zowe · Martin-Zeithaml · Jul 10, 2025 · Jul 10, 2025 · Jul 10, 2025 · Jul 11, 2025
diff --git a/.github/workflows/link-checker.yml b/.github/workflows/link-checker.yml
@@ -26,16 +26,24 @@ jobs:
           done
 
       - name: Restore lychee cache
-        uses: actions/cache@v4
+        id: lychee-cache-restore
+        uses: actions/cache/restore@v4
         with:
           path: .lycheecache
-          key: cache-lychee-${{ github.base_ref || github.ref_name }}
+          key: cache-lychee-${{ github.event.pull_request.head.ref || github.base_ref || github.ref_name }}
           restore-keys: cache-lychee-
-          save-always: true
 
       - name: Run lychee
         uses: lycheeverse/lychee-action@v1
         with:
           args: "--accept 403,406,429 --cache --include-fragments --max-cache-age 1d --max-concurrency 2 --no-progress --timeout 60 --verbose 'docs/**/*.md'"
           fail: true
           token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Always save lychee cache
+        id: save-lychee-cache
+        if: always()
+        uses: actions/cache/save@v4
+        with:
+            key: ${{ steps.lychee-cache-restore.outputs.cache-primary-key }}
+            path: .lycheecache
diff --git a/docs/images/zosmf/inputvars-jcl-enable.png b/docs/images/zosmf/inputvars-jcl-enable.png
diff --git a/docs/user-guide/configure-zowe-runtime.md b/docs/user-guide/configure-zowe-runtime.md
@@ -18,7 +18,7 @@ After your installation of Zowe runtime, you can run the `zwe init` command to p
 * Create user IDs and security manager settings (Security Admin)
 * Provide APF authorize load libraries (Security Admin)
 * Configure Zowe to use TLS certificates (Security Admin)
-* Configure VSAM files to run the Zowe caching service used for high availability (HA)
+* Configure the Zowe caching service for high availability (HA)
 * Configure the system to launch the Zowe started task
 
 For more information about this z/OS runtime initialization method, see [Configuring Zowe with zwe init](./initialize-zos-system.md)

diff --git a/docs/user-guide/configuring-zowe-via-jcl.md b/docs/user-guide/configuring-zowe-via-jcl.md
diff --git a/docs/user-guide/initialize-zos-system.md b/docs/user-guide/initialize-zos-system.md
@@ -6,9 +6,10 @@ Once you complete the installation of the Zowe runtime, begin configuration by i
 :::
 
 ## About the `zwe init` command
-
-The `zwe init` command is a combination of the following subcommands. Each subcommand defines a configuration.
-
+ Each subcommand defines a configuration.
+The `zwe init` command is a combination of the following subcommands. Except the generate, each subcommand defines a configuration.
+- **generate**
+Generates ready to execute JCL samples from YAML configuration values.
 - **mvs**
 Copies the data sets provided with Zowe to custom data sets.
 - **security**
@@ -31,22 +32,9 @@ We recommend you to run these sub commands one by one to clearly see the output
 Enter `zwe init --help` to learn more about the command or see the [`zwe init` command reference](../appendix/zwe_server_command_reference/zwe/init/zwe-init-vsam.md) for detailed explanation, examples, and parameters.
 :::
 
-## zwe init arguments
-
-The following `zwe init` arguments can assist you with the initization process:
-
-- **--update-config**  
- This argument allows the init process to update your configuration file based on automatic detection and your `zowe.setup` settings. For example, if `java.home` and `node.home` are not defined, they can be updated based on the information that is collected on the system. `zowe.certificate` section can also be updated automatically based on your `zowe.setup.certificate` settings.
-- **--allow-overwrite**  
- This argument allows you to rerun the `zwe init` command repeatedly regardless of whether some data sets are already created.
-- **-v** or **--verbose**  
-   This argument provides execution details of the `zwe` command. You can use it for troubleshooting purposes if the error message is not clear enough.
-- **-vv** or **--trace**  
- This argument provides you more execution details than the `--verbose` mode for troubleshooting purposes.
-
 ## Zowe initilization command
 
