":"regular","password":"b1gAdminPazz","shell":"bash","partitionAccess":{"all-partitions":{"role":"admin"}}},"myProvisioning":{"class":"Provision","ltm":"nominal","asm":"nominal"},"external":{"class":"VLAN","tag":4094,"mtu":1500,"interfaces":[{"name":"1.1","tagged":true}]},"external-self":{"class":"SelfIp","address":"10.0.1.32/24","vlan":"external","allowService":"default","trafficGroup":"traffic-group-local-only"},"dbvars":{"class":"DbVariables","provision.extramb":500,"restjavad.useextramb":true}}}'; - logger = Logger.getLogger(); - logger.debug(logMessage); - this.timeout(10000); - setTimeout(() => { - assert.ok(fs.existsSync('tmp/test_sensitive_default_format.log')); - const logMessage = fs.readFileSync('tmp/test_sensitive_default_format.log').toString('utf8'); - assert.strictEqual(logMessage.split("********").length, 3); - fs.unlinkSync('tmp/test_sensitive_default_format.log'); - fs.rmdirSync('tmp/'); - done(); - }, 5000); - }); - - it('should validate sensitive field is hidden for default silly format', function(done) { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_FILENAME: 'tmp/test_sensitive_default_format.log', F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'silly' }); - const logMessage = '{"schemaVersion":"1.0.0","class":"Device","async":true,"label":"my BIG-IP declaration for declarative onboarding","Common":{"class":"Tenant","mySystem":{"class":"System","hostname":"ip-10-0-0-215.us-west-2.compute.internal","cliInactivityTimeout":1200,"consoleInactivityTimeout":1200,"autoPhonehome":false},"myDns":{"class":"DNS","nameServers":["8.8.8.8"]},"myNtp":{"class":"NTP","servers":["0.pool.ntp.org"],"timezone":"UTC"},"admin":{"class":"User","userType":"regular","password":"SomeSensitiveValue","shell":"bash"},"vaultadmin":{"class":"User","userType":"regular","password":"b1gAdminPazz","shell":"bash","partitionAccess":{"all-partitions":{"role":"admin"}}},"myProvisioning":{"class":"Provision","ltm":"nominal","asm":"nominal"},"external":{"class":"VLAN","tag":4094,"mtu":1500,"interfaces":[{"name":"1.1","tagged":true}]},"external-self":{"class":"SelfIp","address":"10.0.1.32/24","vlan":"external","allowService":"default","trafficGroup":"traffic-group-local-only"},"dbvars":{"class":"DbVariables","provision.extramb":500,"restjavad.useextramb":true}}}'; - logger = Logger.getLogger(); - logger.silly(logMessage); - this.timeout(10000); - setTimeout(() => { - assert.ok(fs.existsSync('tmp/test_sensitive_default_format.log')); - const logMessage = fs.readFileSync('tmp/test_sensitive_default_format.log').toString('utf8'); - assert.strictEqual(logMessage.split("********").length, 3); - fs.unlinkSync('tmp/test_sensitive_default_format.log'); - fs.rmdirSync('tmp/'); - done(); - }, 5000); - }); - - it('should validate sensitive field is hidden for default warn format', function(done) { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_FILENAME: 'tmp/test_sensitive_default_format.log', F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'warn' }); - const logMessage = '{"schemaVersion":"1.0.0","class":"Device","async":true,"label":"my BIG-IP declaration for declarative onboarding","Common":{"class":"Tenant","mySystem":{"class":"System","hostname":"ip-10-0-0-215.us-west-2.compute.internal","cliInactivityTimeout":1200,"consoleInactivityTimeout":1200,"autoPhonehome":false},"myDns":{"class":"DNS","nameServers":["8.8.8.8"]},"myNtp":{"class":"NTP","servers":["0.pool.ntp.org"],"timezone":"UTC"},"admin":{"class":"User","userType":"regular","password":"SomeSensitiveValue","shell":"bash"},"vaultadmin":{"class":"User","userType":"regular","password":"b1gAdminPazz","shell":"bash","partitionAccess":{"all-partitions":{"role":"admin"}}},"myProvisioning":{"class":"Provision","ltm":"nominal","asm":"nominal"},"external":{"class":"VLAN","tag":4094,"mtu":1500,"interfaces":[{"name":"1.1","tagged":true}]},"external-self":{"class":"SelfIp","address":"10.0.1.32/24","vlan":"external","allowService":"default","trafficGroup":"traffic-group-local-only"},"dbvars":{"class":"DbVariables","provision.extramb":500,"restjavad.useextramb":true}}}'; - logger = Logger.getLogger(); - logger.warn(logMessage); - this.timeout(10000); - setTimeout(() => { - assert.ok(fs.existsSync('tmp/test_sensitive_default_format.log')); - const logMessage = fs.readFileSync('tmp/test_sensitive_default_format.log').toString('utf8'); - assert.strictEqual(logMessage.split("********").length, 3); - fs.unlinkSync('tmp/test_sensitive_default_format.log'); - fs.rmdirSync('tmp/'); - done(); - }, 5000); - }); - - it('should validate sensitive field is hidden for default error format', function(done) { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_FILENAME: 'tmp/test_sensitive_default_format.log', F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'error' }); - const logMessage = '{"schemaVersion":"1.0.0","class":"Device","async":true,"label":"my BIG-IP declaration for declarative onboarding","Common":{"class":"Tenant","mySystem":{"class":"System","hostname":"ip-10-0-0-215.us-west-2.compute.internal","cliInactivityTimeout":1200,"consoleInactivityTimeout":1200,"autoPhonehome":false},"myDns":{"class":"DNS","nameServers":["8.8.8.8"]},"myNtp":{"class":"NTP","servers":["0.pool.ntp.org"],"timezone":"UTC"},"admin":{"class":"User","userType":"regular","password":"SomeSensitiveValue","shell":"bash"},"vaultadmin":{"class":"User","userType":"regular","password":"b1gAdminPazz","shell":"bash","partitionAccess":{"all-partitions":{"role":"admin"}}},"myProvisioning":{"class":"Provision","ltm":"nominal","asm":"nominal"},"external":{"class":"VLAN","tag":4094,"mtu":1500,"interfaces":[{"name":"1.1","tagged":true}]},"external-self":{"class":"SelfIp","address":"10.0.1.32/24","vlan":"external","allowService":"default","trafficGroup":"traffic-group-local-only"},"dbvars":{"class":"DbVariables","provision.extramb":500,"restjavad.useextramb":true}}}'; - logger = Logger.getLogger(); - logger.error(logMessage); - this.timeout(10000); - setTimeout(() => { - assert.ok(fs.existsSync('tmp/test_sensitive_default_format.log')); - const logMessage = fs.readFileSync('tmp/test_sensitive_default_format.log').toString('utf8'); - assert.strictEqual(logMessage.split("********").length, 3); - fs.unlinkSync('tmp/test_sensitive_default_format.log'); - fs.rmdirSync('tmp/'); - done(); - }, 5000); - }); - - it('should validate sensitive field is hidden for json log format', function(done) { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_FILENAME: 'tmp/test_sensitive_json_format.log', F5_BIGIP_RUNTIME_INIT_LOG_TO_JSON: true }); - const logMessage = '{"schemaVersion":"1.0.0","class":"Device","async":true,"label":"my BIG-IP declaration for declarative onboarding","Common":{"class":"Tenant","mySystem":{"class":"System","hostname":"ip-10-0-0-225.us-west-2.compute.internal","cliInactivityTimeout":1200,"consoleInactivityTimeout":1200,"autoPhonehome":false},"myDns":{"class":"DNS","nameServers":["8.8.8.8"]},"myNtp":{"class":"NTP","servers":["0.pool.ntp.org"],"timezone":"UTC"},"admin":{"class":"User","userType":"regular","password":"StrongPassword2010!","shell":"bash"},"vaultadmin":{"class":"User","userType":"regular","password":"b1gAdminPazz","shell":"bash","partitionAccess":{"all-partitions":{"role":"admin"}}},"myProvisioning":{"class":"Provision","ltm":"nominal","asm":"nominal"},"external":{"class":"VLAN","tag":4094,"mtu":1500,"interfaces":[{"name":"1.1","tagged":true}]},"external-self":{"class":"SelfIp","address":"10.0.1.210/24","vlan":"external","allowService":"default","trafficGroup":"traffic-group-local-only"},"dbvars":{"class":"DbVariables","provision.extramb":500,"restjavad.useextramb":true}}}'; - logger = Logger.getLogger(); - logger.info(logMessage); - this.timeout(10000); - setTimeout(() => { - assert.ok(fs.existsSync('tmp/test_sensitive_json_format.log')); - const logMessage = fs.readFileSync('tmp/test_sensitive_json_format.log').toString('utf8'); - assert.strictEqual(logMessage.split("********").length, 3); - fs.unlinkSync('tmp/test_sensitive_json_format.log'); - fs.rmdirSync('tmp/'); - done(); - }, 5000); - }); -}); diff --git a/tests/unit/payloads/bigip_mgmt_net_interface.json b/tests/unit/payloads/bigip_mgmt_net_interface.json deleted file mode 100644 index e14ec1ee..00000000 --- a/tests/unit/payloads/bigip_mgmt_net_interface.json +++ /dev/null @@ -1,71 +0,0 @@ -{ - "kind": "tm:net:interface:interfacecollectionstate", - "selfLink": "https://localhost/mgmt/tm/net/interface?ver=15.1.0.1", - "items": [ - { - "kind": "tm:net:interface:interfacestate", - "name": "1.1", - "fullPath": "1.1", - "generation": 20, - "selfLink": "https://localhost/mgmt/tm/net/interface/1.1?ver=15.1.0.1", - "bundle": "not-supported", - "bundleSpeed": "not-supported", - "enabled": true, - "flowControl": "tx-rx", - "forceGigabitFiber": "disabled", - "forwardErrorCorrection": "not-supported", - "ifIndex": 48, - "lldpAdmin": "txonly", - "lldpTlvmap": 130943, - "macAddress": "fa:16:3e:c5:be:3d", - "mediaActive": "none", - "mediaFixed": "10000T-FD", - "mediaMax": "auto", - "mediaSfp": "auto", - "mtu": 9198, - "portFwdMode": "l3", - "preferPort": "sfp", - "qinqEthertype": "0x8100", - "sflow": { - "pollInterval": 0, - "pollIntervalGlobal": "yes" - }, - "stp": "enabled", - "stpAutoEdgePort": "enabled", - "stpEdgePort": "true", - "stpLinkType": "auto" - }, - { - "kind": "tm:net:interface:interfacestate", - "name": "mgmt", - "fullPath": "mgmt", - "generation": 877, - "selfLink": "https://localhost/mgmt/tm/net/interface/mgmt?ver=15.1.0.1", - "bundle": "not-supported", - "bundleSpeed": "not-supported", - "enabled": true, - "flowControl": "tx-rx", - "forceGigabitFiber": "disabled", - "forwardErrorCorrection": "not-supported", - "ifIndex": 32, - "lldpAdmin": "txonly", - "lldpTlvmap": 130943, - "macAddress": "fa:16:3e:d0:b0:df", - "mediaActive": "100TX-FD", - "mediaFixed": "auto", - "mediaSfp": "auto", - "mtu": 1500, - "portFwdMode": "l3", - "preferPort": "sfp", - "qinqEthertype": "0x8100", - "sflow": { - "pollInterval": 0, - "pollIntervalGlobal": "yes" - }, - "stp": "enabled", - "stpAutoEdgePort": "enabled", - "stpEdgePort": "true", - "stpLinkType": "auto" - } - ] -} diff --git a/tests/unit/payloads/bigip_mgmt_shared_installed_packages.json b/tests/unit/payloads/bigip_mgmt_shared_installed_packages.json deleted file mode 100644 index 2628d7ad..00000000 --- a/tests/unit/payloads/bigip_mgmt_shared_installed_packages.json +++ /dev/null @@ -1,68 +0,0 @@ -{ - "items": [ - { - "id": "1241344f-04f9-3594-b6cb-f7989ebff7df", - "appName": "f5-service-discovery", - "packageName": "f5-service-discovery-1.2.9-2.noarch", - "version": "1.2.9", - "release": "2", - "arch": "noarch", - "tags": [ - "PLUGIN" - ], - "generation": 1, - "lastUpdateMicros": 1598470524254627, - "kind": "shared:iapp:global-installed-packages:installedpackagestate", - "selfLink": "https://localhost/mgmt/shared/iapp/global-installed-packages/1241344f-04f9-3594-b6cb-f7989ebff7df" - }, - { - "id": "316c0f71-a1d2-3fbc-a04c-26c8b3262e1e", - "appName": "f5-declarative-onboarding", - "packageName": "f5-declarative-onboarding-1.14.0-1.noarch", - "version": "1.14.0", - "release": "1", - "arch": "noarch", - "tags": [ - "PLUGIN" - ], - "generation": 1, - "lastUpdateMicros": 1598470501091189, - "kind": "shared:iapp:global-installed-packages:installedpackagestate", - "selfLink": "https://localhost/mgmt/shared/iapp/global-installed-packages/316c0f71-a1d2-3fbc-a04c-26c8b3262e1e" - }, - { - "id": "5b78671e-01ea-3d87-b255-4f6da6047846", - "appName": "f5-appsvcs", - "packageName": "f5-appsvcs-3.20.0-3.noarch", - "version": "3.20.0", - "release": "3", - "arch": "noarch", - "tags": [ - "PLUGIN" - ], - "generation": 1, - "lastUpdateMicros": 1598470507100867, - "kind": "shared:iapp:global-installed-packages:installedpackagestate", - "selfLink": "https://localhost/mgmt/shared/iapp/global-installed-packages/5b78671e-01ea-3d87-b255-4f6da6047846" - }, - { - "id": "fd54cb55-cc2c-3385-962c-7e23eceab16a", - "appName": "f5-appsvcs-templates", - "packageName": "f5-appsvcs-templates-1.1.0-1.noarch", - "version": "1.1.0", - "release": "1", - "arch": "noarch", - "tags": [ - "IAPP" - ], - "generation": 1, - "lastUpdateMicros": 1598470511890385, - "kind": "shared:iapp:global-installed-packages:installedpackagestate", - "selfLink": "https://localhost/mgmt/shared/iapp/global-installed-packages/fd54cb55-cc2c-3385-962c-7e23eceab16a" - } - ], - "generation": 4, - "kind": "shared:iapp:global-installed-packages:installedpackagecollectionstate", - "lastUpdateMicros": 1598470524254959, - "selfLink": "https://localhost/mgmt/shared/iapp/global-installed-packages" -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_global_settings.json b/tests/unit/payloads/bigip_mgmt_sys_global_settings.json deleted file mode 100644 index c0a79e67..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_global_settings.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "kind": "tm:sys:global-settings:global-settingsstate", - "selfLink": "https://localhost/mgmt/tm/sys/global-settings?ver=15.1.0.1", - "awsApiMaxConcurrency": 1, - "consoleInactivityTimeout": 0, - "customAddr": "none", - "failsafeAction": "go-offline-restart-tm", - "fileBlacklistPathPrefix": "{/shared/3dns/} {/shared/bin/} {/shared/core/} {/appdata/core/} {/shared/datasync/} {/shared/em/} {/shared/GeoIP/} {/shared/images/} {/shared/lib/} {/shared/lib64/} {/shared/log/} {/shared/lost+found/} {/shared/mgmt/} {/shared/nfb/} {/shared/ssh/} {/shared/statsd/} {/shared/tmstat/} {/shared/vadc/} {/config/aaa/} {/config/big3d/} {/config/bigip/} {/config/filestore/} {/config/gtm/} {/config/httpd/} {/config/ntp.conf} {/config/rndc.key} {/config/ssh/} {/config/ssl/}", - "fileBlacklistReadOnlyPathPrefix": "{/etc/shadow}", - "fileLocalPathPrefix": "{/shared/} {/tmp/}", - "fileWhitelistPathPrefix": "{/var/local/scf} {/tmp/} {/shared/} {/config/} {/usr/share/aws/} {/var/config/rest/downloads/appsvcs_update.cli}", - "guiAudit": "disabled", - "guiExpiredCertAlert": "enabled", - "guiSecurityBanner": "enabled", - "guiSecurityBannerText": "Welcome to the BIG-IP Configuration Utility.\n\nLog in with your username and password using the fields on the left.", - "guiSetup": "disabled", - "hostAddrMode": "management", - "hostname": "bigip1.azure.com", - "lcdDisplay": "enabled", - "ledLocator": "disabled", - "mgmtDhcp": "enabled", - "netReboot": "disabled", - "passwordPrompt": "Password", - "quietBoot": "enabled", - "usernamePrompt": "Username" -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_hardware.json b/tests/unit/payloads/bigip_mgmt_sys_hardware.json deleted file mode 100644 index b57b463c..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_hardware.json +++ /dev/null @@ -1,240 +0,0 @@ -{ - "kind": "tm:sys:hardware:hardwarestats", - "selfLink": "https://localhost/mgmt/tm/sys/hardware?ver=15.1.0.1", - "entries": { - "https://localhost/mgmt/tm/sys/hardware/chassis-info": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/chassis-info/0": { - "nestedStats": { - "entries": { - "maxMacCount": { - "value": 1 - }, - "regKey": { - "description": "-" - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardware-version": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/hardware-version/HD1": { - "nestedStats": { - "entries": { - "model": { - "description": "Virtual disk" - }, - "tmName": { - "description": "HD1" - }, - "type": { - "description": "physical-disk" - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions/0": { - "nestedStats": { - "entries": { - "tmName": { - "description": "SerialNumber" - }, - "version": { - "description": "VMware-sda" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions/1": { - "nestedStats": { - "entries": { - "tmName": { - "description": "Size" - }, - "version": { - "description": "154.00G" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions/2": { - "nestedStats": { - "entries": { - "tmName": { - "description": "Firmware Version" - }, - "version": { - "description": "2.0" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions/3": { - "nestedStats": { - "entries": { - "tmName": { - "description": "Media Type" - }, - "version": { - "description": "HDD" - } - } - } - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardware-version/cpus": { - "nestedStats": { - "entries": { - "model": { - "description": "Intel(R) Xeon(R) Platinum 8160 CPU @ 2.10GHz" - }, - "tmName": { - "description": "cpus" - }, - "type": { - "description": "base-board" - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/0": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cache size" - }, - "version": { - "description": "33792 KB" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/1": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cores" - }, - "version": { - "description": "2 (physical:2)" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/2": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cpu MHz" - }, - "version": { - "description": "2095.078" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/3": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cpu sockets" - }, - "version": { - "description": "2" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/4": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cpu stepping" - }, - "version": { - "description": "0" - } - } - } - } - } - } - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/platform": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/platform/0": { - "nestedStats": { - "entries": { - "baseMac": { - "description": "fa:16:3e:d0:b0:df" - }, - "biosRev": { - "description": " " - }, - "cloudName": { - "description": " " - }, - "hypervisorName": { - "description": "VMware Virtual Platform" - }, - "marketingName": { - "description": "BIG-IP Virtual Edition" - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/system-info": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/system-info/0": { - "nestedStats": { - "entries": { - "bigipChassisSerialNum": { - "description": "422523af-d321-e711-e8cbbe41b2c3" - }, - "hostBoardPartRevNum": { - "description": " " - }, - "hostBoardSerialNum": { - "description": " " - }, - "platform": { - "description": "Z100" - }, - "project_200LevelBomNum": { - "description": " " - }, - "switchBoardPartRevNum": { - "description": " " - }, - "switchBoardSerialNum": { - "description": " " - } - } - } - } - } - } - } - } -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_hardware_sizeInMb.json b/tests/unit/payloads/bigip_mgmt_sys_hardware_sizeInMb.json deleted file mode 100644 index d7befc43..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_hardware_sizeInMb.json +++ /dev/null @@ -1,240 +0,0 @@ -{ - "kind": "tm:sys:hardware:hardwarestats", - "selfLink": "https://localhost/mgmt/tm/sys/hardware?ver=15.1.0.1", - "entries": { - "https://localhost/mgmt/tm/sys/hardware/chassis-info": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/chassis-info/0": { - "nestedStats": { - "entries": { - "maxMacCount": { - "value": 1 - }, - "regKey": { - "description": "-" - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardware-version": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/hardware-version/HD1": { - "nestedStats": { - "entries": { - "model": { - "description": "Virtual disk" - }, - "tmName": { - "description": "HD1" - }, - "type": { - "description": "physical-disk" - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions/0": { - "nestedStats": { - "entries": { - "tmName": { - "description": "SerialNumber" - }, - "version": { - "description": "VMware-sda" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions/1": { - "nestedStats": { - "entries": { - "tmName": { - "description": "Size" - }, - "version": { - "description": "154.00M" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions/2": { - "nestedStats": { - "entries": { - "tmName": { - "description": "Firmware Version" - }, - "version": { - "description": "2.0" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/HD1/versions/3": { - "nestedStats": { - "entries": { - "tmName": { - "description": "Media Type" - }, - "version": { - "description": "HDD" - } - } - } - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardware-version/cpus": { - "nestedStats": { - "entries": { - "model": { - "description": "Intel(R) Xeon(R) Platinum 8160 CPU @ 2.10GHz" - }, - "tmName": { - "description": "cpus" - }, - "type": { - "description": "base-board" - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/0": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cache size" - }, - "version": { - "description": "33792 KB" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/1": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cores" - }, - "version": { - "description": "2 (physical:2)" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/2": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cpu MHz" - }, - "version": { - "description": "2095.078" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/3": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cpu sockets" - }, - "version": { - "description": "2" - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/hardwareVersion/cpus/versions/4": { - "nestedStats": { - "entries": { - "tmName": { - "description": "cpu stepping" - }, - "version": { - "description": "0" - } - } - } - } - } - } - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/platform": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/platform/0": { - "nestedStats": { - "entries": { - "baseMac": { - "description": "fa:16:3e:d0:b0:df" - }, - "biosRev": { - "description": " " - }, - "cloudName": { - "description": " " - }, - "hypervisorName": { - "description": "VMware Virtual Platform" - }, - "marketingName": { - "description": "BIG-IP Virtual Edition" - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/hardware/system-info": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/hardware/system-info/0": { - "nestedStats": { - "entries": { - "bigipChassisSerialNum": { - "description": "422523af-d321-e711-e8cbbe41b2c3" - }, - "hostBoardPartRevNum": { - "description": " " - }, - "hostBoardSerialNum": { - "description": " " - }, - "platform": { - "description": "Z100" - }, - "project_200LevelBomNum": { - "description": " " - }, - "switchBoardPartRevNum": { - "description": " " - }, - "switchBoardSerialNum": { - "description": " " - } - } - } - } - } - } - } - } -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_installed_packages.json b/tests/unit/payloads/bigip_mgmt_sys_installed_packages.json deleted file mode 100644 index 819f0c81..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_installed_packages.json +++ /dev/null @@ -1,72 +0,0 @@ -{ - "items": [ - { - "id": "1241344f-04f9-3594-b6cb-f7989ebff7df", - "appName": "f5-service-discovery", - "packageName": "f5-service-discovery-1.2.9-2.noarch", - "version": "1.2.9", - "release": "2", - "arch": "noarch", - "tags": [ - "PLUGIN" - ], - "status": "READY", - "generation": 2, - "lastUpdateMicros": 1595010971024130, - "kind": "shared:iapp:installed-packages:installedpackagestate", - "selfLink": "https://localhost/mgmt/shared/iapp/installed-packages/1241344f-04f9-3594-b6cb-f7989ebff7df" - }, - { - "id": "316c0f71-a1d2-3fbc-a04c-26c8b3262e1e", - "appName": "f5-declarative-onboarding", - "packageName": "f5-declarative-onboarding-1.10.0-2.noarch", - "version": "1.10.0", - "release": "2", - "arch": "noarch", - "tags": [ - "PLUGIN" - ], - "status": "READY", - "generation": 2, - "lastUpdateMicros": 1595010947832266, - "kind": "shared:iapp:installed-packages:installedpackagestate", - "selfLink": "https://localhost/mgmt/shared/iapp/installed-packages/316c0f71-a1d2-3fbc-a04c-26c8b3262e1e" - }, - { - "id": "5b78671e-01ea-3d87-b255-4f6da6047846", - "appName": "f5-appsvcs", - "packageName": "f5-appsvcs-3.20.0-3.noarch", - "version": "3.20.0", - "release": "3", - "arch": "noarch", - "tags": [ - "PLUGIN" - ], - "status": "READY", - "generation": 2, - "lastUpdateMicros": 1595010964476038, - "kind": "shared:iapp:installed-packages:installedpackagestate", - "selfLink": "https://localhost/mgmt/shared/iapp/installed-packages/5b78671e-01ea-3d87-b255-4f6da6047846" - }, - { - "id": "fd54cb55-cc2c-3385-962c-7e23eceab16a", - "appName": "f5-appsvcs-templates", - "packageName": "f5-appsvcs-templates-1.1.0-1.noarch", - "version": "1.1.0", - "release": "1", - "arch": "noarch", - "tags": [ - "IAPP" - ], - "status": "READY", - "generation": 2, - "lastUpdateMicros": 1595010967056559, - "kind": "shared:iapp:installed-packages:installedpackagestate", - "selfLink": "https://localhost/mgmt/shared/iapp/installed-packages/fd54cb55-cc2c-3385-962c-7e23eceab16a" - } - ], - "generation": 8, - "kind": "shared:iapp:installed-packages:installedpackagecollectionstate", - "lastUpdateMicros": 1595010971024972, - "selfLink": "https://localhost/mgmt/shared/iapp/installed-packages" -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_license.json b/tests/unit/payloads/bigip_mgmt_sys_license.json deleted file mode 100644 index c44a0890..