diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 93ca8e566..0f2e95b8c 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -73,14 +73,23 @@ jobs:
terraform_wrapper: false
terraform_version: ~1.6.0
+ - name: Format version for zip file name
+ run: |
+ version="${{ github.event.inputs.future_release }}"
+ formatted_version=${version//./_}
+ echo "FORMATTED_VERSION=$formatted_version" >> $GITHUB_OUTPUT
+ id: format-version
+
- name: Update modules' versions in examples
run: |
find ./examples/ -type f -exec sed -i 's;.*latest release tag.*;version="'${{ github.event.inputs.future_release }}'" # latest release tag;' {} \;
- name: Update READMEs
run: |
+ echo "Formatted version: ${{ steps.format-version.outputs.FORMATTED_VERSION }}"
find . -type f -name 'README.md' -exec sed -E -i 's;github.com/imperva/dsfkit/tree/([0-9]*\.){2}[0-9]*;github.com/imperva/dsfkit/tree/'${{ github.event.inputs.future_release }}';g' {} \;
find . -type f -name 'README.md' -exec sed -E -i 's;github.com/imperva/dsfkit/raw/([0-9]*\.){2}[0-9]*;github.com/imperva/dsfkit/raw/'${{ github.event.inputs.future_release }}';g' {} \;
+ find . -type f -name 'README.md' -exec sed -E -i '/\/examples\// s;([0-9]+_){2}[0-9]+\.zip;${{ steps.format-version.outputs.FORMATTED_VERSION }}\.zip;g' {} \;
- name: Update installer machine link
run: |
@@ -90,16 +99,8 @@ jobs:
run: |
terraform fmt -recursive
- - name: Format version for zip file name
- run: |
- version="${{ github.event.inputs.future_release }}"
- formatted_version=${version//./_}
- echo "FORMATTED_VERSION=$formatted_version" >> $GITHUB_OUTPUT
- id: format-version
-
- name: Zip per examples
run: |
- echo "Formatted version: ${{ steps.format-version.outputs.FORMATTED_VERSION }}"
for d in $(find ./examples -type d -links 2); do _d=$(dirname ${d}); _b=$(basename ${d}); pushd $_d; zip -FSr ${_b}/${_b}_${{ steps.format-version.outputs.FORMATTED_VERSION }}.zip ${_b} -x "*.zip"; popd; done
- name: Zip Sonar python upgrader
@@ -130,7 +131,7 @@ jobs:
with:
fetch-depth: 0
ref: ${{ env.dst_branch }}
- token: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN }}
+ token: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN_ADMIN }}
- name: Merge
run: |
@@ -162,7 +163,7 @@ jobs:
needs: tag_branch
uses: ./.github/workflows/deploy_module.yml
secrets:
- PUSH_TO_OTHER_REPOS_TOKEN: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN }}
+ PUSH_TO_OTHER_REPOS_TOKEN_ADMIN: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN_ADMIN }}
test_plan:
needs: deploy_modules
diff --git a/README.md b/README.md
index c439bc050..9b65e9a2d 100644
--- a/README.md
+++ b/README.md
@@ -116,7 +116,7 @@ This guide references the following information and links, some of which are ava
- eDSF Kit GitHub Repository
+ | eDSF Kit GitHub Repository
|
|
@@ -395,7 +395,7 @@ The following table lists the released eDSF Kit versions, their release date and
- Coming soon
+ | 15 Oct 2023
|
1.5.6
|
@@ -447,7 +447,7 @@ e.g., with or without DRA, the number of Agentless Gateways, with or without HAD
We provide several of out-of-the-box Terraform recipes we call "examples" which are already configured to deploy common DSF environments.
You can use the example as is, or customize it to accommodate your deployment requirements.
-These examples can be found in the eDSF Kit GitHub Repository under the examples directory.
+These examples can be found in the eDSF Kit GitHub Repository under the examples directory.
Some examples are intended for Lab or POC and others for actual DSF deployments by Professional Services and customers.
For more details about each example, click on the example name.
@@ -464,63 +464,73 @@ For more details about each example, click on the example name.
- Sonar Basic Deployment
+ | Sonar Basic Deployment
|
Lab/POC
|
A DSF deployment with a DSF Hub, an Agentless Gateway, federation, networking and onboarding of a MySQL DB.
|
- sonar_basic_deployment.zip
+ | sonar_basic_deployment_1_5_6.zip
|
- Sonar HADR Deployment
+ | Sonar HADR Deployment
|
Lab/POC
|
A DSF deployment with a DSF Hub, an Agentless Gateway, DSF Hub and Agentless Gateway HADR, federation, networking and onboarding of a MySQL DB.
|
- sonar_hadr_deployment.zip
+ | sonar_hadr_deployment_1_5_6.zip
|
- Sonar Single Account Deployment
+ | Sonar Single Account Deployment
|
PS/Customer
|
A DSF deployment with a DSF Hub HADR, an Agentless Gateway and federation. The DSF nodes (Hubs and Agentless Gateway) are in the same AWS account and the same region. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on.
|
- sonar_single_account_deployment.zip
+ | sonar_single_account_deployment_1_5_6.zip
|
- Sonar Multi Account Deployment
+ | Sonar Multi Account Deployment
|
PS/Customer
|
A DSF deployment with a DSF Hub, an Agentless Gateway and federation. The DSF nodes (Hub and Agentless Gateway) are in different AWS accounts. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on.
|
- sonar_multi_account_deployment.zip
+ | sonar_multi_account_deployment_1_5_6.zip
|
- DSF Deployment
+ | DSF Deployment
|
Lab/POC
|
A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways), DRA (Admin and DRA Analytics), and Agent and Agentless audit sources.
|
- dsf_deployment.zip
+ | dsf_deployment_1_5_6.zip
|
- DSF Single Account Deployment
+ | DSF Single Account Deployment
|
PS/Customer
|
A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways) and DRA (Admin and DRA Analytics).
|
- dsf_single_account_deployment.zip
+ | dsf_single_account_deployment_1_5_6.zip
+ |
+
+
+ Sonar Upgrade (Alpha)
+ |
+ All
+ |
+ Upgrade of DSF Hub and Agentless Gateway (formerly Sonar).
+ |
+ sonar_upgrade_1_5_6.zip
|
@@ -598,7 +608,7 @@ The first thing to do in this deployment mode is to [download Terraform ](https:
**NOTE:** Update the values for the required parameters to complete the installation: example_name, aws_access_key_id, aws_secret_access_key and region
-1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip.
+1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip.
2. Unzip the zip file in CLI or using your operating system's UI.
For example, in CLI:
@@ -686,7 +696,7 @@ This mode is similar to the CLI mode except that the Terraform is run on an EC2
7. Expand the “Advanced details” panel:
![Advanced details](https://user-images.githubusercontent.com/87799317/203825918-31879c4b-ca61-48e3-a522-c325335c4419.png)
-8. Copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.5.5/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox.
![User data](https://user-images.githubusercontent.com/87799317/203826003-661c829f-d704-43c4-adb7-854b8008577c.png)
+8. Copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.5.6/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox.
![User data](https://user-images.githubusercontent.com/87799317/203826003-661c829f-d704-43c4-adb7-854b8008577c.png)
9. Click on **Launch Instance**. At this stage, the installer machine is initializing and downloading the necessary dependencies.
@@ -705,30 +715,30 @@ This mode is similar to the CLI mode except that the Terraform is run on an EC2
For example: `chmode 400 a_key_pair.pem`
-11. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip.
+11. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip.
