Start of change

Add a new portable software instance

You can use this operation to add a portable software instance to z/OSMF.

HTTP method and URI path

POST /zosmf/swmgmt/pswi
where:
zosmf/swmgmt
Identifies the software management services.
pswi
Informs the service that the request is for a portable software instance object.

Standard headers

Use the following standard HTTP headers with this request:
Content-Type
Identifies the type of input content that is provided by the caller. The following value is acceptable:
  • Content-Type: application/json (JSON)
The JSON content type is used for the JSON document that is included as input with this request.
Accept-Language
Identifies the preferred language for any messages that are returned to the caller. The following values are acceptable:
  • Accept-Language: en (English)
  • Accept-Language: ja (Japanese)
If any other language value is specified or if the header is omitted, then English is used.

Custom headers

None.

Request content

Your request must include a JSON object that describes the portable software instance to add and the configuration information for the target software instance. An example of the request content is shown in Figure 1.
Figure 1. Adding a portable software instance: request content
{
"name":"pswi-name",
"system":"system-nickname",
"description":"pswi-description",
"directory":"UNIX-directory",
"categories":["pswi-category"],
Start of change"signaturekeyring":"keyring-name",End of change
"zosmfuid":"zosmf-user-ID",
"zosmfpw":"zosmf-password",
"proxyuid":"proxy-user-ID",
"proxypw":"proxy-password"
}
where:
pswi-name
Name of the portable software instance. The name is required and must be unique on the system. The name can contain up to 30 non-blank characters, including the following alphanumeric characters, mathematical symbols, punctuation marks, and special characters: 0-9 A-Z a-z ! " # $ ' - / : < = > ? | @ \ ^ _
system-nickname
Nickname of the system that has access to the volumes and data sets where the portable software instance is located. Use the nickname that is specified for the system definition in the z/OSMF Systems task. The nickname is required.

To manage the systems that are defined to z/OSMF, you can use the z/OSMF topology services. For more information, see Topology services.

pswi-description
Description of the portable software instance. The description can contain a maximum of 256 characters.
UNIX-directory
UNIX directory to contain the files for the portable software instance. Ensure that the directory name is valid according to the following UNIX directory name syntax:
  • Must be an absolute path name.
  • Must start and end with a forward slash.
  • Can contain up to 1023 characters.
pswi-category
Comma-separated list of the categories to which the portable software instance is assigned. Each category name can contain up to 30 non-blank characters, including the following alphanumeric characters, mathematical symbols, punctuation marks, and special characters: 0-9 A-Z a-z ! " # $ ' - / : < = > ? | @ \ ^ _
Start of changesignaturekeyringEnd of change
Start of change
Identifies the location of the Certificate Authority (CA) certificate that is required to validate the digital signature of the portable software instance. The name for a security manager keyring or the keyword javatruststore may be specified.
keyring-name

Identifies the name for a security manager keyring. The specified name may be for a real or virtual keyring. Keyring names are from 1 to 237 characters in length and may include only characters X'40' through X'FE' excluding the forward slash (/), and the reserved XML characters, less than (<), greater than (>), double quotation mark ("), and ampersand (&).

If the keyring is associated with a userid other than the one that is used to perform the action, then the keyring name must be prefixed with the associated userid. Userids are from 1 to 8 alphanumeric characters in length, and can consist entirely of numerics and need not begin with any particular character. The userid is separated from the keyring value by a forward slash (userid/keyring).

To indicate that all of the Certificate Authority (CA) certificates that are defined in the security manager may be used to validate the digital signature, use the CERTAUTH virtual keyring by specifying the userid/keyring value “*AUTH*/*”.

Note:
The userid that performs the action must be properly authorized to the FACILITY class resource IRR.DIGTCERT.LISTRING or to the RDATALIB class resource keyring-owner.keyring-name.LST for z/OSMF to use the specified keyring. READ access is required for a userid to use its own keyring or the CERTAUTH virtual keyring. UPDATE access is required to use a keyring from another user. If the RDATALIB class is used, for any real keyring, READ access to keyring-owner.keyring-name.LST is required. For the CERTAUTH virtual keyring, READ access to CERTIFAUTH.IRR_VIRTUAL_KEYRING.LST is required.
javatruststore

Indicates that all of the certificates in the default Java truststore may be used to validate the digital signature. A Java truststore is a Java keystore file that contains the collection of the trusted Certificate Authority (CA) certificates. The default Java truststore is located relative to the Java home directory.

End of change
zosmf-user-ID
User ID for authenticating with a remote z/OSMF instance.
zosmf-password
Password for authenticating with a remote z/OSMF instance.
proxy-user-ID
User ID for authenticating with an HTTP proxy.
proxy-password
Password for authenticating with an HTTP proxy.