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_license.json +++ /dev/null @@ -1,72 +0,0 @@ -{ - "kind": "tm:sys:license:licensestats", - "selfLink": "https://localhost/mgmt/tm/sys/license?ver=15.1.0.1", - "entries": { - "https://localhost/mgmt/tm/sys/license/0": { - "nestedStats": { - "entries": { - "dailyRenewNotifPeriod": { - "description": "5" - }, - "licenseEndDate": { - "description": "2020/09/04" - }, - "licenseStartDate": { - "description": "2020/07/19" - }, - "licensedOnDate": { - "description": "2020/07/20" - }, - "licensedVersion": { - "description": "15.1.0" - }, - "maxPermittedVersion": { - "description": "15.*.*" - }, - "minPermittedVersion": { - "description": "5.*.*" - }, - "platformId": { - "description": "Z100" - }, - "registrationKey": { - "description": "XFHKB-LZTKO-JARFT-KRFAA-IAWCOJO" - }, - "serviceCheckDate": { - "description": "2020/07/20" - }, - "https://localhost/mgmt/tm/sys/license/0/active-modules": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/license/0/active-modules/%22APM,%20Base,%20VE%20GBB%20(500%20CCU)%22": { - "nestedStats": { - "entries": { - "featureModules": { - "description": "{ \"Anti-Virus Checks\" \"Base Endpoint Security Checks\" \"Firewall Checks\" \"Network Access\" \"Secure Virtual Keyboard\" \"APM, Web Application\" \"Machine Certificate Checks\" \"Protected Workspace\" \"Remote Desktop\" \"App Tunnel\" \"APM, Base, VE GBB (500 CCU)\" }" - }, - "key": { - "description": "DDSBOKD-LYEHDUN" - } - } - } - }, - "https://localhost/mgmt/tm/sys/license/0/active-modules/%22BT-VE,%201G%22": { - "nestedStats": { - "entries": { - "featureModules": { - "description": "{ \"Rate Shaping\" \"SDN Services, VE\" \"SSL, VE\" \"Routing Bundle, VE\" \"ASM, VE\" \"DNS-GTM, Base, 1Gbps\" \"Acceleration Manager, VE\" \"Max Compression, VE\" \"AFM, VE\" \"DNSSEC\" \"DNS Rate Limit, 1000 QPS\" \"GTM Rate, 1000\" \"VE, Carrier Grade NAT (AFM ONLY)\" \"PSM, VE\" \"BT-VE, 1G\" }" - }, - "key": { - "description": "BJVCBDQ-FECPYVP" - } - } - } - } - } - } - } - } - } - } - } -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_logical_disk.json b/tests/unit/payloads/bigip_mgmt_sys_logical_disk.json deleted file mode 100644 index dda1cef4..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_logical_disk.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "kind": "tm:sys:disk:logical-disk:logical-diskcollectionstate", - "selfLink": "https://localhost/mgmt/tm/sys/disk/logical-disk?ver=15.1.0.4", - "items": [ - { - "kind": "tm:sys:disk:logical-disk:logical-diskstate", - "name": "HD1", - "fullPath": "HD1", - "generation": 54, - "selfLink": "https://localhost/mgmt/tm/sys/disk/logical-disk/HD1?ver=15.1.0.4", - "mode": "mixed", - "size": 77824, - "vgFree": 21420, - "vgInUse": 56184, - "vgReserved": 0 - } - ] -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_management_ip.json b/tests/unit/payloads/bigip_mgmt_sys_management_ip.json deleted file mode 100644 index 53f10915..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_management_ip.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "kind": "tm:sys:management-ip:management-ipcollectionstate", - "selfLink": "https://localhost/mgmt/tm/sys/management-ip?ver=15.1.0.1", - "items": [ - { - "kind": "tm:sys:management-ip:management-ipstate", - "name": "10.145.67.83/18", - "fullPath": "10.145.67.83/18", - "generation": 42787, - "selfLink": "https://localhost/mgmt/tm/sys/management-ip/10.145.67.83~18?ver=15.1.0.1", - "description": "configured-by-dhcp" - } - ] -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_memory.json b/tests/unit/payloads/bigip_mgmt_sys_memory.json deleted file mode 100644 index f49bfca9..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_memory.json +++ /dev/null @@ -1,11100 +0,0 @@ -{ - "kind": "tm:sys:memory:memorystats", - "selfLink": "https://localhost/mgmt/tm/sys/memory?ver=15.1.0.4", - "entries": { - "https://localhost/mgmt/tm/sys/memory/memory-host": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/memory/memory-host/0": { - "nestedStats": { - "entries": { - "hostId": { - "description": "0" - }, - "memoryFree": { - "value": 8166054208 - }, - "memoryTotal": { - "value": 14696775680 - }, - "memoryUsed": { - "value": 6530721472 - }, - "otherMemoryFree": { - "value": 3508248576 - }, - "otherMemoryTotal": { - "value": 9466478592 - }, - "otherMemoryUsed": { - "value": 5958230016 - }, - "swapFree": { - "value": 1042010112 - }, - "swapTotal": { - "value": 1048571904 - }, - "swapUsed": { - "value": 6561792 - }, - "tmmMemoryFree": { - "value": 4657805632 - }, - "tmmMemoryTotal": { - "value": 5230297088 - }, - "tmmMemoryUsed": { - "value": 572491456 - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/memory/memory-subsys/AAA_IVS_CTX": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "AAA_IVS_CTX" - }, - "size": { - "value": 448 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ADM%20Mitigation": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ADM Mitigation" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ADM%20Statistics": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ADM Statistics" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/APMD%20proxy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "APMD proxy" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Application%20Family%20Name": { - "nestedStats": { - "entries": { - "allocated": { - "value": 4235872 - }, - "maxAllocated": { - "value": 4235872 - }, - "tmName": { - "description": "Application Family Name" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Application%20filter": { - "nestedStats": { - "entries": { - "allocated": { - "value": 835584 - }, - "maxAllocated": { - "value": 835584 - }, - "tmName": { - "description": "Application filter" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/BIGTCP%20PKTSEG%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "BIGTCP PKTSEG cache" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Bot%20Defense": { - "nestedStats": { - "entries": { - "allocated": { - "value": 379200 - }, - "maxAllocated": { - "value": 379200 - }, - "tmName": { - "description": "Bot Defense" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Content%20Analysis": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Content Analysis" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Content%20Classification": { - "nestedStats": { - "entries": { - "allocated": { - "value": 278528 - }, - "maxAllocated": { - "value": 278528 - }, - "tmName": { - "description": "Content Classification" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/DHCP%20lease%20query%20transaction": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "DHCP lease query transaction" - }, - "size": { - "value": 2128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/DHCPv4%20transaction": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "DHCPv4 transaction" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/DHCPv6%20transaction": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "DHCPv6 transaction" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/DNS%20DOS%20profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "DNS DOS profile" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/DWBL": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "DWBL" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/DoS%20Layer%207": { - "nestedStats": { - "entries": { - "allocated": { - "value": 9866848 - }, - "maxAllocated": { - "value": 9866848 - }, - "tmName": { - "description": "DoS Layer 7" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/DoS%20Layer%207%20ACY": { - "nestedStats": { - "entries": { - "allocated": { - "value": 143937952 - }, - "maxAllocated": { - "value": 143937952 - }, - "tmName": { - "description": "DoS Layer 7 ACY" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/DoS%20Network%20Whitelist": { - "nestedStats": { - "entries": { - "allocated": { - "value": 258416 - }, - "maxAllocated": { - "value": 258416 - }, - "tmName": { - "description": "DoS Network Whitelist" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ECM": { - "nestedStats": { - "entries": { - "allocated": { - "value": 6496 - }, - "maxAllocated": { - "value": 6496 - }, - "tmName": { - "description": "ECM" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/FPS": { - "nestedStats": { - "entries": { - "allocated": { - "value": 217536 - }, - "maxAllocated": { - "value": 217536 - }, - "tmName": { - "description": "FPS" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/FPS%20Configuration": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1091040 - }, - "maxAllocated": { - "value": 1091040 - }, - "tmName": { - "description": "FPS Configuration" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Firewall%20Auto%20Discovery": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Firewall Auto Discovery" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Firewall%20BDoS": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Firewall BDoS" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Firewall%20FQDN": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Firewall FQDN" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Firewall%20NAT": { - "nestedStats": { - "entries": { - "allocated": { - "value": 20480 - }, - "maxAllocated": { - "value": 20480 - }, - "tmName": { - "description": "Firewall NAT" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/IKE%20DEVBUF": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "IKE DEVBUF" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/IKE%20LIB": { - "nestedStats": { - "entries": { - "allocated": { - "value": 11072 - }, - "maxAllocated": { - "value": 11072 - }, - "tmName": { - "description": "IKE LIB" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/IKE%20VBUF": { - "nestedStats": { - "entries": { - "allocated": { - "value": 58624 - }, - "maxAllocated": { - "value": 58624 - }, - "tmName": { - "description": "IKE VBUF" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/IKEV2": { - "nestedStats": { - "entries": { - "allocated": { - "value": 10501120 - }, - "maxAllocated": { - "value": 10501120 - }, - "tmName": { - "description": "IKEV2" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/IPFIX%20MDS": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "IPFIX MDS" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/IPFIX%20Proxy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "IPFIX Proxy" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/IPFIX%20iRules": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "IPFIX iRules" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/In-TMM%20monitoring%20activity": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "In-TMM monitoring activity" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/L3%20Rate%20Limit": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "L3 Rate Limit" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/LSN": { - "nestedStats": { - "entries": { - "allocated": { - "value": 206848 - }, - "maxAllocated": { - "value": 206856 - }, - "tmName": { - "description": "LSN" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/LSN%20address%20stats": { - "nestedStats": { - "entries": { - "allocated": { - "value": 10240 - }, - "maxAllocated": { - "value": 10240 - }, - "tmName": { - "description": "LSN address stats" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/LTM%20addr%20list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "LTM addr list" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Layer%202%20Opaque": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Layer 2 Opaque" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Log%20Profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8704 - }, - "maxAllocated": { - "value": 8704 - }, - "tmName": { - "description": "Log Profile" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/MW_HASH_COOKIE": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "MW_HASH_COOKIE" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/MW_HASH_TOPIC": { - "nestedStats": { - "entries": { - "allocated": { - "value": 4480 - }, - "maxAllocated": { - "value": 4480 - }, - "tmName": { - "description": "MW_HASH_TOPIC" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Monitor%20probe%20context%20for%20MRF%20S": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Monitor probe context for MRF S" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/NETFLOW": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "NETFLOW" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/NIST%20CAVS%20tests": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "NIST CAVS tests" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/NSH": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "NSH" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Netflow%20Protected%20Server": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Netflow Protected Server" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Network%20DoS%20profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Network DoS profile" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/OAuth": { - "nestedStats": { - "entries": { - "allocated": { - "value": 504184 - }, - "maxAllocated": { - "value": 504184 - }, - "tmName": { - "description": "OAuth" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/OAuth%20Database": { - "nestedStats": { - "entries": { - "allocated": { - "value": 224 - }, - "maxAllocated": { - "value": 224 - }, - "tmName": { - "description": "OAuth Database" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/OFFBOX": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "OFFBOX" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/OFFBOX_CHANNELS": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "OFFBOX_CHANNELS" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/OFFBOX_CONFIG": { - "nestedStats": { - "entries": { - "allocated": { - "value": 43520 - }, - "maxAllocated": { - "value": 43520 - }, - "tmName": { - "description": "OFFBOX_CONFIG" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/OFFBOX_CONN": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "OFFBOX_CONN" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/OFFBOX_MESSAGES": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "OFFBOX_MESSAGES" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/OFFBOX_TCL": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "OFFBOX_TCL" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/PEM%20PSC%20CFINFO": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "PEM PSC CFINFO" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/PEM%20Subscriber%20Context": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "PEM Subscriber Context" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/PSPM%20PSC%20session%20delete%20context": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "PSPM PSC session delete context" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/QUIC%20lookup%20entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "QUIC lookup entry" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/QUIC%20packet": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "QUIC packet" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/QUIC%20sack": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "QUIC sack" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/QUIC%20segment": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "QUIC segment" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Quality%20Qf%20Experience": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Quality Qf Experience" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/RISK": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "RISK" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/RISK_CACHE": { - "nestedStats": { - "entries": { - "allocated": { - "value": 147456 - }, - "maxAllocated": { - "value": 147456 - }, - "tmName": { - "description": "RISK_CACHE" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/RISK_CONFIG": { - "nestedStats": { - "entries": { - "allocated": { - "value": 65888 - }, - "maxAllocated": { - "value": 65888 - }, - "tmName": { - "description": "RISK_CONFIG" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/RISK_TOKENS": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "RISK_TOKENS" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/RLE%20bitmap": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "RLE bitmap" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Radius%20AAA": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Radius AAA" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Rate%20shaper%20flow_key%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Rate shaper flow_key cache" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/SCRUBBER%20PUBLISHER": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "SCRUBBER PUBLISHER" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/SCTP%20buffer": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "SCTP buffer" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/SCTP%20chunk": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "SCTP chunk" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/SFC": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "SFC" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/SIP%20DOS%20profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "SIP DOS profile" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/SSL%20EB%20Tree": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "SSL EB Tree" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/SSL%20Orchestrator": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "SSL Orchestrator" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/SSP_SPM_POLICY_CACHE": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "SSP_SPM_POLICY_CACHE" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Security%20Packet%20Filter.": { - "nestedStats": { - "entries": { - "allocated": { - "value": 832 - }, - "maxAllocated": { - "value": 832 - }, - "tmName": { - "description": "Security Packet Filter." - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Shared%20IPTBL": { - "nestedStats": { - "entries": { - "allocated": { - "value": 528768 - }, - "maxAllocated": { - "value": 528768 - }, - "tmName": { - "description": "Shared IPTBL" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP4%20SACK": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TCP4 SACK" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP4%20SACK%20hole": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TCP4 SACK hole" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP4%20lost%20segment": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TCP4 lost segment" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP4%20segment": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TCP4 segment" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP%20SACK": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TCP SACK" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP%20SACK%20hole": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TCP SACK hole" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP%20lost%20segment": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TCP lost segment" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP%20qdiffsample%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TCP qdiffsample cache" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TCP%20segment": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 240 - }, - "tmName": { - "description": "TCP segment" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/TMC%20key": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "TMC key" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Tmstat%20internal%20structures": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2051832 - }, - "maxAllocated": { - "value": 2051832 - }, - "tmName": { - "description": "Tmstat internal structures" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Traffic%20Matching%20Criteria": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1328832 - }, - "maxAllocated": { - "value": 1328832 - }, - "tmName": { - "description": "Traffic Matching Criteria" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/URL%20Categorization%20Library": { - "nestedStats": { - "entries": { - "allocated": { - "value": 172352 - }, - "maxAllocated": { - "value": 172352 - }, - "tmName": { - "description": "URL Categorization Library" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/URL%20Classification": { - "nestedStats": { - "entries": { - "allocated": { - "value": 160 - }, - "maxAllocated": { - "value": 160 - }, - "tmName": { - "description": "URL Classification" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/Unit%20Testing": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "Unit Testing" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/aaa_saml_server_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "aaa_saml_server_entries" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/aaa_saml_server_idp_connector_e": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "aaa_saml_server_idp_connector_e" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/aaa_saml_server_idp_connector_i": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "aaa_saml_server_idp_connector_i" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access": { - "nestedStats": { - "entries": { - "allocated": { - "value": 4739200 - }, - "maxAllocated": { - "value": 4739200 - }, - "tmName": { - "description": "access" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access2": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1824 - }, - "maxAllocated": { - "value": 1824 - }, - "tmName": { - "description": "access2" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_acp_msg": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_acp_msg" - }, - "size": { - "value": 64000 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_bwc_items": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_bwc_items" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_log_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1280 - }, - "maxAllocated": { - "value": 1280 - }, - "tmName": { - "description": "access_log_entries" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_profile_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_profile_entry" - }, - "size": { - "value": 1280 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_session_batch": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_session_batch" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_session_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_session_data" - }, - "size": { - "value": 640 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_session_items": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_session_items" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_session_variables": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_session_variables" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_slist_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_slist_entry" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_str_t": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_str_t" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_uri_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_uri_info" - }, - "size": { - "value": 32824 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_uuid_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "access_uuid_entries" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/access_whitelist_uri_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1236992 - }, - "maxAllocated": { - "value": 1236992 - }, - "tmName": { - "description": "access_whitelist_uri_entries" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/acl": { - "nestedStats": { - "entries": { - "allocated": { - "value": 25856 - }, - "maxAllocated": { - "value": 25856 - }, - "tmName": { - "description": "acl" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/acl%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "acl cache" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/acl_build_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "acl_build_ctx" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/acl_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "acl_entry" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/acl_hudnode_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "acl_hudnode_data" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/acl_item": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "acl_item" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/acs_hudnode_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "acs_hudnode_data" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/acs_queue_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "acs_queue_data" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/address_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "address_entry" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/api_black_white_list_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "api_black_white_list_entries" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/api_path_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "api_path_entries" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/api_profile_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 