Skip to content

Commit

Permalink
Zowe Suite v2.13.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@zowe-robot
zowe-robot authored Nov 28, 2023
2 parents 11165fd + 206b452 commit a94da2b
Show file tree
Hide file tree
Showing 3 changed files with 73 additions and 9 deletions.
7 changes: 6 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,12 @@
# Zlux App Server Changelog

All notable changes to the Zlux App Server package will be documented in this file.


## v2.13.0
- Enhancement: Updated schema to allow cipher customization in IANA format. (#284)
- Enhancement: Updated schema to allow curve customization. (#284)
- Enhancement: Updated defaults to read TLS settings and IP settings from the "zowe.network.server" attribute of Zowe.yaml. (#284)

## v2.12.0
- enhancement: new versions of components can change the location of their plugins, as the app-server will now re-inspect the plugin locations on each startup. (#280)
- bugfix: Removed error message "components/app-server/bin/configure.sh 26: .: FSUM6807 expression syntax error" seen in startup of Zowe in v2.11.0, caused by incorrect shell syntax. (#283)
Expand Down
50 changes: 45 additions & 5 deletions defaults/serverConfig/defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,17 @@ components:
hostname: "${{ function a(){ if (process.env.ZWE_INTERNAL_HOST) { return process.env.ZWE_INTERNAL_HOST; } else if (process.env.ZWE_haInstance_hostname) { return process.env.ZWE_haInstance_hostname; } else { return undefined; } }; a() }}"
https:
ipAddresses: "${{ function a(){
let addresses;
if (components['app-server'].zowe?.network?.server?.listenAddresses) {
addresses = components['app-server'].zowe.network.server.listenAddresses;
} else if (zowe.network?.server?.listenAddresses) {
addresses = zowe.network.server.listenAddresses;
} else {
addresses = ['0.0.0.0'];
}
if (process.env.ZOWE_LOOPBACK_ADDRESS && process.env.BIND_TO_LOOPBACK == 'true') {
return [ process.env.ZOWE_LOOPBACK_ADDRESS , '0.0.0.0' ];
} else { return ['0.0.0.0'] } };
return [ process.env.ZOWE_LOOPBACK_ADDRESS ].concat(addresses);
} else { return addresses } };
a() }}"
port: "${{ function a(){
if (process.env.ZWED_SERVER_HTTPS_PORT) {
Expand All @@ -32,23 +40,23 @@ components:
} else { return Number(7556); } };
a() }}"
keys: '${{ function a() {
if (zowe.certificate?.keystore?.type == "JCERACFKS") {
if (zowe.certificate?.keystore?.type && zowe.certificate.keystore.type.match("JCE.*KS")) {
return [ zowe.certificate.keystore.file+"&"+zowe.certificate.keystore.alias ];
} else if (zowe.certificate?.pem?.key) {
return [ zowe.certificate.pem.key ];
} else {
return [ "../defaults/serverConfig/zlux.keystore.key" ]; } };
a() }}'
certificates: '${{ function a(){
if (zowe.certificate?.keystore?.type == "JCERACFKS") {
if (zowe.certificate?.keystore?.type && zowe.certificate.keystore.type.match("JCE.*KS")) {
return [ zowe.certificate.keystore.file+"&"+zowe.certificate.keystore.alias ];
} else if (zowe.certificate?.pem?.certificate) {
return [ zowe.certificate.pem.certificate ];
} else {
return [ "../defaults/serverConfig/zlux.keystore.cer" ]; } };
a() }}'
certificateAuthorities: '${{ function a() {
if (zowe.certificate?.truststore?.type == "JCERACFKS") {
if (zowe.certificate?.truststore?.type && zowe.certificate.truststore.type.match("JCE.*KS")) {
return [ zowe.certificate.truststore.file ];
} else if(zowe.certificate?.pem?.certificateAuthorities) {