The request content is required, but some properties are optional. For example, consider whether the UNIX directory is not in the same sysplex as the primary z/OSMF instance. You might need to authenticate with the secondary z/OSMF instance that is running in the sysplex where the source software instance is located. In addition, consider whether the primary z/OSMF instance must access an HTTP proxy server to connect with the secondary z/OSMF instance. You might also need to authenticate with that HTTP proxy server. Therefore, you might need to specify the remote z/OSMF user ID and password and the proxy user ID and password.

Usage considerations

See Usage considerations for the z/OSMF REST services.

Required authorizations

Certain authorizations are required to submit a request through the software management services to add a portable software instance. The user ID that initiates the request requires the same authorizations as the ones needed to perform an add operation with the z/OSMF Software Management task. The user ID needs READ access to the Software Management task and CONTROL access to the SAF resources that correspond to the portable software instance to add. If the specified categories are implicitly added during this portable software instance add operation, the user ID must also have CONTROL access to the SAF resources that correspond to the specified categories. For more information about access controls for the Software Management task, see Creating access controls for the Software Management task in IBM z/OS Management Facility Configuration Guide.

Expected response

Validating the portable software instance files is an asynchronous operation. On completion of the initial POST request, the z/OSMF Software Management REST interface returns an HTTP response code of 202 Accepted. The response also includes the following JSON object:
{
 "statusurl":"url"
}
where:
statusurl
Indicates the URL that provides status for the portable software instance add request. The client issues GET requests to the supplied URL to monitor the status of the operation and to obtain the result set.
Subsequent GET requests to the status monitor URL obtain the status of the operation. The following values are possible:
200 OK
The operation is either not yet complete or is complete with no errors. A JSON document is included that contains status information for the operation. It indicates either running or complete.
4nn or 5nn
An error occurred. For more information, see Error handling. This document contains a reason code and a list of one or more message strings that describe the errors that are detected during request processing.
404 Not found
The request expired. When the operation completes, the z/OSMF server retains the result set for a finite length of time. After that time passes, the result set expires and is no longer available for the client to obtain.
The response to GET requests on the status monitor URL includes the following JSON document:
{
 "status":"status"
Start of change"packagesignercertdetails":{
    "subjectname":"subject-name",
    "serialnumber":"serial-number",
    "fingerprint":"finger-print",
    "issuer":"issuer-subject-name"
         }End of change
}
where:
status
The status of the Add portable software instance request. The status is either running or complete.
Start of changepackagesignerdetailsEnd of change
Start of change
Container for information that pertains to the certificate that is used to sign the portable software instance.
subjectname
The subject name of the certificate that is used to sign the portable software instance.
serialnumber
The serial number of the certificate that is used to sign the portable software instance.
fingerprint
The digital fingerprint of the certificate that is used to sign the portable software instance.
issuer
The subject name of the root certificate that issued the certificate that is used to sign the portable software instance.
End of change

Example

In the following example, the POST method is used to add a portable software instance to the z/OSMF instance that has a hostname of pev174.yourco.com.
Figure 2. Sample request to add a portable software instance
POST /zosmf/swmgmt/pswi HTTP/1.1
Host: pev174.yourco.com
Content-Type: application/json
{
"name":"Hooli",
"system":"PEV174",
"description":"Fictitious software product from Hooli",
"directory":"/u/ibmusr/hoolipswi/"
}
An example response is as follows:
Figure 3. Response to sample request to add a portable software instance
HTTP/1.1 202 Accepted
Date: Fri, 5 June 2020 18:53:04 +00004GMT
Content-Type: application/json
Content-Language: en
Connection: close
{"statusurl":"https:\/\/pev174.yourco.com\/zosmf\/swmgt\/statusmonitor\/addpswi\/4837290198343"}
Figure 3 indicates that the request to validate and create a portable software instance entry was accepted, and the status monitor URL is provided.
A subsequent GET request to the status monitor URL is as follows:
Figure 4. Sample GET request to the status monitor URL
GET /zosmf/swmgmt/statusmonitor/addpswi/4837290198343 HTTP/1.1
Host: pev174.yourco.com
An example response is as follows:
Figure 5. Response to sample GET request to the status monitor URL
HTTP/1.1 200 OK
Date: Fri, 5 June 2020 18:54:04 +00004GMT
Content-Type: application/json
Content-Language: en
Connection: close
{"status":"running"}
Figure 5 indicates that the request to validate and create a portable software instance entry is still running.
A final request to the status monitor URL is as follows:
Figure 6. Sample final request to the status monitor URL
GET /zosmf/swmgmt/statusmonitor/addpswi/4837290198343 HTTP/1.1
Host: pev174.yourco.com
An example response is as follows:
Figure 7. Response to sample final request to the status monitor URL
HTTP/1.1 200 OK
Date: Fri, 5 June 2020 18:55:04 +00004GMT
Content-Type: application/json
Content-Language: en
Connection: close
{"status":"complete"}
Figure 7 indicates that the request to validate and create a portable software instance completed with no errors.
End of change