43552 - }, - "maxAllocated": { - "value": 43552 - }, - "tmName": { - "description": "api_profile_entries" - }, - "size": { - "value": 10888 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/api_server_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "api_server_entries" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/apiprotection": { - "nestedStats": { - "entries": { - "allocated": { - "value": 128 - }, - "maxAllocated": { - "value": 128 - }, - "tmName": { - "description": "apiprotection" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/apm_app_item": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "apm_app_item" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/apm_log_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 524672 - }, - "maxAllocated": { - "value": 524672 - }, - "tmName": { - "description": "apm_log_entries" - }, - "size": { - "value": 65584 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/apm_log_profile_access_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "apm_log_profile_access_entries" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/apm_log_profile_access_item_ent": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "apm_log_profile_access_item_ent" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/apm_resource_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "apm_resource_info" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/apm_resource_item": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "apm_resource_item" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/auth": { - "nestedStats": { - "entries": { - "allocated": { - "value": 3072 - }, - "maxAllocated": { - "value": 3072 - }, - "tmName": { - "description": "auth" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/auth_domain": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "auth_domain" - }, - "size": { - "value": 5168 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/avr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1152 - }, - "maxAllocated": { - "value": 1152 - }, - "tmName": { - "description": "avr" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/bbr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "bbr" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/bigip_connection": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 6656 - }, - "tmName": { - "description": "bigip_connection" - }, - "size": { - "value": 832 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/bwc": { - "nestedStats": { - "entries": { - "allocated": { - "value": 3588096 - }, - "maxAllocated": { - "value": 3588096 - }, - "tmName": { - "description": "bwc" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/bwc_flow_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "bwc_flow_ctx" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/bwc_measure_instance": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "bwc_measure_instance" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/bwc_shaper": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "bwc_shaper" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/cec": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1568 - }, - "maxAllocated": { - "value": 1568 - }, - "tmName": { - "description": "cec" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/cec_table_item_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "cec_table_item_cache" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/centralized%20management": { - "nestedStats": { - "entries": { - "allocated": { - "value": 220288 - }, - "maxAllocated": { - "value": 220288 - }, - "tmName": { - "description": "centralized management" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/cipher": { - "nestedStats": { - "entries": { - "allocated": { - "value": 81920 - }, - "maxAllocated": { - "value": 81920 - }, - "tmName": { - "description": "cipher" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/citrix_client_bundle": { - "nestedStats": { - "entries": { - "allocated": { - "value": 320 - }, - "maxAllocated": { - "value": 320 - }, - "tmName": { - "description": "citrix_client_bundle" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/client_policy_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 3584 - }, - "maxAllocated": { - "value": 3584 - }, - "tmName": { - "description": "client_policy_entries" - }, - "size": { - "value": 896 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/clientssl_certkeychain_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1120 - }, - "maxAllocated": { - "value": 1120 - }, - "tmName": { - "description": "clientssl_certkeychain_list" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/clientssl_ocsp_stapling_paramet": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "clientssl_ocsp_stapling_paramet" - }, - "size": { - "value": 9272 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/cmp": { - "nestedStats": { - "entries": { - "allocated": { - "value": 384 - }, - "maxAllocated": { - "value": 384 - }, - "tmName": { - "description": "cmp" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/config_snapshots": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "config_snapshots" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/connector": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "connector" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/connflow": { - "nestedStats": { - "entries": { - "allocated": { - "value": 7424 - }, - "maxAllocated": { - "value": 8192 - }, - "tmName": { - "description": "connflow" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/crl_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "crl_list" - }, - "size": { - "value": 2072 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/crypto%20codec": { - "nestedStats": { - "entries": { - "allocated": { - "value": 256 - }, - "maxAllocated": { - "value": 256 - }, - "tmName": { - "description": "crypto codec" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/crypto_irule_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "crypto_irule_ctx" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/crypto_transport_server_req_cac": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "crypto_transport_server_req_cac" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ctc_req_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ctc_req_cache" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ctc_req_ctx_dh_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ctc_req_ctx_dh_cache" - }, - "size": { - "value": 8 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ctc_req_ctx_ecdh_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ctc_req_ctx_ecdh_cache" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/cubic%20data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "cubic data" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dag": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dag" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/data%20sync%20lib": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "data sync lib" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dedup": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dedup" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dedup_xact_op_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dedup_xact_op_ctx" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/deflate": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "deflate" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/devbuf": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1850360 - }, - "maxAllocated": { - "value": 1850360 - }, - "tmName": { - "description": "devbuf" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dhcp_leasequery_transaction_cac": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dhcp_leasequery_transaction_cac" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dhcp_transaction_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dhcp_transaction_cache" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dht": { - "nestedStats": { - "entries": { - "allocated": { - "value": 36352 - }, - "maxAllocated": { - "value": 36352 - }, - "tmName": { - "description": "dht" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dht%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 3584 - }, - "maxAllocated": { - "value": 3584 - }, - "tmName": { - "description": "dht cache" - }, - "size": { - "value": 448 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dht_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dht_entry" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dht_reply_hud_token": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dht_reply_hud_token" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dht_request": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dht_request" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dht_request_local": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dht_request_local" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/diam_msg": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "diam_msg" - }, - "size": { - "value": 384 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/diam_retrans": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "diam_retrans" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns64_entry_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dns64_entry_cache" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns%20cache%20resolver": { - "nestedStats": { - "entries": { - "allocated": { - "value": 34630304 - }, - "maxAllocated": { - "value": 34630304 - }, - "tmName": { - "description": "dns cache resolver" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns%20cache%20resolver%20ub%20ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dns cache resolver ub ctx" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns%20express": { - "nestedStats": { - "entries": { - "allocated": { - "value": 154368 - }, - "maxAllocated": { - "value": 154368 - }, - "tmName": { - "description": "dns express" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns%20security": { - "nestedStats": { - "entries": { - "allocated": { - "value": 448 - }, - "maxAllocated": { - "value": 448 - }, - "tmName": { - "description": "dns security" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns_hw_cfg_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dns_hw_cfg_cache" - }, - "size": { - "value": 69664 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns_ldns": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dns_ldns" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns_path": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dns_path" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns_persistence": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dns_persistence" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dns_qname_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dns_qname_cache" - }, - "size": { - "value": 1280 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dnssec_pkt": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dnssec_pkt" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dnssec_rrset": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dnssec_rrset" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dnssec_rrsig": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dnssec_rrsig" - }, - "size": { - "value": 4248 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dnssec_sig_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dnssec_sig_cache" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dnssec_xfr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dnssec_xfr" - }, - "size": { - "value": 448 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dnssec_xfr_ns_target": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dnssec_xfr_ns_target" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dnssec_xfr_nsec3": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dnssec_xfr_nsec3" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dpi": { - "nestedStats": { - "entries": { - "allocated": { - "value": 69536 - }, - "maxAllocated": { - "value": 69536 - }, - "tmName": { - "description": "dpi" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dpi_shared_pcb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dpi_shared_pcb" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/drop_policy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 640 - }, - "maxAllocated": { - "value": 640 - }, - "tmName": { - "description": "drop_policy" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/dynad": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "dynad" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/errdefs": { - "nestedStats": { - "entries": { - "allocated": { - "value": 512936 - }, - "maxAllocated": { - "value": 512936 - }, - "tmName": { - "description": "errdefs" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/evtimer": { - "nestedStats": { - "entries": { - "allocated": { - "value": 384 - }, - "maxAllocated": { - "value": 384 - }, - "tmName": { - "description": "evtimer" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fad_address_bnode": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1280 - }, - "maxAllocated": { - "value": 1280 - }, - "tmName": { - "description": "fad_address_bnode" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fad_program_listener_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fad_program_listener_info" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fad_string_map_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fad_string_map_entry" - }, - "size": { - "value": 640 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fad_string_map_hash": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fad_string_map_hash" - }, - "size": { - "value": 512 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fast_dns_pl_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fast_dns_pl_cache" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/filter": { - "nestedStats": { - "entries": { - "allocated": { - "value": 3294856 - }, - "maxAllocated": { - "value": 3297280 - }, - "tmName": { - "description": "filter" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/flow%20forwarding": { - "nestedStats": { - "entries": { - "allocated": { - "value": 10490016 - }, - "maxAllocated": { - "value": 10490016 - }, - "tmName": { - "description": "flow forwarding" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/flow%20streams": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "flow streams" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::crypto_req_ctx_rsa": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::crypto_req_ctx_rsa" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::crypto_req_rsa_cipher": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::crypto_req_rsa_cipher" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_alert": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_alert" - }, - "size": { - "value": 384 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_auto_trans": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_auto_trans" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_bait": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_bait" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_bait_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_bait_list" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_custom_alert_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_custom_alert_list" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_custom_alert_raw_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_custom_alert_raw_list" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_decrypt_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_decrypt_data" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_found_custom_alert": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_found_custom_alert" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_found_encrypted_param": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_found_encrypted_param" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_found_inject_tag": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_found_inject_tag" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_global_url": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_global_url" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_global_url_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_global_url_info" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_header_custom_alert": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_header_custom_alert" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_header_custom_alert_li": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_header_custom_alert_li" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_ip_custom_alert": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_ip_custom_alert" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_malware": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_malware" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_malware_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_malware_info" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_malware_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_malware_list" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_mobilesafe": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2560 - }, - "maxAllocated": { - "value": 2560 - }, - "tmName": { - "description": "fps::fps_mobilesafe" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_mobilesafe_common": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_mobilesafe_common" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_mobilesafe_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_mobilesafe_data" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_mobilesafe_mitm_domain": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_mobilesafe_mitm_domain" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_mobilesafe_os": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_mobilesafe_os" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_parameter": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8192 - }, - "maxAllocated": { - "value": 8192 - }, - "tmName": { - "description": "fps::fps_parameter" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_parameter_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 192 - }, - "maxAllocated": { - "value": 192 - }, - "tmName": { - "description": "fps::fps_parameter_list" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_parameter_parser": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_parameter_parser" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_path_custom_alert": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_path_custom_alert" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_pcb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_pcb" - }, - "size": { - "value": 1536 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 768 - }, - "maxAllocated": { - "value": 768 - }, - "tmName": { - "description": "fps::fps_profile" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_profile_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 16384 - }, - "maxAllocated": { - "value": 16384 - }, - "tmName": { - "description": "fps::fps_profile_info" - }, - "size": { - "value": 2048 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_rule": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_rule" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_rule_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_rule_list" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_shared_ptr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 960 - }, - "maxAllocated": { - "value": 960 - }, - "tmName": { - "description": "fps::fps_shared_ptr" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_str_custom_alert": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_str_custom_alert" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_url": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2560 - }, - "maxAllocated": { - "value": 2560 - }, - "tmName": { - "description": "fps::fps_url" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_url_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8192 - }, - "maxAllocated": { - "value": 8192 - }, - "tmName": { - "description": "fps::fps_url_info" - }, - "size": { - "value": 1024 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_url_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 96 - }, - "maxAllocated": { - "value": 96 - }, - "tmName": { - "description": "fps::fps_url_list" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_user_full_record": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_user_full_record" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_user_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_user_info" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fps::fps_vcrypt_staging_mode_da": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fps::fps_vcrypt_staging_mode_da" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fred_cb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fred_cb" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/fred_flow_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "fred_flow_data" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/gpa": { - "nestedStats": { - "entries": { - "allocated": { - "value": 67584 - }, - "maxAllocated": { - "value": 67584 - }, - "tmName": { - "description": "gpa" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/gpa_applications": { - "nestedStats": { - "entries": { - "allocated": { - "value": 950656 - }, - "maxAllocated": { - "value": 950656 - }, - "tmName": { - "description": "gpa_applications" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/gpa_categories": { - "nestedStats": { - "entries": { - "allocated": { - "value": 39936 - }, - "maxAllocated": { - "value": 39936 - }, - "tmName": { - "description": "gpa_categories" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/gpa_classif_pcb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "gpa_classif_pcb" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/gpa_shared_pcb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "gpa_shared_pcb" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/gpa_urlcats": { - "nestedStats": { - "entries": { - "allocated": { - "value": 66560 - }, - "maxAllocated": { - "value": 66560 - }, - "tmName": { - "description": "gpa_urlcats" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ha_context_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ha_context_cache" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ha_cursor_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ha_cursor_cache" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/html%20rule": { - "nestedStats": { - "entries": { - "allocated": { - "value": 16384 - }, - "maxAllocated": { - "value": 16384 - }, - "tmName": { - "description": "html rule" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/html_rule": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "html_rule" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/html_rule_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "html_rule_list" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/http2_frame": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "http2_frame" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/http2_stream": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "http2_stream" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/http_ck_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "http_ck_cache" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/http_cookie": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "http_cookie" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/http_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "http_data" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/http_persist": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "http_persist" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/hud_message_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "hud_message_ctx" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/hud_oob": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "hud_oob" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ifc": { - "nestedStats": { - "entries": { - "allocated": { - "value": 21504 - }, - "maxAllocated": { - "value": 21504 - }, - "tmName": { - "description": "ifc" - }, - "size": { - "value": 768 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ifnet": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8040448 - }, - "maxAllocated": { - "value": 8040448 - }, - "tmName": { - "description": "ifnet" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ifvirt_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ifvirt_entry" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ike_crypto_req_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ike_crypto_req_cache" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ike_peer": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ike_peer" - }, - "size": { - "value": 640 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ike_req": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ike_req" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/inst_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "inst_entry" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/internal_proxy_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "internal_proxy_list" - }, - "size": { - "value": 4128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipfix_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipfix_cache" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipfix_conn_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipfix_conn_cache" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipfix_repo_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipfix_repo_cache" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipfix_template_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipfix_template_cache" - }, - "size": { - "value": 384 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips": { - "nestedStats": { - "entries": { - "allocated": { - "value": 6464 - }, - "maxAllocated": { - "value": 6464 - }, - "tmName": { - "description": "ips" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips-insection-profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ips-insection-profile" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips-inspection": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ips-inspection" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips-profile-status": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ips-profile-status" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips-service": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ips-service" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips-service-config-profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ips-service-config-profile" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips-service-port-profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ips-service-port-profile" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips-service-profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ips-service-profile" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ips-service-profile-filter": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ips-service-profile-filter" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipsec_crypto_req_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipsec_crypto_req_cache" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipsec_enc_auth_ctx_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipsec_enc_auth_ctx_cache" - }, - "size": { - "value": 616 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipsec_ike_ctx_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipsec_ike_ctx_cache" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipsec_ipcomp_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipsec_ipcomp_cache" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ipsec_policy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ipsec_policy" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/isess%20rid": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "isess rid" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/isession": { - "nestedStats": { - "entries": { - "allocated": { - "value": 295424 - }, - "maxAllocated": { - "value": 295424 - }, - "tmName": { - "description": "isession" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/isession_abort_stat": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "isession_abort_stat" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/isession_virt_compress_stats": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "isession_virt_compress_stats" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/isession_virt_stat": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "isession_virt_stat" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/join_cert_validator_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "join_cert_validator_list" - }, - "size": { - "value": 3176 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/km_crl_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "km_crl_ctx" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/km_ocsp_concurrent_conn_lim": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "km_ocsp_concurrent_conn_lim" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/km_ocsp_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "km_ocsp_ctx" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/l7%20policy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 3194880 - }, - "maxAllocated": { - "value": 3194880 - }, - "tmName": { - "description": "l7 policy" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/laddr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 3840 - }, - "maxAllocated": { - "value": 3840 - }, - "tmName": { - "description": "laddr" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/lasthop": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1792 - }, - "maxAllocated": { - "value": 2304 - }, - "tmName": { - "description": "lasthop" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/leasepool": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "leasepool" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/leasepool%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "leasepool cache" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/leasepool_mbr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "leasepool_mbr" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/libldns": { - "nestedStats": { - "entries": { - "allocated": { - "value": 291424 - }, - "maxAllocated": { - "value": 291424 - }, - "tmName": { - "description": "libldns" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/listener": { - "nestedStats": { - "entries": { - "allocated": { - "value": 6300992 - }, - "maxAllocated": { - "value": 6300992 - }, - "tmName": { - "description": "listener" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/listener%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 827904 - }, - "maxAllocated": { - "value": 852992 - }, - "tmName": { - "description": "listener cache" - }, - "size": { - "value": 896 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/listener%20key": { - "nestedStats": { - "entries": { - "allocated": { - "value": 4195584 - }, - "maxAllocated": { - "value": 4195584 - }, - "tmName": { - "description": "listener key" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/listener%20key%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 295680 - }, - "maxAllocated": { - "value": 304640 - }, - "tmName": { - "description": "listener key cache" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/local_route": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "local_route" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/loop_nexthop": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "loop_nexthop" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/lsn%20inbound%20bitmap": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "lsn inbound bitmap" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/lsn_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "lsn_entry" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/lsn_inbound_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "lsn_inbound_entry" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/lsn_pool": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "lsn_pool" - }, - "size": { - "value": 640 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/lsn_prefix": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "lsn_prefix" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/lw4o6_tbl_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "lw4o6_tbl_entry" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mac_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mac_entry" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/malloc": { - "nestedStats": { - "entries": { - "allocated": { - "value": 72800464 - }, - "maxAllocated": { - "value": 72800464 - }, - "tmName": { - "description": "malloc" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mblb_assoc%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mblb_assoc cache" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mblb_harness%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mblb_harness cache" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mblb_message%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mblb_message cache" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mblb_swinfo%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mblb_swinfo cache" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mco%20db": { - "nestedStats": { - "entries": { - "allocated": { - "value": 83886144 - }, - "maxAllocated": { - "value": 83886144 - }, - "tmName": { - "description": "mco db" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mcp": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8761152 - }, - "maxAllocated": { - "value": 8761152 - }, - "tmName": { - "description": "mcp" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mds_btree_nodes": { - "nestedStats": { - "entries": { - "allocated": { - "value": 6400 - }, - "maxAllocated": { - "value": 6400 - }, - "tmName": { - "description": "mds_btree_nodes" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mds_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mds_cache" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mds_connset": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mds_connset" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mds_message": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mds_message" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/memcache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 192 - }, - "maxAllocated": { - "value": 192 - }, - "tmName": { - "description": "memcache" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/memcache%20request%20items": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "memcache request items" - }, - "size": { - "value": 1792 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/messagerouter": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1271904 - }, - "maxAllocated": { - "value": 1271904 - }, - "tmName": { - "description": "messagerouter" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/method": { - "nestedStats": { - "entries": { - "allocated": { - "value": 10208 - }, - "maxAllocated": { - "value": 10208 - }, - "tmName": { - "description": "method" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mobile%20app%20manager": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mobile app manager" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/monitor%20agent": { - "nestedStats": { - "entries": { - "allocated": { - "value": 49152 - }, - "maxAllocated": { - "value": 49152 - }, - "tmName": { - "description": "monitor agent" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/monitor_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "monitor_ctx" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mpi_request": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mpi_request" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mqtt_message": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mqtt_message" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mqtt_slab": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mqtt_slab" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mr_pmbr_stat": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mr_pmbr_stat" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/multicast": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "multicast" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mw_cookie": { - "nestedStats": { - "entries": { - "allocated": { - "value": 128 - }, - "maxAllocated": { - "value": 128 - }, - "tmName": { - "description": "mw_cookie" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mw_kv": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mw_kv" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mw_msg": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mw_msg" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mw_msgbus": { - "nestedStats": { - "entries": { - "allocated": { - "value": 132096 - }, - "maxAllocated": { - "value": 132096 - }, - "tmName": { - "description": "mw_msgbus" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mw_msgp": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mw_msgp" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mw_pub": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2304 - }, - "maxAllocated": { - "value": 2304 - }, - "tmName": { - "description": "mw_pub" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mw_sub": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1280 - }, - "maxAllocated": { - "value": 1280 - }, - "tmName": { - "description": "mw_sub" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/mw_work": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "mw_work" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/neighbor_advertiser_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 320 - }, - "tmName": { - "description": "neighbor_advertiser_entry" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/neighbor_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 32000 - }, - "maxAllocated": { - "value": 32000 - }, - "tmName": { - "description": "neighbor_entry" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/net_ip": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2112 - }, - "maxAllocated": { - "value": 2112 - }, - "tmName": { - "description": "net_ip" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/network%20access": { - "nestedStats": { - "entries": { - "allocated": { - "value": 288 - }, - "maxAllocated": { - "value": 288 - }, - "tmName": { - "description": "network access" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/network%20access%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "network access cache" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/nps%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "nps cache" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_agent_item": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_agent_item" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_claim_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_claim_entries" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_client_app_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_client_app_entries" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_client_app_scope_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_client_app_scope_entries" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_client_app_scope_item_ent": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_client_app_scope_item_ent" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_crypto_contexts": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_crypto_contexts" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_crypto_key_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_crypto_key_entries" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_db_instance_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 32 - }, - "maxAllocated": { - "value": 32 - }, - "tmName": { - "description": "oauth_db_instance_entries" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_jwk_config_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_jwk_config_entries" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_profile_client_app_entrie": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_profile_client_app_entrie" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_profile_client_app_item_e": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_profile_client_app_item_e" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_profile_jwk_config_entrie": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_profile_jwk_config_entrie" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_profile_jwk_config_item_e": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_profile_jwk_config_item_e" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_profile_resource_server_e": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_profile_resource_server_e" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_profile_resource_server_i": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_profile_resource_server_i" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_request_item": { - "nestedStats": { - "entries": { - "allocated": { - "value": 29952 - }, - "maxAllocated": { - "value": 29952 - }, - "tmName": { - "description": "oauth_request_item" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_resource_server_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_resource_server_entries" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/oauth_scope_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "oauth_scope_entries" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ocsp_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ocsp_list" - }, - "size": { - "value": 4216 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ocsp_trans_list": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ocsp_trans_list" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/packet": { - "nestedStats": { - "entries": { - "allocated": { - "value": 411840 - }, - "maxAllocated": { - "value": 411840 - }, - "tmName": { - "description": "packet" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pcp": { - "nestedStats": { - "entries": { - "allocated": { - "value": 139712 - }, - "maxAllocated": { - "value": 139712 - }, - "tmName": { - "description": "pcp" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pcp_prefix": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pcp_prefix" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/peer_iclient": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "peer_iclient" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/peer_isession": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "peer_isession" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/peer_route": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "peer_route" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/peer_woc": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "peer_woc" - }, - "size": { - "value": 384 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pem": { - "nestedStats": { - "entries": { - "allocated": { - "value": 4377952 - }, - "maxAllocated": { - "value": 4377952 - }, - "tmName": { - "description": "pem" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pem%20format%20script": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pem format script" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pem%20forwarding%20endpoint": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pem forwarding endpoint" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pem%20intercept%20endpoint": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pem intercept endpoint" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pem%20service%20chain%20endpoint": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pem service chain endpoint" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pem_flow_bwc_handles": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pem_flow_bwc_handles" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pem_hud_cb_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pem_hud_cb_data" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pem_tcl_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pem_tcl_info" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/persist": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "persist" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/persistence": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1536 - }, - "maxAllocated": { - "value": 1536 - }, - "tmName": { - "description": "persistence" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pfkey_msg_stat": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2560 - }, - "maxAllocated": { - "value": 2560 - }, - "tmName": { - "description": "pfkey_msg_stat" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pingaccess": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pingaccess" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/plugin": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1279616 - }, - "maxAllocated": { - "value": 1279616 - }, - "tmName": { - "description": "plugin" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/plugin_message": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "plugin_message" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/policy_nexthop": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "policy_nexthop" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pool": { - "nestedStats": { - "entries": { - "allocated": { - "value": 141120 - }, - "maxAllocated": { - "value": 141120 - }, - "tmName": { - "description": "pool" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pool%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 21504 - }, - "maxAllocated": { - "value": 21504 - }, - "tmName": { - "description": "pool cache" - }, - "size": { - "value": 768 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/poolmbr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 76800 - }, - "maxAllocated": { - "value": 76800 - }, - "tmName": { - "description": "poolmbr" - }, - "size": { - "value": 640 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/poolprio": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "poolprio" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/port%20set": { - "nestedStats": { - "entries": { - "allocated": { - "value": 58880 - }, - "maxAllocated": { - "value": 60672 - }, - "tmName": { - "description": "port set" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pq": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pq" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/private": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "private" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/privileged%20user%20access": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "privileged user access" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 6321888 - }, - "maxAllocated": { - "value": 6321888 - }, - "tmName": { - "description": "profile" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/profile_nat_stats_config": { - "nestedStats": { - "entries": { - "allocated": { - "value": 448 - }, - "maxAllocated": { - "value": 448 - }, - "tmName": { - "description": "profile_nat_stats_config" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/proxy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2799776 - }, - "maxAllocated": { - "value": 2799776 - }, - "tmName": { - "description": "proxy" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/proxy%20exclude": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "proxy exclude" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/proxy_common_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "proxy_common_cache" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/proxy_common_pending_msg": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "proxy_common_pending_msg" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/proxy_connect_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "proxy_connect_data" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/proxy_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "proxy_ctx" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/proxy_tuple": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "proxy_tuple" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pua_auth_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pua_auth_entries" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pua_config_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pua_config_entries" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pua_ec_gen_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pua_ec_gen_ctx" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pua_verify_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pua_verify_ctx" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/pva": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "pva" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/queueing_method": { - "nestedStats": { - "entries": { - "allocated": { - "value": 512 - }, - "maxAllocated": { - "value": 512 - }, - "tmName": { - "description": "queueing_method" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/radius%20server": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8192 - }, - "maxAllocated": { - "value": 8192 - }, - "tmName": { - "description": "radius server" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/radius_server": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "radius_server" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ramcache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 462080 - }, - "maxAllocated": { - "value": 462080 - }, - "tmName": { - "description": "ramcache" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ramcache%20document": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ramcache document" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ramcache%20entity": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ramcache entity" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ramcache%20resource": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ramcache resource" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rate%20shaper": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rate shaper" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rate%20tracker": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rate tracker" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rate_limiting_config_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rate_limiting_config_entries" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rate_limiting_config_keys_entri": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rate_limiting_config_keys_entri" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rate_limiting_key_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rate_limiting_key_entries" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rateclass": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rateclass" - }, - "size": { - "value": 640 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rateclass_queue": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rateclass_queue" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rateshaper": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rateshaper" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/red_cb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "red_cb" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/regex": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "regex" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/remote%20desktop": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "remote desktop" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/resolv": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "resolv" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/response_config_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "response_config_entries" - }, - "size": { - "value": 384 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/response_config_header_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "response_config_header_entries" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rewrite%20profile%20rules": { - "nestedStats": { - "entries": { - "allocated": { - "value": 864 - }, - "maxAllocated": { - "value": 864 - }, - "tmName": { - "description": "rewrite profile rules" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/router%20advertisement": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "router advertisement" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rt_dom": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "rt_dom" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rt_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 10752 - }, - "maxAllocated": { - "value": 10752 - }, - "tmName": { - "description": "rt_entry" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rtm_internal": { - "nestedStats": { - "entries": { - "allocated": { - "value": 128 - }, - "maxAllocated": { - "value": 128 - }, - "tmName": { - "description": "rtm_internal" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/rules": { - "nestedStats": { - "entries": { - "allocated": { - "value": 189920 - }, - "maxAllocated": { - "value": 189920 - }, - "tmName": { - "description": "rules" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sPVA": { - "nestedStats": { - "entries": { - "allocated": { - "value": 224 - }, - "maxAllocated": { - "value": 224 - }, - "tmName": { - "description": "sPVA" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/saml_idp_connector_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "saml_idp_connector_entries" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sandbox_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 524736 - }, - "maxAllocated": { - "value": 524736 - }, - "tmName": { - "description": "sandbox_entries" - }, - "size": { - "value": 65592 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sandbox_file_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sandbox_file_entries" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sandbox_profile_access_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sandbox_profile_access_entries" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sandbox_profile_access_item_ent": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sandbox_profile_access_item_ent" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sb_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sb_cache" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sctp": { - "nestedStats": { - "entries": { - "allocated": { - "value": 448 - }, - "maxAllocated": { - "value": 448 - }, - "tmName": { - "description": "sctp" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sctp_ports_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sctp_ports_cache" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/security%20log%20profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 45920 - }, - "maxAllocated": { - "value": 45920 - }, - "tmName": { - "description": "security log profile" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/selfip": { - "nestedStats": { - "entries": { - "allocated": { - "value": 7680 - }, - "maxAllocated": { - "value": 7680 - }, - "tmName": { - "description": "selfip" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/service": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2560 - }, - "maxAllocated": { - "value": 2560 - }, - "tmName": { - "description": "service" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/service%20policy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "service policy" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/session": { - "nestedStats": { - "entries": { - "allocated": { - "value": 4228960 - }, - "maxAllocated": { - "value": 4229056 - }, - "tmName": { - "description": "session" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/session%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 896 - }, - "maxAllocated": { - "value": 1280 - }, - "tmName": { - "description": "session cache" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/session%20master%20key": { - "nestedStats": { - "entries": { - "allocated": { - "value": 336 - }, - "maxAllocated": { - "value": 336 - }, - "tmName": { - "description": "session master key" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/session%20pdq": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "session pdq" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/session_leasepool_mbr_table": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "session_leasepool_mbr_table" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sfc_errors_stat": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sfc_errors_stat" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/shaper_domain": { - "nestedStats": { - "entries": { - "allocated": { - "value": 64 - }, - "maxAllocated": { - "value": 64 - }, - "tmName": { - "description": "shaper_domain" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/shared_var_context": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "shared_var_context" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sip_dialog": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sip_dialog" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sip_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sip_entry" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sip_header_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sip_header_cache" - }, - "size": { - "value": 2056 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sip_msg": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sip_msg" - }, - "size": { - "value": 640 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sip_node_ack_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sip_node_ack_cache" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sipmsg": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sipmsg" - }, - "size": { - "value": 768 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/source%20addr%20translation": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2016 - }, - "maxAllocated": { - "value": 2016 - }, - "tmName": { - "description": "source addr translation" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_local_hash": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_local_hash" - }, - "size": { - "value": 1024 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_mult_ip_data_stat": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_mult_ip_data_stat" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_policy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_policy" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_session_create_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_session_create_ctx" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_session_ip_mapping_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_session_ip_mapping_ctx" - }, - "size": { - "value": 448 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_session_timer_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_session_timer_ctx" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_session_update_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_session_update_ctx" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_subs_id_update_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_subs_id_update_ctx" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/spm_towerid_local_hash": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "spm_towerid_local_hash" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8604096 - }, - "maxAllocated": { - "value": 8604096 - }, - "tmName": { - "description": "ssl" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_basic": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_basic" - }, - "size": { - "value": 768 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_bulk_crypto_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_bulk_crypto_ctx" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_cn": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_cn" - }, - "size": { - "value": 1192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_cn_req": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_cn_req" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_compat": { - "nestedStats": { - "entries": { - "allocated": { - "value": 22222368 - }, - "maxAllocated": { - "value": 22222368 - }, - "tmName": { - "description": "ssl_compat" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_dht_data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_dht_data" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_dht_key": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_dht_key" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_hs": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_hs" - }, - "size": { - "value": 6344 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_hs_m": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_hs_m" - }, - "size": { - "value": 16384 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_keys": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_keys" - }, - "size": { - "value": 256 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_profile": { - "nestedStats": { - "entries": { - "allocated": { - "value": 364416 - }, - "maxAllocated": { - "value": 364416 - }, - "tmName": { - "description": "ssl_profile" - }, - "size": { - "value": 7008 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_proxy_profile_hash": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_proxy_profile_hash" - }, - "size": { - "value": 512 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_rd": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_rd" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_session": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_session" - }, - "size": { - "value": 312 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_sni": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_sni" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_sni_profile_hash": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_sni_profile_hash" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/ssl_sni_profile_hash_cert": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "ssl_sni_profile_hash_cert" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8192 - }, - "maxAllocated": { - "value": 8192 - }, - "tmName": { - "description": "sso" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso::html_parser": { - "nestedStats": { - "entries": { - "allocated": { - "value": 101376 - }, - "maxAllocated": { - "value": 101376 - }, - "tmName": { - "description": "sso::html_parser" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso::sso_config": { - "nestedStats": { - "entries": { - "allocated": { - "value": 5965568 - }, - "maxAllocated": { - "value": 5965568 - }, - "tmName": { - "description": "sso::sso_config" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso::sso_pcb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sso::sso_pcb" - }, - "size": { - "value": 2088 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso::sso_plugin": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sso::sso_plugin" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso::sso_saml": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sso::sso_saml" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso::xml_parser": { - "nestedStats": { - "entries": { - "allocated": { - "value": 7078496 - }, - "maxAllocated": { - "value": 7078496 - }, - "tmName": { - "description": "sso::xml_parser" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso_config": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sso_config" - }, - "size": { - "value": 448 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso_config_jwt_claim_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sso_config_jwt_claim_entries" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sso_config_jwt_claim_item_entri": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sso_config_jwt_claim_item_entri" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/streamflow": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "streamflow" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/string%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 514368 - }, - "maxAllocated": { - "value": 514368 - }, - "tmName": { - "description": "string cache" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/subscriber_id_cookie_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "subscriber_id_cookie_cache" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sw_crypto_req_ctx_dh_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sw_crypto_req_ctx_dh_cache" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sw_crypto_req_ctx_dsa_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sw_crypto_req_ctx_dsa_cache" - }, - "size": { - "value": 8 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sw_crypto_req_ctx_ecdh_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sw_crypto_req_ctx_ecdh_cache" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sw_crypto_req_ctx_ecdsa_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sw_crypto_req_ctx_ecdsa_cache" - }, - "size": { - "value": 8 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sw_crypto_req_ctx_rsa_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 64 - }, - "maxAllocated": { - "value": 64 - }, - "tmName": { - "description": "sw_crypto_req_ctx_rsa_cache" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sw_crypto_req_ctx_sm2_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "sw_crypto_req_ctx_sm2_cache" - }, - "size": { - "value": 8 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/sweeper": { - "nestedStats": { - "entries": { - "allocated": { - "value": 14144 - }, - "maxAllocated": { - "value": 14144 - }, - "tmName": { - "description": "sweeper" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tacacsplus_server": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "tacacsplus_server" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tacplus%20server": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8192 - }, - "maxAllocated": { - "value": 8192 - }, - "tmName": { - "description": "tacplus server" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tcl": { - "nestedStats": { - "entries": { - "allocated": { - "value": 15061696 - }, - "maxAllocated": { - "value": 15061696 - }, - "tmName": { - "description": "tcl" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tcl_ip_addr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2496 - }, - "maxAllocated": { - "value": 2496 - }, - "tmName": { - "description": "tcl_ip_addr" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tclrule_pcb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 7168 - }, - "maxAllocated": { - "value": 7168 - }, - "tmName": { - "description": "tclrule_pcb" - }, - "size": { - "value": 448 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tclrule_pcb_children": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "tclrule_pcb_children" - }, - "size": { - "value": 8 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/temp": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2105472 - }, - "maxAllocated": { - "value": 2105472 - }, - "tmName": { - "description": "temp" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/thread%20stacks": { - "nestedStats": { - "entries": { - "allocated": { - "value": 51216384 - }, - "maxAllocated": { - "value": 51216384 - }, - "tmName": { - "description": "thread stacks" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tm_header_cache_entry_slab": { - "nestedStats": { - "entries": { - "allocated": { - "value": 4608 - }, - "maxAllocated": { - "value": 4608 - }, - "tmName": { - "description": "tm_header_cache_entry_slab" - }, - "size": { - "value": 384 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tm_opaque": { - "nestedStats": { - "entries": { - "allocated": { - "value": 56 - }, - "maxAllocated": { - "value": 128 - }, - "tmName": { - "description": "tm_opaque" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tm_sys": { - "nestedStats": { - "entries": { - "allocated": { - "value": 185152 - }, - "maxAllocated": { - "value": 185152 - }, - "tmName": { - "description": "tm_sys" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tmc%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "tmc cache" - }, - "size": { - "value": 640 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tmc%20key%20cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "tmc key cache" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tmc_entry": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "tmc_entry" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tmjail": { - "nestedStats": { - "entries": { - "allocated": { - "value": 46208 - }, - "maxAllocated": { - "value": 46208 - }, - "tmName": { - "description": "tmjail" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/traffic%20class": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "traffic class" - }, - "size": { - "value": 96 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/traffic%20class%20tables": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "traffic class tables" - }, - "size": { - "value": 896 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/traffic%20managment%20interface": { - "nestedStats": { - "entries": { - "allocated": { - "value": 50656 - }, - "maxAllocated": { - "value": 50656 - }, - "tmName": { - "description": "traffic managment interface" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/traffic_selector": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "traffic_selector" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tsig_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "tsig_ctx" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tsig_req_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "tsig_req_ctx" - }, - "size": { - "value": 16 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/tunnel_nexthop": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1536 - }, - "maxAllocated": { - "value": 1536 - }, - "tmName": { - "description": "tunnel_nexthop" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/umem": { - "nestedStats": { - "entries": { - "allocated": { - "value": 209627456 - }, - "maxAllocated": { - "value": 209789496 - }, - "tmName": { - "description": "umem" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/umem%20dynamic%20leak%20util": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "umem dynamic leak util" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/url%20filter": { - "nestedStats": { - "entries": { - "allocated": { - "value": 1344064 - }, - "maxAllocated": { - "value": 1344064 - }, - "tmName": { - "description": "url filter" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/url_filter_log_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 512 - }, - "maxAllocated": { - "value": 512 - }, - "tmName": { - "description": "url_filter_log_entries" - }, - "size": { - "value": 64 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/urlc_cloud_cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "urlc_cloud_cache" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/vaddr": { - "nestedStats": { - "entries": { - "allocated": { - "value": 11648 - }, - "maxAllocated": { - "value": 11648 - }, - "tmName": { - "description": "vaddr" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/vcmp": { - "nestedStats": { - "entries": { - "allocated": { - "value": 7936 - }, - "maxAllocated": { - "value": 7936 - }, - "tmName": { - "description": "vcmp" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/vpn_na_item_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "vpn_na_item_entries" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/vpn_session_data_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "vpn_session_data_entries" - }, - "size": { - "value": 8 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/vs_pua_config_entries": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "vs_pua_config_entries" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wa_resource_item": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wa_resource_item" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::assembly": { - "nestedStats": { - "entries": { - "allocated": { - "value": 8704 - }, - "maxAllocated": { - "value": 8704 - }, - "tmName": { - "description": "wam::assembly" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::cache": { - "nestedStats": { - "entries": { - "allocated": { - "value": 5120 - }, - "maxAllocated": { - "value": 5120 - }, - "tmName": { - "description": "wam::cache" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::config": { - "nestedStats": { - "entries": { - "allocated": { - "value": 332160 - }, - "maxAllocated": { - "value": 332160 - }, - "tmName": { - "description": "wam::config" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::css_parser": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::css_parser" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::html_parser": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2752 - }, - "maxAllocated": { - "value": 2752 - }, - "tmName": { - "description": "wam::html_parser" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::js_parser": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::js_parser" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::m3u8_parser": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::m3u8_parser" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::mstor": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::mstor" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::mstor_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::mstor_ctx" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::mstor_object": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::mstor_object" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::mstor_op": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::mstor_op" - }, - "size": { - "value": 1792 