From f77b23877dd372bbf02977a07992162da3d8ef6f Mon Sep 17 00:00:00 2001 From: 1000TurquoisePogs Date: Thu, 27 Jun 2024 11:29:56 +0200 Subject: [PATCH] Fixes from review Signed-off-by: 1000TurquoisePogs --- bin/commands/init/.help | 33 +++++++++++++ bin/commands/init/certificate/index.sh | 6 +++ bin/commands/init/generate/.help | 65 ++++++++++++++++++++++++++ bin/commands/init/index.sh | 2 - bin/commands/init/index.ts | 2 +- bin/commands/init/mvs/index.sh | 2 - bin/libs/java.ts | 2 +- bin/libs/node.ts | 2 +- workflows/templates/ZWESECUR.vtl | 2 +- 9 files changed, 108 insertions(+), 8 deletions(-) create mode 100644 bin/commands/init/generate/.help diff --git a/bin/commands/init/.help b/bin/commands/init/.help index b3ed7ce8e0..6124314d0f 100644 --- a/bin/commands/init/.help +++ b/bin/commands/init/.help @@ -16,6 +16,39 @@ If you pass `--dry-run` with this command, each subcommand will print out the JCL that it would submit, without doing the submission. This can be used to review what Zowe would do before doing it. +The following are the JCL submitted by each command as needed + +- `zwe init mvs` + - ZWEIMVS + - (If `--allow-overwrite` specified and old datasets exist) ZWERMVS + - (If `zowe.setup.dataset.authLoadLib` is not named prefix + ZWELOAD) ZWEIMVS2 + - (If above is true, and the dataset exists, and `--allow-overwrite` is set) ZWERMVS2 +- `zwe init vsam` + - ZWECSVSM + - (If `--allow-overwrite` specified and old datasets exist) ZWECSRVS +- `zwe init apfauth` + - ZWEIAPF2 +- `zwe init security` + - (If RACF) ZWEIRAC + - (If RACF and z/OS 2.4) ZWIRACZ + - (If TSS) ZWEITSS + - (If TSS and z/OS 2.4) ZWITSSZ + - (If ACF2) ZWEIACF + - (If ACF2 and z/OS 2.4) ZWIACFZ +- `zwe init certificate` + - (If creating keyring and certificate for RACF) ZWEIKRR1 + - (If creating keyring and connecting certificate for RACF) ZWEIKRR2 + - (If creating keyring and importing certificate for RACF) ZWEIKRR3 + - (If creating keyring and certificate for TSS) ZWEIKRR1 + - (If creating keyring and connecting certificate for TSS) ZWEIKRT2 + - (If creating keyring and importing certificate for TSS) ZWEIKRT3 + - (If creating keyring and certificate for ACF2) ZWEIKRA1 + - (If creating keyring and connecting certificate for ACF2) ZWEIKRA2 + - (If creating keyring and importing certificate for ACF2) ZWEIKRA3 +- `zwe init stc` + - ZWEISTC + - (If `--allow-overwrite` specified and old members exist) ZWERSTC + If you pass `--skip-security-setup` with this command, `zwe init apfauth` and `zwe init security` steps will be skipped. diff --git a/bin/commands/init/certificate/index.sh b/bin/commands/init/certificate/index.sh index 4ef595c6fe..63860de145 100644 --- a/bin/commands/init/certificate/index.sh +++ b/bin/commands/init/certificate/index.sh @@ -22,6 +22,12 @@ else CONFIG_TO_WRITE=${ZWE_CLI_PARAMETER_CONFIG} fi +# Keytool is needed +require_java + +# Node is needed for read_yaml +require_node + export ZWE_PRIVATE_TMP_MERGED_YAML_DIR=$(create_tmp_file) mkdir -p ${ZWE_PRIVATE_TMP_MERGED_YAML_DIR} _CEE_RUNOPTS="XPLINK(ON),HEAPPOOLS(OFF),HEAPPOOLS64(OFF)" ${ZWE_zowe_runtimeDirectory}/bin/utils/configmgr -script "${ZWE_zowe_runtimeDirectory}/bin/commands/internal/config/output/cli.js" diff --git a/bin/commands/init/generate/.help b/bin/commands/init/generate/.help new file mode 100644 index 0000000000..5184ae171a --- /dev/null +++ b/bin/commands/init/generate/.help @@ -0,0 +1,65 @@ +Generate ready to execute JCL samples from