Skip to content

6x feature, 2x BugFix #152

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
svetterIO wants to merge 23 commits into from
Closed

6x feature, 2x BugFix #152

svetterIO wants to merge 23 commits into from

Conversation

@svetterIO
Copy link
Contributor

@svetterIO svetterIO commented May 15, 2019

Features:

  • Directory create with id function added [aac\runtime_template]
  • Handle isam 9.0.5 extProperties client attribute [api_protection/clients.py]
  • Compare LTPA files for idempotency on junction creation
  • compare zip file contents [utilities/tools.py]
  • check runtime template root import for idempotency
  • check management root on import_zip for idempotency

BugFix [aac\runtime_template]:

  • runtime_template root: add check_mode and force parameter to be passed through delete call
  • runtime_template file: File checker should compare to None, otherwise if id=0 the check would generate a false positive

svetterIO and others added 7 commits January 28, 2019 11:32
@svetterIO
BugFix: 2x + Feature: 1x aac\runtime_template
cb091c7 
BugFix:
- runtime_template root: add check_mode and force parameter to be passed through delete call
- runtime_template file: File checker should compare to None, otherwise if id=0 the check would generate a false positive
Feature:  Directory create with id function added
@svetterIO
Feature: handle isam 9.0.5 extProperties client attributes properly
6b28c75
@svetterIO
+1 Function: Compare LTPA files for idempotency on junction creation
ffebd15
@svetterIO
+1 function: compare zip file contents
1165780 
perform compare checks for zip on:
 - number of files
 - file content comparison one by one
@svetterIO
+1 function: check runtime template root for idempotency
eb626e4 
adding verification check on runtime template root files between server and zip in import_file function. (makes use of new function: files_same_zip_content in ibmsecurity.utilities.tools)
@svetterIO
+1 function: check management root on import_zip for idempotency
a1d4579 
adding verification check on management root files between server and zip in import_file function. (makes use of new function: files_same_zip_content in ibmsecurity.utilities.tools)
@svetterIO
Merge branch 'master' into master
d30f928
@ram-ibm
Copy link
Collaborator

ram-ibm commented May 22, 2019

I have changed for runtime_template that I need to merge as well. So will need to work this one carefully.

svetterIO and others added 16 commits July 1, 2019 09:44
@svetterIO
Merge branch 'master' into master
6607024
@svetterIO
BuFix: aac runtime templates parameter correction
32abfc4 
Upload of aac runtime template files needs path+name instead of id for check and delete function
BugFix: Skip compare for missing zip files
9942ea8 
If zip files for runtime template comparison is missing, skip it.
This indicates aac or federation module is maybe not activated
+1 function: set_all
78e2c85 
Configure entire scim with idempotency checking
BugFix: server_connections jdbc id parameter missing
aed1a08
BugFix: server_connections ldap id parameter missing
34155b2
BugFix: server_connections smtp id parameter missing
1950bc4
+1 Feature: add local_ip as possible junction parameter
b0a40ea
BigFix: load of signer certificates not possible (network or firewall…
a481576 
… restrictions)

load of signer certificates had following issues:
-  loading of local runtime certificates not possible (e.g. ansible can not reach local aac runtime certificate for checking)
- ansible is required to be able to load the certificate for comparison (firewall restrictions can prevent this to work properly)

fix: additional parameter  "check_remote" introduces.
description: parameter "check_remote" controls whether to load remote certificate into ansible for comparison or to simply compare the kdb for existance of the label. For backward compatibility and default behavior (LMI) reasons "check_remote" parameter is set to False by default.
@svetterIO
Typo: entry.py comment for set entries
9e1fd07
@svetterIO
+1 feature: set EmailMessage, ScimConfig, CI server connections prope…
664d2c0 
…rties by name

This feature attempts to find the uuids from the properties "EmailMessage.serverConnection", "ScimConfig.serverConnection" and "CI.serverConnection". If a UUID is found, the value for this property is replaced by this UUID, otherwise the value remains unchanged.
This allows you to set ServerConnections by name, while still allowing you to create the ServerConnection directly from the UUID.
@svetterIO
BugFix: logger info with manual field specification and automatic fie…
dcfa6f5 
…ld numbering

ValueError: cannot switch from manual field specification to automatic field numbering
@svetterIO
+1 feature: Compare server connections content + BugFix on CI server …
a58204b 
…connection parameters

Adding compare functionality to all server connection types: ci, ldap, smtp, ws, jdbc

1. Attention: ci server connection parameter changed.
Following functions
 set
 update
 delete
have been updated to work with the name parameter instead of id parameter.

2. Attention: jdbc type parameter removed and made static = 'db2'

All these changes are adjustments to harmonize the functions signature accross all server connections (ci, ldap, ws, smtp, jdbc)
@svetterIO
BugFix: mappging_rule filename check added
0da0a6c 
REST API does two checks:
1. name already exist
2. filename (under which the file will be stored to the appliance) already exist
The checks are indepentent from each other. If one of the checks fails an error will be raised by API call.
_check function now reflects this behaviour by checking name and filename parameter for conflicts.
@svetterIO
Merge conflict pre-work for server_connections
967f7de 
manual re-engineering of server_connections ci, jdbc, smtp and ws from previous commit (1d1bb76) to resolve merge conflict easily.
@svetterIO
Merge remote-tracking branch 'upstream/master'
f6e7db3
@svetterIO
Copy link
Contributor Author

svetterIO commented Aug 15, 2019

Before accepting the pull request, following considerations:

  1. The merge conflict for server_connections is now resolved (commit: 690df2c).
    As part of the merge conflict resolution, I left out the type parameter as this is a static string for every class:
    • ws.py [type=ws]
    • ldap.py [type=ldap]
    • ci.py [type=ci]
    • smtp.py [type=smtp]
    • jdbc.py [type=db2]
      Unfortunately the type for jdbc is db2 and therefore different to the filename. I used the filename in previous implementations as type parameter for some playbooks, which now would break by introducing the additional type parameter.
  2. Check the commit to fix the load of signer certificates(a481576)
    The currently implented behavior has changed so that now a parameter "check_remote" is necessary to trigger the retrieval and checking of signer certificates from the ansible server.
    Previous commit (c3b3522) broke customer implementations, where firewall blocked the load of the remote certificates from the ansible server.

@svetterIO
Copy link
Contributor Author

svetterIO commented Aug 15, 2019

Split up big pull request into smaller chunks:

Therefore this pull will can be closed for now.

@svetterIO svetterIO closed this Aug 15, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@svetterIO @ram-ibm