Skip to content

Commit

Permalink
Merged branch main into github
Browse files Browse the repository at this point in the history
  • Loading branch information
@hassankhokhar
hassankhokhar committed Aug 8, 2022
2 parents a8b850e + 53ad6e4 commit 7bc7ac9
Show file tree
Hide file tree
Showing 10 changed files with 137 additions and 105 deletions.
9 changes: 9 additions & 0 deletions source/packages/services/greengrass2-provisioning/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,15 @@ A template is what defines what components should be deployed to a Greengrass2 c

Replace `<template-name>` with the name of the template.

**NOTE: The template name is used as part of creating a thing group name, thing group applies limitation on how the name can be defined. Refer to the points below for quick reference and refer to the link on the thing group naming convention from the developer document**
[Thing Group Developer Document](https://docs.aws.amazon.com/iot/latest/developerguide/thing-groups.html)

```
- Thing group names can't contain international characters, such as û, é and ñ.
- You should not use personally identifiable information in your thing group name. The thing group name can appear in unencrypted communications and reports.
- You should not use a colon character ( : ) in a thing group name. The colon character is used as a delimiter by other AWS IoT services and this can cause them to parse strings with thing group names incorrectly.
```

#### Request

```sh
Expand Down
34 changes: 5 additions & 29 deletions source/packages/services/greengrass2-provisioning/src/deployments/deployments.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,35 +52,6 @@ export class DeploymentsService {
this.ggv2 = ggv2Factory();
}

// public async get(name:string): Promise<Core> {
// logger.debug(`deployments.service get: in: name:${name}`);

// ow(name, ow.string.nonEmpty);

// const coreFuture = this.coresDao.get(name);
// const installedComponentsFuture = this.ggv2.send(
// new ListInstalledComponentsCommand({
// coreDeviceThingName: name
// // TODO: manage pagination of installed components
// }));
// const [core, components] = await Promise.all([coreFuture, installedComponentsFuture]);
// logger.silly(`deployments.service get: components:${JSON.stringify(components)}`);

// core.installedComponents= [];
// if ((components.installedComponents?.length??0)>0) {
// for (const c of components.installedComponents) {
// core.installedComponents.push({
// key: c.componentName,
// version: c.componentVersion
// // TODO: determine whether installed component matches what is on template or not
// })
// }
// }

// logger.debug(`deployments.service get: exit: ${JSON.stringify(core)}`);
// return core;
// }

public async createDeployments(taskId: string, deployments: NewDeployment[]): Promise<Deployment[]> {
logger.debug(`deployments.service createDeployments: in: taskId:${taskId}, deployments: ${JSON.stringify(deployments)}`);

Expand Down Expand Up @@ -147,6 +118,7 @@ export class DeploymentsService {
try {
await this.ggv2.send(new GetCoreDeviceCommand({ coreDeviceThingName: deployment.coreName }));
} catch (e) {
logger.error(`deployments.service createDeployment: error: ${JSON.stringify(e)}`);
if (e.name === 'ResourceNotFoundException') {
this.markAsFailed(deployment, 'Core device not registered with Greengrass V2');
} else {
Expand Down Expand Up @@ -181,6 +153,7 @@ export class DeploymentsService {
logger.silly(`deployments.service createDeployment: CreateThingGroupCommandOutput: ${JSON.stringify(r)}`);
thingGroupArn = r.thingGroupArn;
} catch (e) {
logger.error(`deployments.service createDeployment: error: ${JSON.stringify(e)}`);
if (e.name === 'ResourceAlreadyExistsException') {
logger.warn(`deployments.service createDeployment: thingGroup: ${thingGroupName} already exists`);
const r = await this.iot.send(new DescribeThingGroupCommand({ thingGroupName }));
Expand Down Expand Up @@ -228,6 +201,7 @@ export class DeploymentsService {
logger.silly(`deployments.service createDeployment: TagResourceCommandOutput: ${JSON.stringify(tagResourceOutput)}`);

} catch (e) {
logger.error(`deployments.service createDeployment: error: ${JSON.stringify(e)}`);
this.markAsFailed(deployment, `Failed to create deployment: ${e.name}`);
}
}
Expand All @@ -237,6 +211,7 @@ export class DeploymentsService {
try {
await this.templatesService.associateDeployment(template)
} catch (e) {
logger.error(`deployments.service createDeployment: error: ${JSON.stringify(e)}`);
this.markAsFailed(deployment, `Failed to associate deployment with template: ${e.name}`);
}
}
Expand Down Expand Up @@ -272,6 +247,7 @@ export class DeploymentsService {
thingGroupName: template.deployment.thingGroupName
}));
} catch (e) {
logger.error(`deployments.service createDeployment: error: ${JSON.stringify(e)}`);
this.markAsFailed(deployment, `Failed to add core device to deployment thing group target: ${e.name}`);
}
}
Expand Down
12 changes: 12 additions & 0 deletions source/packages/services/installer/CHANGELOG.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,18 @@
{
"name": "@cdf/installer",
"entries": [
{
"version": "1.3.1",
"tag": "@cdf/installer_v1.3.1",
"date": "Thu, 04 Aug 2022 18:39:36 GMT",
"comments": {
"patch": [
{
"comment": "fix installer issue when specifying PCA alias"
}
]
}
},
{
"version": "1.3.0",
"tag": "@cdf/installer_v1.3.0",
Expand Down
9 changes: 8 additions & 1 deletion source/packages/services/installer/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,13 @@
# Change Log - @cdf/installer

This log was last generated on Fri, 29 Jul 2022 02:59:14 GMT and should not be manually modified.
