Move to 2021.2
Update the script to point at 2021.2, change the path of the files since
they moved yet again, and run the script.
The directory structure moved back to the way they had it pre-2020.1:
https://github.com/openbmc/bmcweb/commit/a778c0261282b95e14ea3f4406959638b5edb040
Since we have an exclude list, this only brings in new versions of
schemas bmcweb already uses.
Overview of 2021.2:
https://www.dmtf.org/sites/default/files/Redfish_Release_2021.2_Overview.pdf
IBM plans to use Control (for PowerCapping) and IdlePowerSaver
immediately.
Tested: Validator passed after DMTF/Redfish-Service-Validator/pull/423
merged.
CI uses the latest Redfish-Service-Validator so not a problem for CI.
For manual users only a small window where an older validator would
fail. After the schemapack changes but before PR423.
See the new schemas.
Change-Id: I2fe539087167cf6d962c14bf31fa23861302646f
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
diff --git a/static/redfish/v1/JsonSchemas/AccountService/AccountService.json b/static/redfish/v1/JsonSchemas/AccountService/AccountService.json
index 468a463..cf7470c 100644
--- a/static/redfish/v1/JsonSchemas/AccountService/AccountService.json
+++ b/static/redfish/v1/JsonSchemas/AccountService/AccountService.json
@@ -1,5 +1,5 @@
{
- "$id": "http://redfish.dmtf.org/schemas/v1/AccountService.v1_9_0.json",
+ "$id": "http://redfish.dmtf.org/schemas/v1/AccountService.v1_10_0.json",
"$ref": "#/definitions/AccountService",
"$schema": "http://redfish.dmtf.org/schemas/v1/redfish-schema-v1.json",
"copyright": "Copyright 2014-2021 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright",
@@ -10,11 +10,13 @@
"ActiveDirectoryService",
"LDAPService",
"OEM",
- "TACACSplus"
+ "TACACSplus",
+ "OAuth2"
],
"enumDescriptions": {
"ActiveDirectoryService": "An external Active Directory service.",
"LDAPService": "A generic external LDAP service.",
+ "OAuth2": "An external OAuth 2.0 service.",
"OEM": "An OEM-specific external authentication or directory service.",
"RedfishService": "An external Redfish service.",
"TACACSplus": "An external TACACS+ service."
@@ -22,18 +24,20 @@
"enumLongDescriptions": {
"ActiveDirectoryService": "The external account provider shall be a Microsoft Active Directory Technical Specification-conformant service. The ServiceAddresses format shall contain a set of fully qualified domain names (FQDN) or NetBIOS names that links to the set of domain servers for the Active Directory service.",
"LDAPService": "The external account provider shall be an RFC4511-conformant service. The ServiceAddresses format shall contain a set of fully qualified domain names (FQDN) that links to the set of LDAP servers for the service.",
+ "OAuth2": "The external account provider shall be an RFC6749-conformant service. The ServiceAddresses format shall contain a set of URIs that correspond to the RFC8414-defined metadata for the OAuth 2.0 service.",
"RedfishService": "The external account provider shall be a DMTF Redfish Specification-conformant service. The ServiceAddresses format shall contain a set of URIs that correspond to a Redfish account service.",
"TACACSplus": "The external account provider shall be an RFC8907-conformant service. The ServiceAddresses format shall contain a set of host:port that correspond to a TACACS+ service and where the format for host and port are defined in RFC3986."