-The `zwe init` command runs the subcommands in sequence automatically. If you have the Zowe configuration file preparted and have security administrator privileges, or security and certificates setup was already completed on the system, you can run the following command:
+The `zwe init` command runs the subcommands in sequence automatically. If you have the Zowe configuration file prepared and have security administrator privileges, or security and certificates setup was already completed on the system, you can run the following command:
 
 ```
 zwe init --config /path/to/zowe.yaml

diff --git a/docs/user-guide/install-zowe-server-install-wizard.md b/docs/user-guide/install-zowe-server-install-wizard.md
@@ -184,15 +184,15 @@ The following table presents the steps in the installation, detailed description
 
 |Install Wizard Initalization Step|Description|Sample JCL|
 |---|---|---|
-|Installation|**Purpose:**<br /> Create datasets for Zowe's PARMLIB content and non-ZFS extension content for a given Zowe Instance<br /><br />**Action:**<br />1.  Allocate the PDSE FB80 dataset with at least 15 tracks named from Zowe parameter `zowe.setup.dataset.parmlib`<br />2. Allocate the PDSE FB80 dataset with at least 30 tracks named from Zowe parameter `zowe.setup.dataset.authPluginLib`<br />3. Copy the ZWESIP00 member from `zowe.setup.dataset.prefix`.SZWESAMP into `zowe.setup.dataset.parmlib`|[ZWEIMVS](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIMVS)|
-|APF Auth|**Purpose:**<br /> Zowe contains one privileged component, ZIS, which enables the security model. The majority of Zowe is unprivileged and in key 8. The load library for the ZIS component and its extension library must be set as APF authorized and run in key 4. This enables ZIS and components that depend on ZIS.<br /><br />**Action:**<br />1. APF authorize the datasets defined at `zowe.setup.dataset.authLoadlib` and `zowe.setup.dataset.authPluginLib`.<br />2. <!-- This should be validated --> Define PPT entries for the members ZWESIS01 and ZWESAUX as Key 4, NOSWAP in the SCHEDxx member of the system PARMLIB.|[ZWEIAPF](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIAPF)|
-|Security|**Purpose:**<br /> The STC accounts for Zowe need permissions for operating servers, and users need permissions for interacting with the servers.<br /><br />**Action:**<br /> [Set SAF permissions for accounts](https://docs.zowe.org/stable/user-guide/assign-security-permissions-to-users#security-permissions-reference-table)|RACF: [ZWEIRAC](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIRAC)<br /><br />TSS: [ZWEITSS](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEITSS)<br /><br />ACF2: [ZWEIACF](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIACF)|
-|Security|(z/OS v2.4 ONLY) Create Zowe SAF Resource Class|This is not needed on z/OS v2.5+. On z/OS v2.4, the SAF resource class for Zowe is not included, and must be created. See these samples for examples:<br /><br />RACF: [ZWEIRACZ](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIRACZ)<br /><br />TSS: [ZWEITSSZ](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEITSSZ)<br /><br />ACF2: [ZWEIACFZ](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIACFZ)|
-|Certificates Option 1|Zowe creates a keyring and populates it with a newly generated certificate and certificate authority. The certificate would be seen as "self-signed" by clients unless import of the CA to clients is performed.|RACF: [ZWEIKRR1](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRR1)<br /><br />TSS: [ZWEIKRT1](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRT1)<br /><br />ACF2: [ZWEIKRA1](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRA1)|
-|Certificates Option 2|Zowe creates a keyring and populates the keyring by connecting pre-existing certificates and CAs that you specify.|RACF: [ZWEIKRR2](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRR2)<br /><br />TSS: [ZWEIKRT2](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRT2)<br /><br />ACF2: [ZWEIKRA2](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRA2)|
