diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 93ca8e566..0f2e95b8c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -73,14 +73,23 @@ jobs: terraform_wrapper: false terraform_version: ~1.6.0 + - name: Format version for zip file name + run: | + version="${{ github.event.inputs.future_release }}" + formatted_version=${version//./_} + echo "FORMATTED_VERSION=$formatted_version" >> $GITHUB_OUTPUT + id: format-version + - name: Update modules' versions in examples run: | find ./examples/ -type f -exec sed -i 's;.*latest release tag.*;version="'${{ github.event.inputs.future_release }}'" # latest release tag;' {} \; - name: Update READMEs run: | + echo "Formatted version: ${{ steps.format-version.outputs.FORMATTED_VERSION }}" find . -type f -name 'README.md' -exec sed -E -i 's;github.com/imperva/dsfkit/tree/([0-9]*\.){2}[0-9]*;github.com/imperva/dsfkit/tree/'${{ github.event.inputs.future_release }}';g' {} \; find . -type f -name 'README.md' -exec sed -E -i 's;github.com/imperva/dsfkit/raw/([0-9]*\.){2}[0-9]*;github.com/imperva/dsfkit/raw/'${{ github.event.inputs.future_release }}';g' {} \; + find . -type f -name 'README.md' -exec sed -E -i '/\/examples\// s;([0-9]+_){2}[0-9]+\.zip;${{ steps.format-version.outputs.FORMATTED_VERSION }}\.zip;g' {} \; - name: Update installer machine link run: | @@ -90,16 +99,8 @@ jobs: run: | terraform fmt -recursive - - name: Format version for zip file name - run: | - version="${{ github.event.inputs.future_release }}" - formatted_version=${version//./_} - echo "FORMATTED_VERSION=$formatted_version" >> $GITHUB_OUTPUT - id: format-version - - name: Zip per examples run: | - echo "Formatted version: ${{ steps.format-version.outputs.FORMATTED_VERSION }}" for d in $(find ./examples -type d -links 2); do _d=$(dirname ${d}); _b=$(basename ${d}); pushd $_d; zip -FSr ${_b}/${_b}_${{ steps.format-version.outputs.FORMATTED_VERSION }}.zip ${_b} -x "*.zip"; popd; done - name: Zip Sonar python upgrader @@ -130,7 +131,7 @@ jobs: with: fetch-depth: 0 ref: ${{ env.dst_branch }} - token: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN }} + token: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN_ADMIN }} - name: Merge run: | @@ -162,7 +163,7 @@ jobs: needs: tag_branch uses: ./.github/workflows/deploy_module.yml secrets: - PUSH_TO_OTHER_REPOS_TOKEN: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN }} + PUSH_TO_OTHER_REPOS_TOKEN_ADMIN: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN_ADMIN }} test_plan: needs: deploy_modules diff --git a/README.md b/README.md index c439bc050..9b65e9a2d 100644 --- a/README.md +++ b/README.md @@ -116,7 +116,7 @@ This guide references the following information and links, some of which are ava - eDSF Kit GitHub Repository + eDSF Kit GitHub Repository @@ -395,7 +395,7 @@ The following table lists the released eDSF Kit versions, their release date and - Coming soon + 15 Oct 2023 1.5.6 @@ -447,7 +447,7 @@ e.g., with or without DRA, the number of Agentless Gateways, with or without HAD We provide several of out-of-the-box Terraform recipes we call "examples" which are already configured to deploy common DSF environments. You can use the example as is, or customize it to accommodate your deployment requirements. -These examples can be found in the eDSF Kit GitHub Repository under the examples directory. +These examples can be found in the eDSF Kit GitHub Repository under the examples directory. Some examples are intended for Lab or POC and others for actual DSF deployments by Professional Services and customers. For more details about each example, click on the example name. @@ -464,63 +464,73 @@ For more details about each example, click on the example name. - Sonar Basic Deployment + Sonar Basic Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, federation, networking and onboarding of a MySQL DB. - sonar_basic_deployment.zip + sonar_basic_deployment_1_5_6.zip - Sonar HADR Deployment + Sonar HADR Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, DSF Hub and Agentless Gateway HADR, federation, networking and onboarding of a MySQL DB. - sonar_hadr_deployment.zip + sonar_hadr_deployment_1_5_6.zip - Sonar Single Account Deployment + Sonar Single Account Deployment PS/Customer A DSF deployment with a DSF Hub HADR, an Agentless Gateway and federation. The DSF nodes (Hubs and Agentless Gateway) are in the same AWS account and the same region. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on. - sonar_single_account_deployment.zip + sonar_single_account_deployment_1_5_6.zip - Sonar Multi Account Deployment + Sonar Multi Account Deployment PS/Customer A DSF deployment with a DSF Hub, an Agentless Gateway and federation. The DSF nodes (Hub and Agentless Gateway) are in different AWS accounts. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on. - sonar_multi_account_deployment.zip + sonar_multi_account_deployment_1_5_6.zip - DSF Deployment + DSF Deployment Lab/POC A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways), DRA (Admin and DRA Analytics), and Agent and Agentless audit sources. - dsf_deployment.zip + dsf_deployment_1_5_6.zip - DSF Single Account Deployment + DSF Single Account Deployment PS/Customer A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways) and DRA (Admin and DRA Analytics). - dsf_single_account_deployment.zip + dsf_single_account_deployment_1_5_6.zip + + + + Sonar Upgrade (Alpha) + + All + + Upgrade of DSF Hub and Agentless Gateway (formerly Sonar). + + sonar_upgrade_1_5_6.zip @@ -598,7 +608,7 @@ The first thing to do in this deployment mode is to [download Terraform ](https: **NOTE:** Update the values for the required parameters to complete the installation: example_name, aws_access_key_id, aws_secret_access_key and region -1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. +1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. 2. Unzip the zip file in CLI or using your operating system's UI. For example, in CLI: @@ -686,7 +696,7 @@ This mode is similar to the CLI mode except that the Terraform is run on an EC2 7. Expand the “Advanced details” panel:
![Advanced details](https://user-images.githubusercontent.com/87799317/203825918-31879c4b-ca61-48e3-a522-c325335c4419.png) -8. Copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.5.5/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox.
![User data](https://user-images.githubusercontent.com/87799317/203826003-661c829f-d704-43c4-adb7-854b8008577c.png) +8. Copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.5.6/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox.