This log was last generated on Thu, 04 Aug 2022 18:39:36 GMT and should not be manually modified.

## 1.3.1
Thu, 04 Aug 2022 18:39:36 GMT

### Patches

- fix installer issue when specifying PCA alias

## 1.3.0
Fri, 29 Jul 2022 02:59:14 GMT
Expand Down
2 changes: 1 addition & 1 deletion source/packages/services/installer/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@cdf/installer",
"version": "1.3.0",
"version": "1.3.1",
"description": "CDF install wizard.",
"author": "Dean Hart",
"scripts": {
Expand Down
151 changes: 80 additions & 71 deletions source/packages/services/installer/src/commands/modules/service/provisioning.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,69 +116,78 @@ export class ProvisioningInstaller implements RestModule {
},
}], updatedAnswers);

updatedAnswers = await inquirer.prompt([{
message: `Create or modify AWS IoT CA alias list ?`,
type: 'confirm',
name: 'provisioning.setIotCaAliases',
default: answers.provisioning?.setIotCaAliases ?? true,
askAnswered: true,
when(answers: Answers) {
return answers.provisioning?.pcaIntegrationEnabled;
}
}],updatedAnswers);

//Collect the IoT CA List
let iotCaFinished = false;
if(answers.provisioning.setIotCaAliases){
while (!iotCaFinished){
const iotCaAliases = await this.getIotCaAliases(updatedAnswers);
updatedAnswers.provisioning.iotCaAliases = iotCaAliases;
updatedAnswers = await inquirer.prompt([..._.getIoTCAPrompt(answers,iotCaAliases)],updatedAnswers);
// Update the iotCaAlias to upper case
updatedAnswers = await inquirer.prompt([{
message: `Create or modify AWS IoT CA alias list ?`,
type: 'confirm',
name: 'provisioning.setIotCaAliases',
default: answers.provisioning?.setIotCaAliases ?? true,
askAnswered: true,
when(answers: Answers) {
return answers.provisioning?.pcaIntegrationEnabled;
}
}], updatedAnswers);

//Collect the IoT CA List
let iotCaFinished = false;
if (updatedAnswers.provisioning?.setIotCaAliases) {
while (!iotCaFinished) {
const iotCaAliases = await this.getIotCaAliases(updatedAnswers);
updatedAnswers.provisioning.iotCaAliases = iotCaAliases;
updatedAnswers = await inquirer.prompt([..._.getIoTCAPrompt(answers, iotCaAliases)], updatedAnswers);
// Update the iotCaAlias to upper case
if (updatedAnswers.provisioning.iotCaAlias === undefined) {
updatedAnswers.provisioning.iotCaFinished = true
} else {
updatedAnswers.provisioning.iotCaAlias = updatedAnswers.provisioning.iotCaAlias.toUpperCase();
if (!updatedAnswers.provisioning.iotCaAliases.list.includes(updatedAnswers.provisioning.iotCaAlias)){
const alias = updatedAnswers.provisioning.iotCaAlias;
if (!updatedAnswers.provisioning.iotCaAliases.list.includes(updatedAnswers.provisioning.iotCaAlias)) {
const alias = updatedAnswers.provisioning.iotCaAlias;
const value = updatedAnswers.provisioning.iotCaArn;
updatedAnswers.provisioning.iotCaAliases.cas.push({alias, value});
updatedAnswers.provisioning.iotCaAliases.cas.push({ alias, value });
updatedAnswers.provisioning.iotCaAliases.list.push(alias);
}
iotCaFinished = answers.provisioning.iotCaFinished;
}

iotCaFinished = updatedAnswers.provisioning.iotCaFinished;
}
}

updatedAnswers = await inquirer.prompt([{
message: `Create or modify ACM PCA CA alias list ?`,
type: 'confirm',
name: 'provisioning.setPcaAliases',
default: answers.provisioning?.setPcaAliases ?? true,
askAnswered: true,
when(answers: Answers) {
return answers.provisioning?.pcaIntegrationEnabled;
