From 4522b705759166b8da97d81945c4175ba788574b Mon Sep 17 00:00:00 2001 From: Leanid Astrakou Date: Mon, 9 Sep 2024 22:35:12 -0400 Subject: [PATCH 01/13] Updated hardcoded Zlux files with correct V3 contents Signed-off-by: Leanid Astrakou --- files/zlux/config/allowedPlugins.json | 4 ++++ files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json | 5 +++++ files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json diff --git a/files/zlux/config/allowedPlugins.json b/files/zlux/config/allowedPlugins.json index 368cac3a02..8a46519147 100644 --- a/files/zlux/config/allowedPlugins.json +++ b/files/zlux/config/allowedPlugins.json @@ -52,6 +52,10 @@ "identifier": "org.zowe.zlux.ng2desktop", "versions": ["*"] }, + { + "identifier": "org.zowe.zlux.ivydesktop", + "versions": ["*"] + }, { "identifier": "org.zowe.zlux.ng2desktop.settings", "versions": ["*"] diff --git a/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json b/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json new file mode 100644 index 0000000000..2fd18ed29b --- /dev/null +++ b/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json @@ -0,0 +1,5 @@ +{ + "identifier": "org.zowe.zlux.ng2desktop", + "pluginLocation": "zlux-app-manager/virtual-desktop", + "relativeTo": "$ZLUX_ROOT_DIR" +} diff --git a/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json b/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json index 2fd18ed29b..a645c6dac7 100644 --- a/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json +++ b/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json @@ -1,5 +1,5 @@ { "identifier": "org.zowe.zlux.ng2desktop", - "pluginLocation": "zlux-app-manager/virtual-desktop", + "pluginLocation": "zlux-app-manager/virtual-desktop-v2", "relativeTo": "$ZLUX_ROOT_DIR" } From 66a79ea880a5b6f5c0141d6f886a5b05d23d9e21 Mon Sep 17 00:00:00 2001 From: Leanid Astrakou Date: Mon, 9 Sep 2024 23:11:12 -0400 Subject: [PATCH 02/13] Missed a spot Signed-off-by: Leanid Astrakou --- files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json b/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json index 2fd18ed29b..1a791b6331 100644 --- a/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json +++ b/files/zlux/config/plugins/org.zowe.zlux.ivydesktop.json @@ -1,5 +1,5 @@ { - "identifier": "org.zowe.zlux.ng2desktop", + "identifier": "org.zowe.zlux.ivydesktop", "pluginLocation": "zlux-app-manager/virtual-desktop", "relativeTo": "$ZLUX_ROOT_DIR" } From 0c18afd12dae15bb92f82d57083f19f1879756af Mon Sep 17 00:00:00 2001 From: Leanid Astrakou Date: Tue, 10 Sep 2024 00:28:11 -0400 Subject: [PATCH 03/13] Added the zlux-core build Signed-off-by: Leanid Astrakou --- manifest.json.template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json.template b/manifest.json.template index 6194230ca9..d0db9db68e 100644 --- a/manifest.json.template +++ b/manifest.json.template @@ -12,8 +12,8 @@ }, "binaryDependencies": { "org.zowe.zlux.zlux-core": { - "version": "^3.0.0-V3.X-STAGING-ZLUX-CORE", - "artifact": "*.pax" + "version": "^3.0.0-976-v3.x-staging-zlux-build", + "artifact": "zlux-core-3.0.0-20240909.163536.pax" }, "org.zowe.zlux.sample-angular-app": { "version": "^3.0.0-V3.X-STAGING", From fa7604db01520d2e2cf3beae3494492ca15be559 Mon Sep 17 00:00:00 2001 From: Leanid Astrakou Date: Tue, 10 Sep 2024 01:29:13 -0400 Subject: [PATCH 04/13] Updated manifest.json Signed-off-by: Leanid Astrakou --- manifest.json.template | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json.template