![User data](https://user-images.githubusercontent.com/87799317/203826003-661c829f-d704-43c4-adb7-854b8008577c.png) 9. Click on **Launch Instance**. At this stage, the installer machine is initializing and downloading the necessary dependencies. @@ -705,30 +715,30 @@ This mode is similar to the CLI mode except that the Terraform is run on an EC2 For example: `chmode 400 a_key_pair.pem` -11. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. +11. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. Run: ```bash - wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/poc/sonar_basic_deployment/sonar_basic_deployment.zip + wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/poc/sonar_basic_deployment/sonar_basic_deployment_1_5_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment.zip + wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_5_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment.zip + wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_5_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment.zip + wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_5_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/poc/dsf_deployment/dsf_deployment.zip + wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/poc/dsf_deployment/dsf_deployment_1_5_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.5.5/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment.zip + wget https://github.com/imperva/dsfkit/raw/1.5.6/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_5_6.zip ``` 12. Continue by following the [CLI Deployment Mode](#cli-deployment-mode) beginning at step 2. @@ -951,7 +961,7 @@ In case of failure, the Terraform may have deployed some resources before failin Information about additional topics can be found in specific examples' READMEs, when relevant. -For example: Sonar Single Account Deployment +For example: Sonar Single Account Deployment These topics include: - Storing Terraform state in S3 bucket diff --git a/examples/azure/dsf_deployment/dsf_deployment.zip b/examples/azure/dsf_deployment/dsf_deployment.zip deleted file mode 100644 index 9fbe9ede3..000000000 Binary files a/examples/azure/dsf_deployment/dsf_deployment.zip and /dev/null differ diff --git a/examples/azure/dsf_deployment/dsf_deployment_1_5_6.zip b/examples/azure/dsf_deployment/dsf_deployment_1_5_6.zip new file mode 100644 index 000000000..943fd508a Binary files /dev/null and b/examples/azure/dsf_deployment/dsf_deployment_1_5_6.zip differ diff --git a/examples/azure/dsf_deployment/main.tf b/examples/azure/dsf_deployment/main.tf index 8e48d96e9..b6281badb 100644 --- a/examples/azure/dsf_deployment/main.tf +++ b/examples/azure/dsf_deployment/main.tf @@ -8,7 +8,7 @@ provider "azurerm" { module "globals" { source = "imperva/dsf-globals/azurerm" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag } diff --git a/examples/azure/dsf_deployment/sonar.tf b/examples/azure/dsf_deployment/sonar.tf index 43d583864..227316af4 100644 --- a/examples/azure/dsf_deployment/sonar.tf +++ b/examples/azure/dsf_deployment/sonar.tf @@ -4,7 +4,7 @@ locals { module "hub_main" { source = "imperva/dsf-hub/azurerm" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_sonar ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub"]) @@ -34,7 +34,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/azurerm" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_sonar && var.hub_hadr ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) @@ -66,7 +66,7 @@ module "hub_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = length(module.hub_dr) > 0 ? 1 : 0 sonar_version = var.sonar_version @@ -84,7 +84,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/azurerm" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index]) @@ -115,7 +115,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/azurerm" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -149,7 +149,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = length(module.agentless_gw_dr) sonar_version = var.sonar_version @@ -193,7 +193,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/installation/dsf_single_account_deployment/dam.tf b/examples/installation/dsf_single_account_deployment/dam.tf index 7cb11c0d3..58d5efbb7 100644 --- a/examples/installation/dsf_single_account_deployment/dam.tf +++ b/examples/installation/dsf_single_account_deployment/dam.tf @@ -8,7 +8,7 @@ locals { module "mx" { source = "imperva/dsf-mx/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -37,7 +37,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) @@ -66,7 +66,7 @@ module "agent_gw" { module "agent_gw_cluster_setup" { source = "imperva/dsf-agent-gw-cluster-setup/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.create_agent_gw_cluster cluster_name = var.cluster_name != null ? var.cluster_name : join("-", [local.deployment_name_salted, "agent", "gw", "cluster"]) diff --git a/examples/installation/dsf_single_account_deployment/dra.tf b/examples/installation/dsf_single_account_deployment/dra.tf index b3e9682fe..04c03ee9e 100644 --- a/examples/installation/dsf_single_account_deployment/dra.tf +++ b/examples/installation/dsf_single_account_deployment/dra.tf @@ -6,7 +6,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_dra ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -27,7 +27,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.dra_analytics_count friendly_name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/installation/dsf_single_account_deployment/dsf_deployment.zip b/examples/installation/dsf_single_account_deployment/dsf_deployment.zip deleted file mode 100644 index 683d1dedd..000000000 Binary files a/examples/installation/dsf_single_account_deployment/dsf_deployment.zip and /dev/null differ diff --git a/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment.zip b/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment.zip deleted file mode 100644 index d9a857f58..000000000 Binary files a/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment.zip and /dev/null differ diff --git a/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_5_6.zip b/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_5_6.zip new file mode 100644 index 000000000..8dfdc6800 Binary files /dev/null and b/examples/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_5_6.zip differ diff --git a/examples/installation/dsf_single_account_deployment/main.tf b/examples/installation/dsf_single_account_deployment/main.tf index 66dbdbe75..db4c34d7b 100644 --- a/examples/installation/dsf_single_account_deployment/main.tf +++ b/examples/installation/dsf_single_account_deployment/main.tf @@ -1,6 +1,6 @@ module "globals" { source = "imperva/dsf-globals/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = var.sonar_version dra_version = var.dra_version @@ -39,7 +39,7 @@ locals { module "key_pair_hub_main" { count = var.hub_main_key_pair == null ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-hub-main" private_key_filename = "ssh_keys/dsf_ssh_key-hub-main-${terraform.workspace}" tags = local.tags @@ -51,7 +51,7 @@ module "key_pair_hub_main" { module "key_pair_hub_dr" { count = var.hub_dr_key_pair == null ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-hub-dr" private_key_filename = "ssh_keys/dsf_ssh_key-hub-dr-${terraform.workspace}" tags = local.tags @@ -63,7 +63,7 @@ module "key_pair_hub_dr" { module "key_pair_agentless_gw_main" { count = var.agentless_gw_main_key_pair == null ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-gw-main" private_key_filename = "ssh_keys/dsf_ssh_key-agentless-gw-main-${terraform.workspace}" tags = local.tags @@ -75,7 +75,7 @@ module "key_pair_agentless_gw_main" { module "key_pair_agentless_gw_dr" { count = var.agentless_gw_dr_key_pair == null ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-gw-dr" private_key_filename = "ssh_keys/dsf_ssh_key-agentless-gw-dr-${terraform.workspace}" tags = local.tags @@ -87,7 +87,7 @@ module "key_pair_agentless_gw_dr" { module "key_pair_mx" { count = var.mx_key_pair == null ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-mx" private_key_filename = "ssh_keys/dsf_ssh_key-mx-${terraform.workspace}" tags = local.tags @@ -99,7 +99,7 @@ module "key_pair_mx" { module "key_pair_agent_gw" { count = var.agent_gw_key_pair == null ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-agent-gw" private_key_filename = "ssh_keys/dsf_ssh_key-agent-gw-${terraform.workspace}" tags = local.tags @@ -111,7 +111,7 @@ module "key_pair_agent_gw" { module "key_pair_dra_admin" { count = var.dra_admin_key_pair == null ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-dra-admin" private_key_filename = "ssh_keys/dsf_ssh_key-dra-admin-${terraform.workspace}" tags = local.tags @@ -123,7 +123,7 @@ module "key_pair_dra_admin" { module "key_pair_dra_analytics" { count = var.dra_analytics_key_pair == null ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-dra-analytics" private_key_filename = "ssh_keys/dsf_ssh_key-dra-analytics-${terraform.workspace}" tags = local.tags diff --git a/examples/installation/dsf_single_account_deployment/sonar.tf b/examples/installation/dsf_single_account_deployment/sonar.tf index 68434811f..805ee506e 100644 --- a/examples/installation/dsf_single_account_deployment/sonar.tf +++ b/examples/installation/dsf_single_account_deployment/sonar.tf @@ -12,7 +12,7 @@ locals { module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_sonar ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) @@ -59,7 +59,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_sonar && var.hub_hadr ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) @@ -103,7 +103,7 @@ module "hub_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = length(module.hub_dr) > 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version @@ -128,7 +128,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) @@ -167,7 +167,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -209,7 +209,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version @@ -255,7 +255,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/installation/sonar_multi_account_deployment/main.tf b/examples/installation/sonar_multi_account_deployment/main.tf index c2688557b..99596349c 100644 --- a/examples/installation/sonar_multi_account_deployment/main.tf +++ b/examples/installation/sonar_multi_account_deployment/main.tf @@ -1,6 +1,6 @@ module "globals" { source = "imperva/dsf-globals/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = var.sonar_version } @@ -25,7 +25,7 @@ locals { module "key_pair_hub_main" { count = local.should_create_hub_main_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-hub-main" private_key_filename = "ssh_keys/dsf_ssh_key-hub-main-${terraform.workspace}" tags = local.tags @@ -37,7 +37,7 @@ module "key_pair_hub_main" { module "key_pair_hub_dr" { count = local.should_create_hub_dr_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-hub-dr" private_key_filename = "ssh_keys/dsf_ssh_key-hub-dr-${terraform.workspace}" tags = local.tags @@ -49,7 +49,7 @@ module "key_pair_hub_dr" { module "key_pair_gw_main" { count = local.should_create_gw_main_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-gw" private_key_filename = "ssh_keys/dsf_ssh_key-gw-main-${terraform.workspace}" tags = local.tags @@ -61,7 +61,7 @@ module "key_pair_gw_main" { module "key_pair_gw_dr" { count = local.should_create_gw_dr_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-gw-dr" private_key_filename = "ssh_keys/dsf_ssh_key-gw-dr-${terraform.workspace}" tags = local.tags @@ -106,7 +106,7 @@ locals { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) subnet_id = var.subnet_hub_main security_group_ids = var.security_group_ids_hub_main @@ -143,7 +143,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) subnet_id = var.subnet_hub_dr security_group_ids = var.security_group_ids_hub_dr @@ -184,7 +184,7 @@ module "hub_dr" { module "agentless_gw_main" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "main"]) subnet_id = var.subnet_gw_main security_group_ids = var.security_group_ids_gw_main @@ -222,7 +222,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "DR"]) subnet_id = var.subnet_gw_dr security_group_ids = var.security_group_ids_gw_dr @@ -262,7 +262,7 @@ module "agentless_gw_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.private_ip dsf_main_private_ip = module.hub_main.private_ip @@ -286,7 +286,7 @@ module "hub_hadr" { module "agentless_gw_hadr" { count = var.gw_count source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.agentless_gw_main[count.index].private_ip dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip @@ -320,7 +320,7 @@ locals { module "federation" { count = length(local.hub_gws_combinations) source = "imperva/dsf-federation/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag gw_info = { gw_ip_address = local.hub_gws_combinations[count.index][1].instance.private_ip gw_private_ssh_key_path = local.hub_gws_combinations[count.index][1].private_key_file_path diff --git a/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment.zip b/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment.zip deleted file mode 100644 index 1856dd521..000000000 Binary files a/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment.zip and /dev/null differ diff --git a/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_5_6.zip b/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_5_6.zip new file mode 100644 index 000000000..1b292a995 Binary files /dev/null and b/examples/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_5_6.zip differ diff --git a/examples/installation/sonar_single_account_deployment/main.tf b/examples/installation/sonar_single_account_deployment/main.tf index e093b2237..3f7e12b9b 100644 --- a/examples/installation/sonar_single_account_deployment/main.tf +++ b/examples/installation/sonar_single_account_deployment/main.tf @@ -5,7 +5,7 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = var.sonar_version } @@ -35,7 +35,7 @@ locals { module "key_pair_hub" { count = local.should_create_hub_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-hub" private_key_filename = "ssh_keys/dsf_ssh_key-hub-${terraform.workspace}" tags = local.tags @@ -44,7 +44,7 @@ module "key_pair_hub" { module "key_pair_gw" { count = local.should_create_gw_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-gw" private_key_filename = "ssh_keys/dsf_ssh_key-gw-${terraform.workspace}" tags = local.tags @@ -74,7 +74,7 @@ data "aws_subnet" "subnet_gw" { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) subnet_id = var.subnet_hub_main security_group_ids = var.security_group_ids_hub @@ -104,7 +104,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) subnet_id = var.subnet_hub_dr security_group_ids = var.security_group_ids_hub @@ -138,7 +138,7 @@ module "hub_dr" { module "agentless_gw" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index]) subnet_id = var.subnet_gw security_group_ids = var.security_group_ids_gw @@ -171,7 +171,7 @@ module "agentless_gw" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.private_ip dsf_main_private_ip = module.hub_main.private_ip @@ -198,7 +198,7 @@ locals { module "federation" { count = length(local.hub_gw_combinations) source = "imperva/dsf-federation/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag hub_info = { hub_ip_address = local.hub_gw_combinations[count.index][0].private_ip diff --git a/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment.zip b/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_5_6.zip similarity index 52% rename from examples/installation/sonar_single_account_deployment/sonar_single_account_deployment.zip rename to examples/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_5_6.zip index 727fd919c..e62f0a78c 100644 Binary files a/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment.zip and b/examples/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_5_6.zip differ diff --git a/examples/poc/dsf_deployment/agent_sources.tf b/examples/poc/dsf_deployment/agent_sources.tf index 54e043d2e..0e39643b1 100644 --- a/examples/poc/dsf_deployment/agent_sources.tf +++ b/examples/poc/dsf_deployment/agent_sources.tf @@ -4,7 +4,7 @@ locals { module "db_with_agent" { source = "imperva/dsf-db-with-agent/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = length(local.db_types_for_agent) friendly_name = join("-", [local.deployment_name_salted, "db", "with", "agent", count.index]) diff --git a/examples/poc/dsf_deployment/agentless_sources.tf b/examples/poc/dsf_deployment/agentless_sources.tf index e3bef6dd8..f5530523f 100644 --- a/examples/poc/dsf_deployment/agentless_sources.tf +++ b/examples/poc/dsf_deployment/agentless_sources.tf @@ -4,7 +4,7 @@ locals { module "rds_mysql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = contains(local.db_types_for_agentless, "RDS MySQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -14,7 +14,7 @@ module "rds_mysql" { module "rds_mssql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = contains(local.db_types_for_agentless, "RDS MsSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -29,7 +29,7 @@ module "rds_mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } sonar_version = module.globals.tarball_location.version diff --git a/examples/poc/dsf_deployment/dam.tf b/examples/poc/dsf_deployment/dam.tf index 5735608c9..4536e4947 100644 --- a/examples/poc/dsf_deployment/dam.tf +++ b/examples/poc/dsf_deployment/dam.tf @@ -8,7 +8,7 @@ locals { module "mx" { source = "imperva/dsf-mx/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -41,7 +41,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) @@ -67,7 +67,7 @@ module "agent_gw" { module "agent_gw_cluster_setup" { source = "imperva/dsf-agent-gw-cluster-setup/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.create_agent_gw_cluster cluster_name = join("-", [local.deployment_name_salted, "agent", "gw", "cluster"]) diff --git a/examples/poc/dsf_deployment/dra.tf b/examples/poc/dsf_deployment/dra.tf index 930f54d7f..97d8398c6 100644 --- a/examples/poc/dsf_deployment/dra.tf +++ b/examples/poc/dsf_deployment/dra.tf @@ -6,7 +6,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_dra ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -28,7 +28,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.dra_analytics_count friendly_name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/poc/dsf_deployment/dsf_deployment.zip b/examples/poc/dsf_deployment/dsf_deployment.zip deleted file mode 100644 index 9d617f6c3..000000000 Binary files a/examples/poc/dsf_deployment/dsf_deployment.zip and /dev/null differ diff --git a/examples/poc/dsf_deployment/dsf_deployment_1_5_6.zip b/examples/poc/dsf_deployment/dsf_deployment_1_5_6.zip new file mode 100644 index 000000000..ae7395f9f Binary files /dev/null and b/examples/poc/dsf_deployment/dsf_deployment_1_5_6.zip differ diff --git a/examples/poc/dsf_deployment/main.tf b/examples/poc/dsf_deployment/main.tf index be771b370..298ba07c7 100644 --- a/examples/poc/dsf_deployment/main.tf +++ b/examples/poc/dsf_deployment/main.tf @@ -8,7 +8,7 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = var.sonar_version dra_version = var.dra_version @@ -16,7 +16,7 @@ module "globals" { module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" diff --git a/examples/poc/dsf_deployment/sonar.tf b/examples/poc/dsf_deployment/sonar.tf index 5f64fcd95..957133305 100644 --- a/examples/poc/dsf_deployment/sonar.tf +++ b/examples/poc/dsf_deployment/sonar.tf @@ -11,7 +11,7 @@ locals { module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_sonar ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) @@ -46,7 +46,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.enable_sonar && var.hub_hadr ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) @@ -78,7 +78,7 @@ module "hub_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = length(module.hub_dr) > 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version @@ -96,7 +96,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) @@ -126,7 +126,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -159,7 +159,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version @@ -203,7 +203,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/poc/sonar_basic_deployment/main.tf b/examples/poc/sonar_basic_deployment/main.tf index 22446e172..3985c24b7 100644 --- a/examples/poc/sonar_basic_deployment/main.tf +++ b/examples/poc/sonar_basic_deployment/main.tf @@ -8,14 +8,14 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = var.sonar_version } module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" @@ -80,7 +80,7 @@ data "aws_subnet" "gw" { module "hub" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub"]) instance_type = var.hub_instance_type @@ -106,7 +106,7 @@ module "hub" { module "agentless_gw" { source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.gw_count friendly_name = join("-", [local.deployment_name_salted, "gw", count.index]) @@ -135,7 +135,7 @@ module "agentless_gw" { module "federation" { source = "imperva/dsf-federation/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag for_each = { for idx, val in module.agentless_gw : idx => val } hub_info = { @@ -161,7 +161,7 @@ module "federation" { module "rds_mysql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = contains(var.db_types_to_onboard, "RDS MySQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -171,7 +171,7 @@ module "rds_mysql" { module "rds_mssql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = contains(var.db_types_to_onboard, "RDS MsSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -186,7 +186,7 @@ module "rds_mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } sonar_version = module.globals.tarball_location.version diff --git a/examples/poc/sonar_basic_deployment/sonar_basic_deployment.zip b/examples/poc/sonar_basic_deployment/sonar_basic_deployment.zip deleted file mode 100644 index ef1e16c9e..000000000 Binary files a/examples/poc/sonar_basic_deployment/sonar_basic_deployment.zip and /dev/null differ diff --git a/examples/poc/sonar_basic_deployment/sonar_basic_deployment_1_5_6.zip b/examples/poc/sonar_basic_deployment/sonar_basic_deployment_1_5_6.zip new file mode 100644 index 000000000..faa2e812c Binary files /dev/null and b/examples/poc/sonar_basic_deployment/sonar_basic_deployment_1_5_6.zip differ diff --git a/examples/poc/sonar_hadr_deployment/main.tf b/examples/poc/sonar_hadr_deployment/main.tf index 8337afe0c..f1d4bb4ed 100644 --- a/examples/poc/sonar_hadr_deployment/main.tf +++ b/examples/poc/sonar_hadr_deployment/main.tf @@ -8,13 +8,13 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = var.sonar_version } module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" tags = local.tags @@ -87,7 +87,7 @@ module "vpc" { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) instance_type = var.hub_instance_type @@ -114,7 +114,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) instance_type = var.hub_instance_type @@ -143,7 +143,7 @@ module "hub_dr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.gw_count friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "main"]) @@ -173,7 +173,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.gw_count friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "DR"]) @@ -206,7 +206,7 @@ module "agentless_gw_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.public_ip @@ -223,7 +223,7 @@ module "hub_hadr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = var.gw_count sonar_version = module.globals.tarball_location.version @@ -256,7 +256,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = length(local.hub_gw_combinations) hub_info = { @@ -282,7 +282,7 @@ module "federation" { module "rds_mysql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = contains(var.db_types_to_onboard, "RDS MySQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -293,7 +293,7 @@ module "rds_mysql" { # create a RDS SQL Server DB module "rds_mssql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag count = contains(var.db_types_to_onboard, "RDS MsSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -308,7 +308,7 @@ module "rds_mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.5.5" # latest release tag + version = "1.5.6" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } sonar_version = module.globals.tarball_location.version diff --git a/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment.zip b/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment.zip deleted file mode 100644 index f888fefc5..000000000 Binary files a/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment.zip and /dev/null differ diff --git a/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_5_6.zip b/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_5_6.zip new file mode 100644 index 000000000..db6260a6c Binary files /dev/null and b/examples/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_5_6.zip differ diff --git a/examples/sonar_upgrade/README.md b/examples/sonar_upgrade/README.md index 8c0133663..a28720dbd 100644 --- a/examples/sonar_upgrade/README.md +++ b/examples/sonar_upgrade/README.md @@ -1,7 +1,7 @@ # DSF Hub and Agentless Gateway Upgrade POC example [![GitHub tag](https://img.shields.io/github/v/tag/imperva/dsfkit.svg)](https://github.com/imperva/dsfkit/tags) -A DSF Hub and Agentless Gateway (formerly Sonar) upgrade POC procedure. +A DSF Hub and Agentless Gateway (formerly Sonar) upgrade procedure. This procedure consists of: diff --git a/examples/sonar_upgrade/main.tf b/examples/sonar_upgrade/main.tf index 8cd4f7c16..8acb2c97a 100644 --- a/examples/sonar_upgrade/main.tf +++ b/examples/sonar_upgrade/main.tf @@ -1,5 +1,7 @@ module "sonar_upgrader" { source = "../../modules/aws/sonar-upgrader" + + # Fill the details of the Agentless Gateways and DSF Hubs that you want to upgrade agentless_gws = [ { "main" = { @@ -18,7 +20,7 @@ module "sonar_upgrader" { "host" = "10.0.1.2" "ssh_user" = "ec2-user" "ssh_private_key_file_path" = "/home/ssh_key2.pem" - "proxy" = { + "proxy" = { "host" = "52.8.8.8" "ssh_user" = "ec2-user" "ssh_private_key_file_path" = "/home/ssh_key2.pem" @@ -28,7 +30,7 @@ module "sonar_upgrader" { "host" = "10.2.1.2" "ssh_user" = "ec2-user" "ssh_private_key_file_path" = "/home/ssh_key2.pem" - "proxy" = { + "proxy" = { "host" = "52.8.8.8" "ssh_user" = "ec2-user" "ssh_private_key_file_path" = "/home/ssh_key2.pem" @@ -70,11 +72,20 @@ module "sonar_upgrader" { } ] + # Fill full Sonar version (short format, e.g., 4.12, is not supported) target_version = "4.12.0.10.0" - # options - test_connection = true - run_preflight_validations = true - run_upgrade = true + + # Configuration options for controlling the upgrade flow + test_connection = true + run_preflight_validations = true + run_upgrade = true run_postflight_validations = true - stop_on_failure = true + stop_on_failure = true + + # Fill if using your S3 bucket, remove if using Imperva's S3 bucket + tarball_location = { + "s3_bucket" = "myBucket" + "s3_region" = "us-east-1" + "s3_key" = "prefix/jsonar-x.y.z.w.u.tar.gz" + } } diff --git a/examples/sonar_upgrade/sonar_upgrade_1_5_6.zip b/examples/sonar_upgrade/sonar_upgrade_1_5_6.zip new file mode 100644 index 000000000..301d47621 Binary files /dev/null and b/examples/sonar_upgrade/sonar_upgrade_1_5_6.zip differ diff --git a/modules/aws/agent-gw/README.md b/modules/aws/agent-gw/README.md index 69040ea10..b6b82821f 100644 --- a/modules/aws/agent-gw/README.md +++ b/modules/aws/agent-gw/README.md @@ -83,4 +83,4 @@ API access to the DSF Management server is required to provision this module. Pl For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/aws/agentless-gw/README.md b/modules/aws/agentless-gw/README.md index 0df80ca73..6d94312cc 100644 --- a/modules/aws/agentless-gw/README.md +++ b/modules/aws/agentless-gw/README.md @@ -100,4 +100,4 @@ SSH access is required to provision this module. To SSH into the Agentless Gatew For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/aws/db-with-agent/README.md b/modules/aws/db-with-agent/README.md index db6e2e88c..39279370d 100644 --- a/modules/aws/db-with-agent/README.md +++ b/modules/aws/db-with-agent/README.md @@ -69,4 +69,4 @@ module "db_with_agent" { ## Additional Information For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/aws/dra-admin/README.md b/modules/aws/dra-admin/README.md index 