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::mtag": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::mtag" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::normalization": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::normalization" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::plugin": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::plugin" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::roistats_bucket": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::roistats_bucket" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::stats_bucket": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::stats_bucket" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::stdlib": { - "nestedStats": { - "entries": { - "allocated": { - "value": 14496 - }, - "maxAllocated": { - "value": 14496 - }, - "tmName": { - "description": "wam::stdlib" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::uci": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::uci" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_annotation": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_annotation" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_assembler": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_assembler" - }, - "size": { - "value": 128 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_bitset_bits": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_bitset_bits" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_dfa": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_dfa" - }, - "size": { - "value": 40 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_dfa_state": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_dfa_state" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_document": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_document" - }, - "size": { - "value": 512 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_entity": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_entity" - }, - "size": { - "value": 320 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_evt": { - "nestedStats": { - "entries": { - "allocated": { - "value": 2240 - }, - "maxAllocated": { - "value": 2240 - }, - "tmName": { - "description": "wam::wam_evt" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match_condition": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match_condition" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match_expression": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match_expression" - }, - "size": { - "value": 48 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match_map": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match_map" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match_operand": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match_operand" - }, - "size": { - "value": 384 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match_policy": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match_policy" - }, - "size": { - "value": 80 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match_state": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match_state" - }, - "size": { - "value": 56 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match_string": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match_string" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_match_transition": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_match_transition" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_nfa_dfa": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_nfa_dfa" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_resource": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_resource" - }, - "size": { - "value": 192 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_resumption_info": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_resumption_info" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_sink": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_sink" - }, - "size": { - "value": 32 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wam_transaction": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wam_transaction" - }, - "size": { - "value": 1792 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/wam::wash_pcb": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "wam::wash_pcb" - }, - "size": { - "value": 224 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/web%20application": { - "nestedStats": { - "entries": { - "allocated": { - "value": 32768 - }, - "maxAllocated": { - "value": 32768 - }, - "tmName": { - "description": "web application" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/web_application": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "web_application" - }, - "size": { - "value": 112 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/web_application_item": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "web_application_item" - }, - "size": { - "value": 24 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/westwood%20data": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "westwood data" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/work": { - "nestedStats": { - "entries": { - "allocated": { - "value": 393216 - }, - "maxAllocated": { - "value": 393216 - }, - "tmName": { - "description": "work" - }, - "size": { - "value": 1 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/xdata": { - "nestedStats": { - "entries": { - "allocated": { - "value": 5621760 - }, - "maxAllocated": { - "value": 5629952 - }, - "tmName": { - "description": "xdata" - }, - "size": { - "value": 2048 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/xfr_ctx": { - "nestedStats": { - "entries": { - "allocated": { - "value": 0 - }, - "maxAllocated": { - "value": 0 - }, - "tmName": { - "description": "xfr_ctx" - }, - "size": { - "value": 160 - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-subsys/xhead": { - "nestedStats": { - "entries": { - "allocated": { - "value": 87840 - }, - "maxAllocated": { - "value": 87968 - }, - "tmName": { - "description": "xhead" - }, - "size": { - "value": 32 - } - } - } - } - } - } - }, - "https://localhost/mgmt/tm/sys/memory/memory-tmm": { - "nestedStats": { - "entries": { - "https://localhost/mgmt/tm/sys/memory/memory-tmm/0.0": { - "nestedStats": { - "entries": { - "memoryTotal": { - "value": 5230297088 - }, - "memoryUsed": { - "value": 572491456 - }, - "tmmId": { - "description": "0.0" - } - } - } - } - } - } - } - } -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_provision.json b/tests/unit/payloads/bigip_mgmt_sys_provision.json deleted file mode 100644 index 7b66b6b6..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_provision.json +++ /dev/null @@ -1,182 +0,0 @@ -{ - "kind": "tm:sys:provision:provisioncollectionstate", - "selfLink": "https://localhost/mgmt/tm/sys/provision?ver=15.1.0.1", - "items": [ - { - "kind": "tm:sys:provision:provisionstate", - "name": "afm", - "fullPath": "afm", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/afm?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "am", - "fullPath": "am", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/am?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "apm", - "fullPath": "apm", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/apm?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "asm", - "fullPath": "asm", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/asm?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "nominal", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "avr", - "fullPath": "avr", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/avr?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "cgnat", - "fullPath": "cgnat", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/cgnat?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "dos", - "fullPath": "dos", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/dos?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "fps", - "fullPath": "fps", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/fps?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "gtm", - "fullPath": "gtm", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/gtm?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "ilx", - "fullPath": "ilx", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/ilx?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "lc", - "fullPath": "lc", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/lc?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "ltm", - "fullPath": "ltm", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/ltm?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "nominal", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "pem", - "fullPath": "pem", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/pem?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "sslo", - "fullPath": "sslo", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/sslo?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "swg", - "fullPath": "swg", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/swg?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - }, - { - "kind": "tm:sys:provision:provisionstate", - "name": "urldb", - "fullPath": "urldb", - "generation": 1, - "selfLink": "https://localhost/mgmt/tm/sys/provision/urldb?ver=15.1.0.1", - "cpuRatio": 0, - "diskRatio": 0, - "level": "none", - "memoryRatio": 0 - } - ] -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_ready.json b/tests/unit/payloads/bigip_mgmt_sys_ready.json deleted file mode 100644 index e50e12fa..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_ready.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "kind": "tm:sys:ready:readystats", - "selfLink": "https://localhost/mgmt/tm/sys/ready?ver=15.1.0.1", - "entries": { - "https://localhost/mgmt/tm/sys/ready/0": { - "nestedStats": { - "entries": { - "configReady": { - "description": "yes" - }, - "licenseReady": { - "description": "yes" - }, - "provisionReady": { - "description": "yes" - } - } - } - } - } -} diff --git a/tests/unit/payloads/bigip_mgmt_sys_software_volume.json b/tests/unit/payloads/bigip_mgmt_sys_software_volume.json deleted file mode 100644 index 6eb0a238..00000000 --- a/tests/unit/payloads/bigip_mgmt_sys_software_volume.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "kind": "tm:sys:software:volume:volumecollectionstate", - "selfLink": "https://localhost/mgmt/tm/sys/software/volume?ver=15.1.0.1", - "items": [ - { - "kind": "tm:sys:software:volume:volumestate", - "name": "HD1.1", - "fullPath": "HD1.1", - "generation": 885, - "selfLink": "https://localhost/mgmt/tm/sys/software/volume/HD1.1?ver=15.1.0.1", - "active": true, - "apiRawValues": {}, - "basebuild": "0.0.5", - "build": "0.0.5", - "product": "BIG-IP", - "status": "complete", - "version": "15.1.0.1", - "media": [ - { - "name": "HD1.1", - "defaultBootLocation": true, - "media": "hd", - "size": "default", - "nameReference": { - "link": "https://localhost/mgmt/tm/sys/software/volume/HD1.1?ver=15.1.0.1" - } - } - ] - } - ] -} diff --git a/tests/unit/payloads/declaration_example.json b/tests/unit/payloads/declaration_example.json deleted file mode 100644 index f7a6e242..00000000 --- a/tests/unit/payloads/declaration_example.json +++ /dev/null @@ -1,158 +0,0 @@ -{ - "runtime_parameters": [ - { - "name": "ADMIN_PASS", - "type": "secret", - "secretProvider": { - "type": "KeyVault", - "environment": "azure", - "vaultUrl": "https://testvault-${deployment_id}.vault.azure.net", - "secretId": "test-azure-admin-secret" - } - }, - { - "name": "ADMIN_PASS", - "type": "secret", - "secretProvider": { - "type": "KeyVault", - "environment": "azure", - "vaultUrl": "https://testvault-${deployment_id}.vault.azure.net", - "secretId": "test-azure-admin-secret" - } - }, - { - "name": "ROOT_PASS", - "type": "secret", - "secretProvider": { - "type": "KeyVault", - "environment": "azure", - "vaultUrl": "https://testvault-${deployment_id}.vault.azure.net", - "secretId": "test-azure-root-secret" - } - }, - { - "name": "HOST_NAME", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "compute", - "field": "name" - } - }, - { - "name": "SELF_IP_INTERNAL", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "network", - "field": "ipv4", - "index": 1 - } - }, - { - "name": "SELF_IP_EXTERNAL", - "type": "metadata", - "metadataProvider": { - "environment": "azure", - "type": "network", - "field": "ipv4", - "index": 2 - } - } - ], - "pre_onboard_enabled": [ - { - "name": "example_inline_command", - "type": "inline", - "commands": [ - "touch /tmp/pre_onboard_script.sh", - "chmod 777 /tmp/pre_onboard_script.sh", - "echo \"touch /tmp/created_by_autogenerated_pre_local\" > /tmp/pre_onboard_script.sh" - ] - }, - { - "name": "example_local_exec", - "type": "file", - "commands": [ - "/tmp/pre_onboard_script.sh" - ] - }, - { - "name": "example_remote_exec", - "type": "url", - "commands": [ - "https://ak-metadata-package-poc.s3.amazonaws.com/remote_pre_onboard.sh" - ] - } - ], - "post_onboard_enabled": [ - { - "name": "example_inline_command", - "type": "inline", - "commands": [ - "touch /tmp/post_onboard_script.sh", - "chmod 777 /tmp/post_onboard_script.sh", - "echo \"touch /tmp/created_by_autogenerated_post_local\" > /tmp/post_onboard_script.sh" - ] - }, - { - "name": "example_local_exec", - "type": "file", - "commands": [ - "/tmp/post_onboard_script.sh" - ] - }, - { - "name": "example_remote_exec", - "type": "url", - "commands": [ - "https://ak-metadata-package-poc.s3.amazonaws.com/remote_post_onboard.sh" - ] - } - ], - "extension_packages": { - "install_operations": [ - { - "extensionType": "do", - "extensionVersion": "1.10.0" - }, - { - "extensionType": "as3", - "extensionVersion": "3.20.0", - "extensionUrl": "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.20.0/f5-appsvcs-3.20.0-3.noarch.rpm", - "extensionHash": "ba2db6e1c57d2ce6f0ca20876c820555ffc38dd0a714952b4266c4daf959d987" - }, - { - "extensionType": "ilx", - "extensionUrl": "file:///var/lib/cloud/icontrollx_installs/hello-world-0.1.0-0001.noarch.rpm ", - "extensionVerificationEndpoint": "/mgmt/shared/echo" - } - ] - }, - "extension_services": { - "service_operations": [ - { - "extensionType": "do", - "type": "url", - "value": "https://ak-f5-cft.s3-us-west-2.amazonaws.com/azure/do_3nic.json" - }, - { - "extensionType": "as3", - "type": "url", - "value": "https://cdn.f5.com/product/cloudsolutions/templates/f5-azure-arm-templates/examples/modules/bigip/autoscale_as3.json" - } - ] - }, - "post_hook": [ - { - "name": "example_webhook", - "type": "webhook", - "url": "https://postman-echo.com/post", - "verifyTls": true, - "properties": { - "optionalKey1": "optional_value1", - "optionalKey2": "optional_value2" - } - } - ] -} diff --git a/tests/unit/provider/secret/hashicorpVaultClientTests.ts b/tests/unit/provider/secret/hashicorpVaultClientTests.ts deleted file mode 100644 index cdc61a67..00000000 --- a/tests/unit/provider/secret/hashicorpVaultClientTests.ts +++ /dev/null @@ -1,352 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -/* eslint-disable global-require */ -import assert from 'assert'; -import sinon from 'sinon'; -import nock from 'nock'; -import mock from 'mock-fs'; -import { HashicorpVaultClient } from '../../../../src/lib/provider/secret/hashicorpVaultClient'; - -describe('HashiCorp Vault Client', () => { - - let secretMetadata; - after(() => { - mock.restore(); - Object.keys(require.cache) - .forEach((key) => { - delete require.cache[key]; - }); - }); - - beforeEach(() => { - nock.cleanAll(); - secretMetadata = { - secretProvider: { - type: 'Vault', - environment: 'hashicorp', - vaultServer: 'http://1.1.1.1:8200', - appRolePath: '/v1/auth/approle/login', - secretsEngine: 'kv2', - secretPath: 'kv/data/credential', - field: 'password', - version: '1', - authBackend: { - type: 'approle', - roleId: { - type: 'inline', - value: 'qweq-qweq-qwe' - }, - secretId: { - type: 'inline', - value: 'ewq-eq-eqw', - unwrap: true - } - } - }, - type: 'secret', - verifyTls: true, - name: 'TEST' - }; - nock('http://1.1.1.1:8200') - .post('/v1/sys/wrapping/unwrap') - .reply(200, - { - "request_id": "794d6246-1349-cb90-dc31-befd0fbadf95", - "lease_id": "", - "renewable": false, - "lease_duration": 0, - "data": { - "secret_id": "67e53555-a456-cead-9060-847dfd3b1b55", - "secret_id_accessor": "a26d5bc6-8088-3895-1372-58a311c4d83a" - }, - "wrap_info": null, - "warnings": null, - "auth": null - }); - nock('http://1.1.1.1:8200') - .post('/v1/auth/approle/login') - .reply(200, - {"request_id":"89527902-256d-0bd0-328b-8288549b991c","lease_id":"", - "renewable":false,"lease_duration":0,"data":null, - "wrap_info":null,"warnings":null, - "auth":{"client_token":"this-is-test-token-value", - "accessor":"DR8vhrYNUK7CrkRvextEn4CN", - "policies":["default","test"], - "token_policies":["default","test"], - "metadata":{"role_name":"runtime-init-role"}, - "lease_duration":3600,"renewable":true, - "entity_id":"8b693540-35da-99b9-22fe-70b9eabbd159", - "token_type":"service", - "orphan":true} - }); - }); - - afterEach(() => { - sinon.restore(); - }); - - it('should validate constructor', () => { - const hashicorpClient = new HashicorpVaultClient(); - assert.strictEqual(typeof hashicorpClient, 'object'); - }); - - it('should validate login method with inline secretId and roleId', () => { - const hashicorpClient = new HashicorpVaultClient(); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); - - it('should validate login method with inline secretId and roleId with custom trustedCertBundles', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.trustedCertBundles = ['/config/fake-ssl/cert.pem']; - mock({ - '/config/fake-ssl' : { - 'cert.pem': '1' - } - }); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); - - it('should validate login method when verifyTls=true with inline secretId and roleId', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.verifyTls = true; - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); - - /* eslint-disable @typescript-eslint/camelcase */ - it('should validate login method with inline secretId and url for roleId as json', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.secretProvider.authBackend.roleId.type = 'url'; - secretMetadata.secretProvider.authBackend.roleId.value = 'https://somedomain.com/document.foo'; - nock('https://somedomain.com') - .get('/document.foo') - .reply(200, { role_id: 'roleId-test-value' }); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); - - it('should validate login method with inline secretId and url for roleId as plain text', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.secretProvider.authBackend.roleId.type = 'url'; - secretMetadata.secretProvider.authBackend.roleId.value = 'https://somedomain.com/document.foo'; - secretMetadata.verifyTls = true; - nock('https://somedomain.com') - .get('/document.foo') - .reply(200, 'roleId-test-value' ); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); - - /* eslint-disable @typescript-eslint/camelcase */ - it('should validate login method with url secretId as json and inline roleId', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.secretProvider.authBackend.secretId.type = 'url'; - secretMetadata.secretProvider.authBackend.secretId.value = 'https://somedomain.com/document.foo'; - nock('https://somedomain.com') - .get('/document.foo') - .reply(200, { role_id: 'secretId-test-value' }); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); - - /* eslint-disable @typescript-eslint/camelcase */ - it('should validate failure for login method when invalid type', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.secretProvider.authBackend.secretId.type = 'url'; - secretMetadata.secretProvider.authBackend.secretId.value = 'https://somedomain.com/document.foo'; - nock('https://somedomain.com') - .get('/document.foo') - .reply(200, { role_id: 'secretId-test-value' }); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); - - it('should validate login method with inline secretId and url for roleId as plain text', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.secretProvider.authBackend.secretId.type = 'url'; - secretMetadata.secretProvider.authBackend.secretId.value = 'https://somedomain.com/document.foo'; - nock('https://somedomain.com') - .get('/document.foo') - .reply(200, 'secretId-test-value' ); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); - - it('should validate invalid login method with wrapped secret ID', () => { - nock.cleanAll(); - const hashicorpClient = new HashicorpVaultClient(); - nock('http://1.1.1.1:8200') - .post('/v1/sys/wrapping/unwrap') - .reply(200, { "request_id": "794d6246-1349-cb90-dc31-befd0fbadf95", "lease_id": "", "renewable": false, "lease_duration": 0, "data": { "secret_id": "this_is_an_invalid_secretId", "secret_id_accessor": "this_is_an_invalid_secret_accessor" }, "wrap_info": null, "warnings": null, "auth": null }); - nock('http://1.1.1.1:8200') - .post('/v1/auth/approle/login') - .reply(403, {"result": "Access Denied"}); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.fail(); - }) - .catch((err) => { - assert.ok(err.message.indexOf('Problem with getting client token from HashicorpVaultClient') !== -1); - }); - }); - - it('should validate invalid login method with unwrapped secret ID', () => { - nock.cleanAll(); - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.secretProvider.authBackend.roleId.value = 'this_is_an_invalid_roleId'; - secretMetadata.secretProvider.authBackend.secretId.value = 'this_is_an_invalid_secretId'; - secretMetadata.secretProvider.authBackend.secretId.unwrap = false; - nock('http://1.1.1.1:8200') - .post('/v1/auth/approle/login') - .reply(403, {"result": "Access Denied"}); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.fail(); - }) - .catch((err) => { - assert.ok(err.message.indexOf('Problem with getting client token from HashicorpVaultClient') !