diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e42f889a..2fd319bb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,6 +19,7 @@ env: DA_SHADOW_VALUE_SET: ON DA_SHADOW_VALUE_DEFAULT: OFF CI_UTILS_FOLDER: "./aws-iot-device-sdk-python-v2/utils" + CI_SAMPLES_CFG_FOLDER: "./aws-iot-device-sdk-python-v2/.github/workflows" CI_SAMPLES_FOLDER: "./aws-iot-device-sdk-python-v2/samples" CI_IOT_CONTAINERS_ROLE: ${{ secrets.AWS_CI_IOT_CONTAINERS }} CI_PUBSUB_ROLE: ${{ secrets.AWS_CI_PUBSUB_ROLE }} @@ -27,6 +28,7 @@ env: CI_JOBS_ROLE: ${{ secrets.AWS_CI_JOBS_ROLE }} CI_FLEET_PROVISIONING_ROLE: ${{ secrets.AWS_CI_FLEET_PROVISIONING_ROLE }} CI_DEVICE_ADVISOR: ${{ secrets.AWS_CI_DEVICE_ADVISOR_ROLE }} + CI_MQTT5_ROLE: ${{ secrets.AWS_CI_MQTT5_ROLE }} jobs: all-python-versions: @@ -105,13 +107,18 @@ jobs: aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run PubSub sample run: | - python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/pubsub.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' - - name: run MQTT5 PubSub sample - run: | - python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/mqtt5_pubsub.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' + python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_cfg.json - name: run Windows Certificate Connect sample run: | - python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/windows_cert_connect.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' --sample_run_certutil true + python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_windows_cert_connect_cfg.json + - name: configure AWS credentials (MQTT5 samples) + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ env.CI_MQTT5_ROLE }} + aws-region: ${{ env.AWS_DEFAULT_REGION }} + - name: run MQTT5 PubSub sample + run: | + python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_cfg.json - name: configure AWS credentials (Device Advisor) uses: aws-actions/configure-aws-credentials@v1 with: @@ -142,10 +149,15 @@ jobs: aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run PubSub sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/pubsub.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_cfg.json + - name: configure AWS credentials (MQTT5 samples) + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ env.CI_MQTT5_ROLE }} + aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run MQTT5 PubSub sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/mqtt5_pubsub.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_cfg.json - name: configure AWS credentials (Device Advisor) uses: aws-actions/configure-aws-credentials@v1 with: @@ -176,10 +188,15 @@ jobs: aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run PubSub sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/pubsub.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_cfg.json + - name: configure AWS credentials (MQTT5 samples) + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ env.CI_MQTT5_ROLE }} + aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run MQTT5 PubSub sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/mqtt5_pubsub.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_cfg.json - name: configure AWS credentials (Device Advisor) uses: aws-actions/configure-aws-credentials@v1 with: @@ -214,28 +231,39 @@ jobs: aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run Basic Connect sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/basic_connect.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_basic_connect_cfg.json - name: run Websocket Connect sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/websocket_connect.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_arguments '--signing_region us-east-1' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_websocket_connect_cfg.json - name: run PubSub sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/pubsub.