Run:
```bash
- wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/poc/sonar_basic_deployment/sonar_basic_deployment.zip
+ wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/poc/sonar_basic_deployment/sonar_basic_deployment_1_5_6.zip
or
- wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment.zip
+ wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_5_6.zip
or
- wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment.zip
+ wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_5_6.zip
or
- wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment.zip
+ wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_5_6.zip
or
- wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/poc/dsf_deployment/dsf_deployment.zip
+ wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/poc/dsf_deployment/dsf_deployment_1_5_6.zip
or
- wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment.zip
+ wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_5_6.zip
```
12. Continue by following the [CLI Deployment Mode](#cli-deployment-mode) beginning at step 2.
@@ -951,7 +961,7 @@ In case of failure, the Terraform may have deployed some resources before failin
Information about additional topics can be found in specific examples' READMEs, when relevant.
-For example: Sonar Single Account Deployment
+For example: Sonar Single Account Deployment
These topics include:
- Storing Terraform state in S3 bucket
diff --git a/examples/azure/dsf_deployment/dsf_deployment.zip b/examples/azure/dsf_deployment/dsf_deployment.zip
deleted file mode 100644
index 9fbe9ede3..000000000
Binary files a/examples/azure/dsf_deployment/dsf_deployment.zip and /dev/null differ
diff --git a/examples/azure/dsf_deployment/dsf_deployment_1_5_6.zip b/examples/azure/dsf_deployment/dsf_deployment_1_5_6.zip
new file mode 100644
index 000000000..943fd508a
Binary files /dev/null and b/examples/azure/dsf_deployment/dsf_deployment_1_5_6.zip differ
diff --git a/examples/azure/dsf_deployment/main.tf b/examples/azure/dsf_deployment/main.tf
index 8e48d96e9..b6281badb 100644
--- a/examples/azure/dsf_deployment/main.tf
+++ b/examples/azure/dsf_deployment/main.tf
@@ -8,7 +8,7 @@ provider "azurerm" {
module "globals" {
source = "imperva/dsf-globals/azurerm"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
}
diff --git a/examples/azure/dsf_deployment/sonar.tf b/examples/azure/dsf_deployment/sonar.tf
index 43d583864..227316af4 100644
--- a/examples/azure/dsf_deployment/sonar.tf
+++ b/examples/azure/dsf_deployment/sonar.tf
@@ -4,7 +4,7 @@ locals {
module "hub_main" {
source = "imperva/dsf-hub/azurerm"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_sonar ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "hub"])
@@ -34,7 +34,7 @@ module "hub_main" {
module "hub_dr" {
source = "imperva/dsf-hub/azurerm"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_sonar && var.hub_hadr ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"])
@@ -66,7 +66,7 @@ module "hub_dr" {
module "hub_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = length(module.hub_dr) > 0 ? 1 : 0
sonar_version = var.sonar_version
@@ -84,7 +84,7 @@ module "hub_hadr" {
module "agentless_gw_main" {
source = "imperva/dsf-agentless-gw/azurerm"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.agentless_gw_count
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index])
@@ -115,7 +115,7 @@ module "agentless_gw_main" {
module "agentless_gw_dr" {
source = "imperva/dsf-agentless-gw/azurerm"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.agentless_gw_hadr ? local.agentless_gw_count : 0
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"])
@@ -149,7 +149,7 @@ module "agentless_gw_dr" {
module "agentless_gw_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = length(module.agentless_gw_dr)
sonar_version = var.sonar_version
@@ -193,7 +193,7 @@ locals {
module "federation" {
source = "imperva/dsf-federation/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
for_each = local.hub_gw_combinations
hub_info = {
diff --git a/examples/installation/dsf_single_account_deployment/dam.tf b/examples/installation/dsf_single_account_deployment/dam.tf
index 7cb11c0d3..58d5efbb7 100644
--- a/examples/installation/dsf_single_account_deployment/dam.tf
+++ b/examples/installation/dsf_single_account_deployment/dam.tf
@@ -8,7 +8,7 @@ locals {
module "mx" {
source = "imperva/dsf-mx/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_dam ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "mx"])
@@ -37,7 +37,7 @@ module "mx" {
module "agent_gw" {
source = "imperva/dsf-agent-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.agent_gw_count
friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index])
@@ -66,7 +66,7 @@ module "agent_gw" {
module "agent_gw_cluster_setup" {
source = "imperva/dsf-agent-gw-cluster-setup/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.create_agent_gw_cluster
cluster_name = var.cluster_name != null ? var.cluster_name : join("-", [local.deployment_name_salted, "agent", "gw", "cluster"])
diff --git a/examples/installation/dsf_single_account_deployment/dra.tf b/examples/installation/dsf_single_account_deployment/dra.tf
index b3e9682fe..04c03ee9e 100644
--- a/examples/installation/dsf_single_account_deployment/dra.tf
+++ b/examples/installation/dsf_single_account_deployment/dra.tf
@@ -6,7 +6,7 @@ locals {
module "dra_admin" {
source = "imperva/dsf-dra-admin/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_dra ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "dra", "admin"])
@@ -27,7 +27,7 @@ module "dra_admin" {
module "dra_analytics" {
source = "imperva/dsf-dra-analytics/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.dra_analytics_count
friendly_name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index])
diff --git a/examples/installation/dsf_single_account_deployment/dsf_deployment.zip b/examples/installation/dsf_single_account_deployment/dsf_deployment.zip
deleted file mode 100644
index 683d1dedd..000000000
Binary files a/examples/installation/dsf_single_account_deployment/dsf_deployment.zip and /dev/null differ
diff --git a/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment.zip b/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment.zip
deleted file mode 100644
index d9a857f58..000000000
Binary files a/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment.zip and /dev/null differ
diff --git a/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_5_6.zip b/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_5_6.zip
new file mode 100644
index 000000000..8dfdc6800
Binary files /dev/null and b/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_5_6.zip differ
diff --git a/examples/installation/dsf_single_account_deployment/main.tf b/examples/installation/dsf_single_account_deployment/main.tf
index 66dbdbe75..db4c34d7b 100644
--- a/examples/installation/dsf_single_account_deployment/main.tf
+++ b/examples/installation/dsf_single_account_deployment/main.tf
@@ -1,6 +1,6 @@
module "globals" {
source = "imperva/dsf-globals/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = var.sonar_version
dra_version = var.dra_version
@@ -39,7 +39,7 @@ locals {
module "key_pair_hub_main" {
count = var.hub_main_key_pair == null ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-hub-main"
private_key_filename = "ssh_keys/dsf_ssh_key-hub-main-${terraform.workspace}"
tags = local.tags
@@ -51,7 +51,7 @@ module "key_pair_hub_main" {
module "key_pair_hub_dr" {
count = var.hub_dr_key_pair == null ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-hub-dr"
private_key_filename = "ssh_keys/dsf_ssh_key-hub-dr-${terraform.workspace}"
tags = local.tags
@@ -63,7 +63,7 @@ module "key_pair_hub_dr" {
module "key_pair_agentless_gw_main" {
count = var.agentless_gw_main_key_pair == null ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-gw-main"
private_key_filename = "ssh_keys/dsf_ssh_key-agentless-gw-main-${terraform.workspace}"