zowe.yaml configuration values. + +This command executes the job ZWEGENER which copies the JCL templates from Zowe's SZWESAMP dataset, minus those not valid for your system ESM, and creates resolved, ready to execute JCL content within the dataset defined by the zowe.yaml property `zowe.setup.dataset.jcllib` (such as `zowe.setup.dataset.prefix` + "CUST.JCLLIB") + +These JCL files can be run by any means desired afterward. +The actions of `zwe init` will run them automatically if desired. +Each `zwe init` action has a `--dry-run` command which will print the value of the particular JCL file used, but not submit it. + +`--security-dry-run` or `--dry-run` do not have an affect on the generate command, as this command is used to create the JCL for all the other init commands and their `--dry-run` options. + +The following JCL will be created into the jcllib, using the content of the same name from within the SZWESAMP dataset: + +Instance dataset creation: +- ZWEIMVS: Creates Zowe instance datasets +- ZWERMVS: Removes these datasets +- ZWEIMVS2: Creates the `zowe.setup.dataset.authLoadLib` dataset if you have customized its name. This is not recommended, it is best to leave it as default. +- ZWERMVS2: Removes the above customized dataset. + +VSAM for caching service creation: +- ZWECSVSM: Creates a VSAM for the caching service +- ZWECSRVS: Removes the VSAM + +ZIS APF Authorization: +- ZWEIAPF: An example of how one would APF authorize the ZIS content of Zowe. +- ZWEIAPF2: An example of how one would APF authorize the ZIS content of Zowe. +You may wish to do this step another way. +You can read https://docs.zowe.org/stable/user-guide/apf-authorize-load-library to learn more. + +SAF permission setup: +- ZWEIRAC: Sets up SAF permissions for RACF +- ZWEIRACZ: Sets up the Zowe class for RACF if on z/OS 2.4 or older +- ZWEITSS: Sets up SAF permissions for TSS +- ZWEITSSZ: Sets up the Zowe class for TSS if on z/OS 2.4 or older +- ZWEIACF: Sets up SAF permissions for ACF2 +- ZWEIACFZ: Sets up the Zowe class for ACF2 if on z/OS 2.4 or older + +SAF permission removal: +- ZWENOSEC: Removes SAF permissions. Has RACF, TSS, ACF2 sections. + + +Keyring creation: +- ZWEIKRR1: Creates a keyring and certificate for RACF +- ZWEIKRR2: Creates a keyring and connects a certificate for RACF +- ZWEIKRR3: Creates a keyring and imports a certificate for RACF +- ZWEIKRT1: Creates a keyring and certificate for TSS +- ZWEIKRT2: Creates a keyring and connects a certificate for TSS +- ZWEIKRT3: Creates a keyring and imports a certificate for TSS +- ZWEIKRA1: Creates a keyring and certificate for ACF2 +- ZWEIKRA2: Creates a keyring and connects a certificate for ACF2 +- ZWEIKRA3: Creates a keyring and imports a certificate for ACF2 + +Keyring removal: +- ZWENOKRR: Removes Zowe's keyring for RACF +- ZWENOKRT: Removes Zowe's keyring for TSS +- ZWENORRA: Removes Zowe's keyring for ACF2 + +STC job setup: +- ZWEISTC: Copies the STC JCL of Zowe into your proclib +- ZWERSTC: Removes the Zowe STC JCL from the proclib + + +If you want to use a premade keyring with Zowe,, do not run these. These are for Zowe assisting in keyring creation. + +The above datasets can be run to set up a Zowe instance. +You can also use `zwe init` or `zwe init` subcommands to have them run automatically. diff --git a/bin/commands/init/index.sh b/bin/commands/init/index.sh index 50eda3f124..7b544b1f61 100755 --- a/bin/commands/init/index.sh +++ b/bin/commands/init/index.sh @@ -11,8 +11,6 @@ # Copyright Contributors to the Zowe Project. ####################################################################### -init_missing_yaml_properties - if [ -z "${ZWE_PRIVATE_TMP_MERGED_YAML_DIR}" ]; then # user-facing command, use tmpdir to not mess up workspace permissions export ZWE_PRIVATE_TMP_MERGED_YAML_DIR=1 diff --git a/bin/commands/init/index.ts b/bin/commands/init/index.ts index 96c2396536..efd8cc8cec 100644 --- a/bin/commands/init/index.ts +++ b/bin/commands/init/index.ts @@ -102,7 +102,7 @@ export function execute(allowOverwrite?: boolean, dryRun?: boolean, ignoreSecuri common.printMessage(` home: "${newJavaHome}"`); } - common.printLevel2Message(`Please manually update "${std.getenv('ZWE_CLI_PARAMETER_CONFIG')}" before you start Zowe.`); + common.printLevel2Message(`Please manually update "${std.getenv('ZWE_CLI_PARAMETER_CONFIG_ORIG')}" before you start Zowe.`); } } else { common.printLevel2Message(`No need to update runtime directory, Java and node.js settings.`); diff --git a/bin/commands/init/mvs/index.sh b/bin/commands/init/mvs/index.sh index fdc7dbe0e4..2ef77fa5d0 100644 --- a/bin/commands/init/mvs/index.sh +++ b/bin/commands/init/mvs/index.sh @@ -10,8 +10,6 @@ # Copyright Contributors to the Zowe Project. ####################################################################### -init_missing_yaml_properties - if [ -z "${ZWE_PRIVATE_TMP_MERGED_YAML_DIR}" ]; then # user-facing command, use tmpdir to not mess up workspace permissions export ZWE_PRIVATE_TMP_MERGED_YAML_DIR=1 diff --git a/bin/libs/java.ts b/bin/libs/java.ts index 9904863c4b..abf4bd76f7 100644 --- a/bin/libs/java.ts +++ b/bin/libs/java.ts @@ -72,7 +72,7 @@ export function requireJava() { } } if (!std.getenv('JAVA_HOME')) { - common.printErrorAndExit("Error ZWEL0122E: Cannot find java. Set the java.path value in the Zowe YAML, or include java in the PATH environment variable of any accounts that start or manage Zowe", undefined, 122); + common.printErrorAndExit("Error ZWEL0122E: Cannot find java. Set the java.home value in the Zowe YAML, or include java in the PATH environment variable of any accounts that start or manage Zowe", undefined, 122); } ensureJavaIsOnPath(); diff --git a/bin/libs/node.ts b/bin/libs/node.ts index 0732f6032d..3b20ccfd76 100644 --- a/bin/libs/node.ts +++ b/bin/libs/node.ts @@ -78,7 +78,7 @@ export function requireNode() { } } if (!std.getenv('NODE_HOME')) { - common.printErrorAndExit("Error ZWEL0121E: Cannot find node. Set the node.path value in the Zowe YAML, or include node in the PATH environment variable of any accounts that start or manage Zowe", undefined, 121); + common.printErrorAndExit("Error ZWEL0121E: Cannot find node. Set the node.home value in the Zowe YAML, or include node in the PATH environment variable of any accounts that start or manage Zowe", undefined, 121); } ensureNodeIsOnPath(); diff --git a/workflows/templates/ZWESECUR.vtl b/workflows/templates/ZWESECUR.vtl index 6f148e9d31..71ad8efec8 100644 --- a/workflows/templates/ZWESECUR.vtl +++ b/workflows/templates/ZWESECUR.vtl @@ -108,7 +108,7 @@ // SET ZISUSER=#[[{zowe.setup.security.users.zis}]]# // SET ZOWESTC=#[[{zowe.setup.security.stcs.zowe}]]# // SET ZISSTC=#[[{zowe.setup.security.stcs.zis}]]# -// SET AUXSTC=#[[zowe.setup.security.stcs.aux}]]# +// SET AUXSTC=#[[{zowe.setup.security.stcs.aux}]]# // SET HLQ=#[[{zowe.setup.dataset.prefix}]]# // SET SYSPROG=#[[{zowe.setup.security.groups.sysProg}]]# //*