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_cfg.json + - name: run PKCS11 Connect sample + run: | + mkdir -p /tmp/tokens + export SOFTHSM2_CONF=/tmp/softhsm2.conf + echo "directories.tokendir = /tmp/tokens" > /tmp/softhsm2.conf + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pkcs11_connect_cfg.json + - name: configure AWS credentials (MQTT5 samples) + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ env.CI_MQTT5_ROLE }} + aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run MQTT5 PubSub sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/mqtt5_pubsub.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/key' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_cfg.json - name: run MQTT5 PKCS11 Connect sample run: | mkdir -p /tmp/mqtt5/tokens export SOFTHSM2_CONF=/tmp/softhsm2.conf echo "directories.tokendir = /tmp/mqtt5/tokens" > /tmp/softhsm2.conf - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/mqtt5_pkcs11_connect.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/keyp8' --sample_run_softhsm 'true' --sample_arguments '--pkcs11_lib /usr/lib/softhsm/libsofthsm2.so --pin 0000 --token_label my-token --key_label my-key' - - name: run PKCS11 Connect sample + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pkcs11_connect_cfg.json + - name: run MQTT5 CustomAuthorizerConnect sample run: | - mkdir -p /tmp/tokens - export SOFTHSM2_CONF=/tmp/softhsm2.conf - echo "directories.tokendir = /tmp/tokens" > /tmp/softhsm2.conf - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/pkcs11_connect.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/PubSub/cert' --sample_secret_private_key 'ci/PubSub/keyp8' --sample_run_softhsm 'true' --sample_arguments '--pkcs11_lib /usr/lib/softhsm/libsofthsm2.so --pin 0000 --token_label my-token --key_label my-key' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_custom_authorizer_cfg.json + - name: run MQTT5 CustomAuthorizerConnect sample (websockets) + run: | + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_custom_authorizer_websockets_cfg.json - name: configure AWS credentials (Custom Authorizer) uses: aws-actions/configure-aws-credentials@v1 with: @@ -243,13 +271,7 @@ jobs: aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run CustomAuthorizerConnect sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/custom_authorizer_connect.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_custom_authorizer_name 'ci/CustomAuthorizer/name' --sample_secret_custom_authorizer_password 'ci/CustomAuthorizer/password' - - name: run MQTT5 CustomAuthorizerConnect sample - run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/mqtt5_custom_authorizer_connect.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_custom_authorizer_name 'ci/CustomAuthorizer/name' --sample_secret_custom_authorizer_password 'ci/CustomAuthorizer/password' - - name: run MQTT5 CustomAuthorizerConnect sample (websockets) - run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/mqtt5_custom_authorizer_connect.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_custom_authorizer_name 'ci/CustomAuthorizer/name' --sample_secret_custom_authorizer_password 'ci/CustomAuthorizer/password' --sample_arguments '--use_websockets true' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_custom_authorizer_connect_cfg.json - name: configure AWS credentials (Shadow) uses: aws-actions/configure-aws-credentials@v1 with: @@ -257,7 +279,7 @@ jobs: aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run Shadow sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/shadow.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/Shadow/cert' --sample_secret_private_key 'ci/Shadow/key' --sample_arguments '--thing_name CI_Shadow_Thing' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_shadow_cfg.json - name: configure AWS credentials (Jobs) uses: aws-actions/configure-aws-credentials@v1 with: @@ -265,7 +287,7 @@ jobs: aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: run Jobs sample run: | - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/jobs.