3abb0bd68..d86d9e931 100644 --- a/modules/aws/dra-admin/README.md +++ b/modules/aws/dra-admin/README.md @@ -72,4 +72,4 @@ module "dsf_dra_admin" { For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/aws/dra-analytics/README.md b/modules/aws/dra-analytics/README.md index cae63343c..d08478e6c 100644 --- a/modules/aws/dra-analytics/README.md +++ b/modules/aws/dra-analytics/README.md @@ -78,4 +78,4 @@ module "dsf_dra_admin" { For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/aws/hub/README.md b/modules/aws/hub/README.md index f8f923596..557b948f1 100644 --- a/modules/aws/hub/README.md +++ b/modules/aws/hub/README.md @@ -96,4 +96,4 @@ SSH access is required to provision this module. To SSH into the DSF Hub instanc For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/aws/mx/README.md b/modules/aws/mx/README.md index f9d5249b9..2a5cc7938 100644 --- a/modules/aws/mx/README.md +++ b/modules/aws/mx/README.md @@ -83,4 +83,4 @@ API access is required to provision this module. Please make sure to pass the re For more information about the DSF MX and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-dam-management-server-manager-user-guide/page/10068.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/aws/rds-mssql-db/README.md b/modules/aws/rds-mssql-db/README.md index b5dae2cf8..4f886861f 100644 --- a/modules/aws/rds-mssql-db/README.md +++ b/modules/aws/rds-mssql-db/README.md @@ -80,4 +80,4 @@ module "dsf_rds_mssql" { ## Additional Information -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/aws/sonar-upgrader/main.tf b/modules/aws/sonar-upgrader/main.tf index 41c1c101d..2dfc22a93 100644 --- a/modules/aws/sonar-upgrader/main.tf +++ b/modules/aws/sonar-upgrader/main.tf @@ -11,12 +11,13 @@ locals { run_postflight_validations = var.run_postflight_validations clean_old_deployments = var.clean_old_deployments stop_on_failure = var.stop_on_failure + tarball_location = jsonencode(var.tarball_location) }) } resource "null_resource" "upgrade_cmd" { provisioner "local-exec" { - command = local.upgrade_cmd + command = local.upgrade_cmd interpreter = ["bash", "-c"] } diff --git a/modules/aws/sonar-upgrader/outputs.tf b/modules/aws/sonar-upgrader/outputs.tf index ca8697cda..097c5fc15 100644 --- a/modules/aws/sonar-upgrader/outputs.tf +++ b/modules/aws/sonar-upgrader/outputs.tf @@ -34,3 +34,6 @@ output "stop_on_failure" { value = var.stop_on_failure } +output "tarball_location" { + value = var.tarball_location +} diff --git a/modules/aws/sonar-upgrader/provision_script.tpl b/modules/aws/sonar-upgrader/provision_script.tpl index 1babbd075..96586e945 100755 --- a/modules/aws/sonar-upgrader/provision_script.tpl +++ b/modules/aws/sonar-upgrader/provision_script.tpl @@ -18,4 +18,5 @@ python3 -u ${path}/python_upgrader/main.py \ --run_upgrade "${run_upgrade}" \ --run_postflight_validations "${run_postflight_validations}" \ --clean_old_deployments "${clean_old_deployments}" \ - --stop_on_failure "${stop_on_failure}" + --stop_on_failure "${stop_on_failure}" \ + --tarball_location '${tarball_location}' diff --git a/modules/aws/sonar-upgrader/python_upgrader/main.py b/modules/aws/sonar-upgrader/python_upgrader/main.py index 5ebd25567..0a25127d5 100644 --- a/modules/aws/sonar-upgrader/python_upgrader/main.py +++ b/modules/aws/sonar-upgrader/python_upgrader/main.py @@ -162,10 +162,11 @@ def main(args): agentless_gws = json.loads(args.agentless_gws) hubs = json.loads(args.dsf_hubs) + tarball_location = json.loads(args.tarball_location) print("********** Inputs ************") - print_inputs(agentless_gws, hubs, args) + print_inputs(agentless_gws, hubs, tarball_location, args) print("********** Start ************") @@ -204,7 +205,8 @@ def main(args): if args.run_upgrade or args.run_postflight_validations or args.clean_old_deployments: success = maybe_upgrade_and_postflight(agentless_gws, hubs, args.target_version, args.run_upgrade, args.run_postflight_validations, args.clean_old_deployments, - python_location_dict, args.stop_on_failure, upgrade_state_service) + python_location_dict, args.stop_on_failure, tarball_location, + upgrade_state_service) print_upgrade_result = args.run_upgrade print_postflight_result = not args.run_upgrade and args.run_postflight_validations if print_upgrade_result: @@ -222,7 +224,9 @@ def main(args): print(f"### An error occurred, aborting upgrade...") print("********** Summary ************") - print(upgrade_state_service.get_summary()) + # TODO uncomment when upgrade status API will be implemented + # print(upgrade_state_service.get_summary()) + print("Coming soon") print("********** End ************") @@ -256,11 +260,13 @@ def parse_args(): parser.add_argument("--stop_on_failure", type=str_to_bool, help="Whether to stop or continue to upgrade the next DSF nodes in case of failure " "on a DSF node") + parser.add_argument("--tarball_location", + help="JSON-encoded S3 bucket location of the DSF installation software") args = parser.parse_args() return args -def print_inputs(agentless_gws, hubs, args): +def print_inputs(agentless_gws, hubs, tarball_location, args): print("List of Agentless Gateways:") print_hadr_sets(agentless_gws) print("List of DSF Hubs:") @@ -273,6 +279,7 @@ def print_inputs(agentless_gws, hubs, args): print(f"run_postflight_validations: {args.run_postflight_validations}") print(f"clean_old_deployments: {args.clean_old_deployments}") print(f"stop_on_failure: {args.stop_on_failure}") + print(f"tarball_location: {tarball_location}") def test_connection_to_extended_nodes(extended_nodes, stop_on_failure, upgrade_state_service): @@ -492,7 +499,8 @@ def are_preflight_validations_passed(preflight_validations_result): def maybe_upgrade_and_postflight(agentless_gws, hubs, target_version, run_upgrade, run_postflight_validations, - clean_old_deployments, python_location_dict, stop_on_failure, upgrade_state_service): + clean_old_deployments, python_location_dict, stop_on_failure, tarball_location, + upgrade_state_service): if run_upgrade: print("----- Upgrade") @@ -505,6 +513,7 @@ def maybe_upgrade_and_postflight(agentless_gws, hubs, target_version, run_upgrad "clean_old_deployments.sh", python_location_dict, stop_on_failure, + tarball_location, upgrade_state_service) hub_upgrade_and_postflight_succeeded = maybe_upgrade_and_postflight_hadr_sets(hubs, "DSF Hub", target_version, @@ -516,6 +525,7 @@ def maybe_upgrade_and_postflight(agentless_gws, hubs, target_version, run_upgrad "clean_old_deployments.sh", python_location_dict, stop_on_failure, + tarball_location, upgrade_state_service) return gws_upgrade_and_postflight_succeeded and hub_upgrade_and_postflight_succeeded @@ -525,7 +535,7 @@ def maybe_upgrade_and_postflight_hadr_sets(hadr_sets, dsf_node_type, target_vers run_upgrade, do_run_postflight_validations, postflight_validations_script_file_name, clean_old_deployments, clean_old_deployments_script_file_name, python_location_dict, - stop_on_failure, upgrade_state_service): + stop_on_failure, tarball_location, upgrade_state_service): all_success_or_skip = True for hadr_set in hadr_sets: succeed_or_skipped = maybe_upgrade_and_postflight_hadr_set(hadr_set, dsf_node_type, target_version, @@ -536,6 +546,7 @@ def maybe_upgrade_and_postflight_hadr_sets(hadr_sets, dsf_node_type, target_vers clean_old_deployments_script_file_name, python_location_dict, stop_on_failure, + tarball_location, upgrade_state_service) all_success_or_skip = all_success_or_skip and succeed_or_skipped return all_success_or_skip @@ -545,24 +556,24 @@ def maybe_upgrade_and_postflight_hadr_set(hadr_set, dsf_node_type, target_versio run_upgrade, do_run_postflight_validations, postflight_validations_script_file_name, clean_old_deployments, clean_old_deployments_script_file_name, python_location_dict, - stop_on_failure, upgrade_state_service): + stop_on_failure, tarball_location, upgrade_state_service): print(f"Running upgrade and/or postflight validations for an {dsf_node_type} HADR replica set") if maybe_upgrade_and_postflight_dsf_node(hadr_set.get('minor'), dsf_node_type, 'Minor', target_version, upgrade_script_file_name, run_upgrade, do_run_postflight_validations, postflight_validations_script_file_name, clean_old_deployments, clean_old_deployments_script_file_name, python_location_dict, - stop_on_failure, upgrade_state_service): + stop_on_failure, tarball_location, upgrade_state_service): if maybe_upgrade_and_postflight_dsf_node(hadr_set.get('dr'), dsf_node_type, 'DR', target_version, upgrade_script_file_name, run_upgrade, do_run_postflight_validations, postflight_validations_script_file_name, clean_old_deployments, clean_old_deployments_script_file_name, python_location_dict, - stop_on_failure, upgrade_state_service): + stop_on_failure, tarball_location, upgrade_state_service): if maybe_upgrade_and_postflight_dsf_node(hadr_set.get('main'), dsf_node_type, 'Main', target_version, upgrade_script_file_name, run_upgrade, do_run_postflight_validations, postflight_validations_script_file_name, clean_old_deployments, clean_old_deployments_script_file_name, python_location_dict, - stop_on_failure, upgrade_state_service): + stop_on_failure, tarball_location, upgrade_state_service): return True else: print(f"Upgrade of HADR DR node failed, will not continue to Main if exists.") @@ -575,7 +586,7 @@ def maybe_upgrade_and_postflight_dsf_node(dsf_node, dsf_node_type, hadr_node_typ upgrade_script_file_name, run_upgrade, do_run_postflight_validations, postflight_validations_script_file_name, clean_old_deployments, clean_old_deployments_script_file_name, python_location_dict, - stop_on_failure, upgrade_state_service): + stop_on_failure, tarball_location, upgrade_state_service): if dsf_node is None: return True # TODO refactor to use the extended node already created in previous steps @@ -584,7 +595,7 @@ def maybe_upgrade_and_postflight_dsf_node(dsf_node, dsf_node_type, hadr_node_typ extended_node = create_extended_node(dsf_node, dsf_node_id, dsf_node_name) if run_upgrade: upgrade_success_or_skip = maybe_upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, - stop_on_failure, upgrade_state_service) + stop_on_failure, tarball_location, upgrade_state_service) if not upgrade_success_or_skip: return False @@ -608,20 +619,22 @@ def maybe_upgrade_and_postflight_dsf_node(dsf_node, dsf_node_type, hadr_node_typ def maybe_upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, - stop_on_failure, upgrade_state_service): + stop_on_failure, tarball_location, upgrade_state_service): if upgrade_state_service.should_run_upgrade(extended_node.get('dsf_node_id')): return upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, stop_on_failure, - upgrade_state_service) + tarball_location, upgrade_state_service) return True -def upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, stop_on_failure, upgrade_state_service): +def upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, stop_on_failure, tarball_location, + upgrade_state_service): print(f"Running upgrade for {extended_node.get('dsf_node_name')}") print(f"You may follow the upgrade process in the DSF node by running SSH to it and looking at " f"/var/log/upgrade.log. When the DSF node's upgrade will complete, this log will also appear here.") upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'), UpgradeState.RUNNING_UPGRADE) - success, script_output = run_upgrade_script(extended_node.get('dsf_node'), target_version, upgrade_script_file_name) + success, script_output = run_upgrade_script(extended_node.get('dsf_node'), target_version, tarball_location, + upgrade_script_file_name) if success: print(f"Upgrading {extended_node.get('dsf_node_name')} was ### successful ###") upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'), @@ -635,7 +648,7 @@ def upgrade_dsf_node(extended_node, target_version, upgrade_script_file_name, st return success -def run_upgrade_script(dsf_node, target_version, upgrade_script_file_name): +def run_upgrade_script(dsf_node, target_version, tarball_location, upgrade_script_file_name): if run_dummy_upgrade: print(f"Running dummy upgrade script") script_file_name = 'dummy_upgrade_script.sh' @@ -644,8 +657,7 @@ def run_upgrade_script(dsf_node, target_version, upgrade_script_file_name): script_file_path = get_file_path(script_file_name) script_contents = read_file_contents(script_file_path) - tarball = get_tarball_name(target_version) - args = f"1ef8de27-ed95-40ff-8c08-7969fc1b7901 {tarball} us-east-1" + args = get_upgrade_script_args(target_version, tarball_location) script_run_command = build_bash_script_run_command(script_contents, args) # print(f"script_run_command: {script_run_command}") @@ -656,8 +668,16 @@ def run_upgrade_script(dsf_node, target_version, upgrade_script_file_name): return "Upgrade completed" in script_output, script_output -# TODO move up to the Helper functions -def get_tarball_name(target_version): +def get_upgrade_script_args(target_version, tarball_location): + if tarball_location.get('s3_key') is None: + s3_key = get_tarball_s3_key(target_version) + else: + s3_key = tarball_location.get('s3_key') + args = f"{tarball_location.get('s3_bucket')} {tarball_location.get('s3_region')} {s3_key}" + return args + + +def get_tarball_s3_key(target_version): return f"jsonar-{target_version}.tar.gz" @@ -699,6 +719,8 @@ def run_postflight_validations(extended_node, target_version, script_file_name, print(f"### Postflight validations passed for {extended_node.get('dsf_node_name')}") upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'), UpgradeState.POSTFLIGHT_VALIDATIONS_SUCCEEDED) + upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'), + UpgradeState.SUCCEEDED) else: print(f"### Postflight validations didn't pass for {extended_node.get('dsf_node_name')}") upgrade_state_service.update_upgrade_status(extended_node.get('dsf_node_id'), diff --git a/modules/aws/sonar-upgrader/python_upgrader/upgrade_v4_10.sh b/modules/aws/sonar-upgrader/python_upgrader/upgrade_v4_10.sh index cdb424ec6..fd86d756f 100644 --- a/modules/aws/sonar-upgrader/python_upgrader/upgrade_v4_10.sh +++ b/modules/aws/sonar-upgrader/python_upgrader/upgrade_v4_10.sh @@ -26,22 +26,19 @@ echo "Running in directory: $(pwd)" # starting the argument count from 0 since this script is run by "bash -c" installation_s3_bucket="$0" -installation_s3_key="$1" -installation_s3_region="$2" +installation_s3_region="$1" +installation_s3_key="$2" echo "Tarball file name: ${installation_s3_key}, in bucket: ${installation_s3_bucket}, in region: ${installation_s3_region}" -#installation_s3_bucket="1ef8de27-ed95-40ff-8c08-7969fc1b7901" -#installation_s3_key="jsonar-4.12.0.10.0.tar.gz" -#installation_s3_region="us-east-1" - -TARBALL_FILE=$(basename ${installation_s3_key}) - JSONAR_BASEDIR=$(grep "^JSONAR_BASEDIR=" /etc/sysconfig/jsonar | cut -d"=" -f2) # In deployments by eDSF Kit, the value is /imperva STATE_DIR=$(echo "$JSONAR_BASEDIR" | sed "s|/apps/jsonar/apps.