},
}],updatedAnswers);

//Collect the ACM PCA List
let pcaFinished = false;
if(answers.provisioning.setPcaAliases){
while (!pcaFinished){
const pcaAliases = await this.getPcaAliases(updatedAnswers);
updatedAnswers.provisioning.pcaAliases = pcaAliases;
updatedAnswers = await inquirer.prompt([..._.getPCAPrompt(answers,pcaAliases)],updatedAnswers);

updatedAnswers = await inquirer.prompt([{
message: `Create or modify ACM PCA CA alias list ?`,
type: 'confirm',
name: 'provisioning.setPcaAliases',
default: answers.provisioning?.setPcaAliases ?? true,
askAnswered: true,
when(answers: Answers) {
return answers.provisioning?.pcaIntegrationEnabled;
},
}], updatedAnswers);

//Collect the ACM PCA List
let pcaFinished = false;
if (updatedAnswers.provisioning?.setPcaAliases) {
while (!pcaFinished) {
const pcaAliases = await this.getPcaAliases(updatedAnswers);
updatedAnswers.provisioning.pcaAliases = pcaAliases;
updatedAnswers = await inquirer.prompt([..._.getPCAPrompt(answers, pcaAliases)], updatedAnswers);
if (updatedAnswers.provisioning.pcaAlias === undefined) {
updatedAnswers.provisioning.pcaFinished = true
} else {
// Update the pcaAlias to upper case to be stored in the installer config
updatedAnswers.provisioning.pcaAlias = updatedAnswers.provisioning.pcaAlias.toUpperCase();
if (!updatedAnswers.provisioning.pcaAliases.list.includes(updatedAnswers.provisioning.pcaAlias)){
const alias = updatedAnswers.provisioning.pcaAlias;
if (!updatedAnswers.provisioning.pcaAliases.list.includes(updatedAnswers.provisioning.pcaAlias)) {
const alias = updatedAnswers.provisioning.pcaAlias;
const value = updatedAnswers.provisioning.pcaArn;
updatedAnswers.provisioning.pcaAliases.cas.push({alias, value});
updatedAnswers.provisioning.pcaAliases.cas.push({ alias, value });
updatedAnswers.provisioning.pcaAliases.list.push(alias);
}
pcaFinished = answers.provisioning.pcaFinished;

}
pcaFinished = updatedAnswers.provisioning.pcaFinished;
}
}

updatedAnswers = await inquirer.prompt([
...customDomainPrompt(this.name, answers),
...applicationConfigurationPrompt(this.name, answers, [
updatedAnswers = await inquirer.prompt([
...customDomainPrompt(this.name, answers),
...applicationConfigurationPrompt(this.name, answers, [
{
question: 'Allow service to delete AWS IoT Certificates ?',
defaultConfiguration: false,
Expand Down Expand Up @@ -209,8 +218,8 @@ export class ProvisioningInstaller implements RestModule {
defaultConfiguration: 'bullkrequests/',
propertyName: 'bulkRequestsPrefix',
}
])],updatedAnswers);
])], updatedAnswers);



return updatedAnswers;
Expand Down Expand Up @@ -331,7 +340,7 @@ export class ProvisioningInstaller implements RestModule {
if (!pca.alias.startsWith('PCA_')) {
alias = `PCA_${pca.alias.toUpperCase()}`;
}

configBuilder.add(alias, pca.value);
});

Expand All @@ -346,8 +355,8 @@ export class ProvisioningInstaller implements RestModule {
configBuilder.add(alias, ca.value);
});

if ((answers?.provisioning?.pcaRegion?.length??0) > 0){
configBuilder.add(`ACM_REGION`,answers.provisioning.pcaRegion);
if ((answers?.provisioning?.pcaRegion?.length ?? 0) > 0) {
configBuilder.add(`ACM_REGION`, answers.provisioning.pcaRegion);
}

configBuilder
Expand Down Expand Up @@ -387,7 +396,7 @@ export class ProvisioningInstaller implements RestModule {
}
try {
// append lambda ACM PCA Config to list if none are present in the configuration file
if (aliases.list.length == 0 ){