tags = local.tags
@@ -75,7 +75,7 @@ module "key_pair_agentless_gw_main" {
module "key_pair_agentless_gw_dr" {
count = var.agentless_gw_dr_key_pair == null ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-gw-dr"
private_key_filename = "ssh_keys/dsf_ssh_key-agentless-gw-dr-${terraform.workspace}"
tags = local.tags
@@ -87,7 +87,7 @@ module "key_pair_agentless_gw_dr" {
module "key_pair_mx" {
count = var.mx_key_pair == null ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-mx"
private_key_filename = "ssh_keys/dsf_ssh_key-mx-${terraform.workspace}"
tags = local.tags
@@ -99,7 +99,7 @@ module "key_pair_mx" {
module "key_pair_agent_gw" {
count = var.agent_gw_key_pair == null ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-agent-gw"
private_key_filename = "ssh_keys/dsf_ssh_key-agent-gw-${terraform.workspace}"
tags = local.tags
@@ -111,7 +111,7 @@ module "key_pair_agent_gw" {
module "key_pair_dra_admin" {
count = var.dra_admin_key_pair == null ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-dra-admin"
private_key_filename = "ssh_keys/dsf_ssh_key-dra-admin-${terraform.workspace}"
tags = local.tags
@@ -123,7 +123,7 @@ module "key_pair_dra_admin" {
module "key_pair_dra_analytics" {
count = var.dra_analytics_key_pair == null ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-dra-analytics"
private_key_filename = "ssh_keys/dsf_ssh_key-dra-analytics-${terraform.workspace}"
tags = local.tags
diff --git a/examples/installation/dsf_single_account_deployment/sonar.tf b/examples/installation/dsf_single_account_deployment/sonar.tf
index 68434811f..805ee506e 100644
--- a/examples/installation/dsf_single_account_deployment/sonar.tf
+++ b/examples/installation/dsf_single_account_deployment/sonar.tf
@@ -12,7 +12,7 @@ locals {
module "hub_main" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_sonar ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "hub", "main"])
@@ -59,7 +59,7 @@ module "hub_main" {
module "hub_dr" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_sonar && var.hub_hadr ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"])
@@ -103,7 +103,7 @@ module "hub_dr" {
module "hub_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = length(module.hub_dr) > 0 ? 1 : 0
sonar_version = module.globals.tarball_location.version
@@ -128,7 +128,7 @@ module "hub_hadr" {
module "agentless_gw_main" {
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.agentless_gw_count
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"])
@@ -167,7 +167,7 @@ module "agentless_gw_main" {
module "agentless_gw_dr" {
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.agentless_gw_hadr ? local.agentless_gw_count : 0
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"])
@@ -209,7 +209,7 @@ module "agentless_gw_dr" {
module "agentless_gw_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = length(module.agentless_gw_dr)
sonar_version = module.globals.tarball_location.version
@@ -255,7 +255,7 @@ locals {
module "federation" {
source = "imperva/dsf-federation/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
for_each = local.hub_gw_combinations
hub_info = {
diff --git a/examples/installation/sonar_multi_account_deployment/main.tf b/examples/installation/sonar_multi_account_deployment/main.tf
index c2688557b..99596349c 100644
--- a/examples/installation/sonar_multi_account_deployment/main.tf
+++ b/examples/installation/sonar_multi_account_deployment/main.tf
@@ -1,6 +1,6 @@
module "globals" {
source = "imperva/dsf-globals/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = var.sonar_version
}
@@ -25,7 +25,7 @@ locals {
module "key_pair_hub_main" {
count = local.should_create_hub_main_key_pair ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-hub-main"
private_key_filename = "ssh_keys/dsf_ssh_key-hub-main-${terraform.workspace}"
tags = local.tags
@@ -37,7 +37,7 @@ module "key_pair_hub_main" {
module "key_pair_hub_dr" {
count = local.should_create_hub_dr_key_pair ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-hub-dr"
private_key_filename = "ssh_keys/dsf_ssh_key-hub-dr-${terraform.workspace}"
tags = local.tags
@@ -49,7 +49,7 @@ module "key_pair_hub_dr" {
module "key_pair_gw_main" {
count = local.should_create_gw_main_key_pair ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-gw"
private_key_filename = "ssh_keys/dsf_ssh_key-gw-main-${terraform.workspace}"
tags = local.tags
@@ -61,7 +61,7 @@ module "key_pair_gw_main" {
module "key_pair_gw_dr" {
count = local.should_create_gw_dr_key_pair ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-gw-dr"
private_key_filename = "ssh_keys/dsf_ssh_key-gw-dr-${terraform.workspace}"
tags = local.tags
@@ -106,7 +106,7 @@ locals {
##############################
module "hub_main" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "hub", "main"])
subnet_id = var.subnet_hub_main
security_group_ids = var.security_group_ids_hub_main
@@ -143,7 +143,7 @@ module "hub_main" {
module "hub_dr" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"])
subnet_id = var.subnet_hub_dr
security_group_ids = var.security_group_ids_hub_dr
@@ -184,7 +184,7 @@ module "hub_dr" {
module "agentless_gw_main" {
count = var.gw_count
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "main"])
subnet_id = var.subnet_gw_main
security_group_ids = var.security_group_ids_gw_main
@@ -222,7 +222,7 @@ module "agentless_gw_main" {
module "agentless_gw_dr" {
count = var.gw_count
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "DR"])
subnet_id = var.subnet_gw_dr
security_group_ids = var.security_group_ids_gw_dr
@@ -262,7 +262,7 @@ module "agentless_gw_dr" {
module "hub_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = module.globals.tarball_location.version
dsf_main_ip = module.hub_main.private_ip
dsf_main_private_ip = module.hub_main.private_ip
@@ -286,7 +286,7 @@ module "hub_hadr" {
module "agentless_gw_hadr" {
count = var.gw_count
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = module.globals.tarball_location.version
dsf_main_ip = module.agentless_gw_main[count.index].private_ip
dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip
@@ -320,7 +320,7 @@ locals {
module "federation" {
count = length(local.hub_gws_combinations)
source = "imperva/dsf-federation/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
gw_info = {
gw_ip_address = local.hub_gws_combinations[count.index][1].instance.private_ip
gw_private_ssh_key_path = local.hub_gws_combinations[count.index][1].private_key_file_path
diff --git a/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment.zip b/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment.zip
deleted file mode 100644
index 1856dd521..000000000
Binary files a/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment.zip and /dev/null differ
diff --git a/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_5_6.zip b/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_5_6.zip
new file mode 100644
index 000000000..1b292a995
Binary files /dev/null and b/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_5_6.zip differ
diff --git a/examples/installation/sonar_single_account_deployment/main.tf b/examples/installation/sonar_single_account_deployment/main.tf
index e093b2237..3f7e12b9b 100644
--- a/examples/installation/sonar_single_account_deployment/main.tf
+++ b/examples/installation/sonar_single_account_deployment/main.tf
@@ -5,7 +5,7 @@ provider "aws" {
module "globals" {
source = "imperva/dsf-globals/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = var.sonar_version
}
@@ -35,7 +35,7 @@ locals {
module "key_pair_hub" {
count = local.should_create_hub_key_pair ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-hub"
private_key_filename = "ssh_keys/dsf_ssh_key-hub-${terraform.workspace}"
tags = local.tags
@@ -44,7 +44,7 @@ module "key_pair_hub" {
module "key_pair_gw" {
count = local.should_create_gw_key_pair ? 1 : 0
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-gw"
private_key_filename = "ssh_keys/dsf_ssh_key-gw-${terraform.workspace}"