b/manifest.json.template index d0db9db68e..666e8f7075 100644 --- a/manifest.json.template +++ b/manifest.json.template @@ -13,7 +13,7 @@ "binaryDependencies": { "org.zowe.zlux.zlux-core": { "version": "^3.0.0-976-v3.x-staging-zlux-build", - "artifact": "zlux-core-3.0.0-20240909.163536.pax" + "artifact": "zlux-core-3.0.0-20240910.052021.pax" }, "org.zowe.zlux.sample-angular-app": { "version": "^3.0.0-V3.X-STAGING", From 625d016b6d5fe8ae5de4a5e5f1efc087de7ca017 Mon Sep 17 00:00:00 2001 From: Leanid Astrakou Date: Tue, 10 Sep 2024 01:43:56 -0400 Subject: [PATCH 05/13] Updated hopefully the correct one? Signed-off-by: Leanid Astrakou --- manifest.json.template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json.template b/manifest.json.template index 666e8f7075..d5b6db8aba 100644 --- a/manifest.json.template +++ b/manifest.json.template @@ -12,8 +12,8 @@ }, "binaryDependencies": { "org.zowe.zlux.zlux-core": { - "version": "^3.0.0-976-v3.x-staging-zlux-build", - "artifact": "zlux-core-3.0.0-20240910.052021.pax" + "version": "^3.0.0-zlux-build-PR-148", + "artifact": "zlux-core-3.0.0-20240910.051708.pax" }, "org.zowe.zlux.sample-angular-app": { "version": "^3.0.0-V3.X-STAGING", From db1cdc253577cd587d17cc22d9444bf2df1a6c33 Mon Sep 17 00:00:00 2001 From: Leanid Astrakou Date: Tue, 10 Sep 2024 01:45:36 -0400 Subject: [PATCH 06/13] Surely, this one right? Signed-off-by: Leanid Astrakou --- manifest.json.template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json.template b/manifest.json.template index d5b6db8aba..39494dcdea 100644 --- a/manifest.json.template +++ b/manifest.json.template @@ -12,8 +12,8 @@ }, "binaryDependencies": { "org.zowe.zlux.zlux-core": { - "version": "^3.0.0-zlux-build-PR-148", - "artifact": "zlux-core-3.0.0-20240910.051708.pax" + "version": "^3.0.0-zlux-app-manager-PR-625", + "artifact": "zlux-core-3.0.0-20240910.045830.pax" }, "org.zowe.zlux.sample-angular-app": { "version": "^3.0.0-V3.X-STAGING", From b49b45ad4a2d1a457975c6e2c8943f8c7fedf5f9 Mon Sep 17 00:00:00 2001 From: codezfire <124693900+codezfire@users.noreply.github.com> Date: Mon, 2 Sep 2024 09:18:52 +0200 Subject: [PATCH 07/13] Create zowe_base_sca.json SCA json definitions to validate zowe user security requirements and access Signed-off-by: codezfire <124693900+codezfire@users.noreply.github.com> --- files/sca/zowe_base_sca.json | 168 +++++++++++++++++++++++++++++++++++ 1 file changed, 168 insertions(+) create mode 100644 files/sca/zowe_base_sca.json diff --git a/files/sca/zowe_base_sca.json b/files/sca/zowe_base_sca.json new file mode 100644 index 0000000000..29e69f2dac --- /dev/null +++ b/files/sca/zowe_base_sca.json @@ -0,0 +1,168 @@ +{ + "ServiceId": "AZWE001BASE0S", + "ServiceName": "Zowe Configuration - Server", + "MetaValidationItemVersion": 2.0, + "Vendor": "OPEN MAINFRAME PROJECT", + "SecurityValidationItems": [ + { + "ItemID": "AZWE001BASE0SI00001000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "ZWES.IS", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe ZWESVSTC processes to access the Zowe ZIS cross memory server." + }, + { + "ItemID": "AZWE001BASE0SI00002000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "BPX.SERVER", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "UPDATE", + "ItemDescription": "To allow the Zowe Desktop ZLUX server to run code on behalf of the API requester's TSO user