Automation Toolkit Release v2025.2.1

OCIWorkVMStack/scripts/installToolkit.sh

@@ -1,114 +1,121 @@
-#!/bin/bash
+#cloud-config
+runcmd:
+  - |
+    echo "Waiting for network..."
+    until ping -c1 8.8.8.8 >/dev/null 2>&1; do 
+      echo "Network not ready, retrying in 10 seconds..."
+      sleep 10
+    done
+    echo "Network ready, starting..."
+    username=cd3user
+    logfile="/$username/mount_path/installToolkit.log"
+    toolkit_dir="/tmp/githubCode"
+    mount_dir="/$username/mount_path"
+    sudo mkdir -p /$mount_dir/tenancies
+    sudo mkdir -p /$mount_dir/oci_tools
 
-username=cd3user
-logfile="/$username/mount_path/installToolkit.log"
-toolkit_dir="/tmp/githubCode"
-mount_dir="/$username/mount_path"
-sudo mkdir -p /$mount_dir/tenancies
-sudo mkdir -p /$mount_dir/oci_tools
+    tenancyconfig_properties="/$mount_dir/oci_tools/cd3_automation_toolkit/user-scripts/tenancyconfig.properties"
+    connectOCI_properties="/$mount_dir/oci_tools/cd3_automation_toolkit/connectOCI.properties"
+    start=$(date +%s.%N)
+    sudo sh -c "echo '########################################################################' >> /etc/motd"
+    sudo sh -c "echo '                 Welcome to CD3 Automation Toolkit WorkVM' >> /etc/motd"
+    sudo sh -c "echo '########################################################################' >> /etc/motd"
+    sudo sh -c "echo 'Please wait for couple of minutes for container to become active if you' >> /etc/motd"
+    sudo sh -c "echo 'are logging in for first time to after VM Provisioning. Toolkit initial' >> /etc/motd"
+    sudo sh -c "echo 'setup log is present at - /cd3user/mount_path/installToolkit.log' >> /etc/motd"
+    sudo sh -c "echo 'To verify podman container run command: sudo podman ps -a' >> /etc/motd"
+    sudo sh -c "echo 'To connect to container run command: sudo podman exec -it cd3_toolkit bash' >> /etc/motd"
+    sudo sh -c "echo 'if you want to stop seeing these messages at login remove in /etc/motd' >> /etc/motd"
+    sudo sh -c "echo '###########################################################################' >> /etc/motd"
 
-tenancyconfig_properties="/$mount_dir/oci_tools/cd3_automation_toolkit/user-scripts/tenancyconfig.properties"
-connectOCI_properties="/$mount_dir/oci_tools/cd3_automation_toolkit/connectOCI.properties"
-start=$(date +%s.%N)
-sudo sh -c "echo '########################################################################' >> /etc/motd"
-sudo sh -c "echo '                 Welcome to CD3 Automation Toolkit WorkVM' >> /etc/motd"
-sudo sh -c "echo '########################################################################' >> /etc/motd"
-sudo sh -c "echo 'Please wait for couple of minutes for container to become active if you' >> /etc/motd"
-sudo sh -c "echo 'are logging in for first time to after VM Provisioning. Toolkit initial' >> /etc/motd"
-sudo sh -c "echo 'setup log is present at - /cd3user/mount_path/installToolkit.log' >> /etc/motd"
-sudo sh -c "echo 'To verify podman container run command: sudo podman ps -a' >> /etc/motd"
-sudo sh -c "echo 'To connect to container run command: sudo podman exec -it cd3_toolkit bash' >> /etc/motd"
-sudo sh -c "echo 'if you want to stop seeing these messages at login remove in /etc/motd' >> /etc/motd"
-sudo sh -c "echo '###########################################################################' >> /etc/motd"
+    stop_exec () {
+    if [[ $? -ne 0 ]] ; then
+       echo $? >> $logfile 2>&1
+       echo "Error encountered in CD3 Automation Toolkit Container Setup. Please do setup Manually" >> $logfile 2>&1
+       exit 1
+    fi
+    }
 
