Skip to content

Commit

Permalink
Merge branch 'v3.x/staging' of https://github.com/zowe/zowe-install-p…
Browse files Browse the repository at this point in the history
…ackaging into test/v3
  • Loading branch information
DivergentEuropeans committed Sep 24, 2024
2 parents 8d546b0 + 34475a6 commit 98c1090
Show file tree
Hide file tree
Showing 43 changed files with 858 additions and 658 deletions.
10 changes: 9 additions & 1 deletion .github/workflows/build-packaging.yml
Original file line number Diff line number Diff line change
Expand Up @@ -353,8 +353,8 @@ jobs:
jfrog rt dl ${{github.event.inputs.PSWI_SMPE_AZWE_ARTIFACTORY_PATH}}/AZWE002*.zip --flat=true .pax/AZWE002.zip
jfrog rt dl ${{github.event.inputs.PSWI_SMPE_ARTIFACTORY_PATH}}/zowe-smpe-*.zip --flat=true .pax/zowe-smpe.zip
- name: '[SMPE Pax 4] Build PSWI'
id: pswi
if: env.INPUTS_BUILD_PSWI == 'true'
timeout-minutes: 60
run: |
Expand All @@ -367,6 +367,14 @@ jobs:
ZZOW_SSH_PORT: ${{ secrets.SSH_MARIST_ALLSYS_PORT }}
VERSION: ${{ env.P_VERSION }}

- name: Store PSWI folder
uses: actions/upload-artifact@v4
if: env.INPUTS_BUILD_PSWI == 'true' && failure()
with:
name: pswi-folder
path: |
pswi/**
- name: '[K8S] Build Kubernetes'
timeout-minutes: 10
if: env.INPUTS_BUILD_KUBERNETES == 'true'
Expand Down
60 changes: 60 additions & 0 deletions .github/workflows/pswi-zowe-config-test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
name: PSWI zowe.yaml sync check

permissions:
id-token: write
issues: write
pull-requests: write
contents: write

on:
push:
branches:
- v3.x/staging
pull_request:
types: [opened, synchronize]
workflow_dispatch:

jobs:
test-pswi-zowe-yaml:
runs-on: ubuntu-latest
steps:

- name: '[Prep 1] Checkout'
uses: actions/checkout@v4

# Taken from shared-actions/prepare-workflow
- name: 'export github username and email'
run: |
git config --global user.name ${{ github.actor }}
echo ${{ github.actor }}
git config --global user.email [email protected]
shell: bash

- name: '[PSI-LOCK] Lock marist servers to build PSWI'
uses: zowe-actions/shared-actions/lock-resource@main
with:
lock-repository: ${{ github.repository }}
github-token: ${{ secrets.GITHUB_TOKEN }}
lock-resource-name: zowe-psi-build-zzow07-lock
lock-avg-retry-interval: 30

- name: 'Test ZWECONF workflow'
id: zweconf
timeout-minutes: 30
run: |
cd pswi
./ZWECONF_test.sh
env:
ZOSMF_USER: ${{ secrets.ZOWE_PSWI_BUILD_USR }}
ZOSMF_PASS: ${{ secrets.ZOWE_PSWI_BUILD_PASSWD }}
ZZOW_SSH_PORT: ${{ secrets.SSH_MARIST_ALLSYS_PORT }}

- name: Store test output
uses: actions/upload-artifact@v4
if: steps.zweconf.outcome != '' && failure()
with:
name: zweconf_test
path: |
pswi/**.txt
pswi/zowe_.yaml
pswi/ZWECONF1/**
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ All notable changes to the Zowe Installer will be documented in this file.

- `zowe.yaml` changed its default z/OSMF Service ID definition from `zosmf` to `ibmzosmf`, which may impact Zowe Clients. For more information on this change, please see the API Mediation Layer's 3.0.0 Breaking Changes.

### New features and enhancements
- Enhancement: Added explanation to possible error message when checking z/OSMF setting. [#3956](https://github.com/zowe/zowe-install-packaging/pull/3956)

<!--Add the PR or issue number to the entry if available.-->

## `2.17.0`
Expand Down
8 changes: 6 additions & 2 deletions bin/commands/internal/start/prepare/index.sh
Original file line number Diff line number Diff line change
Expand Up @@ -144,9 +144,13 @@ global_validate() {
if [ -n "${ZOSMF_HOST}" -a -n "${ZOSMF_PORT}" ]; then
if [[ ${ZWE_ENABLED_COMPONENTS} == *"discovery"* ]]; then
validate_this "validate_zosmf_host_and_port \"${ZOSMF_HOST}\" \"${ZOSMF_PORT}\" 2>&1" "zwe-internal-start-prepare,global_validate:${LINENO}"
else
if [ "${ZWE_components_gateway_apiml_security_auth_provider}" = "zosmf" ]; then
let "ZWE_PRIVATE_ERRORS_FOUND=${ZWE_PRIVATE_OLD_ERRORS_FOUND}+1"
print_error "Using z/OSMF as 'components.gateway.apiml.security.auth.provider' is not possible: discovery is disabled."
print_formatted_info "ZWELS" "zwe-internal-start-prepare,global_validate:${LINENO}" "Zosmf validation failed"
fi
fi
elif [ "${ZWE_components_zaas_apiml_security_auth_provider}" = "zosmf" ]; then
validate_this "validate_zosmf_as_auth_provider \"${ZOSMF_HOST}\" \"${ZOSMF_PORT}\" \"${ZWE_components_zaas_apiml_security_auth_provider}\" 2>&1" "zwe-internal-start-prepare,global_validate:${LINENO}"
fi