tags = local.tags
@@ -74,7 +74,7 @@ data "aws_subnet" "subnet_gw" {
##############################
module "hub_main" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "hub", "main"])
subnet_id = var.subnet_hub_main
security_group_ids = var.security_group_ids_hub
@@ -104,7 +104,7 @@ module "hub_main" {
module "hub_dr" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"])
subnet_id = var.subnet_hub_dr
security_group_ids = var.security_group_ids_hub
@@ -138,7 +138,7 @@ module "hub_dr" {
module "agentless_gw" {
count = var.gw_count
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "gw", count.index])
subnet_id = var.subnet_gw
security_group_ids = var.security_group_ids_gw
@@ -171,7 +171,7 @@ module "agentless_gw" {
module "hub_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = module.globals.tarball_location.version
dsf_main_ip = module.hub_main.private_ip
dsf_main_private_ip = module.hub_main.private_ip
@@ -198,7 +198,7 @@ locals {
module "federation" {
count = length(local.hub_gw_combinations)
source = "imperva/dsf-federation/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
hub_info = {
hub_ip_address = local.hub_gw_combinations[count.index][0].private_ip
diff --git a/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment.zip b/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_5_6.zip
similarity index 52%
rename from examples/installation/sonar_single_account_deployment/sonar_single_account_deployment.zip
rename to examples/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_5_6.zip
index 727fd919c..e62f0a78c 100644
Binary files a/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment.zip and b/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_5_6.zip differ
diff --git a/examples/poc/dsf_deployment/agent_sources.tf b/examples/poc/dsf_deployment/agent_sources.tf
index 54e043d2e..0e39643b1 100644
--- a/examples/poc/dsf_deployment/agent_sources.tf
+++ b/examples/poc/dsf_deployment/agent_sources.tf
@@ -4,7 +4,7 @@ locals {
module "db_with_agent" {
source = "imperva/dsf-db-with-agent/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = length(local.db_types_for_agent)
friendly_name = join("-", [local.deployment_name_salted, "db", "with", "agent", count.index])
diff --git a/examples/poc/dsf_deployment/agentless_sources.tf b/examples/poc/dsf_deployment/agentless_sources.tf
index e3bef6dd8..f5530523f 100644
--- a/examples/poc/dsf_deployment/agentless_sources.tf
+++ b/examples/poc/dsf_deployment/agentless_sources.tf
@@ -4,7 +4,7 @@ locals {
module "rds_mysql" {
source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = contains(local.db_types_for_agentless, "RDS MySQL") ? 1 : 0
rds_subnet_ids = local.db_subnet_ids
@@ -14,7 +14,7 @@ module "rds_mysql" {
module "rds_mssql" {
source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = contains(local.db_types_for_agentless, "RDS MsSQL") ? 1 : 0
rds_subnet_ids = local.db_subnet_ids
@@ -29,7 +29,7 @@ module "rds_mssql" {
module "db_onboarding" {
source = "imperva/dsf-poc-db-onboarder/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val }
sonar_version = module.globals.tarball_location.version
diff --git a/examples/poc/dsf_deployment/dam.tf b/examples/poc/dsf_deployment/dam.tf
index 5735608c9..4536e4947 100644
--- a/examples/poc/dsf_deployment/dam.tf
+++ b/examples/poc/dsf_deployment/dam.tf
@@ -8,7 +8,7 @@ locals {
module "mx" {
source = "imperva/dsf-mx/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_dam ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "mx"])
@@ -41,7 +41,7 @@ module "mx" {
module "agent_gw" {
source = "imperva/dsf-agent-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.agent_gw_count
friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index])
@@ -67,7 +67,7 @@ module "agent_gw" {
module "agent_gw_cluster_setup" {
source = "imperva/dsf-agent-gw-cluster-setup/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.create_agent_gw_cluster
cluster_name = join("-", [local.deployment_name_salted, "agent", "gw", "cluster"])
diff --git a/examples/poc/dsf_deployment/dra.tf b/examples/poc/dsf_deployment/dra.tf
index 930f54d7f..97d8398c6 100644
--- a/examples/poc/dsf_deployment/dra.tf
+++ b/examples/poc/dsf_deployment/dra.tf
@@ -6,7 +6,7 @@ locals {
module "dra_admin" {
source = "imperva/dsf-dra-admin/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_dra ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "dra", "admin"])
@@ -28,7 +28,7 @@ module "dra_admin" {
module "dra_analytics" {
source = "imperva/dsf-dra-analytics/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.dra_analytics_count
friendly_name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index])
diff --git a/examples/poc/dsf_deployment/dsf_deployment.zip b/examples/poc/dsf_deployment/dsf_deployment.zip
deleted file mode 100644
index 9d617f6c3..000000000
Binary files a/examples/poc/dsf_deployment/dsf_deployment.zip and /dev/null differ
diff --git a/examples/poc/dsf_deployment/dsf_deployment_1_5_6.zip b/examples/poc/dsf_deployment/dsf_deployment_1_5_6.zip
new file mode 100644
index 000000000..ae7395f9f
Binary files /dev/null and b/examples/poc/dsf_deployment/dsf_deployment_1_5_6.zip differ
diff --git a/examples/poc/dsf_deployment/main.tf b/examples/poc/dsf_deployment/main.tf
index be771b370..298ba07c7 100644
--- a/examples/poc/dsf_deployment/main.tf
+++ b/examples/poc/dsf_deployment/main.tf
@@ -8,7 +8,7 @@ provider "aws" {
module "globals" {
source = "imperva/dsf-globals/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = var.sonar_version
dra_version = var.dra_version
@@ -16,7 +16,7 @@ module "globals" {
module "key_pair" {
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-"
private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}"
diff --git a/examples/poc/dsf_deployment/sonar.tf b/examples/poc/dsf_deployment/sonar.tf
index 5f64fcd95..957133305 100644
--- a/examples/poc/dsf_deployment/sonar.tf
+++ b/examples/poc/dsf_deployment/sonar.tf
@@ -11,7 +11,7 @@ locals {
module "hub_main" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_sonar ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "hub", "main"])
@@ -46,7 +46,7 @@ module "hub_main" {
module "hub_dr" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.enable_sonar && var.hub_hadr ? 1 : 0
friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"])
@@ -78,7 +78,7 @@ module "hub_dr" {
module "hub_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = length(module.hub_dr) > 0 ? 1 : 0
sonar_version = module.globals.tarball_location.version
@@ -96,7 +96,7 @@ module "hub_hadr" {
module "agentless_gw_main" {
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = local.agentless_gw_count
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"])
@@ -126,7 +126,7 @@ module "agentless_gw_main" {
module "agentless_gw_dr" {
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.agentless_gw_hadr ? local.agentless_gw_count : 0
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"])
@@ -159,7 +159,7 @@ module "agentless_gw_dr" {
module "agentless_gw_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = length(module.agentless_gw_dr)
sonar_version = module.globals.tarball_location.version
@@ -203,7 +203,7 @@ locals {
module "federation" {
source = "imperva/dsf-federation/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
for_each = local.hub_gw_combinations
hub_info = {
diff --git a/examples/poc/sonar_basic_deployment/main.tf b/examples/poc/sonar_basic_deployment/main.tf
index 22446e172..3985c24b7 100644
--- a/examples/poc/sonar_basic_deployment/main.tf
+++ b/examples/poc/sonar_basic_deployment/main.tf
@@ -8,14 +8,14 @@ provider "aws" {
module "globals" {
source = "imperva/dsf-globals/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = var.sonar_version
}
module "key_pair" {
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-"
private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}"
@@ -80,7 +80,7 @@ data "aws_subnet" "gw" {