ID." + }, + { + "ItemID": "AZWE001BASE0SI00003000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "BPX.DAEMON", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "UPDATE", + "ItemDescription": "To allow the Zowe Desktop ZLUX server to run code on behalf of the API requester's TSO user ID." + }, + { + "ItemID": "AZWE001BASE0SI00004000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "BPX.JOBNAME", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow z/OS address spaces for unix processes to be renamed for ease of identification." + }, + { + "ItemID": "AZWE001BASE0SI00005000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "CSFRNGL", + "ResourceClass": "CSFSERV", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To generate symmetric keys using ICSF that is used by Zowe Desktop cookies." + }, + { + "ItemID": "AZWE001BASE0SI00006000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "IRR.RAUDITX", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe Zowe main server to cut SMF records." + }, + { + "ItemID": "AZWE001BASE0SI00007000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "IRR.RUSERMAP", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe to map an X.509 client certificate to a z/OS identity." + }, + { + "ItemID": "AZWE001BASE0SI00008000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "IRR.RADMIN.LISTUSER", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe to obtain information about OMVS segment of the user profile using LISTUSER TSO command." + }, + { + "ItemID": "AZWE001BASE0SI00009000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "OMVSAPPL", + "ResourceClass": "APPL", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe Desktop vendor extensions the ability to use single-sign on." + }, + { + "ItemID": "AZWE001BASE0SI00010000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "SUPERUSER.FILESYS", + "ResourceClass": "UNIXPRIV", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "CONTROL", + "ItemDescription": "An alternative option to allow Zowe user ID to write persistent data in the Zowe directory structure." + }, + { + "ItemID": "AZWE001BASE0SI00011000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "CERTIFICATE", + "ResourceProfile": "IRR.DIGTCERT.LISTRING", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "Permit the Zowe SERVER ID to access the key ring." + }, + { + "ItemID": "AZWE001BASE0SI00012000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "CERTIFICATE", + "ResourceProfile": "IRR.DIGTCERT.GENCERT", + "ResourceClass": "FACILITY", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "CONTROL", + "ItemDescription": "Permit the Zowe SERVER ID to access the private key." + }, + { + "ItemID": "AZWE001BASE0SI00013000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "RDATALIB class", + "ResourceProfile": "..LST", + "ResourceClass": "RDATALIB", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe SERVER ID to access the key ring." + }, + { + "ItemID": "AZWE001BASE0SI00014000", + "ItemType": "SEMI-PROGRAMMABLE", + "ItemCategory": "PASS TICKET", + "ResourceProfile": "", + "ResourceClass": "APPL", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe APIML to evaluate passtickets for application. Used for SSO and client certificate authentication." + }, + { + "ItemID": "AZWE001BASE0SI00015000", + "ItemType": "SEMI-PROGRAMMABLE", + "ItemCategory": "SERVER", + "ResourceProfile": "IRRPTAUTH..ANYUSER", + "ResourceClass": "PTKTDATA", + "WhoNeedsAccess": "ZWESVUSR", + "LevelOfAccessRequired": "UPDATE", + "ItemDescription": "To allow