if (Array.isArray(zowe.certificate.pem.certificateAuthorities)) {
Expand All @@ -58,6 +66,38 @@ components:
}
} else { return ["../defaults/serverConfig/apiml-localca.cer"]; } };
a() }}'
maxTls: '${{ function a(){
if (components["app-server"].zowe?.network?.server?.tls?.maxTls) {
return components["app-server"].zowe.network.server.tls.maxTls;
} else if (zowe.network?.server?.tls?.maxTls) {
return zowe.network.server.tls.maxTls;
} else {
return "TLSv1.3"; } };
a() }}'
minTls: '${{ function a(){
if (components["app-server"].zowe?.network?.server?.tls?.minTls) {
return components["app-server"].zowe.network.server.tls.minTls;
} else if (zowe.network?.server?.tls?.minTls) {
return zowe.network.server.tls.minTls;
} else {
return "TLSv1.2"; } };
a() }}'
ciphers: '${{ function a(){
if (components["app-server"].zowe?.network?.server?.tls?.ciphers) {
return components["app-server"].zowe.network.server.tls.ciphers.join(":");
} else if (zowe.network?.server?.tls?.ciphers) {
return zowe.network.server.tls.ciphers.join(":");
} else {
return "" } };
a() }}'
curves: '${{ function a(){
if (components["app-server"].zowe?.network?.server?.tls?.curves) {
return components["app-server"].zowe.network.server.tls.curves;
} else if (zowe.network?.server?.tls?.curves) {
return zowe.network.server.tls.curves;
} else {
return [] } };
a() }}'
loopbackAddress: "${{ function a(){ if (process.env.ZOWE_LOOPBACK_ADDRESS) { return process.env.ZOWE_LOOPBACK_ADDRESS; } else { return undefined; } }; a() }}"
mediationLayer:
server:
Expand Down
25 changes: 22 additions & 3 deletions schemas/app-server-config.json
100644 → 100755
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,13 +48,32 @@
"deprecated": true,
"description": "Passes through the secureProtocol attribute to TLS calls of nodeJS, as defined within https://nodejs.org/api/tls.html#tlscreatesecurecontextoptions"
},
"maxTls": {
"type": "string",
"enum": ["TLSv1.2", "TLSv1.3"],
"default": "TLSv1.3",
"description": "Maximum TLS version allowed for network connections."
},
"minTls": {
"type": "string",
"enum": ["TLSv1.2", "TLSv1.3"],
"default": "TLSv1.2",
"description": "Minimum TLS version allowed for network connections, and less than or equal to maxTls."
},
"ciphers": {
"oneOf": [
{ "$ref": "#/$defs/nodejsDefaultCiphers" },
{ "$ref": "#/$defs/zoweDefaultCiphers" },
{ "$ref": "#/$defs/customCiphers" }
]
},
"curves": {
"type": "array",
"description": "A list of curve NIDs or names, for example P-521, P-384, P-256",
"items": {
"type": "string"
}
},
"enableTrace": {
"type": "boolean",
"default": false
Expand Down Expand Up @@ -620,7 +639,7 @@
{ "$ref": "#/$defs/zoweDefaultCiphers" }
]
},
"description": "Instructs app-server to use the list of ciphers in this string when using TLS. String must be in the form defined here https://nodejs.org/api/tls.html#modifying-the-default-tls-cipher-suite"
"description": "Instructs app-server to use the list of ciphers in this string when using TLS. String is a colon separated list of IANA or openSSL names"
},
"headerCustomization": {
"type": "object",
Expand Down Expand Up @@ -660,14 +679,14 @@
},
"safKeyringCertObject": {
"type": "string",
"pattern": "^safkeyring:(\/\/)+.*$"
"pattern": "^safkeyring.*:(\/\/)+.*$"
},
"pathCertObject": {
"type": "string",
"not": {
"anyOf": [
{ "pattern": "^file:\/\/.*$" },
{ "pattern": "^safkeyring:(\/\/)+.*$" }
{ "pattern": "^safkeyring.*:(\/\/)+.*$" }
]
}
},
Expand Down

0 comments on commit a94da2b

Please sign in to comment.