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/Jobs/cert' --sample_secret_private_key 'ci/Jobs/key' --sample_arguments '--thing_name CI_Jobs_Thing' + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_jobs_cfg.json - name: configure AWS credentials (Fleet provisioning) uses: aws-actions/configure-aws-credentials@v1 with: @@ -275,7 +297,7 @@ jobs: run: | echo "Generating UUID for IoT thing" Sample_UUID=$(python3 -c "import uuid; print (uuid.uuid4())") - python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --language Python --sample_file "${{ env.CI_SAMPLES_FOLDER }}/fleetprovisioning.py" --sample_region ${{ env.AWS_DEFAULT_REGION }} --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/FleetProvisioning/cert' --sample_secret_private_key 'ci/FleetProvisioning/key' --sample_arguments "--template_name CI_FleetProvisioning_Template --template_parameters {\"SerialNumber\":\"${Sample_UUID}\"}" + python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_fleet_provisioning_cfg.json --input_uuid ${Sample_UUID} python3 ${{ env.CI_UTILS_FOLDER }}/delete_iot_thing_ci.py --thing_name "Fleet_Thing_${Sample_UUID}" --region "us-east-1" # check that docs can still build diff --git a/.github/workflows/ci_run_basic_connect_cfg.json b/.github/workflows/ci_run_basic_connect_cfg.json new file mode 100644 index 00000000..fae564c2 --- /dev/null +++ b/.github/workflows/ci_run_basic_connect_cfg.json @@ -0,0 +1,22 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/basic_connect.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "secret": "ci/PubSub/cert", + "filename": "tmp_certificate.pem" + }, + { + "name": "--key", + "secret": "ci/PubSub/key", + "filename": "tmp_key.pem" + } + ] +} diff --git a/.github/workflows/ci_run_custom_authorizer_connect_cfg.json b/.github/workflows/ci_run_custom_authorizer_connect_cfg.json new file mode 100644 index 00000000..cbd9afa9 --- /dev/null +++ b/.github/workflows/ci_run_custom_authorizer_connect_cfg.json @@ -0,0 +1,20 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/custom_authorizer_connect.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--custom_auth_authorizer_name", + "secret": "ci/CustomAuthorizer/name" + }, + { + "name": "--custom_auth_password", + "secret": "ci/CustomAuthorizer/password" + } + ] +} diff --git a/.github/workflows/ci_run_fleet_provisioning_cfg.json b/.github/workflows/ci_run_fleet_provisioning_cfg.json new file mode 100644 index 00000000..0370102f --- /dev/null +++ b/.github/workflows/ci_run_fleet_provisioning_cfg.json @@ -0,0 +1,30 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/fleetprovisioning.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "secret": "ci/FleetProvisioning/cert", + "filename": "tmp_certificate.pem" + }, + { + "name": "--key", + "secret": "ci/FleetProvisioning/key", + "filename": "tmp_key.pem" + }, + { + "name": "--template_name", + "data": "CI_FleetProvisioning_Template" + }, + { + "name": "--template_parameters", + "data": "{\"SerialNumber\":\"$INPUT_UUID\"}" + } + ] +} diff --git a/.github/workflows/ci_run_jobs_cfg.json b/.github/workflows/ci_run_jobs_cfg.json new file mode 100644 index 00000000..bb7300d2 --- /dev/null +++ b/.github/workflows/ci_run_jobs_cfg.json @@ -0,0 +1,26 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/jobs.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "secret": "ci/Jobs/cert", + "filename": "tmp_certificate.pem" + }, + { + "name": "--key", + "secret": "ci/Jobs/key", + "filename": "tmp_key.pem" + }, + { + "name": "--thing_name", + "data": "CI_Jobs_Thing" + } + ] +} diff --git a/.github/workflows/ci_run_mqtt5_custom_authorizer_cfg.json b/.github/workflows/ci_run_mqtt5_custom_authorizer_cfg.json new file mode 100644 index 00000000..f3608180 --- /dev/null +++ b/.github/workflows/ci_run_mqtt5_custom_authorizer_cfg.json @@ -0,0 +1,20 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/mqtt5_custom_authorizer_connect.