check_runtime_validation_result "zwe-internal-start-prepare,global_validate:${LINENO}"
Expand Down
32 changes: 15 additions & 17 deletions bin/commands/internal/start/prepare/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
under the terms of the Eclipse Public License v2.0 which
accompanies this distribution, and is available at
https://www.eclipse.org/legal/epl-v20.html
SPDX-License-Identifier: EPL-2.0
Copyright Contributors to the Zowe Project.
*/

Expand Down Expand Up @@ -75,7 +75,7 @@ function prepareLogDirectory() {
if (logDir) {
os.mkdir(logDir, 0o750);
if (!fs.isDirectoryWritable(logDir)) {
common.printFormattedError("ZWELS", "zwe-internal-start-prepare,prepare_log_directory", `ZWEL0141E: User $(get_user_id) does not have write permission on ${logDir}.`);
common.printFormattedError("ZWELS", "zwe-internal-start-prepare,prepare_log_directory", `ZWEL0141E: User ${user} does not have write permission on ${logDir}.`);
std.exit(141);
}
}
Expand Down Expand Up @@ -172,12 +172,10 @@ function globalValidate(enabledComponents:string[]): void {
privateErrors++;
common.printFormattedError('ZWELS', "zwe-internal-start-prepare,global_validate", "Zosmf validation failed");
}
} else if (std.getenv('ZWE_components_zaas_apiml_security_auth_provider') == "zosmf") {
let zosmfOk = zosmf.validateZosmfAsAuthProvider(zosmfHost, zosmfPort, 'zosmf');
if (!zosmfOk) {
} else if (std.getenv('ZWE_components_gateway_apiml_security_auth_provider') == "zosmf") {
privateErrors++;
common.printError("Using z/OSMF as 'components.gateway.apiml.security.auth.provider' is not possible: discovery is disabled.");
common.printFormattedError('ZWELS', "zwe-internal-start-prepare,global_validate", "Zosmf validation failed");
}
}
}

Expand All @@ -195,7 +193,7 @@ function validateComponents(enabledComponents:string[]): any {
common.printFormattedInfo("ZWELS", "zwe-internal-start-prepare,validate_components", "process component validations ...");

const componentEnvironments = {};

// reset error counter
let privateErrors = 0;
std.setenv('ZWE_PRIVATE_ERRORS_FOUND','0');
Expand Down Expand Up @@ -244,7 +242,7 @@ function validateComponents(enabledComponents:string[]): any {
}
}
});

std.setenv('ZWE_PRIVATE_ERRORS_FOUND', ''+privateErrors);
varlib.checkRuntimeValidationResult("zwe-internal-start-prepare,validate_components");

Expand All @@ -259,8 +257,8 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str

const zwePrivateWorkspaceEnvDir = std.getenv('ZWE_PRIVATE_WORKSPACE_ENV_DIR');
const zweCliParameterHaInstance = std.getenv('ZWE_CLI_PARAMETER_HA_INSTANCE');


enabledComponents.forEach((componentId: string)=> {
common.printFormattedTrace("ZWELS", "zwe-internal-start-prepare,configure_components", `- checking ${componentId}`);
const componentDir = component.findComponentDirectory(componentId);
Expand Down Expand Up @@ -312,7 +310,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
common.printFormattedError("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentApimlStaticDefinitions failure`);
}
// - generic app framework plugin
success=component.processComponentAppfwPlugin(componentDir);
success=component.processComponentAppfwPlugin(componentDir);
if (success) {
common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentAppfwPlugin success`);
} else {
Expand All @@ -326,7 +324,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
} else {
common.printFormattedError("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} processComponentZaasSharedLibs failure`);
}

// - gateway shared lib
success=component.processComponentGatewaySharedLibs(componentDir);
if (success) {
Expand Down Expand Up @@ -362,13 +360,13 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
const result = shell.execOutSync('sh', '-c', `. ${runtimeDirectory}/bin/libs/configmgr-index.sh && cd ${componentDir} && . ${fullPath} ; export rc=$? ; export -p`);

common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", `${componentName} configure ended with rc=${result.rc}`);

if (result.rc==0) {
const exportContent = varlib.getEnvironmentExports(result.out);
if (exportContent) {
const rc = xplatform.storeFileUTF8(`${zwePrivateWorkspaceEnvDir}/${componentName}/.${zweCliParameterHaInstance}.env`, xplatform.AUTO_DETECT, exportContent);
if (!rc) {

