Merge branch 'v3.x.x' into reboot/k8-routing

zowe · Jan 3, 2025 · 6ceb72e · 6ceb72e
2 parents 4d238ba + f4aafe6
commit 6ceb72e
Show file tree

Hide file tree

Showing 13 changed files with 15 additions and 64 deletions.
diff --git a/api-catalog-package/src/main/resources/bin/start.sh b/api-catalog-package/src/main/resources/bin/start.sh
@@ -269,7 +269,7 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${CATALOG_CODE} ${JAVA_BIN_DIR}java \
     -Dapiml.discovery.staticApiDefinitionsDirectories=${ZWE_STATIC_DEFINITIONS_DIR} \
     -Dapiml.security.ssl.verifySslCertificatesOfServices=${verifySslCertificatesOfServices:-false} \
     -Dapiml.security.ssl.nonStrictVerifySslCertificatesOfServices=${nonStrictVerifySslCertificatesOfServices:-false} \
-    -Dapiml.security.authorization.provider=${ZWE_components_gateway_apiml_security_authorization_provider:-} \
+    -Dapiml.security.authorization.provider=${ZWE_configs_apiml_security_authorization_provider:-${ZWE_components_gateway_apiml_security_authorization_provider:-"native"}} \
     -Dapiml.security.authorization.endpoint.enabled=${ZWE_components_gateway_apiml_security_authorization_endpoint_enabled:-false} \
     -Dapiml.security.authorization.endpoint.url=${ZWE_components_gateway_apiml_security_authorization_endpoint_url:-"${internalProtocol:-https}://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_gateway_port}/zss/api/v1/saf-auth"} \
     -Dapiml.security.authorization.resourceClass=${ZWE_components_gateway_apiml_security_authorization_resourceClass:-ZOWE} \

diff --git a/api-catalog-ui/frontend/.env b/api-catalog-ui/frontend/.env
@@ -7,4 +7,4 @@ REACT_APP_STATUS_UPDATE_MAX_RETRIES=10
 REACT_APP_STATUS_UPDATE_DEBOUNCE=300
 REACT_APP_CA_ENV=false
 REACT_APP_STATUS_UPDATE_SCALING_DURATION=1000
-REACT_APP_ZOWE_BUILD_INFO=3.0.49-SNAPSHOT
+REACT_APP_ZOWE_BUILD_INFO=3.0.52-SNAPSHOT
diff --git a/...common/src/main/java/org/zowe/apiml/security/common/auth/saf/SafResourceAccessConfig.java b/...common/src/main/java/org/zowe/apiml/security/common/auth/saf/SafResourceAccessConfig.java
@@ -29,7 +29,7 @@ public class SafResourceAccessConfig {
     private static final String NATIVE = "native";
     private static final String DUMMY = "dummy";
 
-    private static final String[] PROVIDERS = new String[] { ENDPOINT, NATIVE, DUMMY };
+    private static final String[] PROVIDERS = new String[] { NATIVE, ENDPOINT, DUMMY };
 
     @Value("${apiml.security.authorization.provider:}")
     private String provider;

diff --git a/...on/src/test/java/org/zowe/apiml/security/common/auth/saf/SafResourceAccessConfigTest.java b/...on/src/test/java/org/zowe/apiml/security/common/auth/saf/SafResourceAccessConfigTest.java
@@ -37,7 +37,7 @@ private SafResourceAccessVerifying getSafResourceAccessConfig(
         SafResourceAccessConfig output = new SafResourceAccessConfigMock(endpointAvailable, nativeAvailable, dummyAvailable);
         ReflectionTestUtils.setField(output, "provider", provider);
         ReflectionTestUtils.setField(output, "endpointEnabled", endpointEnabled);
-        return output.safResourceAccessVerifying(restTemplate,authConfigurationProperties);
+        return output.safResourceAccessVerifying(restTemplate, authConfigurationProperties);
     }
 
     @Test

diff --git a/discovery-package/src/main/resources/bin/configure.sh b/discovery-package/src/main/resources/bin/configure.sh
diff --git a/discovery-package/src/main/resources/manifest.yaml b/discovery-package/src/main/resources/manifest.yaml
@@ -21,7 +21,6 @@ build:
 commands:
   start: bin/start.sh
   validate: bin/validate.sh
-  configure: bin/configure.sh
 # if we need to automatically tag file encoding on z/OS during installation
 autoEncoding:
   # tag all files

diff --git a/discovery-package/src/main/resources/zosmf-static-definition.yaml.template b/discovery-package/src/main/resources/zosmf-static-definition.yaml.template
@@ -9,7 +9,7 @@ services:
       description: 'IBM z/OS Management Facility REST API service. Once configured you can access z/OSMF via the API gateway: https://${ZOWE_EXPLORER_HOST}:${GATEWAY_PORT}/ibmzosmf/api/v1/info'
       catalogUiTileId: zosmf
       instanceBaseUrls:
-        - %ZOSMF_SCHEME%://${ZOSMF_HOST}:${ZOSMF_PORT}/
+        - ${ZOSMF_SCHEME}://${ZOSMF_HOST}:${ZOSMF_PORT}/
       homePageRelativeUrl:  # Home page is at the same URL
       routedServices:
         - gatewayUrl: api/v1
@@ -20,7 +20,7 @@ services:
         - apiId: ibm.zosmf
           gatewayUrl: api/v1
           documentationUrl: https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.4.0/com.ibm.zos.v2r4.izua700/IZUHPINFO_RESTServices.htm
-          swaggerUrl: %ZOSMF_SCHEME%://${ZOSMF_HOST}:${ZOSMF_PORT}/zosmf/api/docs
+          swaggerUrl: ${ZOSMF_SCHEME}://${ZOSMF_HOST}:${ZOSMF_PORT}/zosmf/api/docs
       customMetadata:
           apiml:
               enableUrlEncodedCharacters: true