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--custom_auth_authorizer_name", + "secret": "ci/CustomAuthorizer/name" + }, + { + "name": "--custom_auth_password", + "secret": "ci/CustomAuthorizer/password" + } + ] +} diff --git a/.github/workflows/ci_run_mqtt5_custom_authorizer_websockets_cfg.json b/.github/workflows/ci_run_mqtt5_custom_authorizer_websockets_cfg.json new file mode 100644 index 00000000..c77cbc12 --- /dev/null +++ b/.github/workflows/ci_run_mqtt5_custom_authorizer_websockets_cfg.json @@ -0,0 +1,24 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/mqtt5_custom_authorizer_connect.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--custom_auth_authorizer_name", + "secret": "ci/CustomAuthorizer/name" + }, + { + "name": "--custom_auth_password", + "secret": "ci/CustomAuthorizer/password" + }, + { + "name": "--use_websockets", + "data": "true" + } + ] +} diff --git a/.github/workflows/ci_run_mqtt5_pkcs11_connect_cfg.json b/.github/workflows/ci_run_mqtt5_pkcs11_connect_cfg.json new file mode 100644 index 00000000..a8aaa3d9 --- /dev/null +++ b/.github/workflows/ci_run_mqtt5_pkcs11_connect_cfg.json @@ -0,0 +1,39 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/mqtt5_pkcs11_connect.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "secret": "ci/PubSub/cert", + "filename": "tmp_certificate.pem" + }, + { + "name": "--key", + "secret": "ci/PubSub/keyp8", + "filename": "tmp_key.pem", + "pkcs11_key": "true" + }, + { + "name": "--pkcs11_lib", + "data": "/usr/lib/softhsm/libsofthsm2.so" + }, + { + "name": "--pin", + "data": "0000" + }, + { + "name": "--token_label", + "data": "my-token" + }, + { + "name": "--key_label", + "data": "my-key" + } + ] +} diff --git a/.github/workflows/ci_run_mqtt5_pubsub_cfg.json b/.github/workflows/ci_run_mqtt5_pubsub_cfg.json new file mode 100644 index 00000000..28410e29 --- /dev/null +++ b/.github/workflows/ci_run_mqtt5_pubsub_cfg.json @@ -0,0 +1,22 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/mqtt5_pubsub.py", + "sample_region": "us-east-1", + "sample_main_class": "mqtt5.pubsub.PubSub", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "secret": "ci/mqtt5/us/mqtt5_thing/cert", + "filename": "tmp_certificate.pem" + }, + { + "name": "--key", + "secret": "ci/mqtt5/us/mqtt5_thing/key", + "filename": "tmp_key.pem" + } + ] +} diff --git a/.github/workflows/ci_run_pkcs11_connect_cfg.json b/.github/workflows/ci_run_pkcs11_connect_cfg.json new file mode 100644 index 00000000..dfcf9cdc --- /dev/null +++ b/.github/workflows/ci_run_pkcs11_connect_cfg.json @@ -0,0 +1,39 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/pkcs11_connect.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "secret": "ci/PubSub/cert", + "filename": "tmp_certificate.pem" + }, + { + "name": "--key", + "secret": "ci/PubSub/keyp8", + "filename": "tmp_key.pem", + "pkcs11_key": "true" + }, + { + "name": "--pkcs11_lib", + "data": "/usr/lib/softhsm/libsofthsm2.so" + }, + { + "name": "--pin", + "data": "0000" + }, + { + "name": "--token_label", + "data": "my-token" + }, + { + "name": "--key_label", + "data": "my-key" + } + ] +} diff --git a/.github/workflows/ci_run_pubsub_cfg.json b/.github/workflows/ci_run_pubsub_cfg.json new file mode 100644 index 00000000..a10cbf34 --- /dev/null +++ b/.github/workflows/ci_run_pubsub_cfg.json @@ -0,0 +1,22 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/pubsub.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "secret": "ci/PubSub/cert", + "filename": "tmp_certificate.pem" + }, + { + "name": "--key", + "secret": "ci/PubSub/key", + "filename": "tmp_key.pem" + } + ] +} diff --git a/.github/workflows/ci_run_shadow_cfg.json b/.github/workflows/ci_run_shadow_cfg.json new file mode 100644 index 00000000..01fd4824 --- /dev/null +++ b/.github/workflows/ci_run_shadow_cfg.json @@ -0,0 +1,30 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/shadow.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "secret": "ci/Shadow/cert", + "filename": "tmp_certificate.pem" + }, + { + "name": "--key", + "secret": "ci/Shadow/key", + "filename": "tmp_key.pem" + }, + { + "name": "--thing_name", + "data": "CI_Shadow_Thing" + }, + { + "name": "--is_ci", + "data": "true" + } + ] +} diff --git a/.github/workflows/ci_run_websocket_connect_cfg.json b/.github/workflows/ci_run_websocket_connect_cfg.json new file mode 100644 index 00000000..d21980cd --- /dev/null +++ b/.github/workflows/ci_run_websocket_connect_cfg.json @@ -0,0 +1,16 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/websocket_connect.