Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add global and component level network configuration options #3509

Merged
merged 8 commits into from
Nov 17, 2023
72 changes: 72 additions & 0 deletions schemas/zowe-yaml-schema.json
Original file line number Diff line number Diff line change
@@ -423,6 +423,35 @@
"additionalProperties": false,
"description": "Optional, advanced network configuration parameters",
"properties": {
"bind": {
"type": "array",
"description": "The IP addresses which all of the Zowe servers will be binding to.",
"items": {
"type": "string"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dont make it a string. cant do good validation on that.
use this: https://github.com/zowe/zowe-install-packaging/blob/v2.x/staging/schemas/server-common.json#L78

and we should have an ipv6 one too, even though we dont support ipv6 yet...

}
},
"ciphers": {
"type": "array",
"description": "Acceptable TLS cipher suites for network connections.",
"items": {
"type": "string"
}
},
"curves": {
"type": "array",
"description": "Acceptable key exchange elliptic curves for network connections.",
"items": {
"type": "string"
}
},
"maxTls": {
"type": "string",
"description": "Maximum TLS version allowed for network connections. Must be: 1.0, 1.1, 1.2, or 1.3."
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if it 'must be' anything, make it an enum.
"enum": [ "1.0", "1.1" ]...
I agree with enum because "string" is unhelpful, it doesnt tell you what's possible.

},
"minTls": {
"type": "string",
"description": "Minimum TLS version allowed for network connections. Must be: 1.0, 1.1, 1.2, or 1.3."
},
"vipaIp": {
"type": "string",
"description": "The IP address which all of the Zowe servers will be binding to. If you are using multiple DIPVA addresses, do not use this option."
@@ -842,6 +871,49 @@
"default": "yes"
}
}
},
"zowe": {
"type": "object",
"description": "Component level overrides for top level Zowe network configuration.",
"additionalProperties": false,
"properties": {
"network": {
"type": "object",
"additionalProperties": false,
"description": "Optional, advanced network configuration parameters",
"properties": {
"bind": {
"type": "array",
"description": "The IP addresses which all of the Zowe servers will be binding to.",
"items": {
"type": "string"
}
},
"ciphers": {
"type": "array",
"description": "Acceptable TLS cipher suites for network connections.",
"items": {
"type": "string"
}
},
"curves": {
"type": "array",
"description": "Acceptable key exchange elliptic curves for network connections.",
"items": {
"type": "string"
}
},
"maxTls": {
"type": "string",
"description": "Maximum TLS version allowed for network connections. Must be: 1.0, 1.1, 1.2, or 1.3."
},
"minTls": {
"type": "string",
"description": "Minimum TLS version allowed for network connections. Must be: 1.0, 1.1, 1.2, or 1.3."
}
}
}
}
}
}
},