},
"enumVersionAdded": {
+ "OAuth2": "v1_10_0",
"TACACSplus": "v1_8_0"
},
"type": "string"
},
"AccountService": {
"additionalProperties": false,
- "description": "The AccountService schema defines an account service. The properties are common to, and enable management of, all user accounts. The properties include the password requirements and control features, such as account lockout. The schema also contains links to the manager accounts and roles.",
- "longDescription": "This resource shall represent an account service for a Redfish implementation. The properties are common to, and enable management of, all user accounts. The properties include the password requirements and control features, such as account lockout.",
+ "description": "The AccountService schema defines an account service. The properties are common to, and enable management of, all user accounts. The properties include the password requirements and control features, such as account lockout. Properties and actions in this service specify general behavior that should be followed for typical accounts, however implementations may override these behaviors for special accounts or situations to avoid denial of service or other deadlock situations.",
+ "longDescription": "This resource shall represent an account service for a Redfish implementation. The properties are common to, and enable management of, all user accounts. The properties include the password requirements and control features, such as account lockout. Properties and actions in this service specify general behavior that should be followed for typical accounts, however implementations may override these behaviors for special accounts or situations to avoid denial of service or other deadlock situations.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
@@ -175,6 +179,19 @@
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Name",
"readonly": true
},
+ "OAuth2": {
+ "anyOf": [
+ {
+ "$ref": "#/definitions/ExternalAccountProvider"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "description": "The first OAuth 2.0 external account provider that this account service supports.",
+ "longDescription": "This property shall contain the first OAuth 2.0 external account provider that this account service supports. If the account service supports one or more OAuth 2.0 services as an external account provider, this entity shall be populated by default. This entity shall not be present in the additional external account providers resource collection.",
+ "versionAdded": "v1_10_0"
+ },
"Oem": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem",
"description": "The OEM extension property.",
@@ -476,6 +493,19 @@
"longDescription": "This property shall contain any additional mapping information needed to parse a generic LDAP service. This property should only be present inside the LDAP property.",
"versionAdded": "v1_3_0"
},
+ "OAuth2Service": {
+ "anyOf": [
+ {
+ "$ref": "#/definitions/OAuth2Service"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "description": "The additional information needed to parse an OAuth 2.0 service.",
+ "longDescription": "This property shall contain additional information needed to parse an OAuth 2.0 service. This property should only be present inside an OAuth2 property.",
+ "versionAdded": "v1_10_0"
+ },
"PasswordSet": {
"description": "Indicates if the Password property is set.",
"longDescription": "This property shall contain `true` if a valid value was provided for the Password property. Otherwise, the property shall contain `false`.",
@@ -672,6 +702,80 @@
},
"type": "string"
},
+ "OAuth2Mode": {
+ "enum": [
+ "Discovery",
+ "Offline"
+ ],
+ "enumDescriptions": {
+ "Discovery": "OAuth 2.0 service information for token validation is downloaded by the service.",
+ "Offline": "OAuth 2.0 service information for token validation is configured by a client."
+ },
+ "enumLongDescriptions": {
+ "Discovery": "This value shall indicate the service performs token validation from information found at the URIs specified by the ServiceAddresses property. Services shall implement a caching method of this information so it's not necessary to retrieve metadata and key information for every request containing a token.",
+ "Offline": "This value shall indicate the service performs token validation from properties configured by a client."
+ },
+ "type": "string"
+ },
+ "OAuth2Service": {
+ "additionalProperties": false,
+ "description": "Various settings to parse an OAuth 2.0 service.",
+ "longDescription": "This type shall contain settings for parsing an OAuth 2.0 service.",
+ "patternProperties": {
+ "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
+ "description": "This property shall specify a valid odata or Redfish property.",
+ "type": [
+ "array",
+ "boolean",
+ "integer",
+ "number",
+ "null",
+ "object",
+ "string"
+ ]
+ }
+ },
+ "properties": {
+ "Audience": {
+ "description": "The allowable audience strings of the Redfish service.",
+ "items": {
+ "type": "string"
+ },
+ "longDescription": "This property shall contain an array of allowable RFC7519-defined audience strings of the Redfish service. The values shall uniquely identify the Redfish service. For example, a MAC address or UUID for the manager can uniquely identify the service.",
+ "readonly": true,
+ "type": "array",
+ "versionAdded": "v1_10_0"
+ },
+ "Issuer": {
+ "description": "The issuer string of the OAuth 2.0 service.",
+ "longDescription": "This property shall contain the RFC8414-defined issuer string of the OAuth 2.0 service. If the Mode property contains the value `Discovery`, this property shall contain the value of the `issuer` string from the OAuth 2.0 service's metadata and this property shall be read-only.",
+ "readonly": false,
+ "type": [
+ "string",
+ "null"
+ ],
+ "versionAdded": "v1_10_0"
+ },
+ "Mode": {
+ "$ref": "#/definitions/OAuth2Mode",
+ "description": "The mode of operation for token validation.",
+ "longDescription": "This property shall contain the mode of operation for token validation.",
+ "readonly": false,
+ "versionAdded": "v1_10_0"
+ },
+ "OAuthServiceSigningKeys": {
+ "description": "The Base64-encoded signing keys of the issuer of the OAuth 2.0 service.",
+ "longDescription": "This property shall contain a Base64-encoded string of the RFC7517-defined signing keys of the issuer of the OAuth 2.0 service. If the Mode property contains the value `Discovery`, this property shall contain the keys found at the URI specified by the `jwks_uri` string from the OAuth 2.0 service's metadata and this property shall be read-only.",
+ "readonly": false,
+ "type": [
+ "string",
+ "null"
+ ],
+ "versionAdded": "v1_10_0"
+ }
+ },
+ "type": "object"
+ },
"OemActions": {
"additionalProperties": true,
"description": "The available OEM-specific actions for this resource.",
@@ -826,6 +930,6 @@
}
},
"owningEntity": "DMTF",
- "release": "2021.1",
- "title": "#AccountService.v1_9_0.AccountService"
+ "release": "2021.2",
+ "title": "#AccountService.v1_10_0.AccountService"
}
\ No newline at end of file