diff --git a/gateway-package/src/main/resources/bin/start.sh b/gateway-package/src/main/resources/bin/start.sh
@@ -312,8 +312,8 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${GATEWAY_CODE} ${JAVA_BIN_DIR}java \
     -Dapiml.security.auth.passticket.customUserHeader=${ZWE_configs_apiml_security_auth_passticket_customUserHeader:-} \
     -Dapiml.security.auth.passticket.customAuthHeader=${ZWE_configs_apiml_security_auth_passticket_customAuthHeader:-} \
     -Dapiml.security.authorization.endpoint.enabled=${ZWE_configs_apiml_security_authorization_endpoint_enabled:-false} \
-    -Dapiml.security.authorization.endpoint.url=${ZWE_configs_apiml_security_authorization_endpoint_url:-} \
-    -Dapiml.security.authorization.provider=${ZWE_configs_apiml_security_authorization_provider:-} \
+    -Dapiml.security.authorization.endpoint.url=${ZWE_configs_apiml_security_authorization_endpoint_url:-${ZWE_components_gateway_apiml_security_authorization_endpoint_url:-"${internalProtocol:-https}://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_gateway_port:-7554}/zss/api/v1/saf-auth"}} \
+    -Dapiml.security.authorization.provider=${ZWE_configs_apiml_security_authorization_provider:-"native"} \
     -Dapiml.zoweManifest=${ZWE_zowe_runtimeDirectory}/manifest.json \
     -Dapiml.gateway.cachePeriodSec=${ZWE_configs_apiml_gateway_registry_cachePeriodSec:-120} \
     -Dapiml.gateway.registry.enabled=${ZWE_configs_apiml_gateway_registry_enabled:-false} \

diff --git a/gradle.properties b/gradle.properties
@@ -17,7 +17,7 @@ artifactoryPublishingMavenRepo=https://zowe.jfrog.io/zowe/libs-release-local
 artifactoryPublishingMavenSnapshotRepo=https://zowe.jfrog.io/zowe/libs-snapshot-local
 
 # Artifacts version
-version=3.0.49-SNAPSHOT
+version=3.0.52-SNAPSHOT
 
 defaultSpringBootVersion=2.0.2.RELEASE
 defaultSpringBootCloudVersion=2.0.0.RELEASE

diff --git a/integration-tests/src/test/resources/environment-configuration.yml b/integration-tests/src/test/resources/environment-configuration.yml
@@ -106,5 +106,7 @@ instanceEnv:
     ZWE_configs_apiml_security_auth_passticket_customUserHeader: customUserHeader
     ZWE_configs_apiml_security_auth_passticket_customAuthHeader: customPassticketHeader
     ZWE_configs_apiml_health_protected: false
+    ZWE_components_gateway_apiml_security_authorization_provider: endpoint
+    ZWE_configs_apiml_security_authorization_provider: endpoint
     # set the value to "authentication" if you want to test the sticky session load balancing
     APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: headerRequest
diff --git a/onboarding-enabler-nodejs/package-lock.json b/onboarding-enabler-nodejs/package-lock.json
diff --git a/onboarding-enabler-nodejs/package.json b/onboarding-enabler-nodejs/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@zowe/apiml-onboarding-enabler-nodejs",
-  "version": "3.0.48",
+  "version": "3.0.51",
   "description": "NodeJS enabler for Zowe API Mediation Layer",
   "type": "module",
   "main": "src/index.js",

diff --git a/zaas-package/src/main/resources/bin/start.sh b/zaas-package/src/main/resources/bin/start.sh
@@ -338,7 +338,7 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${ZAAS_CODE} ${JAVA_BIN_DIR}java \
     -Dapiml.security.x509.externalMapperUser=${ZWE_configs_apiml_security_x509_externalMapperUser:-${ZWE_components_gateway_apiml_security_x509_externalMapperUser:-${ZWE_zowe_setup_security_users_zowe:-ZWESVUSR}}} \
     -Dapiml.security.x509.acceptForwardedCert=${ZWE_configs_apiml_security_x509_enabled:-${ZWE_components_gateway_apiml_security_x509_enabled:-${ZWE_components_gateway_apiml_security_x509_enabled:-true}}} \
     -Dapiml.security.x509.certificatesUrls=${CERTIFICATES_URLS} \
-    -Dapiml.security.authorization.provider=${ZWE_configs_apiml_security_authorization_provider:-${ZWE_components_gateway_apiml_security_authorization_provider:-}} \
+    -Dapiml.security.authorization.provider=${ZWE_configs_apiml_security_authorization_provider:-${ZWE_components_gateway_apiml_security_authorization_provider:-"native"}} \
     -Dapiml.security.authorization.endpoint.enabled=${ZWE_configs_apiml_security_authorization_endpoint_enabled:-${ZWE_components_gateway_apiml_security_authorization_endpoint_enabled:-false}} \
     -Dapiml.security.authorization.endpoint.url=${ZWE_configs_apiml_security_authorization_endpoint_url:-${ZWE_components_gateway_apiml_security_authorization_endpoint_url:-"${internalProtocol:-https}://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_gateway_port:-7554}/zss/api/v1/saf-auth"}} \
     -Dapiml.security.saf.provider=${ZWE_configs_apiml_security_saf_provider:-${ZWE_components_gateway_apiml_security_saf_provider:-"rest"}} \