Add TLS trace option to eureka registration

Signed-off-by: 1000TurquoisePogs <[email protected]>
zowe · Feb 20, 2025 · 8cb4445 · 8cb4445
1 parent 0addde0
commit 8cb4445
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,7 @@ This repo is part of the app-server Zowe Component, and the change logs here may
 
 ## 3.2.0
 - Bugfix: App-server /server/environment endpoint was missing the "agent" object, causing the Desktop to choose an indirect route to accessing ZSS. This fix improves latency and high availability behavior of ZSS APIs in the Desktop. (#588)
+- Bugfix: When eureka registration experienced a network failure, troubleshooting information was not available. The property `components.app-server.node.mediationLayer.traceTls` now exists for troubleshooting TLS issues. (#592)
 
 ## 3.1.0
 - Bugfix: App-server could not register with discovery server when AT-TLS was enabled for app-server. (#580)

diff --git a/lib/apiml.js b/lib/apiml.js
@@ -79,9 +79,9 @@ const MEDIATION_LAYER_INSTANCE_DEFAULTS = (zluxProto, zluxHostname, zluxPort) =>
 }};
 
 function ApimlConnector({ hostName, port, discoveryUrls,
-                          discoveryPort, tlsOptions, eurekaOverrides, isClientAttls }) {
+                          discoveryPort, tlsOptions, eurekaOverrides, isClientAttls, traceTls }) {
   Object.assign(this, { hostName, port, discoveryUrls,
-                        discoveryPort, tlsOptions, eurekaOverrides, isClientAttls });
+                        discoveryPort, tlsOptions, eurekaOverrides, isClientAttls, traceTls });
   //TODO config should never be checked through env var, but is temporarily needed to temporarily read gateway's ATTLS state to provide it with Eureka info it can work with.
   const clientGlobalAttls = process.env['ZWE_zowe_network_client_tls_attls'];
   const clientGatewayAttls = process.env['ZWE_components_gateway_zowe_network_client_tls_attls'];
@@ -246,7 +246,11 @@ ApimlConnector.prototype = {
   },*/
 
   registerMainServerInstance() {
-    const overrideOptions = this.isClientAttls ? {} : Object.assign({},this.tlsOptions)
+    const overrideOptions = this.isClientAttls
+          ? {}
+    //Use server's own TLS options except for TLS tracing.
+          : Object.assign(Object.assign({},this.tlsOptions), {enableTrace: this.traceTls ? true : false});
+
     if (!this.tlsOptions.rejectUnauthorized) {
       //Keeping these certs causes an openssl error 46, unknown cert error in a dev environment
       delete overrideOptions.cert;

diff --git a/lib/index.js b/lib/index.js
@@ -220,6 +220,7 @@ Server.prototype = {
           port: this.port,
           discoveryUrls: apimlConfig.server.discoveryUrls || [`https://${apimlConfig.server.hostname}:${apimlConfig.server.port}/eureka/`],
           tlsOptions: this.tlsOptions,
+          traceTls: apimlConfig.traceTls,
           eurekaOverrides: apimlConfig.eureka,
           isClientAttls: util.isClientAttls(this.zoweConfig)
         });