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--signing_region", + "data": "us-east-1" + } + ] +} diff --git a/.github/workflows/ci_run_windows_cert_connect_cfg.json b/.github/workflows/ci_run_windows_cert_connect_cfg.json new file mode 100644 index 00000000..2e16ae15 --- /dev/null +++ b/.github/workflows/ci_run_windows_cert_connect_cfg.json @@ -0,0 +1,20 @@ +{ + "language": "Python", + "sample_file": "./aws-iot-device-sdk-python-v2/samples/windows_cert_connect.py", + "sample_region": "us-east-1", + "sample_main_class": "", + "arguments": [ + { + "name": "--endpoint", + "secret": "ci/endpoint" + }, + { + "name": "--cert", + "windows_cert_certificate": "ci/PubSub/cert", + "windows_cert_certificate_path": "tmp_cert.pem", + "windows_cert_key": "ci/PubSub/key", + "windows_cert_key_path": "tmp_key.pem", + "windows_cert_pfx_key_path": "tmp_pfx.pem" + } + ] +} diff --git a/utils/run_sample_ci.py b/utils/run_sample_ci.py index 34d38929..fb6dc6ef 100644 --- a/utils/run_sample_ci.py +++ b/utils/run_sample_ci.py @@ -7,6 +7,7 @@ import subprocess import pathlib import sys +import json # Needs to be installed via pip import boto3 # - for launching sample @@ -15,136 +16,126 @@ current_folder += "\\" else: current_folder += "/" -tmp_certificate_file_path = str(current_folder) + "tmp_certificate.pem" -tmp_private_key_path = str(current_folder) + "tmp_privatekey.pem.key" -tmp_pfx_file_path = str(current_folder) + "tmp_pfx_certificate.pfx" -tmp_pfx_certificate_path = "" -tmp_pfx_certificate_store_location = "CurrentUser\\My" -tmp_pfx_password = "" # Setting a password causes issues, but an empty string is valid so we use that - - -def get_secrets_and_launch(parsed_commands): - global tmp_certificate_file_path - global tmp_private_key_path - global tmp_pfx_file_path - global tmp_pfx_certificate_path - exit_code = 0 - sample_endpoint = "" - sample_certificate = "" - sample_private_key = "" - sample_custom_authorizer_name = "" - sample_custom_authorizer_password = "" - print("Attempting to get credentials from secrets using Boto3...") - secrets_client = boto3.client( - "secretsmanager", region_name=parsed_commands.sample_region) - try: - if (parsed_commands.sample_secret_endpoint != ""): - sample_endpoint = secrets_client.get_secret_value( - SecretId=parsed_commands.sample_secret_endpoint)["SecretString"] - if (parsed_commands.sample_secret_certificate != ""): - secret_data = secrets_client.get_secret_value( - SecretId=parsed_commands.sample_secret_certificate) - with open(tmp_certificate_file_path, "w") as file: - # lgtm [py/clear-text-storage-sensitive-data] - file.write(secret_data["SecretString"]) - sample_certificate = tmp_certificate_file_path - if (parsed_commands.sample_secret_private_key != ""): - secret_data = secrets_client.get_secret_value( - SecretId=parsed_commands.sample_secret_private_key) - with open(tmp_private_key_path, "w") as file: - # lgtm [py/clear-text-storage-sensitive-data] - file.write(secret_data["SecretString"]) - sample_private_key = tmp_private_key_path - if (parsed_commands.sample_secret_custom_authorizer_name != ""): - sample_custom_authorizer_name = secrets_client.get_secret_value( - SecretId=parsed_commands.sample_secret_custom_authorizer_name)["SecretString"] - if (parsed_commands.sample_secret_custom_authorizer_password != ""): - sample_custom_authorizer_password = secrets_client.get_secret_value( - SecretId=parsed_commands.sample_secret_custom_authorizer_password)["SecretString"] - - except Exception: - sys.exit("ERROR: Could not get secrets to launch sample!") - - extra_step_return = 0 - if (parsed_commands.sample_run_softhsm != ""): - extra_step_return = make_softhsm_key() - sample_private_key = "" # Do not use the private key - if (parsed_commands.sample_run_certutil != ""): - extra_step_return = make_windows_pfx_file() - sample_private_key = "" # Do not use the private key - sample_certificate = tmp_pfx_certificate_path # use the Windows certificate path - - exit_code = extra_step_return - if (extra_step_return == 0): - print("Launching sample...") - exit_code = launch_sample(parsed_commands, sample_endpoint, sample_certificate, - sample_private_key, sample_custom_authorizer_name, sample_custom_authorizer_password) - - if (exit_code == 0): - print("SUCCESS: Finished running sample! Exiting with success") - else: - print("ERROR: Sample did not return success! Exit code " + str(exit_code)) - else: - print ("ERROR: Could not run extra step (SoftHSM, CertUtil, etc)") +config_json = None +config_json_arguments_list = [] - print("Deleting files...") - if (os.path.isfile(tmp_certificate_file_path)): - os.remove(tmp_certificate_file_path) - if (os.path.isfile(tmp_private_key_path)): - os.remove(tmp_private_key_path) - if (os.path.isfile(tmp_pfx_file_path)): - os.remove(tmp_pfx_file_path) +pfx_certificate_store_location = "CurrentUser\\My" +pfx_password = "" # Setting a password causes issues, but an empty string is valid so we use that - return exit_code +def setup_json_arguments_list(parsed_commands): + global config_json + global config_json_arguments_list + print("Attempting to get credentials from secrets using Boto3...") + secrets_client = boto3.client("secretsmanager", region_name=config_json['sample_region']) + print ("Processing arguments...") + + for argument in config_json['arguments']: + # Add the name of the argument + config_json_arguments_list.append(argument['name']) + + # Based on the data present, we need to process and add the data differently + try: + + # Is there a secret? If so, decode it! + if 'secret' in argument: + secret_data = secrets_client.get_secret_value(SecretId=argument['secret'])["SecretString"] + + # Is this supposed to be stored in a file? + if 'filename' in argument: + with open(str(current_folder) + argument['filename'], "w") as file: + # lgtm [py/clear-text-storage-sensitive-data] + file.write(secret_data) + config_json_arguments_list.append(str(current_folder) + argument['filename']) + else: + config_json_arguments_list.append(secret_data) + + if 'pkcs11_key' in argument: + pkcs11_result = make_softhsm_key(str(current_folder) + argument['filename']) + if (pkcs11_result != 0): + print ("ERROR with PKCS11!") + return pkcs11_result + + # Windows 10 certificate store data? + elif 'windows_cert_certificate' in argument and 'windows_cert_certificate_path' in argument \ + and 'windows_cert_key' in argument and 'windows_cert_key_path' in argument != None \ + and 'windows_cert_pfx_key_path' in argument != None: + + windows_cert_data = secrets_client.get_secret_value(SecretId=argument['windows_cert_certificate'])["SecretString"] + with open(str(current_folder) + argument['windows_cert_certificate_path'], "w") as file: + # lgtm [py/clear-text-storage-sensitive-data] + file.write(windows_cert_data) + windows_key_data = secrets_client.get_secret_value(SecretId=argument['windows_cert_key'])["SecretString"] + with open(str(current_folder) + argument['windows_cert_key_path'], "w") as file: + # lgtm [py/clear-text-storage-sensitive-data] + file.write(windows_key_data) + + certificate_path = make_windows_pfx_file( + str(current_folder) + argument['windows_cert_certificate_path'], + str(current_folder) + argument['windows_cert_key_path'], + str(current_folder) + argument['windows_cert_pfx_key_path']) + config_json_arguments_list.append(certificate_path) + + # Raw data? just add it directly! + elif 'data' in argument: + tmp_value = argument['data'] + if isinstance(tmp_value, str) and 'input_uuid' in parsed_commands: + if ("$INPUT_UUID" in tmp_value): + tmp_value = tmp_value.replace("$INPUT_UUID", parsed_commands.input_uuid) + config_json_arguments_list.append(tmp_value) + + # None of the above? Just print an error + else: + print ("ERROR - unknown or missing argument value!") -def make_softhsm_key(): + except