OpenBMC Web server https://git.raptorcs.com/git/bmcweb/atom?h=master 2020-02-10T18:34:00+00:00 2020-02-10T18:34:00+00:00 Gunnar Mills gmills@us.ibm.com 2020-02-06T22:50:51+00:00 urn:sha1:6f44b7524f1d48d009ec87b1309481c7905b13b4 Make changes to update_schemas.py needed for the move and run update_schemas.py. old path (2019.2) DSP8010_2019.2/DSP8010_2019.2/json-schema/MemoryMetrics.v1_1_2.json DSP8010_2019.2/DSP8010_2019.2/openapi/Memory.v1_0_3.yaml DSP8010_2019.2/DSP8010_2019.2/csdl/AccelerationFunction_v1.xml new path (2019.3) DSP8010_2019.3/csdl/Memory_v1.xml DSP8010_2019.3/json-schema/UpdateService.v1_1_2.json DSP8010_2019.3/openapi/Zone.v1_3_1.yaml To see an overview of 2019.3 see https://www.dmtf.org/sites/default/files/Redfish_Release_2019.3_Overview.pdf Tested: Built bmcweb, loaded on a Witherspoon, and ran the validator. No errors. Change-Id: I0deaf88b884d65fffa31fcf66183ed61a930a073 Signed-off-by: Gunnar Mills <gmills@us.ibm.com> 2020-02-07T19:07:33+00:00 Gunnar Mills gmills@us.ibm.com 2020-02-06T21:29:57+00:00 urn:sha1:4f50ae4b71fc0821f0013cbf586579f7c9a17a2c All other Oem Schemas start with Oem. This is used by the update_schemas.py to determine an Oem schema and is a reasonable requirement for Oem schemas. https://github.com/openbmc/bmcweb/blob/a3268f98f308ca7c8660b1ace44d5b9a40be204b/scripts/update_schemas.py#L43 Tested: Ran the validator against this change on a Witherspoon with BMCWEB_ENABLE_REDFISH_CPU_LOG enabled and OemCheck true. Validator passed. Might be worth running on a system that actually uses BMCWEB_ENABLE_REDFISH_CPU_LOG. curl -k https://${bmc}/redfish/v1/Systems/system/LogServices/Crashdump { "@odata.context": "/redfish/v1/$metadata#LogService.LogService", "@odata.id": "/redfish/v1/Systems/system/LogServices/Crashdump", "@odata.type": "#LogService.v1_1_0.LogService", "Actions": { "#LogService.ClearLog": { "target": "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/LogService.ClearLog" }, "Oem": { "#Crashdump.OnDemand": { "target": "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/Oem/Crashdump.OnDemand" } } }, "Description": "Oem Crashdump Service", "Entries": { "@odata.id": "/redfish/v1/Systems/system/LogServices/Crashdump/Entries" }, "Id": "Oem Crashdump", "MaxNumberOfRecords": 3, "Name": "Open BMC Oem Crashdump Service", "OverWritePolicy": "WrapsWhenFull" } Change-Id: Iacc11be1284b99c2ed9a6c2ca0a936bd97855afb Signed-off-by: Gunnar Mills <gmills@us.ibm.com> 2020-01-27T09:53:14+00:00 Przemyslaw Czarnowski przemyslaw.hawrylewicz.czarnowski@intel.com 2020-01-21T11:41:56+00:00 urn:sha1:d04ba325f3ef4e60eb4fd8e7477af78d1be0d79d OEM Schema for VirtualMedia added. Also OpenBMC level has been added to OEM field in the code to conform to schema standard. Tested: Manually using full stack of VirtualMedia. * Inserting/ejecting media in both legacy and proxy mode * Redfish Service Validator 1.3.2 ran Change-Id: Iaa87dd767a4bf2062bd4e74dd790a2496aca96de Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski@intel.com> 2019-11-12T07:39:07+00:00 Zbigniew Kurzynski zbigniew.kurzynski@intel.com 2019-10-02T09:22:11+00:00 urn:sha1:501f1e58ea6fdf97163ce4ea05fbaf1861a62b79 User is now able to turn on and off the TLS authentication method. Tested: No regression found in manual testing. By default everything works as before, and disabling TLS method prevents user to authenticate by it. Tested with Redfish Service Validator, version 1.2.8 Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> Change-Id: Ib7be1af659db568caa7e5b97e3844617586d7754 2019-11-07T06:39:29+00:00 Zbigniew Kurzynski zbigniew.kurzynski@intel.com 2019-11-05T11:57:37+00:00 urn:sha1:78158631aeab5b77ea9a5f566508285cb839fadf Added Oem extension for AccountService allowing user to configure which authentication methods should be enabled. User is now able to turn on and off authentication methods like BasicAuth, XToken, etc. User is not allowed to turn off all of the methods at once - at least one method has to be active to prevent lock-out. This configuration is persistent, will be saved on file-system and will be loaded on bmcweb's restart. Tested: No regression found in manual testing. By default