Zowe APIML to evaluate passtickets for application. Used for SSO and client certificate authentication." + }, + { + "ItemID": "AZWE001BASE0SI00016000", + "ItemType": "PROGRAMMABLE", + "ItemCategory": "USER", + "ResourceProfile": "APIML.SERVICES", + "ResourceClass": "ZOWE", + "WhoNeedsAccess": "", + "LevelOfAccessRequired": "READ", + "ItemDescription": "To allow Zowe user to use API Mediation Layer services." + } + ] +} From b8a51c73a69a8fe8f138871d63646280bb57c815 Mon Sep 17 00:00:00 2001 From: codezfire <124693900+codezfire@users.noreply.github.com> Date: Wed, 11 Sep 2024 15:26:13 +0200 Subject: [PATCH 08/13] Delete files/sca/zowe_base_user.json we would be using on the zowe base server json file Signed-off-by: codezfire <124693900+codezfire@users.noreply.github.com> --- files/sca/zowe_base_user.json | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 files/sca/zowe_base_user.json diff --git a/files/sca/zowe_base_user.json b/files/sca/zowe_base_user.json deleted file mode 100644 index 7653fe28b5..0000000000 --- a/files/sca/zowe_base_user.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "ServiceId": "AZWE001BASE0U", - "ServiceName": "Zowe Configuration - User", - "MetaValidationItemVersion": 1.0, - "Vendor": "OPEN MAINFRAME PROJECT", - "SecurityValidationItems": [ - { - "ItemID": "AZWE001BASE0UI00001000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "USER", - "ResourceProfile": "APIML.SERVICES", - "ResourceClass": "ZOWE", - "WhoNeedsAccess": "", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe user to use API Mediation Layer services." - } - ] -} From 746447aecf9a28f12e3f01c19ffe0b59f4c57894 Mon Sep 17 00:00:00 2001 From: Leanid Astrakou Date: Wed, 11 Sep 2024 13:32:19 -0400 Subject: [PATCH 09/13] Update manifest + plugin identifier Signed-off-by: Leanid Astrakou --- files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json | 2 +- manifest.json.template | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json b/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json index a645c6dac7..44a33568d3 100644 --- a/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json +++ b/files/zlux/config/plugins/org.zowe.zlux.ng2desktop.json @@ -1,5 +1,5 @@ { "identifier": "org.zowe.zlux.ng2desktop", - "pluginLocation": "zlux-app-manager/virtual-desktop-v2", + "pluginLocation": "zlux-app-manager-v2/virtual-desktop", "relativeTo": "$ZLUX_ROOT_DIR" } diff --git a/manifest.json.template b/manifest.json.template index 39494dcdea..3739de33a4 100644 --- a/manifest.json.template +++ b/manifest.json.template @@ -12,8 +12,8 @@ }, "binaryDependencies": { "org.zowe.zlux.zlux-core": { - "version": "^3.0.0-zlux-app-manager-PR-625", - "artifact": "zlux-core-3.0.0-20240910.045830.pax" + "version": "^3.0.0-983-v3.x-staging-zlux-build", + "artifact": "zlux-core-3.0.0-20240911.172538.pax" }, "org.zowe.zlux.sample-angular-app": { "version": "^3.0.0-V3.X-STAGING", From 7238c1533d92f1ae2b3081b0738cd09f9e99f016 Mon Sep 17 00:00:00 2001 From: James Struga Date: Wed, 11 Sep 2024 14:09:40 -0400 Subject: [PATCH 10/13] revert to latest pax Signed-off-by: James Struga --- manifest.json.template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json.template b/manifest.json.template index 3739de33a4..6194230ca9 100644 --- a/manifest.json.template +++ b/manifest.json.template @@ -12,8 +12,8 @@ }, "binaryDependencies": { "org.zowe.zlux.zlux-core": { - "version": "^3.0.0-983-v3.x-staging-zlux-build", - "artifact": "zlux-core-3.0.0-20240911.172538.pax" + "version": "^3.0.0-V3.X-STAGING-ZLUX-CORE", + "artifact": "*.pax" }, "org.zowe.zlux.sample-angular-app": { "version": "^3.0.0-V3.X-STAGING", From 10eddae7246fab8853cb920fc453dc19b26ac322 Mon Sep 17 00:00:00 2001 From: MarkAckert Date: Wed, 11 Sep 2024 16:31:08 -0400 Subject: [PATCH 11/13] disable workflow test Signed-off-by: MarkAckert --- pswi/05_test.sh | 54 ++++++++++++++++++++++++------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/pswi/05_test.sh b/pswi/05_test.sh index 079ba78efc..5d50e2f245 100644 --- a/pswi/05_test.sh +++ b/pswi/05_test.sh @@ -15,10 +15,10 @@ echo "Test HLQ :" $TEST_HLQ echo "Test mount point :" $TEST_MOUNT echo "Job name :" $JOBNAME echo "Deploy name :" $DEPLOY_NAME -echo "Software instance name :" $DEPLOY_NAME +echo "Software instance name :" $DEPLOY_NAME echo "Temporary directory :" $TMP_MOUNT echo "Temporary zFS :" $TMP_ZFS -echo "Work zFS :" $WORK_ZFS # For z/OSMF v2.3 +echo "Work zFS :" $WORK_ZFS # For z/OSMF v2.3 echo "Work mount point :" $WORK_MOUNT # For z/OSMF v2.3 echo "Storage Class :" $STORCLAS echo "Volume :" $VOLUME @@ -31,10 +31,10 @@ NEW_PSWI_JSON='{"name":"'${PSWI}'","system":"'${ZOSMF_SYSTEM}'","description":"Z # Check if temp zFS for PSWI is mounted echo "Checking/mounting ${TMP_ZFS}" sh scripts/tmp_mounts.sh "${TMP_ZFS}" "${TMP_MOUNT}" -if [ $? -gt 0 ];then exit -1;fi +if [ $? -gt 0 ]; then exit -1; fi cd ../.pax -sshpass -p${ZOSMF_PASS} sftp -o HostKeyAlgorithms=+ssh-rsa -o BatchMode=no -o StrictHostKeyChecking=no -o PubkeyAuthentication=no -b - -P ${ZZOW_SSH_PORT} ${ZOSMF_USER}@${HOST} << EOF +sshpass -p${ZOSMF_PASS} sftp -o HostKeyAlgorithms=+ssh-rsa -o BatchMode=no -o StrictHostKeyChecking=no -o PubkeyAuthentication=no -b - -P ${ZZOW_SSH_PORT} ${ZOSMF_USER}@${HOST} < JCL -echo ${JOBST2} >> JCL -echo "//UNPAXDIR EXEC PGM=BPXBATCH" >> JCL -echo "//STDOUT DD SYSOUT=*" >> JCL -echo "//STDERR DD SYSOUT=*" >> JCL -echo "//STDPARM DD *" >> JCL -echo "SH set -x;set -e;" >> JCL -echo "mkdir -p ${EXPORT};" >> JCL -echo "cd ${EXPORT};" >> JCL -echo "pax -rv -f ${TMP_MOUNT}/${SWI_NAME}.pax.Z;" >> JCL -echo "rm ${TMP_MOUNT}/${SWI_NAME}.pax.Z;" >> JCL -echo "/*" >> JCL +echo ${JOBST1} >JCL +echo ${JOBST2} >>JCL +echo "//UNPAXDIR EXEC PGM=BPXBATCH" >>JCL +echo "//STDOUT DD SYSOUT=*" >>JCL +echo "//STDERR DD SYSOUT=*" >>JCL +echo "//STDPARM DD *" >>JCL +echo "SH set -x;set -e;" >>JCL +echo "mkdir -p ${EXPORT};" >>JCL +echo "cd ${EXPORT};" >>JCL +echo "pax -rv -f ${TMP_MOUNT}/${SWI_NAME}.pax.Z;" >>JCL +echo "rm ${TMP_MOUNT}/${SWI_NAME}.pax.Z;" >>JCL +echo "/*" >>JCL -sh scripts/submit_jcl.sh "`cat JCL`" -if [ $? -gt 0 ];then exit -1;fi +sh scripts/submit_jcl.sh "$(cat JCL)" +if [ $? -gt 0 ]; then exit -1; fi rm JCL # z/OSMF 2.3 @@ -65,7 +65,7 @@ rm JCL # Check if work zFS for PSWI is mounted echo "Checking/mounting ${WORK_ZFS}" sh scripts/tmp_mounts.sh "${WORK_ZFS}" "${WORK_MOUNT}" -if [ $? -gt 0 ];then exit -1;fi +if [ $? -gt 0 ]; then exit -1; fi # Run the deployment test echo " Running the deployment test for z/OSMF version 2.3" @@ -75,12 +75,12 @@ python scripts/deploy_test_2_3.py echo "Mounting ${TEST_HLQ}.ZFS" sh scripts/tmp_mounts.sh "${TEST_HLQ}.ZFS" "${TEST_MOUNT}" -if [ $? -gt 0 ];then exit -1;fi +if [ $? -gt 0 ]; then exit -1; fi -echo "Registering/testing the configuration workflow ${TEST_HLQ}.WORKFLOW(ZWECONF)" -sh scripts/wf_run_test.sh "${TEST_HLQ}.WORKFLOW(ZWECONF)" -if [ $? -gt 0 ];then exit -1;fi - -echo "Registering/testing the