-stop_exec () {
-if [[ $? -ne 0 ]] ; then
-   echo $? >> $logfile 2>&1
-   echo "Error encountered in CD3 Automation Toolkit Container Setup. Please do setup Manually" >> $logfile 2>&1
-   exit 1
-fi
-}
+    #sudo systemctl stop oracle-cloud-agent.service >> $logfile 2>&1
+    #cd /etc/yum.repos.d/
+    #for i in $( ls *.osms-backup ); do sudo mv $i ${i%.*}; done
+    echo "***SELinux permissive***" >> $logfile 2>&1
+    sudo setenforce 0
+    sudo sed -c -i "s/\SELINUX=.*/SELINUX=permissive/" /etc/sysconfig/selinux
 
-#sudo systemctl stop oracle-cloud-agent.service >> $logfile 2>&1
-#cd /etc/yum.repos.d/
-#for i in $( ls *.osms-backup ); do sudo mv $i ${i%.*}; done
-echo "***SELinux permissive***" >> $logfile 2>&1
-sudo setenforce 0
-sudo sed -c -i "s/\SELINUX=.*/SELINUX=permissive/" /etc/sysconfig/selinux
+    echo "***cd3user setup***" >> $logfile 2>&1
+    sudo useradd -u 1001 $username
+    sudo sh -c "echo $username ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$username"
+    sudo chmod 0440 /etc/sudoers.d/$username
+    sudo chmod 775 -R /$username
+    sudo chown -R $username:$username /$username
+    sudo usermod -aG $username opc
+    sudo mkdir -p /home/$username/.ssh
+    sudo chown -R $username:$username /home/$username/.ssh
+    sudo chmod 700 /home/$username/.ssh
+    sudo cp /home/opc/.ssh/authorized_keys /home/$username/.ssh/authorized_keys
+    sudo chown -R $username:$username /home/$username/.ssh/authorized_keys
+    sudo chmod 600 /home/$username/.ssh/authorized_keys
 
-echo "***cd3user setup***" >> $logfile 2>&1
-sudo useradd -u 1001 $username
-sudo sh -c "echo $username ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$username"
-sudo chmod 0440 /etc/sudoers.d/$username
-sudo chmod 775 -R /$username
-sudo chown -R $username:$username /$username
-sudo usermod -aG $username opc
-sudo mkdir -p /home/$username/.ssh
-sudo chown -R $username:$username /home/$username/.ssh
-sudo chmod 700 /home/$username/.ssh
-sudo cp /home/opc/.ssh/authorized_keys /home/$username/.ssh/authorized_keys
-sudo chown -R $username:$username /home/$username/.ssh/authorized_keys
-sudo chmod 600 /home/$username/.ssh/authorized_keys
+    echo "***Install git***" >> $logfile 2>&1
+    sudo yum --disablerepo=ol7_ksplice --disablerepo=ol8_ksplice --disablerepo=ol8_x86_64_ksplice --disablerepo=ol9_ksplice --disablerepo=ol9_x86_64_ksplice install -y git >> $logfile 2>&1
+    stop_exec
 
-echo "***Install git***" >> $logfile 2>&1
-sudo yum --disablerepo=ol7_ksplice --disablerepo=ol8_ksplice --disablerepo=ol8_x86_64_ksplice --disablerepo=ol9_ksplice --disablerepo=ol9_x86_64_ksplice install -y git >> $logfile 2>&1
-stop_exec
+    echo "***Install Podman***" >> $logfile 2>&1
+    echo "########################################################" >> $logfile 2>&1
+    osrelase=`cat /etc/oracle-release`
+    if [[ $osrelase == "Oracle Linux Server release 7".* ]] ; then
+         sudo yum --disablerepo=ol7_ksplice install -y podman podman-docker >> $logfile 2>&1
+         stop_exec
+    else
+        sudo yum --disablerepo=ol8_ksplice --disablerepo=ol8_x86_64_ksplice --disablerepo=ol9_ksplice --disablerepo=ol9_x86_64_ksplice install -y podman podman-docker >> $logfile 2>&1
+        stop_exec
+        sudo systemctl enable podman.service
+        sudo systemctl start podman.service
+        stop_exec
+    fi
+    sudo podman --version >> $logfile 2>&1 || true
 
