Merge development branch to main after 25.4.1 release #345
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fix the connection string provisioning issues 1. Created JRF instance with rac database without providing db connecting string. 2. Created JRF instance with rac database with providing db connect string.
Fixed bug Certificate on LB is reset in scaling operation.
Test
-----
Create a single VM instance with load balancer.
Create a new certificate to the load balancer.
Note that you can generate a keypair from any OCI compute instance with
'openssl req -new -sha256 -newkey rsa:2048 -nodes -keyout testssl.key
-x509 -days 365 -out testssl.crt'
Note that you'll need to add both the certificate and private key pems
that are generated to the certificate.
Associate the certificate you added to the listener for the load
balancer.
Delete the demo certificate that was generated by the Stack from the
load balancer.
Edit the stack and add a node.
Make sure that new certificate is assigned to the listener.
Demo certificate will be recreated but not assigned to any.
The certificate created and added by a customer is not reset, but will
still restore the cert created by terraform if it is deleted.
Uptake 23.3.2 marketplace values.
Implement - [JCS-14015](https://jira.oraclecorp.com/jira/browse/JCS-14015) - Bug - load-balancer policy required for instance creation Created provisioning instance without load balancer and non admin user. Created provisioning instance with load balancer and non admin user. --------- Co-authored-by: Abhijit Paranjpe <109541284+abhijit-paranjpe@users.noreply.github.com>
#225) Bug - Fail to get password expiry date for OPSS user when using connect string Note that since the DB service name is not guaranteed to include the PDB name ( I proved this by using a connect string w/o the PDB name in it to successfully create a WLS for OCI instance). Therefore, the PDB name must be asked for. Also note that the validation change added will not be executed, but to limit the scope of the changes I updated the validation only and didn't try to also add in the validator. I suspect that the validation was never added in order to ensure that 11g databases, which don't have a PDB can be allowed. Tested that when setting a connect string the error occurred. After the fix, with PDB name provided, the error did not occur.
…#224) validate_vcn_cidr.py always returning errors in bootstrap log due to wls_vcn_cidr being empty with existing subnets. Note that this is essentially a revert to the previous commit. The checkin log for the commit states, "Use customer provided NSGs for existing subnet provisioning". Therefore, I tested with existing subnet and NSGs provided with the reversion of this line change and there were no issues. Other tests in addition to existing subnet with NSGs provided: 1. New VCN. 2. Existing VCN, new subnet 3. Existing subnet with security rules. In each case I tested with IDCS added so the call to validate_vcn_cidr.py would occur. I not only made sure the error no longer appeared, but verified that the metadata value was present and ran validate_vcn_cidr.py by hand.
Verified issue by creating stack in a compartment without dynamic group policies set and selecting OCI Policies checkbox. Clicked on Instances|Instance Details and navigate to the OS Management and saw: "No OS management information is available for this resource." After fix ran same test and OS Managment information appears.
Uptake 23.3.3 release image values. --------- Co-authored-by: Abhijit Paranjpe <109541284+abhijit-paranjpe@users.noreply.github.com>
#230) JCS-14046 Support VM.Standard.E5.Flex shape, but not as default shape. Testing using E5.Flex shape (requires OL8.8 image): - 14.1.1.0 JDK11 with IDCS. idcs-sample-app logged into. - 12.2.1.4 JRF on ATP with IDCS (2 OCPU count). idcs-sample-app logged into. - 14.1.1.0 JDK8 with IDCS validated cloning. Testing max cpu utilization (E5.Flex allows 94 ocpu max): - Using same logic changes in this MR built stack with: -- max OCPUs for Flex5 to 1 -- max OCPUs for Flex4 to 2 -- Set 2 OCPUs for Flex 5 and ran tf plan. Confirmed validation error fired. -- Set 3 OCPUs for Flex 4 and ran tf plan. Confirmed validation error fired. This shows no regression in the logic changes.
Uptake marketplace image values into 23.4.3 reelase
Uptake 24.1.1 marketplace values..
JCS-14023 Status check missing from public subnet provisioning Verified status check now showing for public subnet, private endpoint and bastion still showing status check, and that private subnet w/o bastion still does not attempt to get status check. Verified all conditions using both ORM UI and CLI.
Uptake 24.1.2 mp values..
- Make the keys of the maps of compute and volumes resources to have 2 digits at the end, to conserve the iteration order, which is lexicographical, to prevent volume attachments from being reassigned to other instances because of the iteration order in the list of compute instances Tests: - Created a non-JRF stack with new VCN, and two nodes - Scaled up the stack to 4 nodes, verified the apply job completed successfully and that all servers were added. - Scaled up the stack to 10 nodes, and verified the same points above - Scaled up the stack to 11 nodes, and made the same verifications above, and verified that the existing block volume attachments and block volumes where not affected - Scaled up the stack to 20 nodes, and made the same verifications above - Scaled up the stack to 30 nodes, and made the same verifications above - Scaled down the stack to 10 nodes. Verified that only the artifacts 29 to 10 are deleted, and the rest of the servers are still running
…307) Split policy statements in two due to OCI 50 statement policy limit.