everything works as before, and disabling auth method prevents user to authenticate by it. Tested that user is not allowed to disable all the methods - either in one PATCH or by disabling them one at a time. ServiceValidator run with success. This change is a fix for this request: https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/23590/18 which was revert here: https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/26869 Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> Change-Id: I66b5ad423746f1992070a14f2983a07b1320190e 2019-11-04T21:25:46+00:00 James Feist james.feist@linux.intel.com 2019-11-04T21:19:48+00:00 urn:sha1:eecd51a46e6d44ae3408d889ed037f4e4270d653 This reverts commit 0ff64dc2cd3a15b4204a477ad2eb5219d66e6110. Reason for revert: <breaks redfish validator, <edmx:Reference Uri="/redfish/v1/schema/OemAccountService_v1.xml"> but the file name unversioned static/redfish/v1/schema/OemAccountService.xml> Change-Id: I696dd09bf519e364f5f529a674e047a8eeead578 Signed-off-by: James Feist <james.feist@linux.intel.com> 2019-10-31T17:13:42+00:00 Kowalski, Kamil kamil.kowalski@intel.com 2019-07-12T07:59:11+00:00 urn:sha1:0ff64dc2cd3a15b4204a477ad2eb5219d66e6110 Added Oem extension for AccountService allowing user to configure which authentication methods should be enabled. User is now able to turn on and off authentication methods like BasicAuth, XToken, etc. User is not allowed to turn off all of the methods at once - at least one method has to be active to prevent lock-out. This configuration is persistent, will be saved on file-system and will be loaded on bmcweb's restart. Tested: No regression found in manual testing. By default everything works as before, and disabling auth method prevents user to authenticate by it. Tested that user is not allowed to disable all the methods - either in one PATCH or by disabling them one at a time. ServiceValidator run with success. Change-Id: I3a775d783ac05998d17b8e91800962bffd8cab52 Signed-off-by: Kowalski, Kamil <kamil.kowalski@intel.com> Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> 2019-10-30T18:23:12+00:00 AppaRao Puli apparao.puli@linux.intel.com 2019-10-18T11:46:08+00:00 urn:sha1:a6349918ad2c88533c6d09bb876812375a19f2c4 - Added OemComputerSystems Schema for provisioning properties - Added "ProvisioningStatus" Oem property with EnumType 1) NotProvisioned 2) ProvisionedButNotLocked 3) ProvisionedAndLocked Intel secures platform firmware components using Intel PFR mechanism. This may differ for other Oem's(non-intel platforms) but the properties like Provisioned, Locked states should be of generic as per NIST SP 800-193. Added build time flag to enable/disable PFR supported platforms. Tested: - By default provisioning feature is OFF, using GET method on below URI verified Oem Property and observed no such property. This is default behaviour on upstream. URI: /redfish/v1/Systems/system Response: No "Oem" property. - Enabled provisioning feature in Intel platforms and Verified using Systems URI. Ran the redfish validator tool and no new issues found due to this change. URI: /redfish/v1/Systems/system RESPONSE: ..... "Oem": { "OpenBmc": { "FirmwareProvisioning": { "ProvisioningStatus": "NotProvisioned" } } } ..... Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com> Change-Id: I674e6075263f4fa2962637d3add47393a1ff0c0b 2019-10-29T18:42:47+00:00 Jason M. Bills jason.m.bills@linux.intel.com 2019-10-08T19:10:39+00:00 urn:sha1:ddfc22f272148f57fe8abb62b7909724970339bf Tested: Passed the Redfish Service Validator Change-Id: Ib121346e3be031584eb522ceb8c8e4e3a350f13a Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com> 2019-10-11T21:13:05+00:00 Ed Tanous ed.tanous@intel.com 2019-10-08T18:34:22+00:00 urn:sha1:cb103130e18689b9a8e15284f930606d512328cd Note, the DMTF changed the format of the schema file pack yet again, so the script changes now to compensate for that. Tested: Ran schema validator. One unrelated failure in LogEntry, and 4 new warnings in PCIe devices (we're using a deprecated property). All other endpoints pass. Signed-off-by: Ed Tanous <ed.tanous@intel.com> Change-Id: I81c030a7c5a6a32cc12a5e7e02a9441b7891bc5d