-|Certificates Option 3|Zowe creates a keyring and populates the keyring by importing PKCS12 content from a dataset that you specify.|RACF: [ZWEIKRR3](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRR3)<br /><br />TSS: [ZWEIKRT3](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRT3)<br /><br />ACF2: [ZWEIKRA3](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRA3)|
-|STC|**Purpose**:<br /> ZWESLSTC is the job for running Zowe's webservers. ZWESISTC runs the APF authorized cross-memory server. The ZWESASTC job is started by ZWESISTC on an as-needed basis.<br /><br />**Action**:<br /> Copy the members ZWESLSTC, ZWESISTC, and ZWESASTC into your desired PROCLIB. If the job names are customized, modify the job name YAML values in `zowe.setup.security.stcs`|[ZWEISTC](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEISTC)|
-|(Optional) VSAM for Caching Service (NYI)|**Purpose:**<br /> To use VSAM as your storage method for the Caching Service. Note that Infinispan is the recommended storage method. For more information, see [Using VSAM as a storage solution through the Caching service](../extend/extend-apiml/api-mediation-vsam.md).<br /><br />**Action:**<br /> Create a RLM or NONRLM dataset for the Caching service, and set the name as the value for `components.caching-service.storage.vsam.name`|[ZWECSVSM](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWECSVSM)|
+|Installation|**Purpose:**<br /> Create datasets for Zowe's PARMLIB content and non-ZFS extension content for a given Zowe Instance<br /><br />**Action:**<br />1.  Allocate the PDSE FB80 dataset with at least 15 tracks named from Zowe parameter `zowe.setup.dataset.parmlib`<br />2. Allocate the PDSE FB80 dataset with at least 30 tracks named from Zowe parameter `zowe.setup.dataset.authPluginLib`<br />3. Copy the ZWESIP00 member from `zowe.setup.dataset.prefix`.SZWESAMP into `zowe.setup.dataset.parmlib`|[ZWEIMVS](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIMVS)|
+|APF Auth|**Purpose:**<br /> Zowe contains one privileged component, ZIS, which enables the security model. The majority of Zowe is unprivileged and in key 8. The load library for the ZIS component and its extension library must be set as APF authorized and run in key 4. This enables ZIS and components that depend on ZIS.<br /><br />**Action:**<br />1. APF authorize the datasets defined at `zowe.setup.dataset.authLoadlib` and `zowe.setup.dataset.authPluginLib`.<br />2. <!-- This should be validated --> Define PPT entries for the members ZWESIS01 and ZWESAUX as Key 4, NOSWAP in the SCHEDxx member of the system PARMLIB.|[ZWEIAPF](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIAPF)|
+|Security|**Purpose:**<br /> The STC accounts for Zowe need permissions for operating servers, and users need permissions for interacting with the servers.<br /><br />**Action:**<br /> [Set SAF permissions for accounts](https://docs.zowe.org/stable/user-guide/assign-security-permissions-to-users#security-permissions-reference-table)|RACF: [ZWEIRAC](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIRAC)<br /><br />TSS: [ZWEITSS](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEITSS)<br /><br />ACF2: [ZWEIACF](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIACF)|
+|Security|(z/OS v2.4 ONLY) Create Zowe SAF Resource Class|This is not needed on z/OS v2.5+. On z/OS v2.4, the SAF resource class for Zowe is not included, and must be created. See these samples for examples:<br /><br />RACF: [ZWEIRACZ](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIRACZ)<br /><br />TSS: [ZWEITSSZ](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEITSSZ)<br /><br />ACF2: [ZWEIACFZ](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIACFZ)|
+|Certificates Option 1|Zowe creates a keyring and populates it with a newly generated certificate and certificate authority. The certificate would be seen as "self-signed" by clients unless import of the CA to clients is performed.|RACF: [ZWEIKRR1](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRR1)<br /><br />TSS: [ZWEIKRT1](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRT1)<br /><br />ACF2: [ZWEIKRA1](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRA1)|