module "hub" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "hub"])
instance_type = var.hub_instance_type
@@ -106,7 +106,7 @@ module "hub" {
module "agentless_gw" {
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.gw_count
friendly_name = join("-", [local.deployment_name_salted, "gw", count.index])
@@ -135,7 +135,7 @@ module "agentless_gw" {
module "federation" {
source = "imperva/dsf-federation/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
for_each = { for idx, val in module.agentless_gw : idx => val }
hub_info = {
@@ -161,7 +161,7 @@ module "federation" {
module "rds_mysql" {
source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = contains(var.db_types_to_onboard, "RDS MySQL") ? 1 : 0
rds_subnet_ids = local.db_subnet_ids
@@ -171,7 +171,7 @@ module "rds_mysql" {
module "rds_mssql" {
source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = contains(var.db_types_to_onboard, "RDS MsSQL") ? 1 : 0
rds_subnet_ids = local.db_subnet_ids
@@ -186,7 +186,7 @@ module "rds_mssql" {
module "db_onboarding" {
source = "imperva/dsf-poc-db-onboarder/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val }
sonar_version = module.globals.tarball_location.version
diff --git a/examples/poc/sonar_basic_deployment/sonar_basic_deployment.zip b/examples/poc/sonar_basic_deployment/sonar_basic_deployment.zip
deleted file mode 100644
index ef1e16c9e..000000000
Binary files a/examples/poc/sonar_basic_deployment/sonar_basic_deployment.zip and /dev/null differ
diff --git a/examples/poc/sonar_basic_deployment/sonar_basic_deployment_1_5_6.zip b/examples/poc/sonar_basic_deployment/sonar_basic_deployment_1_5_6.zip
new file mode 100644
index 000000000..faa2e812c
Binary files /dev/null and b/examples/poc/sonar_basic_deployment/sonar_basic_deployment_1_5_6.zip differ
diff --git a/examples/poc/sonar_hadr_deployment/main.tf b/examples/poc/sonar_hadr_deployment/main.tf
index 8337afe0c..f1d4bb4ed 100644
--- a/examples/poc/sonar_hadr_deployment/main.tf
+++ b/examples/poc/sonar_hadr_deployment/main.tf
@@ -8,13 +8,13 @@ provider "aws" {
module "globals" {
source = "imperva/dsf-globals/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = var.sonar_version
}
module "key_pair" {
source = "imperva/dsf-globals/aws//modules/key_pair"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
key_name_prefix = "imperva-dsf-"
private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}"
tags = local.tags
@@ -87,7 +87,7 @@ module "vpc" {
##############################
module "hub_main" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "hub", "main"])
instance_type = var.hub_instance_type
@@ -114,7 +114,7 @@ module "hub_main" {
module "hub_dr" {
source = "imperva/dsf-hub/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"])
instance_type = var.hub_instance_type
@@ -143,7 +143,7 @@ module "hub_dr" {
module "agentless_gw_main" {
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.gw_count
friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "main"])
@@ -173,7 +173,7 @@ module "agentless_gw_main" {
module "agentless_gw_dr" {
source = "imperva/dsf-agentless-gw/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.gw_count
friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "DR"])
@@ -206,7 +206,7 @@ module "agentless_gw_dr" {
module "hub_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
sonar_version = module.globals.tarball_location.version
dsf_main_ip = module.hub_main.public_ip
@@ -223,7 +223,7 @@ module "hub_hadr" {
module "agentless_gw_hadr" {
source = "imperva/dsf-hadr/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = var.gw_count
sonar_version = module.globals.tarball_location.version
@@ -256,7 +256,7 @@ locals {
module "federation" {
source = "imperva/dsf-federation/null"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = length(local.hub_gw_combinations)
hub_info = {
@@ -282,7 +282,7 @@ module "federation" {
module "rds_mysql" {
source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = contains(var.db_types_to_onboard, "RDS MySQL") ? 1 : 0
rds_subnet_ids = local.db_subnet_ids
@@ -293,7 +293,7 @@ module "rds_mysql" {
# create a RDS SQL Server DB
module "rds_mssql" {
source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
count = contains(var.db_types_to_onboard, "RDS MsSQL") ? 1 : 0
rds_subnet_ids = local.db_subnet_ids
@@ -308,7 +308,7 @@ module "rds_mssql" {
module "db_onboarding" {
source = "imperva/dsf-poc-db-onboarder/aws"
- version = "1.5.5" # latest release tag
+ version = "1.5.6" # latest release tag
for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val }
sonar_version = module.globals.tarball_location.version
diff --git a/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment.zip b/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment.zip
deleted file mode 100644
index f888fefc5..000000000
Binary files a/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment.zip and /dev/null differ
diff --git a/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_5_6.zip b/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_5_6.zip
new file mode 100644
index 000000000..db6260a6c
Binary files /dev/null and b/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_5_6.zip differ
diff --git a/examples/sonar_upgrade/README.md b/examples/sonar_upgrade/README.md
index 8c0133663..a28720dbd 100644
--- a/examples/sonar_upgrade/README.md
+++ b/examples/sonar_upgrade/README.md
@@ -1,7 +1,7 @@
# DSF Hub and Agentless Gateway Upgrade POC example
[![GitHub tag](https://img.shields.io/github/v/tag/imperva/dsfkit.svg)](https://github.com/imperva/dsfkit/tags)
-A DSF Hub and Agentless Gateway (formerly Sonar) upgrade POC procedure.
+A DSF Hub and Agentless Gateway (formerly Sonar) upgrade procedure.
This procedure consists of:
diff --git a/examples/sonar_upgrade/main.tf b/examples/sonar_upgrade/main.tf
index 8cd4f7c16..8acb2c97a 100644
--- a/examples/sonar_upgrade/main.tf
+++ b/examples/sonar_upgrade/main.tf
@@ -1,5 +1,7 @@
module "sonar_upgrader" {
source = "../../modules/aws/sonar-upgrader"
+
+ # Fill the details of the Agentless Gateways and DSF Hubs that you want to upgrade
agentless_gws = [
{
"main" = {
@@ -18,7 +20,7 @@ module "sonar_upgrader" {
"host" = "10.0.1.2"
"ssh_user" = "ec2-user"
"ssh_private_key_file_path" = "/home/ssh_key2.pem"
- "proxy" = {
+ "proxy" = {
"host" = "52.8.8.8"
"ssh_user" = "ec2-user"
"ssh_private_key_file_path" = "/home/ssh_key2.pem"
@@ -28,7 +30,7 @@ module "sonar_upgrader" {
"host" = "10.2.1.2"
"ssh_user" = "ec2-user"
"ssh_private_key_file_path" = "/home/ssh_key2.pem"
- "proxy" = {
+ "proxy" = {
"host" = "52.8.8.8"
"ssh_user" = "ec2-user"
"ssh_private_key_file_path" = "/home/ssh_key2.pem"
@@ -70,11 +72,20 @@ module "sonar_upgrader" {
}
]
+ # Fill full Sonar version (short format, e.g., 4.12, is not supported)
target_version = "4.12.0.10.0"
- # options
- test_connection = true
- run_preflight_validations = true
- run_upgrade = true
+
+ # Configuration options for controlling the upgrade flow
+ test_connection = true
+ run_preflight_validations = true
+ run_upgrade = true
run_postflight_validations = true
- stop_on_failure = true
+ stop_on_failure = true
+
+ # Fill if using your S3 bucket, remove if using Imperva's S3 bucket
+ tarball_location = {
+ "s3_bucket" = "myBucket"
+ "s3_region" = "us-east-1"
+ "s3_key" = "prefix/jsonar-x.y.z.w.u.tar.gz"
+ }
}
diff --git a/examples/sonar_upgrade/sonar_upgrade_1_5_6.zip b/examples/sonar_upgrade/sonar_upgrade_1_5_6.zip
new file mode 100644
index 000000000..301d47621
Binary files /dev/null and b/examples/sonar_upgrade/sonar_upgrade_1_5_6.zip differ
diff --git a/modules/aws/agent-gw/README.md b/modules/aws/agent-gw/README.md
index 69040ea10..b6b82821f 100644
--- a/modules/aws/agent-gw/README.md
+++ b/modules/aws/agent-gw/README.md
@@ -83,4 +83,4 @@ API access to the DSF Management server is required to provision this module. Pl
For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/aws/agentless-gw/README.md b/modules/aws/agentless-gw/README.md