-echo "***Install Podman***" >> $logfile 2>&1
-echo "########################################################" >> $logfile 2>&1
-osrelase=`cat /etc/oracle-release`
-if [[ $osrelase == "Oracle Linux Server release 7".* ]] ; then
-     sudo yum --disablerepo=ol7_ksplice install -y podman podman-docker >> $logfile 2>&1
-     stop_exec
-else
-    sudo yum --disablerepo=ol8_ksplice --disablerepo=ol8_x86_64_ksplice --disablerepo=ol9_ksplice --disablerepo=ol9_x86_64_ksplice install -y podman podman-docker >> $logfile 2>&1
-    stop_exec
-    sudo systemctl enable podman.service
-    sudo systemctl start podman.service
+    echo "***Download Toolkit***" >> $logfile 2>&1
+    sudo git clone https://github.com/oracle-devrel/cd3-automation-toolkit.git -b develop $toolkit_dir >> $logfile 2>&1
+    cp -r $toolkit_dir/cd3_automation_toolkit /$mount_dir/oci_tools/
+    cp -r $toolkit_dir/othertools /$mount_dir/oci_tools/
+    sudo chown -R $username:$username /$mount_dir/oci_tools/
     stop_exec
-fi
-sudo podman --version >> $logfile 2>&1 || true
-
-echo "***Download Toolkit***" >> $logfile 2>&1
-sudo git clone https://github.com/oracle-devrel/cd3-automation-toolkit.git $toolkit_dir >> $logfile 2>&1
-cp -r $toolkit_dir/cd3_automation_toolkit /$mount_dir/oci_tools/
-cp -r $toolkit_dir/othertools /$mount_dir/oci_tools/
-sudo chown -R $username:$username /$mount_dir/oci_tools/
-stop_exec
 
-curl -H "Authorization: Bearer Oracle" -L http://169.254.169.254/opc/v2/instance/ -o /tmp/metadata.json
-metadata=$(cat /tmp/metadata.json)
-user_id=$(echo "$metadata" | jq -r '.metadata.current_user_ocid')
-cust_name=$(echo "$metadata" | jq -r '.metadata.tenancy_name')
-tenancy_id=$(echo "$metadata" | jq -r '.metadata.tenancy_ocid')
-config_region=$(echo "$metadata" | jq -r '.metadata.config_region')
-sudo sed -c -i "s/prefix=.*/prefix=$cust_name/" $tenancyconfig_properties
-sudo sed -c -i "s/tenancy_ocid=.*/tenancy_ocid=$tenancy_id/" $tenancyconfig_properties
-sudo sed -c -i "s/region=.*/region=$config_region/" $tenancyconfig_properties
-sudo sed -c -i "s/user_ocid=.*/user_ocid=$user_id/" $tenancyconfig_properties
+    curl -H "Authorization: Bearer Oracle" -L http://169.254.169.254/opc/v2/instance/ -o /tmp/metadata.json
+    metadata=$(cat /tmp/metadata.json)
+    user_id=$(echo "$metadata" | jq -r '.metadata.current_user_ocid')
+    cust_name=$(echo "$metadata" | jq -r '.metadata.tenancy_name')
+    tenancy_id=$(echo "$metadata" | jq -r '.metadata.tenancy_ocid')
+    config_region=$(echo "$metadata" | jq -r '.metadata.config_region')
+    sudo sed -c -i "s/prefix=.*/prefix=$cust_name/" $tenancyconfig_properties
+    sudo sed -c -i "s/tenancy_ocid=.*/tenancy_ocid=$tenancy_id/" $tenancyconfig_properties
+    sudo sed -c -i "s/region=.*/region=$config_region/" $tenancyconfig_properties
+    sudo sed -c -i "s/user_ocid=.*/user_ocid=$user_id/" $tenancyconfig_properties
 
-sudo sed -c -i "s/prefix=.*/prefix=$cust_name/" $connectOCI_properties
-sudo sed -c -i "s/tenancy_ocid=.*/tenancy_ocid=$tenancy_id/" $connectOCI_properties
-sudo sed -c -i "s/region=.*/region=$config_region/" $connectOCI_properties
-sudo sed -c -i "s/user_ocid=.*/user_ocid=$user_id/" $connectOCI_properties
+    sudo sed -c -i "s/prefix=.*/prefix=$cust_name/" $connectOCI_properties
+    sudo sed -c -i "s/tenancy_ocid=.*/tenancy_ocid=$tenancy_id/" $connectOCI_properties
+    sudo sed -c -i "s/region=.*/region=$config_region/" $connectOCI_properties
+    sudo sed -c -i "s/user_ocid=.*/user_ocid=$user_id/" $connectOCI_properties
 