== -1); - }); - }); - - it('should validate getSecret method', () => { - const hashicorpClient = new HashicorpVaultClient(); - nock('http://1.1.1.1:8200') - .get('/v1/kv/data/credential') - .reply(200, {"request_id":"61ac698f-15d1-17dc-9095-b23626ea1b97","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":{"password":"b1gAdminPazz","bigiq_admin_password":"thisIsTestPassword123","bigiq_admin_username":"asdasfdar212@"},"metadata":{"created_time":"2021-06-24T16:15:45.963605157Z","deletion_time":"","destroyed":false,"version":1}},"wrap_info":null,"warnings":null,"auth":null}); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - return hashicorpClient.getSecret(secretMetadata) - }) - .then((secretValue) => { - assert.strictEqual(secretValue, 'b1gAdminPazz') - }); - }); - - it('should validate getSecret method with custom cert', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.trustedCertBundles = ['/config/fake-ssl/cert.pem']; - mock({ - '/config/fake-ssl' : { - 'cert.pem': '1' - } - }); - nock('http://1.1.1.1:8200') - .get('/v1/kv/data/credential') - .reply(200, {"request_id":"61ac698f-15d1-17dc-9095-b23626ea1b97","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":{"password":"b1gAdminPazz","bigiq_admin_password":"thisIsTestPassword123","bigiq_admin_username":"asdasfdar212@"},"metadata":{"created_time":"2021-06-24T16:15:45.963605157Z","deletion_time":"","destroyed":false,"version":1}},"wrap_info":null,"warnings":null,"auth":null}); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - return hashicorpClient.getSecret(secretMetadata) - }) - .then((secretValue) => { - assert.strictEqual(secretValue, 'b1gAdminPazz') - }); - }); - - it('should validate getSecret method with verifyTls=true', () => { - const hashicorpClient = new HashicorpVaultClient(); - nock('http://1.1.1.1:8200') - .get('/v1/kv/data/credential') - .reply(200, {"request_id":"61ac698f-15d1-17dc-9095-b23626ea1b97","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":{"password":"b1gAdminPazz","bigiq_admin_password":"thisIsTestPassword123","bigiq_admin_username":"asdasfdar212@"},"metadata":{"created_time":"2021-06-24T16:15:45.963605157Z","deletion_time":"","destroyed":false,"version":1}},"wrap_info":null,"warnings":null,"auth":null}); - secretMetadata.verifyTls = true; - secretMetadata.trustedCertBundles = ['/config/fake-ssl/cert.pem']; - mock({ - '/config/fake-ssl' : { - 'cert.pem': '1' - } - }); - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - return hashicorpClient.getSecret(secretMetadata) - }) - .then((secretValue) => { - assert.strictEqual(secretValue, 'b1gAdminPazz') - }); - }); - - it('should validate getSecret method with verifyTls=false', () => { - const hashicorpClient = new HashicorpVaultClient(); - nock('http://1.1.1.1:8200') - .get('/v1/kv/data/credential') - .reply(200, {"request_id":"61ac698f-15d1-17dc-9095-b23626ea1b97","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":{"password":"b1gAdminPazz","bigiq_admin_password":"thisIsTestPassword123","bigiq_admin_username":"asdasfdar212@"},"metadata":{"created_time":"2021-06-24T16:15:45.963605157Z","deletion_time":"","destroyed":false,"version":1}},"wrap_info":null,"warnings":null,"auth":null}); - secretMetadata.verifyTls = false; - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - return hashicorpClient.getSecret(secretMetadata) - }) - .then((secretValue) => { - assert.strictEqual(secretValue, 'b1gAdminPazz') - }); - }); - - it('should validate getSecret method with data field provided', () => { - const hashicorpClient = new HashicorpVaultClient(); - secretMetadata.secretProvider.field = 'data'; - nock('http://1.1.1.1:8200') - .get('/v1/kv/data/credential') - .reply(200, {"request_id":"61ac698f-15d1-17dc-9095-b23626ea1b97","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":{"password":"b1gAdminPazz","bigiq_admin_password":"thisIsTestPassword123","bigiq_admin_username":"asdasfdar212@"},"metadata":{"created_time":"2021-06-24T16:15:45.963605157Z","deletion_time":"","destroyed":false,"version":1}},"wrap_info":null,"warnings":null,"auth":null}); - secretMetadata.verifyTls = false; - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - return hashicorpClient.getSecret(secretMetadata) - }) - .then((secretValue) => { - assert.strictEqual(secretValue.password, 'b1gAdminPazz') - }); - }); - - it('should validate login method with different appRolePath', () => { - const hashicorpClient = new HashicorpVaultClient(); - nock('http://1.1.1.1:8200') - .post('/v1/mynamespace/auth/approle/login') - .reply(200, - {"request_id":"89527902-256d-0bd0-328b-8288549b991c","lease_id":"", - "renewable":false,"lease_duration":0,"data":null, - "wrap_info":null,"warnings":null, - "auth":{"client_token":"this-is-test-token-value", - "accessor":"DR8vhrYNUK7CrkRvextEn4CN", - "policies":["default","test"], - "token_policies":["default","test"], - "metadata":{"role_name":"runtime-init-role"}, - "lease_duration":3600,"renewable":true, - "entity_id":"8b693540-35da-99b9-22fe-70b9eabbd159", - "token_type":"service", - "orphan":true} - }); - secretMetadata.secretProvider.appRolePath = '/v1/mynamespace/auth/approle/login'; - return hashicorpClient.login(secretMetadata) - .then(() => { - assert.strictEqual(hashicorpClient.clientToken, 'this-is-test-token-value'); - }); - }); -}); diff --git a/tests/unit/resolver/resolverClientTests.ts b/tests/unit/resolver/resolverClientTests.ts deleted file mode 100644 index 08bb7887..00000000 --- a/tests/unit/resolver/resolverClientTests.ts +++ /dev/null @@ -1,634 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -/* eslint-disable global-require */ -import assert from 'assert'; -import sinon from 'sinon'; -import nock from 'nock'; -import mock from 'mock-fs'; -import { ResolverClient } from '../../../src/lib/resolver/resolverClient'; -import Logger from '../../../src/lib/logger'; -sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'info' }); - - -describe('Resolver Client', () => { - let runtimeParameters; - let onboardActions; - let logger: Logger; - after(() => { - Object.keys(require.cache) - .forEach((key) => { - delete require.cache[key]; - }); - mock.restore(); - }); - - beforeEach(() => { - nock.cleanAll(); - nock('http://169.254.169.254') - .get('/latest/dynamic/instance-identity/document') - .times(10) - .reply(200, { - "accountId" : "0000000001", - "architecture" : "x86_64", - "availabilityZone" : "us-west-2a", - "billingProducts" : null, - "devpayProductCodes" : null, - "marketplaceProductCodes" : [ "asdasdasfavzxcz" ], - "imageId" : "ami-000001", - "instanceId" : "i-0a43ae03d7f8e8f42", - "instanceType" : "m5.xlarge", - "kernelId" : null, - "pendingTime" : "2020-11-19T21:20:26Z", - "privateIp" : "10.0.0.165", - "ramdiskId" : null, - "region" : "us-west-2", - "version" : "2017-09-30" - }); - nock('http://169.254.169.254') - .get('/latest/dynamic/instance-networks/document') - .reply(200, { - "accountId" : "0000000001", - "ipaddress": "192.168.1.22/24", - "instanceId" : "i-0a43ae03d7f8e8f42", - "kernelId" : null, - "pendingTime" : "2020-11-19T21:20:26Z", - "privateIp" : "10.0.0.165", - "ramdiskId" : null, - "region" : "us-west-2", - "version" : "2017-09-30" - }); - nock('http://169.254.169.254') - .put('/latest/api/token') - .times(10) - .reply(200, 'TEST_SESSION_TOKEN'); - nock('http://169.254.169.254') - .get('/metadata/instance?api-version=2017-08-01') - .reply(200, { - 'compute': { - 'subscriptionId': 'test_subscriptionId' - } - }); - - onboardActions = [ - { - name: "test_inline_command", - type: "inline", - commands: [ - "test_command_01", - "test_command_02" - ] - }, - { - name: "test_file_command", - type: "file", - commands: [ - "test-directory/test-script-01", - "test-directory/test-script-02" - ] - }, - { - name: "test_url_command", - type: "url", - commands: [ - "https://test-directory/test-script-01", - "https://test-directory/test-script-02" - ], - verifyTls: true - } - ]; - - runtimeParameters = [ - { - name: 'REGION', - type: 'url', - value: 'http://169.254.169.254/latest/dynamic/instance-identity/document', - query: 'region', - headers: [ { name: 'Content-Type', value: 'json' }, { name: 'method', value: 'GET' }, { name: 'X-aws-ec2-metadata-token', value: '{{{AWS_SESSION_TOKEN}}}' } ] - }, - { - name: 'AWS_SESSION_TOKEN', - type: 'url', - value: 'http://169.254.169.254/latest/api/token', - headers: [ { name: 'Content-Type', value: 'json'}, { name: 'method', value: 'PUT'}, { name: 'X-aws-ec2-metadata-token-ttl-seconds', value: 21600} ] - }, - { - name: 'AWS_PASS', - type: 'secret', - secretProvider: { - type: 'SecretsManager', - environment: 'aws', - version: 'AWSCURRENT', - secretId: 'secert-document' - } - }, - { - name: 'AZURE_HOST_NAME', - type: 'metadata', - metadataProvider: { - type: 'compute', - environment: 'azure', - field: 'name' - } - }, - { - name: 'NETWORK_SIZE_URL', - type: 'url', - value: 'http://169.254.169.254/latest/dynamic/instance-networks/document', - query: 'ipaddress', - ipcalc: 'size', - headers: [ { name: 'Content-Type', value: 'json'}] - }, - { - name: 'AZURE_PASS', - type: 'secret', - secretProvider: { - type: 'SecretClient', - environment: 'azure', - version: '6e86876be4ce46a49ec578dfda897593', - secretId: 'this-secret', - field: 'sensitiveFieldName', - debug: true - } - }, - { - name: 'AZURE_SELF_IP', - type: 'metadata', - metadataProvider: { - type: 'network', - environment: 'azure', - field: 'ipv4', - index: 1 - } - }, - { - name: 'AZURE_SELF_IP_ADDRESS', - type: 'metadata', - metadataProvider: { - ipcalc: 'address', - type: 'network', - environment: 'azure', - field: 'ipv4', - index: 1 - } - }, - { - name: 'AZURE_GATEWAY_IP', - type: 'metadata', - metadataProvider: { - ipcalc: 'first', - type: 'network', - environment: 'azure', - field: 'ipv4', - index: 1 - } - }, - { - name: 'AZURE_BITMASK', - type: 'metadata', - metadataProvider: { - ipcalc: 'bitmask', - type: 'network', - environment: 'azure', - field: 'ipv4', - index: 1 - } - }, - { - name: 'SOME_NAME', - type: 'static', - value: 'SOME VALUE' - }, - { - name: 'NETWORK_SIZE_STATIC', - type: 'static', - value: '192.168.1.22/24', - ipcalc: 'size' - }, - { - name: 'TEST_ACCOUNT_ID', - type: 'metadata', - metadataProvider: { - type: 'uri', - environment: 'aws', - value: '/latest/dynamic/instance-identity/document', - query: 'accountId' - } - }, - { - name: 'TEST_TAG', - type: 'tag', - tagProvider: { - environment: 'aws', - key: 'testKey', - } - }, - { - name: 'TEST_URL', - type: 'url', - value: 'file:///local-directory/local-file.txt' - } - - ]; - }); - - afterEach(() => { - sinon.restore(); - }); - - it('should validate constructor', () => { - const resolver = new ResolverClient(); - assert.strictEqual(typeof resolver, 'object'); - }); - - it('should validate resolveRuntimeParameters', () => { - const resolver = new ResolverClient(); - resolver.getCloudProvider = sinon.stub().callsFake(() => { - const cloudClient = { - init: sinon.stub(), - getSecret: sinon.stub().resolves('StrongPassword2010+'), - getMetadata: sinon.stub().resolves(''), - getTagValue: sinon.stub().resolves('testValue') - }; - return Promise.resolve(cloudClient); - }); - resolver.utilsRef.readFileContent = sinon.stub().returns('testValue'); - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => { - assert.strictEqual(Object.keys(results).length, 9); - assert.strictEqual(results.SOME_NAME, 'SOME VALUE'); - assert.strictEqual(results.AWS_PASS, 'StrongPassword2010+'); - assert.strictEqual(results.AZURE_PASS, 'StrongPassword2010+'); - assert.strictEqual(results.REGION, 'us-west-2'); - assert.strictEqual(results.NETWORK_SIZE_URL, 256); - assert.strictEqual(results.NETWORK_SIZE_STATIC, 256); - assert.strictEqual(results.TEST_TAG, 'testValue'); - }); - }); - - it('should validate resolveRuntimeParameters for metadataProvider uri type', () => { - runtimeParameters = [ - { - name: 'TEST_ACCOUNT_ID', - type: 'metadata', - metadataProvider: { - type: 'uri', - environment: 'aws', - value: '/latest/dynamic/instance-identity/document', - } - } - ]; - const resolver = new ResolverClient(); - resolver.getCloudProvider = sinon.stub().callsFake(() => { - const cloudClient = { - init: sinon.stub(), - getMetadata: sinon.stub().resolves("1111"), - getTagValue: sinon.stub().resolves('') - }; - return Promise.resolve(cloudClient); - }); - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => { - assert.strictEqual(results.TEST_ACCOUNT_ID, '1111'); - }); - }); - - it('should validate resolveRuntimeParameters for hashicorp case', () => { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'silly' }); - logger = Logger.getLogger(); - const resolver = new ResolverClient(); - nock('http://1.1.1.1:8200') - .post('/v1/auth/approle/login') - .times(3) - .reply(200, {"request_id":"89527902-256d-0bd0-328b-8288549b991c","lease_id":"", "renewable":false,"lease_duration":0,"data":null, "wrap_info":null,"warnings":null, "auth":{"client_token":"this-is-test-token-value", "accessor":"DR8vhrYNUK7CrkRvextEn4CN", "policies":["default","test"], "token_policies":["default","test"], "metadata":{"role_name":"runtime-init-role"}, "lease_duration":3600,"renewable":true, "entity_id":"8b693540-35da-99b9-22fe-70b9eabbd159", "token_type":"service", "orphan":true} }); - nock('http://1.1.1.1:8200') - .get('/v1/kv/data/credential') - .times(3) - .reply(200, {"request_id":"fa302a64-0852-4245-1883-782fe8b5b504","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":{"password":"b1gAdminPazz","bigiq_admin_password":"thisIsTestPassword123","bigiq_admin_username":"asdasfdar212@"},"metadata":{"created_time":"2021-08-08T12:16:00.931168619Z","deletion_time":"","destroyed":false,"version":1}},"wrap_info":null,"warnings":null,"auth":null}); - runtimeParameters = [ - { - name: 'SECRET_FROM_HASHICORP_VAULT_01', - type: 'secret', - secretProvider: { - type: 'Vault', - environment: 'hashicorp', - vaultServer: 'http://1.1.1.1:8200', - secretsEngine: 'kv2', - secretPath: 'kv/data/credential', - field: 'password', - version: '1', - authBackend: { - type: 'approle', - roleId: { - type: 'inline', - value: 'qweq-qweq-qwe' - }, - secretId: { - type: 'inline', - value: 'ewq-eq-eqw', - unwrap: false - } - } - } - }, - { - name: 'SECRET_FROM_HASHICORP_VAULT_02', - type: 'secret', - secretProvider: { - type: 'Vault', - environment: 'hashicorp', - vaultServer: 'http://1.1.1.1:8200', - secretsEngine: 'kv2', - secretPath: 'kv/data/credential', - field: 'bigiq_admin_password', - version: '1', - authBackend: { - type: 'approle', - roleId: { - type: 'inline', - value: 'qweq-qweq-qwe' - }, - secretId: { - type: 'inline', - value: 'ewq-eq-eqw', - unwrap: false - } - } - } - }, - { - name: 'SECRET_FROM_HASHICORP_VAULT_03', - type: 'secret', - secretProvider: { - type: 'Vault', - environment: 'hashicorp', - vaultServer: 'http://1.1.1.1:8200', - secretsEngine: 'kv2', - secretPath: 'kv/data/credential', - field: 'bigiq_admin_username', - version: '1', - authBackend: { - type: 'approle', - roleId: { - type: 'inline', - value: 'qweq-qweq-qwe' - }, - secretId: { - type: 'inline', - value: 'ewq-eq-eqw', - unwrap: false - } - } - } - } - ]; - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => { - assert.ok(Object.keys(results).length === 3); - assert.strictEqual(results['SECRET_FROM_HASHICORP_VAULT_01'], 'b1gAdminPazz'); - assert.strictEqual(results['SECRET_FROM_HASHICORP_VAULT_02'], 'thisIsTestPassword123'); - assert.strictEqual(results['SECRET_FROM_HASHICORP_VAULT_03'], 'asdasfdar212@'); - }); - }); - - it('should validate resolveRuntimeParameters object for hashicorp case', () => { - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'silly' }); - logger = Logger.getLogger(); - const resolver = new ResolverClient(); - nock('http://1.1.1.1:8200') - .post('/v1/sys/wrapping/unwrap') - .reply(200, { "request_id": "794d6246-1349-cb90-dc31-befd0fbadf95", "lease_id": "", "renewable": false, "lease_duration": 0, "data": { "secret_id": "ewq-eq-eqw", "secret_id_accessor": "a26d5bc6-8088-3895-1372-58a311c4d83a" }, "wrap_info": null, "warnings": null, "auth": null }); - nock('http://1.1.1.1:8200') - .post('/v1/auth/approle/login') - .reply(200, {"request_id":"89527902-256d-0bd0-328b-8288549b991c","lease_id":"", "renewable":false,"lease_duration":0,"data":null, "wrap_info":null,"warnings":null, "auth":{"client_token":"this-is-test-token-value", "accessor":"DR8vhrYNUK7CrkRvextEn4CN", "policies":["default","test"], "token_policies":["default","test"], "metadata":{"role_name":"runtime-init-role"}, "lease_duration":3600,"renewable":true, "entity_id":"8b693540-35da-99b9-22fe-70b9eabbd159", "token_type":"service", "orphan":true} }); - nock('http://1.1.1.1:8200') - .get('/v1/kv/data/credential') - .reply(200, {"request_id":"fa302a64-0852-4245-1883-782fe8b5b504","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":{"secret0":"b1gAdminPazz","secret1":"thisIsTestPassword123","secret2":"asdasfdar212@"},"metadata":{"created_time":"2021-08-08T12:16:00.931168619Z","deletion_time":"","destroyed":false,"version":1}},"wrap_info":null,"warnings":null,"auth":null}); - runtimeParameters = [ - { - name: 'SECRET_FROM_HASHICORP_VAULT', - type: 'secret', - secretProvider: { - type: 'Vault', - environment: 'hashicorp', - vaultServer: 'http://1.1.1.1:8200', - secretsEngine: 'kv2', - secretPath: 'kv/data/credential', - field: 'data', - version: '1', - authBackend: { - type: 'approle', - roleId: { - type: 'inline', - value: 'qweq-qweq-qwe' - }, - secretId: { - type: 'inline', - value: 'ewq-eq-eqw', - unwrap: true - } - } - } - } - ]; - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => { - assert.strictEqual(results['SECRET_FROM_HASHICORP_VAULT'].secret0, 'b1gAdminPazz'); - assert.strictEqual(results['SECRET_FROM_HASHICORP_VAULT'].secret1, 'thisIsTestPassword123'); - assert.strictEqual(results['SECRET_FROM_HASHICORP_VAULT'].secret2, 'asdasfdar212@'); - }); - }); - - - it('should validate resolveRuntimeParameters no secret match', () => { - const resolver = new ResolverClient(); - resolver._resolveSecret = sinon.stub().resolves(''); - resolver._resolveMetadata = sinon.stub().resolves('ru65wrde-vm0'); - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => { - assert.strictEqual(Object.keys(results).length, 12); - assert.strictEqual(results.SOME_NAME, 'SOME VALUE'); - assert.strictEqual(results.AZURE_HOST_NAME, 'ru65wrde-vm0'); - }); - }); - - it('should validate self IP metadata and ipcalc resolveRuntimeParameters', () => { - const resolver = new ResolverClient(); - resolver._resolveSecret = sinon.stub().resolves(''); - resolver.getCloudProvider = sinon.stub().callsFake(() => { - const cloudClient = { - init: sinon.stub(), - getMetadata: sinon.stub().resolves('10.0.1.4/24'), - getTagValue: sinon.stub().resolves('') - }; - return Promise.resolve(cloudClient); - }); - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => { - assert.strictEqual(Object.keys(results).length, 12); - assert.strictEqual(results.SOME_NAME, 'SOME VALUE'); - assert.strictEqual(results.AZURE_SELF_IP, '10.0.1.4/24'); - assert.strictEqual(results.AZURE_GATEWAY_IP, '10.0.1.1'); - assert.strictEqual(results.AZURE_BITMASK, 24); - assert.strictEqual(results.AZURE_SELF_IP_ADDRESS, '10.0.1.4'); - }); - }); - - it('should validate resolveRuntimeParameters no parameter match', () => { - const resolver = new ResolverClient(); - resolver._resolveSecret = sinon.stub().resolves(''); - resolver._resolveMetadata = sinon.stub().resolves(''); - resolver._resolveUrl = sinon.stub().resolves(''); - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => { - assert.strictEqual(Object.keys(results).length, 3); - assert.strictEqual(results.SOME_NAME, 'SOME VALUE'); - assert.strictEqual(results.NETWORK_SIZE_STATIC, 256); - }); - }); - - it('should validate unknown runtime parameter case', () => { - const resolver = new ResolverClient(); - runtimeParameters = [ - { - name: 'AWS_PASS', - type: 'wrong', - secretProvider: { - type: 'SecretsManager', - environment: 'aws', - version: 'AWSCURRENT', - secretId: 'secert-document' - } - }, - { - name: 'AZURE_PASS', - type: 'wrong', - secretProvider: { - type: 'SecretClient', - environment: 'azure', - version: '6e86876be4ce46a49ec578dfda897593', - secretId: 'this-secret', - debug: true - } - }, - { - name: 'AZURE_HOST_NAME', - type: 'wrong', - metadataProvider: { - type: 'compute', - environment: 'azure', - field: 'name' - } - }, - { - name: 'SOME_NAME', - type: 'static', - value: 'SOME VALUE' - } - ]; - - resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then(() => { - assert.ok(false); - }) - .catch((err) => { - assert.ok(err.message.includes('Runtime parameter type is unknown')); - }); - }); - - it('should validate resolveOnboardActions', () => { - const resolver = new ResolverClient(); - resolver.utilsRef.verifyDirectory = sinon.stub(); - resolver.utilsRef.runShellCommand = sinon.stub().resolves(''); - resolver.utilsRef.downloadToFile = sinon.stub().resolves(''); - return resolver.resolveOnboardActions(onboardActions, true) - .then(() => { - assert.ok(resolver.utilsRef.verifyDirectory.called); - assert.ok(resolver.utilsRef.runShellCommand.called); - assert.ok(resolver.utilsRef.downloadToFile.called); - }) - .catch(() => { - assert.ok(false); - }); - }); - - it('should validate resolveOnboardActions with no secrets in actions', () => { - const resolver = new ResolverClient(); - resolver.utilsRef.verifyDirectory = sinon.stub(); - resolver.utilsRef.runShellCommand = sinon.stub().resolves(''); - resolver.utilsRef.downloadToFile = sinon.stub().resolves(''); - return resolver.resolveOnboardActions(onboardActions, false) - .then(() => { - assert.ok(resolver.utilsRef.verifyDirectory.called); - assert.ok(resolver.utilsRef.runShellCommand.called); - assert.ok(resolver.utilsRef.downloadToFile.called); - }) - .catch(() => { - assert.ok(false); - }); - }); - - it('should validate resolveOnboardActions throw error', () => { - const resolver = new ResolverClient(); - resolver.utilsRef.verifyDirectory = sinon.stub(); - const invalidOnboardActions = [ - { - name: "test_inline_command", - type: "invalid", - commands: [ - "test_command_01", - "test_command_02" - ] - } - ]; - return resolver.resolveOnboardActions(invalidOnboardActions) - .then(() => { - assert.ok(false); - }) - .catch((error) => { - assert.ok(error.message.includes('Unexpected onboard action type')) - }); - }); - - it('should validate _resolveUrl throw error when invalida JSON', () => { - const resolver = new ResolverClient(); - nock.cleanAll(); - runtimeParameters = [ - { - name: 'REGION', - type: 'url', - value: 'http://169.254.169.254/my-test' - } - ]; - nock('http://169.254.169.254') - .get('/my-test') - .reply(200, 'us-west'); - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => assert.strictEqual(results.REGION, 'us-west')) - .catch(() => assert.ok(false)) - }); - - it('should validate _resolveUrl works correctly when fetched string value is bigger than supported number data type', () => { - const resolver = new ResolverClient(); - nock.cleanAll(); - runtimeParameters = [ - { - name: 'TEST_PASSWORD', - type: 'url', - value: 'http://169.254.169.254/my-test-password' - } - ]; - nock('http://169.254.169.254') - .get('/my-test-password') - .reply(200, '9058358705045800063'); - return resolver.resolveRuntimeParameters(runtimeParameters, {}, 0) - .then((results) => assert.strictEqual(results.TEST_PASSWORD, '9058358705045800063')) - }); -}); diff --git a/tests/unit/telemetry/telemetryClientTests.ts b/tests/unit/telemetry/telemetryClientTests.ts deleted file mode 100644 index 778b5df6..00000000 --- a/tests/unit/telemetry/telemetryClientTests.ts +++ /dev/null @@ -1,567 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ('EULA') for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -/* eslint-disable global-require */ -import assert from 'assert'; -import sinon from 'sinon'; -import nock from 'nock'; -import mock from 'mock-fs'; -import { ManagementClient } from '../../../src/lib/bigip/managementClient'; -import { TelemetryClient } from '../../../src/lib/telemetry/telemetryClient'; -import * as pkgjson from '../../../package.json'; -import * as constants from '../../../src/constants'; -// Import test payloads -import * as bigipMgmtSysReadyResponse from '../payloads/bigip_mgmt_sys_ready.json'; -import * as bigipMgmtSysHardwareResponse from '../payloads/bigip_mgmt_sys_hardware.json'; -import * as bigipMgmtSysHardwareSizeInMbResponse from '../payloads/bigip_mgmt_sys_hardware_sizeInMb.json'; -import * as bigipMgmtSysSoftwareVolumeResponse from '../payloads/bigip_mgmt_sys_software_volume.json'; -import * as bigipMgmtSysGlobablSettingsResponse from '../payloads/bigip_mgmt_sys_global_settings.json'; -import * as bigipMgmtSysManagementIpResponse from '../payloads/bigip_mgmt_sys_management_ip.json'; -import * as bigipMgmtSysProvisionResponse from '../payloads/bigip_mgmt_sys_provision.json'; -import * as bigipMgmtSysInstalledPackagesResponse from '../payloads/bigip_mgmt_sys_installed_packages.json'; -import * as bigipMgmtSysMemoryResponse from '../payloads/bigip_mgmt_sys_memory.json'; -import * as bigipMgmtNetInterfacesResponse from '../payloads/bigip_mgmt_net_interface.json'; -import * as bigipMgmtSysLicenseResponse from '../payloads/bigip_mgmt_sys_license.json'; -import * as bigipMgmtSysLogicalDisk from '../payloads/bigip_mgmt_sys_logical_disk.json'; -import * as config from '../payloads/declaration_example.json'; - -describe('Telemetry Client', () => { - let telemetryClient; - let mgmtClient; - after(() => { - Object.keys(require.cache) - .forEach((key) => { - delete require.cache[key]; - }); - }); - - beforeEach(() => { - nock.cleanAll(); - sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'info' }); - mgmtClient = new ManagementClient(); - telemetryClient = new TelemetryClient(mgmtClient); - telemetryClient.utils.runShellCommand = sinon.stub(); - telemetryClient.utils.runShellCommand.withArgs('python --version') - .resolves('Python 2.7.5'); - telemetryClient.utils.runShellCommand.withArgs('python -c \"import sys;print(sys.version)\"') - .resolves('2.7.5 (default, Jan 21 2020, 10:23:35)\n[GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]'); - telemetryClient.utils.runShellCommand.withArgs('node --version') - .resolves('v6.9.1'); - telemetryClient.utils.runShellCommand.withArgs('ssh -V') - .resolves('OpenSSH_7.4p1, OpenSSL 1.0.2s-fips 28 May 2019'); - telemetryClient.getCloudProvider = sinon.stub(); - telemetryClient.getCloudProvider.withArgs('aws', {}).resolves({ - init: sinon.stub().resolves(), - getCloudName: sinon.stub().returns('aws'), - getCustomerId: sinon.stub().returns('123456423'), - getRegion: sinon.stub().returns('us-west') - }); - nock('http://localhost:8100') - .get('/mgmt/tm/sys/ready') - .reply(200, bigipMgmtSysReadyResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/hardware') - .reply(200, bigipMgmtSysHardwareResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/software/volume') - .reply(200, bigipMgmtSysSoftwareVolumeResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/global-settings') - .reply(200, bigipMgmtSysGlobablSettingsResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/management-ip') - .reply(200, bigipMgmtSysManagementIpResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/provision') - .reply(200, bigipMgmtSysProvisionResponse); - - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/installed-packages') - .reply(200, bigipMgmtSysInstalledPackagesResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/memory') - .reply(200, bigipMgmtSysMemoryResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/license') - .reply(200, bigipMgmtSysLicenseResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/disk/logical-disk') - .reply(200, bigipMgmtSysLogicalDisk); - }); - - afterEach(() => { - nock.cleanAll(); - sinon.restore(); - }); - - it('should validate constructor', () => { - assert.strictEqual(telemetryClient._mgmtClient, mgmtClient); - assert.strictEqual(telemetryClient.uriPrefix, mgmtClient.uriPrefix); - assert.strictEqual(telemetryClient.authHeader, mgmtClient.authHeader); - assert.strictEqual(telemetryClient.telemetryType, `${pkgjson.name}-data`); - assert.strictEqual(telemetryClient.teemAssetInfo.name, `${pkgjson.name}`); - assert.strictEqual(telemetryClient.teemAssetInfo.version, `${pkgjson.version}`); - assert.strictEqual(telemetryClient.telemetryTypeVersion, constants.TELEMETRY_TYPE_VERSION); - }); - - it('should validate sendPostHook without custom properties', () => { - const