configuration workflow ${TEST_MOUNT}/content/files/workflows/ZWECONF.xml" -sh scripts/wf_run_test.sh "${TEST_MOUNT}/files/workflows/ZWECONF.xml" -if [ $? -gt 0 ];then exit -1;fi +# echo "Registering/testing the configuration workflow ${TEST_HLQ}.WORKFLOW(ZWECONF)" +# sh scripts/wf_run_test.sh "${TEST_HLQ}.WORKFLOW(ZWECONF)" +# if [ $? -gt 0 ];then exit -1;fi +# +# echo "Registering/testing the configuration workflow ${TEST_MOUNT}/content/files/workflows/ZWECONF.xml" +# sh scripts/wf_run_test.sh "${TEST_MOUNT}/files/workflows/ZWECONF.xml" +# if [ $? -gt 0 ];then exit -1;fi From c2fa5373968236796df02ae73db14fdffdf522c4 Mon Sep 17 00:00:00 2001 From: codezfire <124693900+codezfire@users.noreply.github.com> Date: Thu, 12 Sep 2024 10:34:58 +0200 Subject: [PATCH 12/13] Update zowe_base_sca.json Signed-off-by: codezfire <124693900+codezfire@users.noreply.github.com> --- files/sca/zowe_base_sca.json | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/files/sca/zowe_base_sca.json b/files/sca/zowe_base_sca.json index 29e69f2dac..7300cfa3fe 100644 --- a/files/sca/zowe_base_sca.json +++ b/files/sca/zowe_base_sca.json @@ -1,21 +1,21 @@ { - "ServiceId": "AZWE001BASE0S", + "ServiceId": "AZWE003BASE0S", "ServiceName": "Zowe Configuration - Server", "MetaValidationItemVersion": 2.0, "Vendor": "OPEN MAINFRAME PROJECT", "SecurityValidationItems": [ { - "ItemID": "AZWE001BASE0SI00001000", + "ItemID": "AZWE003BASE0SI00001000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "ZWES.IS", "ResourceClass": "FACILITY", "WhoNeedsAccess": "ZWESVUSR", "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe ZWESVSTC processes to access the Zowe ZIS cross memory server." + "ItemDescription": "To allow Zowe ZWESVSTC processes to access the Zowe ZIS cross-memory server." }, { - "ItemID": "AZWE001BASE0SI00002000", + "ItemID": "AZWE003BASE0SI00002000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "BPX.SERVER", @@ -25,7 +25,7 @@ "ItemDescription": "To allow the Zowe Desktop ZLUX server to run code on behalf of the API requester's TSO user ID." }, { - "ItemID": "AZWE001BASE0SI00003000", + "ItemID": "AZWE003BASE0SI00003000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "BPX.DAEMON", @@ -35,7 +35,7 @@ "ItemDescription": "To allow the Zowe Desktop ZLUX server to run code on behalf of the API requester's TSO user ID." }, { - "ItemID": "AZWE001BASE0SI00004000", + "ItemID": "AZWE003BASE0SI00004000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "BPX.JOBNAME", @@ -45,7 +45,7 @@ "ItemDescription": "To allow z/OS address spaces for unix processes to be renamed for ease of identification." }, { - "ItemID": "AZWE001BASE0SI00005000", + "ItemID": "AZWE003BASE0SI00005000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "CSFRNGL", @@ -55,7 +55,7 @@ "ItemDescription": "To generate symmetric keys using ICSF that is used by Zowe Desktop cookies." }, { - "ItemID": "AZWE001BASE0SI00006000", + "ItemID": "AZWE003BASE0SI00006000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "IRR.RAUDITX", @@ -65,7 +65,7 @@ "ItemDescription": "To allow Zowe Zowe main server to cut SMF records." }, { - "ItemID": "AZWE001BASE0SI00007000", + "ItemID": "AZWE003BASE0SI00007000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "IRR.RUSERMAP", @@ -75,7 +75,7 @@ "ItemDescription": "To allow Zowe to map an X.509 client certificate to a z/OS identity." }, { - "ItemID": "AZWE001BASE0SI00008000", + "ItemID": "AZWE003BASE0SI00008000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "IRR.RADMIN.LISTUSER", @@ -85,7 +85,7 @@ "ItemDescription": "To allow Zowe to obtain information about OMVS segment of the user profile using LISTUSER TSO command." }, { - "ItemID": "AZWE001BASE0SI00009000", + "ItemID": "AZWE003BASE0SI00009000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "OMVSAPPL", @@ -95,7 +95,7 @@ "ItemDescription": "To allow Zowe Desktop vendor extensions the ability to use single-sign on." }, { - "ItemID": "AZWE001BASE0SI00010000", + "ItemID": "AZWE003BASE0SI00010000", "ItemType": "PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "SUPERUSER.FILESYS", @@ -105,7 +105,7 @@ "ItemDescription": "An alternative option to allow Zowe user ID to write persistent data in the Zowe directory structure." }, { - "ItemID": "AZWE001BASE0SI00011000", + "ItemID": "AZWE003BASE0SI00011000", "ItemType": "PROGRAMMABLE", "ItemCategory": "CERTIFICATE", "ResourceProfile": "IRR.DIGTCERT.LISTRING", @@ -115,7 +115,7 @@ "ItemDescription": "Permit the Zowe SERVER ID to access the key ring." }, { - "ItemID": "AZWE001BASE0SI00012000", + "ItemID": "AZWE003BASE0SI00012000", "ItemType": "PROGRAMMABLE", "ItemCategory": "CERTIFICATE", "ResourceProfile": "IRR.DIGTCERT.GENCERT", @@ -125,7 +125,7 @@ "ItemDescription": "Permit the Zowe SERVER ID to access the private key." }, { - "ItemID": "AZWE001BASE0SI00013000", + "ItemID": "AZWE003BASE0SI00013000", "ItemType": "PROGRAMMABLE", "ItemCategory": "RDATALIB class", "ResourceProfile": "..LST", @@ -135,7 +135,7 @@ "ItemDescription": "To allow Zowe SERVER ID to access the key ring." }, { - "ItemID": "AZWE001BASE0SI00014000", + "ItemID": "AZWE003BASE0SI00014000", "ItemType": "SEMI-PROGRAMMABLE", "ItemCategory": "PASS TICKET", "ResourceProfile": "", @@ -145,7 +145,7 @@ "ItemDescription": "To allow Zowe APIML to evaluate passtickets for application. Used for SSO and client certificate authentication." }, { - "ItemID": "AZWE001BASE0SI00015000", + "ItemID": "AZWE003BASE0SI00015000", "ItemType": "SEMI-PROGRAMMABLE", "ItemCategory": "SERVER", "ResourceProfile": "IRRPTAUTH..ANYUSER", @@ -155,7 +155,7 @@ "ItemDescription": "To allow Zowe APIML to evaluate passtickets for application. Used for SSO and client certificate authentication." }, { - "ItemID": "AZWE001BASE0SI00016000", + "ItemID": "AZWE003BASE0SI00016000", "ItemType": "PROGRAMMABLE", "ItemCategory": "USER", "ResourceProfile": "APIML.SERVICES", From d8c4cd0e6026672edd8f558d2dbe2e59a971dbda Mon Sep 17 00:00:00 2001 From: codezfire <124693900+codezfire@users.noreply.github.com> Date: Thu, 12 Sep 2024 16:03:53 +0200 Subject: [PATCH 13/13] Delete files/sca/zowe_base_server.json Signed-off-by: codezfire <124693900+codezfire@users.noreply.github.com> --- files/sca/zowe_base_server.json | 138 -------------------------------- 1 file changed, 138 deletions(-) delete mode 100644 files/sca/zowe_base_server.json diff --git a/files/sca/zowe_base_server.json b/files/sca/zowe_base_server.json deleted file mode 100644 index 6cfd05c68c..0000000000 --- a/files/sca/zowe_base_server.json +++ /dev/null @@ -1,138 +0,0 @@ -{ - "ServiceId": "AZWE001BASE0S", - "ServiceName": "Zowe Configuration - Server", - "MetaValidationItemVersion": 1.0, - "Vendor": "OPEN MAINFRAME PROJECT", - "SecurityValidationItems": [ - { - "ItemID": "AZWE001BASE0SI00001000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "ZWES.IS", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe ZWESVSTC processes to access the Zowe ZIS cross memory