index 0df80ca73..6d94312cc 100644
--- a/modules/aws/agentless-gw/README.md
+++ b/modules/aws/agentless-gw/README.md
@@ -100,4 +100,4 @@ SSH access is required to provision this module. To SSH into the Agentless Gatew
For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/aws/db-with-agent/README.md b/modules/aws/db-with-agent/README.md
index db6e2e88c..39279370d 100644
--- a/modules/aws/db-with-agent/README.md
+++ b/modules/aws/db-with-agent/README.md
@@ -69,4 +69,4 @@ module "db_with_agent" {
## Additional Information
For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/aws/dra-admin/README.md b/modules/aws/dra-admin/README.md
index 3abb0bd68..d86d9e931 100644
--- a/modules/aws/dra-admin/README.md
+++ b/modules/aws/dra-admin/README.md
@@ -72,4 +72,4 @@ module "dsf_dra_admin" {
For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/aws/dra-analytics/README.md b/modules/aws/dra-analytics/README.md
index cae63343c..d08478e6c 100644
--- a/modules/aws/dra-analytics/README.md
+++ b/modules/aws/dra-analytics/README.md
@@ -78,4 +78,4 @@ module "dsf_dra_admin" {
For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/aws/hub/README.md b/modules/aws/hub/README.md
index f8f923596..557b948f1 100644
--- a/modules/aws/hub/README.md
+++ b/modules/aws/hub/README.md
@@ -96,4 +96,4 @@ SSH access is required to provision this module. To SSH into the DSF Hub instanc
For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/aws/mx/README.md b/modules/aws/mx/README.md
index f9d5249b9..2a5cc7938 100644
--- a/modules/aws/mx/README.md
+++ b/modules/aws/mx/README.md
@@ -83,4 +83,4 @@ API access is required to provision this module. Please make sure to pass the re
For more information about the DSF MX and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-dam-management-server-manager-user-guide/page/10068.htm).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/aws/rds-mssql-db/README.md b/modules/aws/rds-mssql-db/README.md
index b5dae2cf8..4f886861f 100644
--- a/modules/aws/rds-mssql-db/README.md
+++ b/modules/aws/rds-mssql-db/README.md
@@ -80,4 +80,4 @@ module "dsf_rds_mssql" {
## Additional Information
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/aws/sonar-upgrader/main.tf b/modules/aws/sonar-upgrader/main.tf
index 41c1c101d..2dfc22a93 100644
--- a/modules/aws/sonar-upgrader/main.tf
+++ b/modules/aws/sonar-upgrader/main.tf
@@ -11,12 +11,13 @@ locals {
run_postflight_validations = var.run_postflight_validations
clean_old_deployments = var.clean_old_deployments
stop_on_failure = var.stop_on_failure
+ tarball_location = jsonencode(var.tarball_location)
})
}
resource "null_resource" "upgrade_cmd" {
provisioner "local-exec" {
- command = local.upgrade_cmd
+ command = local.upgrade_cmd
interpreter = ["bash", "-c"]
}
diff --git a/modules/aws/sonar-upgrader/outputs.tf b/modules/aws/sonar-upgrader/outputs.tf
index ca8697cda..097c5fc15 100644
--- a/modules/aws/sonar-upgrader/outputs.tf
+++ b/modules/aws/sonar-upgrader/outputs.tf
@@ -34,3 +34,6 @@ output "stop_on_failure" {
value = var.stop_on_failure
}
+output "tarball_location" {
+ value = var.tarball_location
+}
diff --git a/modules/aws/sonar-upgrader/provision_script.tpl b/modules/aws/sonar-upgrader/provision_script.tpl
index 1babbd075..96586e945 100755
--- a/modules/aws/sonar-upgrader/provision_script.tpl
+++ b/modules/aws/sonar-upgrader/provision_script.tpl
@@ -18,4 +18,5 @@ python3 -u ${path}/python_upgrader/main.py \
--run_upgrade "${run_upgrade}" \
--run_postflight_validations "${run_postflight_validations}" \
--clean_old_deployments "${clean_old_deployments}" \
- --stop_on_failure "${stop_on_failure}"
+ --stop_on_failure "${stop_on_failure}" \
+ --tarball_location '${tarball_location}'
diff --git a/modules/aws/sonar-upgrader/python_upgrader/main.py b/modules/aws/sonar-upgrader/python_upgrader/main.py
index 5ebd25567..0a25127d5 100644
--- a/modules/aws/sonar-upgrader/python_upgrader/main.py
+++ b/modules/aws/sonar-upgrader/python_upgrader/main.py
@@ -162,10 +162,11 @@ def main(args):
agentless_gws = json.loads(args.agentless_gws)
hubs = json.loads(args.dsf_hubs)
+ tarball_location = json.loads(args.tarball_location)
print("********** Inputs ************")
- print_inputs(agentless_gws, hubs, args)
+ print_inputs(agentless_gws, hubs, tarball_location, args)
print("********** Start ************")
@@ -204,7 +205,8 @@ def main(args):
if args.run_upgrade or args.run_postflight_validations or args.clean_old_deployments:
success = maybe_upgrade_and_postflight(agentless_gws, hubs, args.target_version, args.run_upgrade,
args.run_postflight_validations, args.clean_old_deployments,
- python_location_dict, args.stop_on_failure, upgrade_state_service)
+ python_location_dict, args.stop_on_failure, tarball_location,
+ upgrade_state_service)
print_upgrade_result = args.run_upgrade
print_postflight_result = not args.run_upgrade and args.run_postflight_validations
if print_upgrade_result:
@@ -222,7 +224,9 @@ def main(args):
print(f"### An error occurred, aborting upgrade...")
print("********** Summary ************")
- print(upgrade_state_service.get_summary())
+ # TODO uncomment when upgrade status API will be implemented
+ # print(upgrade_state_service.get_summary())
+ print("Coming soon")
print("********** End ************")
@@ -256,11 +260,13 @@ def parse_args():
parser.add_argument("--stop_on_failure", type=str_to_bool,
help="Whether to stop or continue to upgrade the next DSF nodes in case of failure "
"on a DSF node")
+ parser.add_argument("--tarball_location",
+ help="JSON-encoded S3 bucket location of the DSF installation software")
args = parser.parse_args()
return args
-def print_inputs(agentless_gws, hubs, args):
+def print_inputs(agentless_gws, hubs, tarball_location, args):
print("List of Agentless Gateways:")
print_hadr_sets(agentless_gws)
print("List of DSF Hubs:")
@@ -273,6 +279,7 @@ def print_inputs(agentless_gws, hubs, args):
print(f"run_postflight_validations: {args.run_postflight_validations}")
print(f"clean_old_deployments: {args.clean_old_deployments}")
print(f"stop_on_failure: {args.stop_on_failure}")
+ print(f"tarball_location: {tarball_location}")
def test_connection_to_extended_nodes(extended_nodes, stop_on_failure, upgrade_state_service):
@@ -492,7 +499,8 @@ def are_preflight_validations_passed(preflight_validations_result):
def maybe_upgrade_and_postflight(agentless_gws, hubs, target_version, run_upgrade, run_postflight_validations,
- clean_old_deployments, python_location_dict, stop_on_failure, upgrade_state_service):
+ clean_old_deployments, python_location_dict, stop_on_failure, tarball_location,
+ upgrade_state_service):
if run_upgrade:
print("----- Upgrade")
@@ -505,6 +513,7 @@ def maybe_upgrade_and_postflight(agentless_gws, hubs, target_version, run_upgrad
"clean_old_deployments.sh",
python_location_dict,
stop_on_failure,
+ tarball_location,
upgrade_state_service)
hub_upgrade_and_postflight_succeeded = maybe_upgrade_and_postflight_hadr_sets(hubs, "DSF Hub", target_version,
@@ -516,6 +525,7 @@ def maybe_upgrade_and_postflight(agentless_gws, hubs, target_version, run_upgrad
"clean_old_deployments.sh",
python_location_dict,
stop_on_failure,
+ tarball_location,
upgrade_state_service)
return gws_upgrade_and_postflight_succeeded and hub_upgrade_and_postflight_succeeded
@@ -525,7 +535,7 @@ def maybe_upgrade_and_postflight_hadr_sets(hadr_sets, dsf_node_type, target_vers
run_upgrade, do_run_postflight_validations,
postflight_validations_script_file_name, clean_old_deployments,
clean_old_deployments_script_file_name, python_location_dict,
- stop_on_failure, upgrade_state_service):
+ stop_on_failure, tarball_location, upgrade_state_service):
all_success_or_skip = True
for hadr_set in hadr_sets:
succeed_or_skipped = maybe_upgrade_and_postflight_hadr_set(hadr_set, dsf_node_type, target_version,
@@ -536,6 +546,7 @@ def maybe_upgrade_and_postflight_hadr_sets(hadr_sets, dsf_node_type, target_vers
clean_old_deployments_script_file_name,