postHookConfig = { - name: 'example_webhook', - type: 'webhook', - url: 'https://postman-echo.com/post', - verifyTls: true - }; - sinon.stub(telemetryClient, '_getSystemInfo').resolves(); - nock(postHookConfig.url) - .post('/') - .reply(200); - telemetryClient.sendPostHook(postHookConfig) - .then((result) => { - assert.strictEqual(result, 'Successfully sent post hook!'); - }); - }); - - it('should validate sendPostHook with custom properties', () => { - const mgmtClient = new ManagementClient(); - const telemetryClient = new TelemetryClient(mgmtClient); - const postHookConfig = { - name: 'example_webhook', - type: 'webhook', - url: 'https://postman-echo.com/post', - properties: { - customKey1: 'customValue1' - }, - verifyTls: false - }; - const systemInfo = sinon.stub(telemetryClient, '_getSystemInfo').resolves({ - id: 'test-id01', - product: 'test-product', - version: 'test-version', - platformId: 'test-platform-id', - cpuCount: 121212, - nicCount: 3, - regKey: 'this is test regkey', - memoryInMb: 33333, - diskSize: 77824, - hostname: 'this-is-test-hostname', - management: 'this-is-test-mgmt', - provisionedModules: undefined, /* eslint-disable-line @typescript-eslint/no-explicit-any */ - installedPackages: undefined, /* eslint-disable-line @typescript-eslint/no-explicit-any */ - environment: { - pythonVersion: 'this is python version', - pythonVersionDetailed: 'python version details', - nodeVersion: 'node version', - libraries: { - ssh: 'ssh version', - } - } - }); - nock(postHookConfig.url) - .post('/') - .reply(200); - telemetryClient.sendPostHook(postHookConfig) - .then(() => { - assert.notStrictEqual(systemInfo, postHookConfig); - }); - }); - - it('should validate _getTemplateInfo method', () => { - mock({ - '/config/cloud/': { - 'telemetry_install_params.tmp': 'templateName:v0.0.1/foo/boo/test-template-name.yaml' - } - }); - - const result = telemetryClient._getTemplateInfo(); - assert.strictEqual(result.name, 'test-template-name.yaml'); - assert.strictEqual(result.version, 'v0.0.1'); - mock.restore(); - }); - - it('should validate _getInstallParameters method', () => { - mock({ - '/config/cloud/': { - 'telemetry_install_params.tmp': 'key01:value01\nkey02:value02' - } - }); - - const result = telemetryClient._getInstallParameters(); - assert.ok(result.length == 2); - assert.strictEqual(result[0].key, 'key01'); - assert.strictEqual(result[0].value, 'value01'); - assert.strictEqual(result[1].key, 'key02'); - assert.strictEqual(result[1].value, 'value02'); - mock.restore(); - }); - - it('should validate sendPostHook rejects on failed request', () => { - const postHookConfig = { - name: 'example_webhook', - type: 'webhook', - url: 'https://postman-echo.com/post', - verifyTls: false - }; - sinon.stub(telemetryClient, '_getSystemInfo').resolves(); - nock(postHookConfig.url) - .post('/') - .reply(404); - telemetryClient.sendPostHook(postHookConfig) - .catch((err) => { - assert.ok(err.message.includes('Webhook failed: 404')); - }); - }); - - it('should validate _getSystemInfo failure', () => { - const expectedPayload = { - id: '', - product: '', - cpuCount: 0, - diskSize: 0, - memoryInMb: 0, - version: '', - nicCount: 0, - regKey: '', - platformId: '', - hostname: '', - management: '', - provisionedModules: {}, - installedPackages: {}, - environment: { - pythonVersion: '', - pythonVersionDetailed: '', - nodeVersion: '', - libraries: { - ssh: '' - } - } - }; - sinon.stub(mgmtClient, 'isReady').rejects(new Error('this is test error')); - telemetryClient._getSystemInfo() - .then((result) => { - assert.strictEqual( - new Buffer(JSON.stringify(result)).toString('base64'), - new Buffer(JSON.stringify(expectedPayload)).toString('base64') - ); - }) - }); - - it('should validate init method', () => { - return telemetryClient.init({ - configFile: '/tmp/test-config.yaml', - config: config, - startTime: (new Date()).toISOString(), - endTime: (new Date()).toISOString(), - result: 'SUCCESS', - resultSummary: 'This is test summary' - }) - .then(() => { - assert.strictEqual(telemetryClient.systemInfo.cpuCount, 2); - assert.strictEqual(telemetryClient.systemInfo.product, 'BIG-IP'); - assert.strictEqual(telemetryClient.systemInfo.diskSize, 77824); - assert.strictEqual(telemetryClient.systemInfo.platformId, 'Z100'); - assert.strictEqual(telemetryClient.systemInfo.version, '15.1.0.1'); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate createTelemetryData method', () => { - const testDate = (new Date()).toISOString(); - return telemetryClient.init({ - configFile: '/tmp/test-config.yaml', - config: config, - startTime: testDate, - endTime: testDate, - result: 'SUCCESS', - resultSummary: 'This is test summary' - }) - .then(() => { - const response = telemetryClient.createTelemetryData(); - console.log(JSON.stringify(response)); - assert.strictEqual(response.platformDetails.platform, 'BIG-IP'); - assert.strictEqual(response.platformDetails.platformId, 'Z100'); - assert.strictEqual(response.operation.endTime, testDate); - assert.strictEqual(response.operation.startTime, testDate); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate report method', () => { - telemetryClient.F5TeemDevice = sinon.stub().returns({ - reportRecord: sinon.stub().resolves() - }); - return telemetryClient.init({ - configFile: '/tmp/test-config.yaml', - config: config, - startTime: (new Date()).toISOString(), - endTime: (new Date()).toISOString(), - result: 'SUCCESS', - resultSummary: 'This is test summary' - }) - .then(() => { - return telemetryClient.report(telemetryClient.createTelemetryData()) - }) - .then(() => { - assert.ok(true); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate diskSize in Mb', () => { - nock.cleanAll(); - nock('http://localhost:8100') - .get('/mgmt/tm/sys/ready') - .reply(200, bigipMgmtSysReadyResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/hardware') - .reply(200, bigipMgmtSysHardwareSizeInMbResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/software/volume') - .reply(200, bigipMgmtSysSoftwareVolumeResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/global-settings') - .reply(200, bigipMgmtSysGlobablSettingsResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/management-ip') - .reply(200, bigipMgmtSysManagementIpResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/provision') - .reply(200, bigipMgmtSysProvisionResponse); - - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/installed-packages') - .reply(200, bigipMgmtSysInstalledPackagesResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/memory') - .reply(200, bigipMgmtSysMemoryResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/license') - .reply(200, bigipMgmtSysLicenseResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/disk/logical-disk') - .reply(200, bigipMgmtSysLogicalDisk); - const emptyConfig = {}; - const testDate = (new Date()).toISOString(); - return telemetryClient.init({ - configFile: '/tmp/test-config.yaml', - config: emptyConfig, - startTime: testDate, - endTime: testDate, - result: 'SUCCESS', - resultSummary: 'This is test summary' - }) - .then(() => { - const response = telemetryClient.createTelemetryData(); - assert.strictEqual(response.platformDetails.system.diskSize, 77824); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate data is collected when BIGIP is not licenced', () => { - nock.cleanAll(); - nock('http://localhost:8100') - .get('/mgmt/tm/sys/ready') - .reply(200, bigipMgmtSysReadyResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/hardware') - .reply(200, bigipMgmtSysHardwareSizeInMbResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/software/volume') - .reply(200, bigipMgmtSysSoftwareVolumeResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/global-settings') - .reply(200, bigipMgmtSysGlobablSettingsResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/management-ip') - .reply(200, bigipMgmtSysManagementIpResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/provision') - .reply(200, bigipMgmtSysProvisionResponse); - - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/installed-packages') - .reply(200, bigipMgmtSysInstalledPackagesResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/memory') - .reply(200, bigipMgmtSysMemoryResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, bigipMgmtNetInterfacesResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/license') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/disk/logical-disk') - .reply(200, bigipMgmtSysLogicalDisk); - - const emptyConfig = {}; - const testDate = (new Date()).toISOString(); - return telemetryClient.init({ - configFile: '/tmp/test-config.yaml', - config: emptyConfig, - startTime: testDate, - endTime: testDate, - result: 'FAILURE', - resultSummary: 'This is test summary' - }) - .then(() => { - const response = telemetryClient.createTelemetryData(); - assert.strictEqual(response.platformDetails.system.diskSize, 77824); - }) - .catch(err => Promise.reject(err)); - }); - - - it('should validate data is collected when BIGIP REST API is not responding', () => { - nock.cleanAll(); - nock('http://localhost:8100') - .get('/mgmt/tm/sys/ready') - .reply(200, bigipMgmtSysReadyResponse); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/hardware') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/software/volume') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/global-settings') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/management-ip') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/provision') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/shared/iapp/installed-packages') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/memory') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/net/interface') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/license') - .reply(200, {}); - - nock('http://localhost:8100') - .get('/mgmt/tm/sys/disk/logical-disk') - .reply(200, {}); - - const emptyConfig = {}; - const testDate = (new Date()).toISOString(); - return telemetryClient.init({ - configFile: '/tmp/test-config.yaml', - config: emptyConfig, - startTime: testDate, - endTime: testDate, - result: 'FAILURE', - resultSummary: 'This is test summary' - }) - .then(() => { - const response = telemetryClient.createTelemetryData(); - assert.strictEqual(response.platformDetails.system.diskSize, 0); - assert.strictEqual(response.platformDetails.system.cpuCount, 0); - assert.strictEqual(response.platformDetails.system.memory, 0); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate empty declaration', () => { - const emptyConfig = {}; - const testDate = (new Date()).toISOString(); - return telemetryClient.init({ - configFile: '/tmp/test-config.yaml', - config: emptyConfig, - startTime: testDate, - endTime: testDate, - result: 'SUCCESS', - resultSummary: 'This is test summary' - }) - .then(() => { - const response = telemetryClient.createTelemetryData(); - assert.strictEqual(response.operation.endTime, testDate); - assert.strictEqual(response.operation.startTime, testDate); - assert.strictEqual(response.operation.rawCommand, 'f5-runtime-init -c /tmp/test-config.yaml'); - assert.strictEqual(response.product.locale, 'en-US'); - assert.strictEqual(response.product.version, pkgjson.version); - assert.strictEqual(response.platformDetails.nicCount, 2); - assert.strictEqual(response.platformDetails.platformId, 'Z100'); - assert.strictEqual(response.templateInfo.cloud, 'aws'); - assert.strictEqual(response.templateInfo.region, 'us-west'); - assert.strictEqual(response.platformDetails.system.cpuCount, 2); - assert.strictEqual(response.platformDetails.system.diskSize, 77824); - assert.strictEqual(response.platformDetails.system.memory, 14016); - }) - .catch(err => Promise.reject(err)); - }); - - it('should validate init without parameters', () => { - return telemetryClient.init() - .then(() => { - const response = telemetryClient.createTelemetryData(); - assert.strictEqual(response.operation.endTime, 0); - assert.strictEqual(response.operation.startTime, 0); - assert.strictEqual(response.operation.rawCommand, undefined); - assert.strictEqual(response.product.locale, 'en-US'); - assert.strictEqual(response.product.version, pkgjson.version); - assert.strictEqual(response.platformDetails.nicCount, 2); - assert.strictEqual(response.platformDetails.platformId, 'Z100'); - assert.strictEqual(response.templateInfo.cloud, 'aws'); - assert.strictEqual(response.templateInfo.region, 'us-west'); - assert.strictEqual(response.platformDetails.packages['f5-service-discovery-1.2.9-2.noarch'], '1.2.9'); - assert.strictEqual(response.platformDetails.packages['f5-declarative-onboarding-1.10.0-2.noarch'], '1.10.0'); - assert.strictEqual(response.platformDetails.packages['f5-appsvcs-3.20.0-3.noarch'], '3.20.0'); - assert.strictEqual(response.platformDetails.packages['f5-appsvcs-templates-1.1.0-1.noarch'], '1.1.0'); - }).catch(err => Promise.reject(err)); - }); -}); diff --git a/tests/unit/utilsTests.ts b/tests/unit/utilsTests.ts deleted file mode 100644 index d0fec520..00000000 --- a/tests/unit/utilsTests.ts +++ /dev/null @@ -1,349 +0,0 @@ -/* - * Copyright 2019. F5 Networks, Inc. See End User License Agreement ("EULA") for - * license terms. Notwithstanding anything to the contrary in the EULA, Licensee - * may copy and modify this software product for its internal business purposes. - * Further, Licensee may upload, publish and distribute the modified version of - * the software product on devcentral.f5.com. - */ - -'use strict'; - -import assert from 'assert'; -import sinon from 'sinon'; -import mock from 'mock-fs'; -import nock from 'nock'; - -/* eslint-disable global-require */ -sinon.stub(process, 'env').value({ F5_BIGIP_RUNTIME_INIT_LOG_LEVEL: 'info' }); - -describe('Util', () => { - let util; - - before(() => { - util = require('../../src/lib/utils.ts'); - }); - after(() => { - Object.keys(require.cache).forEach((key) => { - delete require.cache[key]; - }); - }); - - - describe('retrier', () => { - it('should validate resolve', () => { - const fakeFuncSpy = sinon.stub().resolves(); - - return util.retrier(fakeFuncSpy, [], { }) - .then(() => assert.strictEqual(fakeFuncSpy.callCount, 1)) - .catch(err => Promise.reject(err)); - }); - - it('should validate reject', () => { - const fakeFuncSpy = sinon.stub().rejects(); - const retryCount = 2; - - return util.retrier(fakeFuncSpy, [], { maxRetries: retryCount, retryInterval: 10 }) - .then(() => assert.fail()) - .catch(() => assert.strictEqual(fakeFuncSpy.callCount, retryCount)); - }); - }); - - describe('renderData', () => { - it('should validate renderData with correct inputs', async () => { - const response = await util.renderData('{{ TEST_VALUE }} - TRUE', - { TEST_VALUE: 'TRUE' }); - assert.strictEqual(response, 'TRUE - TRUE'); - }); - }); - - describe('convertTo', () => { - it('should validate convertTo for string', async () => { - const result = util.convertTo(111, 'string'); - assert.ok(typeof result === 'string'); - }); - it('should validate convertTo for number', async () => { - const result = util.convertTo('111', 'number'); - assert.ok(typeof result === 'number'); - }); - it('should validate convertTo for boolean', async () => { - const result = util.convertTo('true', 'boolean'); - assert.ok(typeof result === 'boolean'); - }); - it('should validate convertTo without datatype', async () => { - const result = util.convertTo('9058358705045800063'); - assert.ok(typeof result === 'string'); - }); - }); - - describe('checkForSecrets', () => { - it('should validate checkForSecrets with correct inputs', async () => { - const response = await util.checkForSecrets('{{ TEST_VALUE }} - TRUE'); - assert.strictEqual(response, true); - }); - - it('should validate checkForSecrets with correct inputs - false', async () => { - const response = await util.checkForSecrets('Just a statement'); - assert.strictEqual(response, false); - }); - }); - - describe('makeRequest', () => { - afterEach(() => { - if(!nock.isDone()) { - throw new Error(`Not all nock interceptors were used: ${nock.pendingMocks()}`) - } - nock.cleanAll(); - mock.restore(); - }); - it('should make request (HTTP)', async () => { - nock('https://192.0.2.1') - .get('/') - .reply(200, { foo: 'bar' }); - - const response = await util.makeRequest('https://192.0.2.1/'); - assert.deepStrictEqual(response, { code: 200, body: { foo: 'bar' } }); - }); - - it('should fail request (FTP)', async () => { - util.makeRequest('ftp://192.0.2.1/') - .then(() => assert.fail()) - .catch((error) => assert.ok(error.message.includes('Invalid protocol'))); - }); - }); - - describe('readFileContent', () => { - it('should validate readFileContent when file exists', () => { - mock({ - 'fake/dir': { - 'fake.txt': '12345' - } - }); - - const file = 'fake/dir/fake.txt'; - const response = util.readFileContent(file); - - assert.strictEqual(response, '12345'); - mock.restore(); - }); - - it('should validate readFileContent when file does not exist', () => { - const file = 'fake/dir/fake.txt'; - const response = util.readFileContent(file); - - assert.strictEqual(response, ''); - mock.restore(); - }); - - }); - - describe('verifyHash', () => { - it('should return true with valid extension hash inputs', () => { - mock({ - 'fake/dir': { - 'fake.txt': '12345' - } - }); - - const file = 'fake/dir/fake.txt'; - const extensionHash = '5994471abb01112afcc18159f6cc74b4f511b99806da59b3caf5a9c173cacfc5'; - const response = util.verifyHash(file, extensionHash); - - assert.strictEqual(response, true); - mock.restore(); - }); - - it('should return false with invalid extension hash inputs', () => { - mock({ - 'fake/dir': { - 'fake.txt': '12345' - } - }); - - const file = 'fake/dir/fake.txt'; - const extensionHash = 'abc'; - - assert.ok(!util.verifyHash(file, extensionHash)); - mock.restore(); - }); - }); - - describe('validate verifyDirectory', () => { - it('should validate verifyDirectory does not create directory', () => { - mock({ - 'fake/dir': mock.directory({ - mode: '0755' - }) - }); - util.verifyDirectory('fake/dir'); - assert.ok(true); - mock.restore(); - }); - - it('should validate verifyDirectory creates directory', () => { - mock({ - 'fake/dir': mock.directory({}) - }); - util.verifyDirectory('fake/dir'); - assert.ok(true); - mock.restore(); - }); - }); - - describe('validate runShellCommand', () => { - it('should validate runShellCommand creates directory', () => { - return util.runShellCommand('echo test') - .then((response) => assert.notStrictEqual('test', response)) - .catch(err => Promise.reject(err)); - }); - - it('should validate runShellCommand with invalidate command', () => { - return util.runShellCommand('invalid-shell-command') - .then(() => assert.ok(false)) - .catch((err) => assert.notStrictEqual(err.message, '/bin/sh: invalid-shell-command: command not found')) - }); - }); - - describe('validate loadData', () => { - afterEach(() => { - if(!nock.isDone()) { - throw new Error(`Not all nock interceptors were used: ${nock.pendingMocks()}`) - } - nock.cleanAll(); - mock.restore(); - }); - it('should validate loadData successful execution via FILE', () => { - mock({ - '/var/lib/cloud/': { - 'fake.txt': '12345' - } - }); - - return util.loadData( 'file:////var/lib/cloud/fake.txt', { - locationType: 'file' - }) - .then((resp) => assert.strictEqual(resp, 12345)) - .catch(err => Promise.reject(err)); - }); - - it('should validate loadData successful execution via FILE with default options', () => { - mock({ - '/var/lib/cloud/': { - 'fake.txt': '12345' - } - }); - - return util.loadData( 'file:////var/lib/cloud/fake.txt') - .then((resp) => assert.strictEqual(resp, 12345)) - .catch(err => Promise.reject(err)); - }); - - it('should validate loadData successful execution via URL', () => { - nock('https://fakedomain.com') - .get('/awesome_file.txt') - .reply(200, { - id: 1 - }); - mock({ - '/config/fake-ssl': { - 'cert.pem': '12345' - } - }); - - return util.loadData( 'https://fakedomain.com/awesome_file.txt', { - locationType: 'url', - verifyTls: true, - trustedCertBundles: ['/config/fake-ssl/cert.pem'] - }) - .then((resp) => assert.strictEqual(resp.id, 1)) - .catch(err => Promise.reject(err)); - }); - - it('should validate loadData successful execution for YAML via URL', () => { - nock('https://fakedomain.com') - .get('/awesome_file.yaml') - .reply(200, `runtime_parameters: - id: 1 - `); - mock({ - '/config/fake-ssl': { - 'cert.pem': '12345' - } - }); - - return util.loadData( 'https://fakedomain.com/awesome_file.yaml', { - locationType: 'url', - verifyTls: true, - trustedCertBundles: ['/config/fake-ssl/cert.pem'] - }) - .then((resp) => assert.strictEqual(resp.runtime_parameters.id, 1)) - .catch(err => Promise.reject(err)); - }); - - it('should validate loadData failed for bad config via URL', () => { - nock('https://fakedomain.com') - .get('/bad_file.yaml') - .reply(200, `runtime_parameters`); - mock({ - '/config/fake-ssl': { - 'cert.pem': '12345' - } - }); - - return util.loadData( 'https://fakedomain.com/bad_file.yaml', { - locationType: 'url', - verifyTls: true, - trustedCertBundles: ['/config/fake-ssl/cert.pem'] - }) - .then(() => assert.ok(false)) - .catch((err) => assert.ok(err.message.includes('The config loaded'))) - }); - - it('should validate loadData failed execution via URL', () => { - nock('https://fakedomain.com') - .get('/awesome_file.txt') - .replyWithError('Not found'); - - return util.loadData( 'https://fakedomain.com/awesome_file.txt', { - locationType: 'url' - }) - .then(() => assert.ok(false)) - .catch(err => assert.ok(err.message.includes('Not found'))); - }); - - it('should validate loadData failure due to unknown type', () => { - return util.loadData( 'sbn:////fakedomain.com/awesome_file.txt', { - locationType: 'sbn' - }) - .then(() => assert.ok(false)) - .catch((err) => assert.ok(err.message.includes('Unknown url type'))) - }); - }); - - describe('validate downloadToFile', () => { - afterEach(() => { - if(!nock.isDone()) { - throw new Error(`Not all nock interceptors were used: ${nock.pendingMocks()}`) - } - nock.cleanAll(); - mock.restore(); - }); - - it('should validate downloadToFile successful execution', () => { - nock('https://fakedomain.com') - .get('/awesome_file.txt') - .reply(200, { - id: 1 - }); - return util.downloadToFile( 'https://fakedomain.com/awesome_file.txt', 'test_file.txt') - .catch(err => Promise.reject(err)); - }); - - it('should validate downloadToFile failure', () => { - nock('https://fakedomain.com') - .get('/awesome_file.txt') - .replyWithError('Not found'); - return util.downloadToFile( 'https://fakedomain.com/awesome_file.txt', 'test_file.txt') - .catch((err) => assert.ok(err.message.includes('Not found'))); - }); - }) -}); diff --git a/tests/unit/validatorTests.ts b/tests/unit/validatorTests.ts deleted file mode 100644 index fd971e23..00000000 --- a/tests/unit/validatorTests.ts +++ /dev/null @@ -1,86 +0,0 @@ -/** - * Copyright 2019 F5 Networks, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -'use strict'; - -import * as fs from 'fs'; -import * as path from 'path'; -import assert from 'assert'; -import * as yaml from 'js-yaml'; -import Validator from '../../src/lib/validator'; - -const validator = new Validator(); - -/* eslint-disable quotes, quote-props */ - -describe('validator', () => { - it('should validate valid json data', () => { - const data = { - "runtime_parameters": [], - "extension_packages": { - "install_operations": [ - { - "extensionType": "as3", - "extensionVersion": "3.13.0" - } - ] - }, - "extension_services": { - "service_operations": [] - } - }; - const validation = validator.validate(data); - assert.strictEqual(validation.isValid, true); - assert.strictEqual(validation.errors, 'No errors'); - }); - - it('should validate valid json data from file', () => { - const data = JSON.parse(fs.readFileSync(path.resolve(__dirname, '../../scripts/config/cloud_config_local.json')).toString()); - const validation = validator.validate(data); - assert.strictEqual(validation.isValid, true); - assert.strictEqual(validation.errors, 'No errors'); - }); - - it('should validate valid yaml data', () => { - const data = ` - runtime_parameters: [] - extension_packages: - install_operations: [{extensionType: as3, extensionVersion: 3.13.0}] - extension_services: - service_operations: [] - `; - const config = yaml.safeLoad(data); - const validation = validator.validate(config); - assert.strictEqual(validation.isValid, true); - assert.strictEqual(validation.errors, 'No errors'); - }); - - it('should validate valid yaml data from a file', () => { - const config = yaml.safeLoad(fs.readFileSync(path.resolve(__dirname, '../../scripts/config/cloud_config_local.yaml')).toString()); - const validation = validator.validate(config); - assert.strictEqual(validation.isValid, true); - assert.strictEqual(validation.errors, 'No errors'); - }); - - it('should invalidate invalid data', () => { - it('should validate valid data', () => { - const data = {}; - const validation = validator.validate(data); - assert.strictEqual(validation.isValid, false); - assert.strictEqual(Array.isArray(validation.errors), true); - }); - }); -});