-echo "***Building container image***" >> $logfile 2>&1
-cd /tmp
-cd githubCode
-sudo podman build --platform linux/amd64 -t cd3_toolkit -f Dockerfile --pull --no-cache . >> $logfile 2>&1
-stop_exec
-sudo podman images >> $logfile 2>&1
+    echo "***Building container image***" >> $logfile 2>&1
+    cd /tmp
+    cd githubCode
+    sudo podman build --platform linux/amd64 -t cd3_toolkit -f Dockerfile --pull --no-cache . >> $logfile 2>&1
+    stop_exec
+    sudo podman images >> $logfile 2>&1
 
-echo "***Setting Up podman Container***" >> $logfile 2>&1
-sudo podman run --name cd3_toolkit -it -p 8443:8443 -d -v /cd3user/mount_path:/cd3user  cd3_toolkit bash >> $logfile 2>&1
-stop_exec
-sudo podman ps -a >> $logfile 2>&1
-echo "Connect to Container using command - sudo podman exec -it cd3_toolkit bash " >> $logfile 2>&1
+    echo "***Setting Up podman Container***" >> $logfile 2>&1
+    sudo podman run --name cd3_toolkit -it -p 8443:8443 -d -v /cd3user/mount_path:/cd3user  cd3_toolkit bash >> $logfile 2>&1
+    stop_exec
+    sudo podman ps -a >> $logfile 2>&1
+    echo "Connect to Container using command - sudo podman exec -it cd3_toolkit bash " >> $logfile 2>&1
 
-#sudo systemctl start oracle-cloud-agent.service
+    #sudo systemctl start oracle-cloud-agent.service
 
-duration_sec=$(echo "$(date +%s.%N) - $start" | bc)
-duration_min=$(echo "$duration_sec%3600/60" | bc)
-execution_time=`printf "%.2f seconds" $duration_sec`
-echo "Script Execution Time in Seconds: $execution_time" >> $logfile 2>&1
-echo "Script Execution Time in Minutes: approx $duration_min Minutes" >> $logfile 2>&1
+    duration_sec=$(echo "$(date +%s.%N) - $start" | bc)
+    duration_min=$(echo "$duration_sec%3600/60" | bc)
+    execution_time=`printf "%.2f seconds" $duration_sec`
+    echo "Script Execution Time in Seconds: $execution_time" >> $logfile 2>&1
+    echo "Script Execution Time in Minutes: approx $duration_min Minutes" >> $logfile 2>&1

OCIWorkVMStack/versions.tf

@@ -1,6 +1,6 @@
 terraform {
 
-  required_version = "~> 1.2.0, < 1.3.0"
+  required_version = ">= 1.5.0"
   required_providers {
     oci = {
       version = ">= 4.21.0"

README.md

@@ -7,7 +7,7 @@
 
 <br>
 
-  [What's New](https://github.com/oracle-devrel/cd3-automation-toolkit/releases/tag/v2025.2.0) &nbsp;•&nbsp;[Excel Templates](https://oracle-devrel.github.io/cd3-automation-toolkit/latest/excel-templates/) &nbsp;•&nbsp;[CD3 Docs](https://oracle-devrel.github.io/cd3-automation-toolkit/)&nbsp;•&nbsp; [Watch & Learn](https://www.youtube.com/playlist?list=PLPIzp-E1msrbJ3WawXVhzimQnLw5iafcp) &nbsp;•&nbsp;[Blogs & Tutorials](https://oracle-devrel.github.io/cd3-automation-toolkit/latest/tutorials/) &nbsp;•&nbsp;[Livelabs](https://apexapps.oracle.com/pls/apex/f?p=133:180:112501098061930::::wid:3724) &nbsp;•&nbsp;[Slack Channel](https://oracle-devrel.github.io/cd3-automation-toolkit/latest/queries) 
+  [What's New](https://github.com/oracle-devrel/cd3-automation-toolkit/releases/tag/v2025.2.1) &nbsp;•&nbsp;[Excel Templates](https://oracle-devrel.github.io/cd3-automation-toolkit/latest/excel-templates/) &nbsp;•&nbsp;[CD3 Docs](https://oracle-devrel.github.io/cd3-automation-toolkit/)&nbsp;•&nbsp; [Watch & Learn](https://www.youtube.com/playlist?list=PLPIzp-E1msrbJ3WawXVhzimQnLw5iafcp) &nbsp;•&nbsp;[Blogs & Tutorials](https://oracle-devrel.github.io/cd3-automation-toolkit/latest/tutorials/) &nbsp;•&nbsp;[Livelabs](https://apexapps.oracle.com/pls/apex/f?p=133:180:112501098061930::::wid:3724) &nbsp;•&nbsp;[Slack Channel](https://oracle-devrel.github.io/cd3-automation-toolkit/latest/queries) 
 