server." - }, - { - "ItemID": "AZWE001BASE0SI00002000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "BPX.SERVER", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "UPDATE", - "ItemDescription": "To allow the Zowe Desktop ZLUX server to run code on behalf of the API requester's TSO user ID." - }, - { - "ItemID": "AZWE001BASE0SI00003000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "BPX.DAEMON", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "UPDATE", - "ItemDescription": "To allow the Zowe Desktop ZLUX server to run code on behalf of the API requester's TSO user ID." - }, - { - "ItemID": "AZWE001BASE0SI00004000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "BPX.JOBNAME", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow z/OS address spaces for unix processes to be renamed for ease of identification." - }, - { - "ItemID": "AZWE001BASE0SI00005000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "CSFRNGL", - "ResourceClass": "CSFSERV", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To generate symmetric keys using ICSF that is used by Zowe Desktop cookies." - }, - { - "ItemID": "AZWE001BASE0SI00006000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRR.RUSERMAP", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe to map an X.509 client certificate to a z/OS identity." - }, - { - "ItemID": "AZWE001BASE0SI00007000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRR.RADMIN.LISTUSER", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe to obtain information about OMVS segment of the user profile using LISTUSER TSO command." - }, - { - "ItemID": "AZWE001BASE0SI00008000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "OMVSAPPL", - "ResourceClass": "APPL", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe Desktop vendor extensions the ability to use single-sign on." - }, - { - "ItemID": "AZWE001BASE0SI00009000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "SUPERUSER.FILESYS", - "ResourceClass": "UNIXPRIV", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "CONTROL", - "ItemDescription": "An alternative option to allow Zowe user ID to write persistent data in the Zowe directory structure." - }, - { - "ItemID": "AZWE001BASE0SI00010000", - "ItemType": "SEMI-PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRRPTAUTH..ANYUSER", - "ResourceClass": "PTKTDATA", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "UPDATE", - "ItemDescription": "To allow Zowe APIML to generate passtickets for application. Used for SSO and client certificate authentication." - }, - { - "ItemID": "AZWE001BASE0SI00011000", - "ItemType": "SEMI-PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRRPTAUTH..ANYUSER", - "ResourceClass": "PTKTDATA", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe APIML to evaluate passtickets for application. Used for SSO and client certificate authentication." - }, - { - "ItemID": "AZWE001BASE0SI00012000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRR.DIGTCERT.LISTRING", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "READ", - "ItemDescription": "To allow Zowe user id to access his own keyring." - }, - { - "ItemID": "AZWE001BASE0SI00013000", - "ItemType": "PROGRAMMABLE", - "ItemCategory": "SERVER", - "ResourceProfile": "IRR.DIGTCERT.GENCERT", - "ResourceClass": "FACILITY", - "WhoNeedsAccess": "ZWESVUSR", - "LevelOfAccessRequired": "CONTROL", - "ItemDescription": "To optionally allow Zowe user id to use SITE owned certificate as a server certificate." - } - ] -}