} else {
// set permission for the component environment snapshot
shell.execSync('chmod', `700`, `"${zwePrivateWorkspaceEnvDir}/${componentName}/.${zweCliParameterHaInstance}.env"`);
Expand Down Expand Up @@ -396,7 +394,7 @@ function configureComponents(componentEnvironments?: any, enabledComponents?:str
}
}
});

common.printFormattedDebug("ZWELS", "zwe-internal-start-prepare,configure_components", "component configurations are successful");
}

Expand Down Expand Up @@ -462,7 +460,7 @@ export function execute() {
config.sanitizeHaInstanceId();
common.printFormattedInfo("ZWELS", "zwe-internal-start-prepare", `starting Zowe instance ${std.getenv('ZWE_CLI_PARAMETER_HA_INSTANCE')} with ${cliParameterConfig} ...`);

// extra preparations for running in container
// extra preparations for running in container
// this is running in containers
if (runInContainer == 'true') {
prepareRunningInContainer();
Expand Down
10 changes: 5 additions & 5 deletions bin/commands/migrate/for/kubernetes/index.sh
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ done

update_zowe_yaml "${temp_dir}/zowe.yaml" "zowe.externalPort" "${ZWE_CLI_PARAMETER_EXTERNAL_PORT}"
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.gateway.port" "7554"
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.port" "7563"
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.port" "7558"
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.discovery.port" "7553"
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.api-catalog.port" "7552"
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.caching-service.port" "7555"
Expand All @@ -220,13 +220,13 @@ update_zowe_yaml "${temp_dir}/zowe.yaml" "components.explorer-jes.enabled" "true
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.explorer-mvs.enabled" "true"
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.explorer-uss.enabled" "true"

update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.apiml.security.x509.externalMapperUrl" ""
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.apiml.security.authorization.endpoint.url" ""
zaas_auth_provider=$(read_yaml "${temp_dir}/zowe.yaml" ".components.zaas.apiml.security.authorization.endpoint.provider")
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.gateway.apiml.security.x509.externalMapperUrl" ""
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.gateway.apiml.security.authorization.endpoint.url" ""
zaas_auth_provider=$(read_yaml "${temp_dir}/zowe.yaml" ".components.gateway.apiml.security.authorization.endpoint.provider")
if [ "${zaas_auth_provider}" != "" ]; then
print_message "Zowe APIML ZAAS authorization provider is suggested to be empty when running in Kubernetes. 'native' is not supported off Z platform."
fi
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.zaas.apiml.security.authorization.endpoint.provider" ""
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.gateway.apiml.security.authorization.endpoint.provider" ""
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.discovery.replicas" "1"
update_zowe_yaml "${temp_dir}/zowe.yaml" "components.caching-service.storage.mode" ""

Expand Down
13 changes: 0 additions & 13 deletions bin/libs/zosmf.sh
Original file line number Diff line number Diff line change
Expand Up @@ -49,16 +49,3 @@ validate_zosmf_host_and_port() {
print_message "Successfully checked z/OS MF is available on 'https://${zosmf_host}:${zosmf_port}/zosmf/info'"
fi
}

validate_zosmf_as_auth_provider() {
zosmf_host="${1}"
zosmf_port="${2}"
auth_provider="${3}"

if [ -n "${zosmf_host}" -a -n "${zosmf_port}" ]; then
if [ "${auth_provider}" = "zosmf" ]; then
print_error "z/OSMF is not configured. Using z/OSMF as authentication provider is not supported."
return 1
fi
fi
}
11 changes: 0 additions & 11 deletions bin/libs/zosmf.ts
Original file line number Diff line number Diff line change
Expand Up @@ -47,14 +47,3 @@ export function validateZosmfHostAndPort(zosmfHost: string, zosmfPort: number):
}
return zosmfCheckPassed;
}

//TODO isnt this completely backwards?
export function validateZosmfAsAuthProvider(zosmfHost: string, zosmfPort: number, authProvider: string): boolean {
if (zosmfHost && zosmfPort) {
if (authProvider == 'zosmf') {
common.printError("z/OSMF is not configured. Using z/OSMF as authentication provider is not supported.");
return true;
}
}
return false;
}
2 changes: 1 addition & 1 deletion containers/kubernetes/samples/config-cm.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ data:
zaas:
enabled: true
port: 7563
port: 7558
debug: false
discovery:
Expand Down
2 changes: 1 addition & 1 deletion containers/kubernetes/samples/zaas-service.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,6 @@ spec:
ports:
- name: zaas
protocol: TCP
port: 7563
port: 7558
targetPort: zaas-port
appProtocol: https
6 changes: 3 additions & 3 deletions containers/kubernetes/workloads/zaas-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -61,17 +61,17 @@ spec:
cpu: "700m"
ports:
- name: zaas-port
containerPort: 7563
containerPort: 7558
protocol: TCP
startupProbe:
tcpSocket:
port: 7563
port: 7558
# this should give 90 * periodSeconds(default to 10) seconds about 15 minutes to confirm it's ready
periodSeconds: 10
failureThreshold: 90
livenessProbe:
tcpSocket:
port: 7563
port: 7558
# this should give 3 * periodSeconds(default to 10) seconds about 30 seconds to confirm it's offline
periodSeconds: 10
failureThreshold: 3
Expand Down
Loading

0 comments on commit 98c1090

Please sign in to comment.