*||") echo "State directory: ${STATE_DIR}" APPS_DIR=$STATE_DIR/apps +TARBALL_FILE_NAME=$(basename ${installation_s3_key}) +TARBALL_FILE=$APPS_DIR/$TARBALL_FILE_NAME + VERSION="${TARBALL_FILE#*-}" VERSION="${VERSION%.tar.gz}" echo "Version: $VERSION" @@ -51,7 +48,7 @@ echo "Tarball extraction directory: $EXTRACTION_DIR" function extract_tarball() { echo "Extracting tarball..." - sudo tar -xf ./$TARBALL_FILE -gz -C $APPS_DIR + sudo tar -xf $TARBALL_FILE_NAME -gz -C $APPS_DIR sudo chown -R sonarw:sonar $APPS_DIR echo "Extracting tarball completed" } @@ -59,16 +56,16 @@ function extract_tarball() { function download_and_extract_tarball() { if [ -e $EXTRACTION_DIR ]; then echo "Tarball file is already extracted" - elif [ -e ./$TARBALL_FILE ]; then + elif [ -e $TARBALL_FILE_NAME ]; then echo "Tarball file already exists on disk" extract_tarball - rm ./$TARBALL_FILE + rm $TARBALL_FILE_NAME else echo "Downloading tarball..." - /usr/local/bin/aws s3 cp s3://${installation_s3_bucket}/${installation_s3_key} ./$TARBALL_FILE --region ${installation_s3_region} >/dev/null + /usr/local/bin/aws s3 cp s3://${installation_s3_bucket}/${installation_s3_key} $TARBALL_FILE_NAME --region ${installation_s3_region} >/dev/null echo "Downloading tarball completed" extract_tarball - rm ./$TARBALL_FILE + rm $TARBALL_FILE_NAME fi } diff --git a/modules/aws/sonar-upgrader/variables.tf b/modules/aws/sonar-upgrader/variables.tf index 698c0d6ff..b03a48d3e 100644 --- a/modules/aws/sonar-upgrader/variables.tf +++ b/modules/aws/sonar-upgrader/variables.tf @@ -1,9 +1,9 @@ variable "agentless_gws" { type = list(object({ main = optional(object({ - host = string # IP or hostname, can be private or public - ssh_user = string - ssh_private_key_file_path = string + host = string # IP or hostname, can be private or public + ssh_user = string + ssh_private_key_file_path = string proxy = optional(object({ host = string # IP or hostname, can be private or public ssh_user = string @@ -11,9 +11,9 @@ variable "agentless_gws" { })) })), dr = optional(object({ - host = string # IP or hostname, can be private or public - ssh_user = string - ssh_private_key_file_path = string + host = string # IP or hostname, can be private or public + ssh_user = string + ssh_private_key_file_path = string proxy = optional(object({ host = string # IP or hostname, can be private or public ssh_user = string @@ -21,9 +21,9 @@ variable "agentless_gws" { })) })), minor = optional(object({ - host = string # IP or hostname, can be private or public - ssh_user = string - ssh_private_key_file_path = string + host = string # IP or hostname, can be private or public + ssh_user = string + ssh_private_key_file_path = string proxy = optional(object({ host = string # IP or hostname, can be private or public ssh_user = string @@ -39,9 +39,9 @@ variable "agentless_gws" { variable "dsf_hubs" { type = list(object({ main = optional(object({ - host = string # IP or hostname, can be private or public - ssh_user = string - ssh_private_key_file_path = string + host = string # IP or hostname, can be private or public + ssh_user = string + ssh_private_key_file_path = string proxy = optional(object({ host = string # IP or hostname, can be private or public ssh_user = string @@ -49,9 +49,9 @@ variable "dsf_hubs" { })) })), dr = optional(object({ - host = string # IP or hostname, can be private or public - ssh_user = string - ssh_private_key_file_path = string + host = string # IP or hostname, can be private or public + ssh_user = string + ssh_private_key_file_path = string proxy = optional(object({ host = string # IP or hostname, can be private or public ssh_user = string @@ -59,9 +59,9 @@ variable "dsf_hubs" { })) })), minor = optional(object({ - host = string # IP or hostname, can be private or public - ssh_user = string - ssh_private_key_file_path = string + host = string # IP or hostname, can be private or public + ssh_user = string + ssh_private_key_file_path = string proxy = optional(object({ host = string # IP or hostname, can be private or public ssh_user = string @@ -81,8 +81,8 @@ variable "target_version" { } variable "connection_timeout" { - type = number - default = 90 + type = number + default = 90 description = "Client connection timeout in seconds used for the SSH connections between the installer machine and the DSF nodes being upgraded. Its purpose is to ensure a uniform behavior across different platforms. Note that the SSH server in the DSF nodes may have its own timeout configurations which may override this setting." } @@ -121,4 +121,18 @@ variable "stop_on_failure" { type = bool default = true description = "Whether to stop or continue to upgrade the next DSF nodes in case of failure on a DSF node" -} \ No newline at end of file +} + +variable "tarball_location" { + type = object({ + s3_bucket = string + s3_region = string + s3_key = string + }) + description = "S3 bucket location of the DSF installation software. s3_key is the full path to the tarball file within the bucket, for example, 'prefix/jsonar-x.y.z.w.u.tar.gz'" + default = { + s3_bucket = "1ef8de27-ed95-40ff-8c08-7969fc1b7901" + s3_region = "us-east-1" + s3_key = null + } +} diff --git a/modules/azurerm/agentless-gw/README.md b/modules/azurerm/agentless-gw/README.md index a532f13ba..3c85689fb 100644 --- a/modules/azurerm/agentless-gw/README.md +++ b/modules/azurerm/agentless-gw/README.md @@ -99,4 +99,4 @@ SSH access is required to provision this module. To SSH into the Agentless Gatew For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/azurerm/hub/README.md b/modules/azurerm/hub/README.md index 56f44a80e..3d45bc209 100644 --- a/modules/azurerm/hub/README.md +++ b/modules/azurerm/hub/README.md @@ -97,4 +97,4 @@ SSH access is required to provision this module. To SSH into the DSF Hub instanc For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.5.6). \ No newline at end of file diff --git a/modules/sonar_python_upgrader_1_5_6.zip b/modules/sonar_python_upgrader_1_5_6.zip new file mode 100644 index 000000000..33487e51f Binary files /dev/null and b/modules/sonar_python_upgrader_1_5_6.zip differ