python_location_dict,
stop_on_failure,
+ tarball_location,
upgrade_state_service)
all_success_or_skip = all_success_or_skip and succeed_or_skipped
return all_success_or_skip
@@ -545,24 +556,24 @@ def maybe_upgrade_and_postflight_hadr_set(hadr_set, dsf_node_type, target_versio
run_upgrade, do_run_postflight_validations,
postflight_validations_script_file_name, clean_old_deployments,
clean_old_deployments_script_file_name, python_location_dict,
- stop_on_failure, upgrade_state_service):
+ stop_on_failure, tarball_location, upgrade_state_service):
print(f"Running upgrade and/or postflight validations for an {dsf_node_type} HADR replica set")
if maybe_upgrade_and_postflight_dsf_node(hadr_set.get('minor'), dsf_node_type, 'Minor', target_version,
upgrade_script_file_name, run_upgrade, do_run_postflight_validations,
postflight_validations_script_file_name, clean_old_deployments,
clean_old_deployments_script_file_name, python_location_dict,
- stop_on_failure, upgrade_state_service):
+ stop_on_failure, tarball_location, upgrade_state_service):
if maybe_upgrade_and_postflight_dsf_node(hadr_set.get('dr'), dsf_node_type, 'DR', target_version,
upgrade_script_file_name, run_upgrade, do_run_postflight_validations,
postflight_validations_script_file_name, clean_old_deployments,
clean_old_deployments_script_file_name, python_location_dict,
- stop_on_failure, upgrade_state_service):
+ stop_on_failure, tarball_location, upgrade_state_service):
if maybe_upgrade_and_postflight_dsf_node(hadr_set.get('main'), dsf_node_type, 'Main', target_version,
upgrade_script_file_name, run_upgrade,
do_run_postflight_validations,
postflight_validations_script_file_name, clean_old_deployments,
clean_old_deployments_script_file_name, python_location_dict,
- stop_on_failure, upgrade_state_service):
+ stop_on_failure, tarball_location, upgrade_state_service):
return True
else:
print(f"Upgrade of HADR DR node failed, will not continue to Main if exists.")
@@ -575,7 +586,7 @@ def maybe_upgrade_and_postflight_dsf_node(dsf_node, dsf_node_type, hadr_node_typ
upgrade_script_file_name, run_upgrade, do_run_postflight_validations,
postflight_validations_script_file_name, clean_old_deployments,
clean_old_deployments_script_file_name, python_location_dict,
- stop_on_failure, upgrade_state_service):
+ stop_on_failure, tarball_location, upgrade_state_service):
if dsf_node is None:
return True
# TODO refactor to use the extended node already created in previous steps
@@ -584,7 +595,7 @@ def maybe_upgrade_and_postflight_dsf_node(dsf_node, dsf_node_type, hadr_node_typ
extended_node = create_extended_node(dsf_node, dsf_node_id, dsf_node_name)
if run_upgrade:
upgrade_success_or_skip = maybe_upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name,
- stop_on_failure, upgrade_state_service)
+ stop_on_failure, tarball_location, upgrade_state_service)
if not upgrade_success_or_skip:
return False
@@ -608,20 +619,22 @@ def maybe_upgrade_and_postflight_dsf_node(dsf_node, dsf_node_type, hadr_node_typ
def maybe_upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name,
- stop_on_failure, upgrade_state_service):
+ stop_on_failure, tarball_location, upgrade_state_service):
if upgrade_state_service.should_run_upgrade(extended_node.get('dsf_node_id')):
return upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, stop_on_failure,
- upgrade_state_service)
+ tarball_location, upgrade_state_service)
return True
-def upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, stop_on_failure, upgrade_state_service):
+def upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, stop_on_failure, tarball_location,
+ upgrade_state_service):
print(f"Running upgrade for {extended_node.get('dsf_node_name')}")
print(f"You may follow the upgrade process in the DSF node by running SSH to it and looking at "
f"/var/log/upgrade.log. When the DSF node's upgrade will complete, this log will also appear here.")
upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'),
UpgradeState.RUNNING_UPGRADE)
- success, script_output = run_upgrade_script(extended_node.get('dsf_node'), target_version, upgrade_script_file_name)
+ success, script_output = run_upgrade_script(extended_node.get('dsf_node'), target_version, tarball_location,
+ upgrade_script_file_name)
if success:
print(f"Upgrading {extended_node.get('dsf_node_name')} was ### successful ###")
upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'),
@@ -635,7 +648,7 @@ def upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, st
return success
-def run_upgrade_script(dsf_node, target_version, upgrade_script_file_name):
+def run_upgrade_script(dsf_node, target_version, tarball_location, upgrade_script_file_name):
if run_dummy_upgrade:
print(f"Running dummy upgrade script")
script_file_name = 'dummy_upgrade_script.sh'
@@ -644,8 +657,7 @@ def run_upgrade_script(dsf_node, target_version, upgrade_script_file_name):
script_file_path = get_file_path(script_file_name)
script_contents = read_file_contents(script_file_path)
- tarball = get_tarball_name(target_version)
- args = f"1ef8de27-ed95-40ff-8c08-7969fc1b7901 {tarball} us-east-1"
+ args = get_upgrade_script_args(target_version, tarball_location)
script_run_command = build_bash_script_run_command(script_contents, args)
# print(f"script_run_command: {script_run_command}")
@@ -656,8 +668,16 @@ def run_upgrade_script(dsf_node, target_version, upgrade_script_file_name):
return "Upgrade completed" in script_output, script_output
-# TODO move up to the Helper functions
-def get_tarball_name(target_version):
+def get_upgrade_script_args(target_version, tarball_location):
+ if tarball_location.get('s3_key') is None:
+ s3_key = get_tarball_s3_key(target_version)
+ else:
+ s3_key = tarball_location.get('s3_key')
+ args = f"{tarball_location.get('s3_bucket')} {tarball_location.get('s3_region')} {s3_key}"
+ return args
+
+
+def get_tarball_s3_key(target_version):
return f"jsonar-{target_version}.tar.gz"
@@ -699,6 +719,8 @@ def run_postflight_validations(extended_node, target_version, script_file_name,
print(f"### Postflight validations passed for {extended_node.get('dsf_node_name')}")
upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'),
UpgradeState.POSTFLIGHT_VALIDATIONS_SUCCEEDED)
+ upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'),
+ UpgradeState.SUCCEEDED)
else:
print(f"### Postflight validations didn't pass for {extended_node.get('dsf_node_name')}")
upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'),
diff --git a/modules/aws/sonar-upgrader/python_upgrader/upgrade_v4_10.sh b/modules/aws/sonar-upgrader/python_upgrader/upgrade_v4_10.sh
index cdb424ec6..fd86d756f 100644
--- a/modules/aws/sonar-upgrader/python_upgrader/upgrade_v4_10.sh
+++ b/modules/aws/sonar-upgrader/python_upgrader/upgrade_v4_10.sh
@@ -26,22 +26,19 @@ echo "Running in directory: $(pwd)"
# starting the argument count from 0 since this script is run by "bash -c"
installation_s3_bucket="$0"
-installation_s3_key="$1"
-installation_s3_region="$2"
+installation_s3_region="$1"
+installation_s3_key="$2"
echo "Tarball file name: ${installation_s3_key}, in bucket: ${installation_s3_bucket}, in region: ${installation_s3_region}"
-#installation_s3_bucket="1ef8de27-ed95-40ff-8c08-7969fc1b7901"
-#installation_s3_key="jsonar-4.12.0.10.0.tar.gz"
-#installation_s3_region="us-east-1"
-
-TARBALL_FILE=$(basename ${installation_s3_key})
-
JSONAR_BASEDIR=$(grep "^JSONAR_BASEDIR=" /etc/sysconfig/jsonar | cut -d"=" -f2)
# In deployments by eDSF Kit, the value is /imperva
STATE_DIR=$(echo "$JSONAR_BASEDIR" | sed "s|/apps/jsonar/apps.*||")
echo "State directory: ${STATE_DIR}"
APPS_DIR=$STATE_DIR/apps
+TARBALL_FILE_NAME=$(basename ${installation_s3_key})
+TARBALL_FILE=$APPS_DIR/$TARBALL_FILE_NAME
+
VERSION="${TARBALL_FILE#*-}"
VERSION="${VERSION%.tar.gz}"
echo "Version: $VERSION"
@@ -51,7 +48,7 @@ echo "Tarball extraction directory: $EXTRACTION_DIR"
function extract_tarball() {
echo "Extracting tarball..."