+|Certificates Option 2|Zowe creates a keyring and populates the keyring by connecting pre-existing certificates and CAs that you specify.|RACF: [ZWEIKRR2](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRR2)<br /><br />TSS: [ZWEIKRT2](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRT2)<br /><br />ACF2: [ZWEIKRA2](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRA2)|
+|Certificates Option 3|Zowe creates a keyring and populates the keyring by importing PKCS12 content from a dataset that you specify.|RACF: [ZWEIKRR3](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRR3)<br /><br />TSS: [ZWEIKRT3](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRT3)<br /><br />ACF2: [ZWEIKRA3](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEIKRA3)|
+|STC|**Purpose**:<br /> ZWESLSTC is the job for running Zowe's webservers. ZWESISTC runs the APF authorized cross-memory server. The ZWESASTC job is started by ZWESISTC on an as-needed basis.<br /><br />**Action**:<br /> Copy the members ZWESLSTC, ZWESISTC, and ZWESASTC into your desired PROCLIB. If the job names are customized, modify the job name YAML values in `zowe.setup.security.stcs`|[ZWEISTC](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWEISTC)|
+|(Optional) VSAM for Caching Service (NYI)|**Purpose:**<br /> To use VSAM as your storage method for the Caching Service. Note that Infinispan is the recommended storage method. For more information, see [Using VSAM as a storage solution through the Caching service](../extend/extend-apiml/api-mediation-vsam.md).<br /><br />**Action:**<br /> Create a RLM or NONRLM dataset for the Caching service, and set the name as the value for `components.caching-service.storage.vsam.name`|[ZWECSVSM](https://github.com/zowe/zowe-install-packaging/tree/v3.x/master/files/SZWESAMP/ZWECSVSM)|
 
 ## Final Review
 

diff --git a/docs/user-guide/installandconfig.md b/docs/user-guide/installandconfig.md
@@ -213,8 +213,6 @@ When you execute the `zwe` command, the `--config` or `-c` argument is used to p
 * To avoid passing `--config` or `-c` to every `zwe` command, you can define `ZWE_CLI_PARAMETER_CONFIG` environment variable points to the location of zowe.yaml.
 
   For example, after defining `export ZWE_CLI_PARAMETER_CONFIG=/path/to/my/zowe.yaml`, you can simply type `zwe start` instead of the full command `zwe start -c /path/to/my/zowe.yaml`.
-
-* If you are new to the `example-zowe.yaml` configuration file, you can start with entries that are marked with `COMMONLY_CUSTOMIZED`. It highlights most of the common configurations, such as directories, host and domain name, service ports, certificate setup, and z/OSMF, which are critical for standing a new Zowe instance.
 :::
 
 ### Workspace directory
@@ -237,7 +235,7 @@ Multiple Zowe instances can define different log directories. It is not necessar
 
 The log directory should be defined in your Zowe configuration file as `zowe.logDirectory`.
 
-### Keystore directory
+### (Optional) Keystore directory
 
 Zowe uses certificates to enable transport layer security. The system administrator can choose to use z/OS Keyring or PKCS#12 keystore for certificate storage. A keystore directory is created and used if PKCS#12 keystore is chosen.
 
@@ -255,7 +253,7 @@ Zowe uses certificates to enable transport layer security. The system administra
     └── localhost.truststore.p12          - Zowe trusted certificate authorities in PKCS#12 format
 ```
 
-To generate a keystore directory, you need proper `zowe.setup.certificate` configuration defined in the Zowe configuration file. Execute the server command `zwe init certificate`. To learn more about this command, see the [Reference of zwe init certificate](../appendix/zwe_server_command_reference/zwe/init/zwe-init-certificate.md) in the appendix.
+To generate a keystore directory tree, you need to define `zowe.setup.certificate` configuration in the Zowe configuration file. The keystore directory provided to the Zowe configuration must first be created by an administrator. Sub-directories will be created when you run `zwe init certificate` during [certificate configuration steps](https://docs.zowe.org/stable/user-guide/configure-certificates). To learn more about this command, see the [Reference of zwe init certificate](../appendix/zwe_server_command_reference/zwe/init/zwe-init-certificate.md) in the appendix.
 
 ### Extension directory