if (aliases.list.length == 0) {
const config = await lambda.getFunctionConfiguration({ FunctionName: `cdf-provisioning-rest-${answers.environment}` });
const variables = config.Environment?.Variables;
const appConfigStr = variables['APP_CONFIG'] as string;
Expand All @@ -402,7 +411,7 @@ export class ProvisioningInstaller implements RestModule {
}
}
});
}
}
} catch (e) {
e.name === 'ResourceNotFoundException' && console.log(`No suppliers found`);
}
Expand All @@ -426,7 +435,7 @@ export class ProvisioningInstaller implements RestModule {

// append lambda IoT CA list if none are present in the configuration file
try {
if (aliases.list.length == 0 ){
if (aliases.list.length == 0) {
const config = await lambda.getFunctionConfiguration({ FunctionName: `cdf-provisioning-rest-${answers.environment}` });
const variables = config.Environment?.Variables;
const appConfigStr = variables['APP_CONFIG'] as string;
Expand All @@ -441,7 +450,7 @@ export class ProvisioningInstaller implements RestModule {
}
}
});
}
}
} catch (e) {
e.name === 'ResourceNotFoundException' && console.log(`No suppliers found`);
}
Expand All @@ -452,23 +461,23 @@ export class ProvisioningInstaller implements RestModule {

}

private validateAcmPcaArn(arn: string): boolean |string {
private validateAcmPcaArn(arn: string): boolean | string {
return (/^arn:aws:acm-pca:\w+(?:-\w+)+:\d{12}:certificate-authority\/[A-Za-z0-9]+(?:-[A-Za-z0-9]+)+$/.test(arn)) ? true : "Value is not a valid ACM PCA Arn";

}

private validateAwsIotCaArn(arn: string): boolean|string {
return (/^arn:aws:iot:\w+(?:-\w+)+:\d{12}:cacert\/[A-Za-z0-9]+(?:[A-Za-z0-9]+)+$/.test(arn)) ? true : "Value is not a valid AWS IoT CA Arn";
private validateAwsIotCaArn(arn: string): boolean | string {
return (/^arn:aws:iot:\w+(?:-\w+)+:\d{12}:cacert\/[A-Za-z0-9]+(?:[A-Za-z0-9]+)+$/.test(arn)) ? true : "Value is not a valid AWS IoT CA Arn";
}

private validateAwsIAMRoleArn(arn: string): boolean|string {
return (/^arn:aws:iam::\d{12}:role\/[A-Za-z0-9]+(?:[A-Za-z0-9_-]+)+$/.test(arn)) ? true : "Value is not a valid IAM Role Arn";
private validateAwsIAMRoleArn(arn: string): boolean | string {
return (/^arn:aws:iam::\d{12}:role\/[A-Za-z0-9]+(?:[A-Za-z0-9_-]+)+$/.test(arn)) ? true : "Value is not a valid IAM Role Arn";
}

private getPCAPrompt( answers: Answers,pcaAliases:CAAliases): Question[]{
private getPCAPrompt(answers: Answers, pcaAliases: CAAliases): Question[] {
// eslint-disable-next-line
const _ = this;
const questions = [ {
const questions = [{
message: 'Select the ACM PCA aliases you wish to modify',
type: 'list',
name: 'provisioning.pcaAlias',
Expand Down Expand Up @@ -536,14 +545,14 @@ export class ProvisioningInstaller implements RestModule {
return answers.provisioning?.setPcaAliases === true;
},
}
];
];
return questions;
}

private getIoTCAPrompt( answers: Answers,iotCaAliases:CAAliases): Question[]{
private getIoTCAPrompt(answers: Answers, iotCaAliases: CAAliases): Question[] {
// eslint-disable-next-line
const _ =this;
const questions = [
const _ = this;
const questions = [
{
message: 'Select the AWS IoT CA aliases you wish to modify',
type: 'list',
Expand Down Expand Up @@ -612,7 +621,7 @@ export class ProvisioningInstaller implements RestModule {
return answers.provisioning?.setIotCaAliases === true;
},
}
];
];
return questions;
}
}
Loading

0 comments on commit 7bc7ac9

Please sign in to comment.