 <br>
 

cd3_automation_toolkit/Release-Notes

@@ -1,3 +1,14 @@
+-------------------------------------
+CD3 Automation Toolkit Tag v2025.2.1
+Dec 26th, 2025
+-------------------------------------
+1. Support custom domain user for connecting the container to cloud while running connectCloud.py for OCI.
+2. Added support for X11 ExaInfra.
+3. Fixed ordering issue for agent plugins during instance export. Please use latest excel sheet corresponding to this release.
+4. Fixed attachment of routing policy to the load balancer listener.
+5. Minor bug fixes wrt SDDCs, Policies, jenkins warnings and other scripts.
+6. Updated CIS Compliance check script as per latest version available.
+
 -------------------------------------
 CD3 Automation Toolkit Tag v2025.2.0
 Oct 10th, 2025

cd3_automation_toolkit/connectCloud.py

@@ -5,7 +5,7 @@
 def main():
     if len(sys.argv) != 3:
         print("Usage: python connectCloud.py <cloud_provider> <properties_file_path>")
-        print("Example: python connectCloud.py oci tenancyconfig.properties")
+        print("Example: python connectCloud.py oci connectOCI.properties")
         print("Example: python connectCloud.py azure connectAzure.properties")
         return
 

cd3_automation_toolkit/connectOCI.properties

@@ -59,7 +59,7 @@ ssh_public_key=
 ##################################################################################################################
 
 
-# Compartment OCID where Bucket and DevOps Project/repo will be created; defaults to root if left empty.
+# Compartment Name/OCID where Bucket and DevOps Project/repo will be created; defaults to root if left empty.
 compartment_ocid=
 
 # Remote state configuration
@@ -84,8 +84,12 @@ oci_devops_git_repo_name=
 # or session_token
 # Customer Secret Key will be created for this user for S3 credentials of the bucket.
 # When left empty, it will be fetched from $(user_ocid) for $(auth_mechanism) as api_key.
-# Format: <domainName>/<userName>@<tenancyName> eg oracleidentitycloudservice/devopsuser@oracle.com@ocitenant
-# Users in Custom Domain are not supported as of now.
+
+# Format: <domainName>/<userName>@<tenancyName>
+# eg oracleidentitycloudservice/devopsuser@oracle.com@ocitenant - if it is not Identity Domain Tenancy
+# eg custom_domain/devopsuser@oracle.com@ocitenant if user is in Custom Domain in Identity Domain Tenancy
+# eg devopsuser@oracle.com@ocitenant - if user is in Default Domain in Identity Domain Tenancy
+
 oci_devops_git_user=
 
 # When left empty, same key file from $(key_path) used for $(auth_mechanism) as api_key will be copied to

cd3_automation_toolkit/ocicloud/python/OCI_Regions

@@ -18,13 +18,15 @@ johannesburg:af-johannesburg-1
 osaka:ap-osaka-1
 london:uk-london-1
 milan:eu-milan-1
-madrid:eu-madrid-1
 melbourne:ap-melbourne-1
 marseille:eu-marseille-1
 monterrey:mx-monterrey-1
 jerusalem:il-jerusalem-1
+turin:eu-turin-1
 tokyo:ap-tokyo-1
 chicago:us-chicago-1
+madrid-3:eu-madrid-3
+madrid-1:eu-madrid-1
 phoenix:us-phoenix-1
 queretaro:mx-queretaro-1
 riyadh:me-riyadh-1

cd3_automation_toolkit/ocicloud/python/cd3Services.py

@@ -32,7 +32,7 @@ def fetch_regions(self,config,signer):
         for reg in regions_list:
             cd3key = str(reg.name.split('-',1)[1]).lower()
 
-            if 'dcc' in cd3key:
+            if 'dcc' in cd3key or 'gov' in cd3key:
                 cd3key = str(cd3key.split('-',1)[1]).lower()
 
             name = str(reg.name).lower()