Fix the mp script to uptake 14.1.2.0 and uptake new image values. Co-authored-by: Sarada Kommalapati <sarada.kommlapati@oracle.com>
Added check for egress rule to allow traffic in all ports in Managed Server Nsg.
Ticket: [JCS- 14708](https://jira.oraclecorp.com/jira/browse/JCS-14708) Changes in the files: 1. `terraform/modules/policies/groups.tf` : Updated a comment (no functional changes). 2. `terraform/modules/policies/locals.tf` : Removed the policy related to OS Management Service Agent. Tested in both the Ashburn and Phoenix regions, and the policies were created successfully.
Please review tfvars for Apr25 PSUS for publishing images to MarketPlace
Tested with the following scenarios: - From the OCI console for the policy enhancement <img width="1175" alt="Screenshot 2025-05-21 at 1 42 12 PM" src="https://github.com/user-attachments/assets/9992f756-900a-476e-a9e5-20fea5480b5e" /> Here, the compartments of both the stack and profile are the same; hence, only one policy is created for OSMH, avoiding duplication. This is the case where the compartments of the stack and profile are different; hence, two policies are created for accessing OSMH in both the stack and profile compartments. <img width="1176" alt="Screenshot 2025-05-21 at 1 44 20 PM" src="https://github.com/user-attachments/assets/5a2f1fe2-3b13-4528-a35a-b469c4c2c8e8" /> Terraform CLI changes. If a stack is created through the Terraform CLI with the default values, OSMH will be enabled by default, since select existing profile defaults to false, a new profile will be created. If one needs to select an Existing profile, set the value to true & provide the profile OCID. If the OCID is not provided validation error will be thrown.
Uptake IDCS Appgateway 25.1.03-2501230623   Orahub MR : https://orahub.oci.oraclecorp.com/weblogic-cloud/wls-oci/-/merge_requests/1114
The idle timeout for OCI LB is set for 300secs  --------- Co-authored-by: Sarada Kommalapati <52939928+skommala@users.noreply.github.com> Co-authored-by: Abhijit Paranjpe <109541284+abhijit-paranjpe@users.noreply.github.com> Co-authored-by: telake <tim.lake@oracle.com> Co-authored-by: Roberto Sanchez Herrera <roberto.s.sanchez@oracle.com> Co-authored-by: P M Darshan <p.m.darshan@oracle.com> Co-authored-by: C R Aniruddh Srivatsa <c.r.aniruddh.srivatsa@oracle.com> Co-authored-by: Mahuwa Barman <106961326+Mahuwa-Barman@users.noreply.github.com> Co-authored-by: Chintamani Bhat <chintamani.bhat@oracle.com> Co-authored-by: Sarada Kommalapati <sarada.kommlapati@oracle.com> Co-authored-by: Adrian Padilla Duarte <adrian.padilla@oracle.com> Co-authored-by: Mahuwa-Barman <mahuwa.barman@oracle.com> Co-authored-by: srjanaki <srinath.janakiraman@oracle.com> Co-authored-by: ManviGupta-prog <Manvi.g.gupta@oracle.com> Co-authored-by: Ananya Tripathi <ananya.tripathi@oracle.com> Co-authored-by: Siddharth Sahu <sysahu@Mac.lan>
Upgrade Terraform version to 1.5.x for WLS for OCI. Testing done - Stack provisioning successful through ORM with Terraform version 1.5.7. <img width="1906" height="1001" alt="Screenshot 2025-09-19 at 10 23 58 PM" src="https://github.com/user-attachments/assets/9d1229ea-77cf-4682-9af9-ce46201f00be" /> <img width="1906" height="1001" alt="Screenshot 2025-09-19 at 10 24 15 PM" src="https://github.com/user-attachments/assets/3dea1bfe-19b1-4819-8451-903b310375d6" /> <img width="1906" height="1001" alt="Screenshot 2025-09-19 at 10 25 12 PM" src="https://github.com/user-attachments/assets/ac78e03a-83a4-4812-9f62-daec64756592" /> --------- Co-authored-by: Rajesh Chavan <rachavan@Rajeshs-MacBook-Pro.local>
policy statement for certificate-authority-delegates had target compartment improperly set to compartment for certificates instead of compartment for the certificate authorities.
Add support for WLS 15.1.1.0
Adjust copyright headers
Variable description to include all supported WLS versions
Remove WLMS policy since WLMS is being deprecated.
Merge release 25.4.1 changes to development --------- Co-authored-by: Rajesh Chavan <rachavan@Rajeshs-MacBook-Pro.local>
|
Thank you for your pull request and welcome to our community! To contribute, please sign the Oracle Contributor Agreement (OCA).
To sign the OCA, please create an Oracle account and sign the OCA in Oracle's Contributor Agreement Application. When signing the OCA, please provide your GitHub username. After signing the OCA and getting an OCA approval from Oracle, this PR will be automatically updated. If you are an Oracle employee, please make sure that you are a member of the main Oracle GitHub organization, and your membership in this organization is public. |
oracle-contributor-agreement
bot
added
the
OCA Required
telake
approved these changes
Oct 28, 2025
Mahuwa-Barman
approved these changes
Oct 28, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
13 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merge development branch to main after 25.4.1 release