- sudo tar -xf ./$TARBALL_FILE -gz -C $APPS_DIR
+ sudo tar -xf $TARBALL_FILE_NAME -gz -C $APPS_DIR
sudo chown -R sonarw:sonar $APPS_DIR
echo "Extracting tarball completed"
}
@@ -59,16 +56,16 @@ function extract_tarball() {
function download_and_extract_tarball() {
if [ -e $EXTRACTION_DIR ]; then
echo "Tarball file is already extracted"
- elif [ -e ./$TARBALL_FILE ]; then
+ elif [ -e $TARBALL_FILE_NAME ]; then
echo "Tarball file already exists on disk"
extract_tarball
- rm ./$TARBALL_FILE
+ rm $TARBALL_FILE_NAME
else
echo "Downloading tarball..."
- /usr/local/bin/aws s3 cp s3://${installation_s3_bucket}/${installation_s3_key} ./$TARBALL_FILE --region ${installation_s3_region} >/dev/null
+ /usr/local/bin/aws s3 cp s3://${installation_s3_bucket}/${installation_s3_key} $TARBALL_FILE_NAME --region ${installation_s3_region} >/dev/null
echo "Downloading tarball completed"
extract_tarball
- rm ./$TARBALL_FILE
+ rm $TARBALL_FILE_NAME
fi
}
diff --git a/modules/aws/sonar-upgrader/variables.tf b/modules/aws/sonar-upgrader/variables.tf
index 698c0d6ff..b03a48d3e 100644
--- a/modules/aws/sonar-upgrader/variables.tf
+++ b/modules/aws/sonar-upgrader/variables.tf
@@ -1,9 +1,9 @@
variable "agentless_gws" {
type = list(object({
main = optional(object({
- host = string # IP or hostname, can be private or public
- ssh_user = string
- ssh_private_key_file_path = string
+ host = string # IP or hostname, can be private or public
+ ssh_user = string
+ ssh_private_key_file_path = string
proxy = optional(object({
host = string # IP or hostname, can be private or public
ssh_user = string
@@ -11,9 +11,9 @@ variable "agentless_gws" {
}))
})),
dr = optional(object({
- host = string # IP or hostname, can be private or public
- ssh_user = string
- ssh_private_key_file_path = string
+ host = string # IP or hostname, can be private or public
+ ssh_user = string
+ ssh_private_key_file_path = string
proxy = optional(object({
host = string # IP or hostname, can be private or public
ssh_user = string
@@ -21,9 +21,9 @@ variable "agentless_gws" {
}))
})),
minor = optional(object({
- host = string # IP or hostname, can be private or public
- ssh_user = string
- ssh_private_key_file_path = string
+ host = string # IP or hostname, can be private or public
+ ssh_user = string
+ ssh_private_key_file_path = string
proxy = optional(object({
host = string # IP or hostname, can be private or public
ssh_user = string
@@ -39,9 +39,9 @@ variable "agentless_gws" {
variable "dsf_hubs" {
type = list(object({
main = optional(object({
- host = string # IP or hostname, can be private or public
- ssh_user = string
- ssh_private_key_file_path = string
+ host = string # IP or hostname, can be private or public
+ ssh_user = string
+ ssh_private_key_file_path = string
proxy = optional(object({
host = string # IP or hostname, can be private or public
ssh_user = string
@@ -49,9 +49,9 @@ variable "dsf_hubs" {
}))
})),
dr = optional(object({
- host = string # IP or hostname, can be private or public
- ssh_user = string
- ssh_private_key_file_path = string
+ host = string # IP or hostname, can be private or public
+ ssh_user = string
+ ssh_private_key_file_path = string
proxy = optional(object({
host = string # IP or hostname, can be private or public
ssh_user = string
@@ -59,9 +59,9 @@ variable "dsf_hubs" {
}))
})),
minor = optional(object({
- host = string # IP or hostname, can be private or public
- ssh_user = string
- ssh_private_key_file_path = string
+ host = string # IP or hostname, can be private or public
+ ssh_user = string
+ ssh_private_key_file_path = string
proxy = optional(object({
host = string # IP or hostname, can be private or public
ssh_user = string
@@ -81,8 +81,8 @@ variable "target_version" {
}
variable "connection_timeout" {
- type = number
- default = 90
+ type = number
+ default = 90
description = "Client connection timeout in seconds used for the SSH connections between the installer machine and the DSF nodes being upgraded. Its purpose is to ensure a uniform behavior across different platforms. Note that the SSH server in the DSF nodes may have its own timeout configurations which may override this setting."
}
@@ -121,4 +121,18 @@ variable "stop_on_failure" {
type = bool
default = true
description = "Whether to stop or continue to upgrade the next DSF nodes in case of failure on a DSF node"
-}
\ No newline at end of file
+}
+
+variable "tarball_location" {
+ type = object({
+ s3_bucket = string
+ s3_region = string
+ s3_key = string
+ })
+ description = "S3 bucket location of the DSF installation software. s3_key is the full path to the tarball file within the bucket, for example, 'prefix/jsonar-x.y.z.w.u.tar.gz'"
+ default = {
+ s3_bucket = "1ef8de27-ed95-40ff-8c08-7969fc1b7901"
+ s3_region = "us-east-1"
+ s3_key = null
+ }
+}
diff --git a/modules/azurerm/agentless-gw/README.md b/modules/azurerm/agentless-gw/README.md
index a532f13ba..3c85689fb 100644
--- a/modules/azurerm/agentless-gw/README.md
+++ b/modules/azurerm/agentless-gw/README.md
@@ -99,4 +99,4 @@ SSH access is required to provision this module. To SSH into the Agentless Gatew
For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/azurerm/hub/README.md b/modules/azurerm/hub/README.md
index 56f44a80e..3d45bc209 100644
--- a/modules/azurerm/hub/README.md
+++ b/modules/azurerm/hub/README.md
@@ -97,4 +97,4 @@ SSH access is required to provision this module. To SSH into the DSF Hub instanc
For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm).
-For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5).
\ No newline at end of file
+For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6).
\ No newline at end of file
diff --git a/modules/sonar_python_upgrader_1_5_6.zip b/modules/sonar_python_upgrader_1_5_6.zip
new file mode 100644
index 000000000..33487e51f
Binary files /dev/null and b/modules/sonar_python_upgrader_1_5_6.zip differ