Exception as e: + print (f"Something went wrong processing {argument['name']}!") + return -1 + return 0 + +def make_softhsm_key(private_key_path): print ("Setting up private key via SoftHSM") softhsm_run = subprocess.run("softhsm2-util --init-token --free --label my-token --pin 0000 --so-pin 0000", shell=True) if (softhsm_run.returncode != 0): print ("ERROR: SoftHSM could not initialize a new token") return softhsm_run.returncode - softhsm_run = subprocess.run(f"softhsm2-util --import {tmp_private_key_path} --token my-token --label my-key --id BEEFCAFE --pin 0000", shell=True) + softhsm_run = subprocess.run(f"softhsm2-util --import {private_key_path} --token my-token --label my-key --id BEEFCAFE --pin 0000", shell=True) if (softhsm_run.returncode != 0): print ("ERROR: SoftHSM could not import token") print ("Finished setting up private key in SoftHSM") return 0 -def make_windows_pfx_file(): - global tmp_certificate_file_path - global tmp_private_key_path - global tmp_pfx_file_path - global tmp_pfx_certificate_path +def make_windows_pfx_file(certificate_file_path, private_key_path, pfx_file_path): + global pfx_certificate_store_location + global pfx_password if sys.platform == "win32" or sys.platform == "cygwin": - if os.path.isfile(tmp_certificate_file_path) != True: - print (tmp_certificate_file_path) + if os.path.isfile(certificate_file_path) != True: + print (certificate_file_path) print("ERROR: Certificate file not found!") return 1 - if os.path.isfile(tmp_private_key_path) != True: + if os.path.isfile(private_key_path) != True: print("ERROR: Private key file not found!") return 1 # Delete old PFX file if it exists - if os.path.isfile(tmp_pfx_file_path): - os.remove(tmp_pfx_file_path) + if os.path.isfile(pfx_file_path): + os.remove(pfx_file_path) # Make a key copy - copy_path = os.path.splitext(tmp_certificate_file_path) + copy_path = os.path.splitext(certificate_file_path) with open(copy_path[0] + ".key", 'w') as file: - key_file = open(tmp_private_key_path) + key_file = open(private_key_path) file.write(key_file.read()) key_file.close() # Make a PFX file - certutil_error_occurred = False - arguments = ["certutil", "-mergePFX", tmp_certificate_file_path, tmp_pfx_file_path] - certutil_run = subprocess.run(args=arguments, shell=True, input=f"{tmp_pfx_password}\n{tmp_pfx_password}", encoding='ascii') + arguments = ["certutil", "-mergePFX", certificate_file_path, pfx_file_path] + certutil_run = subprocess.run(args=arguments, shell=True, input=f"{pfx_password}\n{pfx_password}", encoding='ascii') if (certutil_run.returncode != 0): print ("ERROR: Could not make PFX file") - certutil_error_occurred = True return 1 else: print ("PFX file created successfully") @@ -152,12 +143,10 @@ def make_windows_pfx_file(): # Remove the temporary key copy if os.path.isfile(copy_path[0] + ".key"): os.remove(copy_path[0] + ".key") - if (certutil_error_occurred == True): - return 1 # Import the PFX into the Windows Certificate Store # (Passing '$mypwd' is required even though it is empty and our certificate has no password. It fails CI otherwise) - import_pfx_arguments = ["powershell.exe", "Import-PfxCertificate", "-FilePath", tmp_pfx_file_path, "-CertStoreLocation", "Cert:\\" + tmp_pfx_certificate_store_location, "-Password", "$mypwd"] + import_pfx_arguments = ["powershell.exe", "Import-PfxCertificate", "-FilePath", pfx_file_path, "-CertStoreLocation", "Cert:\\" + pfx_certificate_store_location, "-Password", "$mypwd"] import_pfx_run = subprocess.run(args=import_pfx_arguments, shell=True, stdout=subprocess.PIPE) if (import_pfx_run.returncode != 0): print ("ERROR: Could not import PFX certificate into Windows store!") @@ -189,84 +178,121 @@ def make_windows_pfx_file(): return 1 # Construct the certificate path - tmp_pfx_certificate_path = tmp_pfx_certificate_store_location + "\\" + thumbprint - - # Return success print ("PFX certificate created and imported successfully!") - return 0 + return pfx_certificate_store_location + "\\" + thumbprint else: print("ERROR - Windows PFX file can only be created on a Windows platform!") return 1 +def setup_sample(parsed_commands): + global config_json -def launch_sample(parsed_commands, sample_endpoint, sample_certificate, sample_private_key, sample_custom_authorizer_name, sample_custom_authorizer_password): - global tmp_certificate_file_path - global tmp_private_key_path - global tmp_pfx_file_path - exit_code = 0 + file_absolute = pathlib.Path(parsed_commands.file).resolve() + json_file_data = "" + with open(file_absolute, "r") as json_file: + json_file_data = json_file.read() + + # Load the JSON data + config_json = json.loads(json_file_data) + + # Make sure required parameters are all there + if not 'language' in config_json or not 'sample_file' in config_json \ + or not 'sample_region' in config_json or not 'sample_main_class' in config_json: + return -1 + + # Preprocess sample arguments (get secret data, etc) + setup_result = setup_json_arguments_list(parsed_commands) + if setup_result != 0: + return setup_result + + print ("JSON config file loaded!") + return 0 + + +def cleanup_sample(): + global config_json + global config_json_arguments_list - print("Processing arguments...") - launch_arguments = [] - launch_arguments.append("--endpoint") - launch_arguments.append(sample_endpoint) - - if (sample_certificate != ""): - launch_arguments.append("--cert") - launch_arguments.append(sample_certificate) - if (sample_private_key != ""): - launch_arguments.append("--key") - launch_arguments.append(sample_private_key) - if (sample_custom_authorizer_name != ""): - launch_arguments.append("--custom_auth_authorizer_name") - launch_arguments.append(sample_custom_authorizer_name) - if (sample_custom_authorizer_password != ""): - launch_arguments.append("--custom_auth_password") - launch_arguments.append(sample_custom_authorizer_password) - if (parsed_commands.sample_arguments != ""): - sample_arguments_split = parsed_commands.sample_arguments.split(" ") - for arg in sample_arguments_split: - launch_arguments.append(arg) + for argument in config_json['arguments']: + config_json_arguments_list.append(argument['name']) + + # Based on the data present, we need to process and add the data differently + try: + # Is there a file? If so, clean it! + if 'filename' in argument: + if (os.path.isfile(str(current_folder) + argument['filename'])): + os.remove(str(current_folder) + argument['filename']) + + # Windows 10 certificate store data? + if 'windows_cert_certificate' in argument and 'windows_cert_certificate_path' in argument \ + and 'windows_cert_key' in argument and 'windows_cert_key_path' in argument \ + and 'windows_cert_pfx_key_path' in argument: + + if (os.path.isfile(str(current_folder) + argument['windows_cert_certificate_path'])): + os.remove(str(current_folder) + argument['windows_cert_certificate_path']) + if (os.path.isfile(str(current_folder) + argument['windows_cert_key_path'])): + os.remove(str(current_folder) + argument['windows_cert_key_path']) + if (os.path.isfile(str(current_folder) + argument['windows_cert_pfx_key_path'])): + os.remove(str(current_folder) + argument['windows_cert_pfx_key_path']) + + except Exception as e: + print (f"Something went wrong cleaning {argument['name']}!") + return -1 + + +def launch_sample(): + global config_json + global config_json_arguments_list + + if (config_json == None): + print ("No configuration JSON file data found!") + return -1 + + exit_code = 0 print("Launching sample...") - # Based on the programming language, we have to run it a different way - if (parsed_commands.language == "Java"): + + # Java + if (config_json['language'] == "Java"): + + # Flatten arguments down into a asingle string arguments_as_string = "" - for i in range(0, len(launch_arguments)): - arguments_as_string += str(launch_arguments[i]) - if (i+1 < len(launch_arguments)): + for i in range(0, len(config_json_arguments_list)): + arguments_as_string += str(config_json_arguments_list[i]) + if (i+1 < len(config_json_arguments_list)): arguments_as_string += " " + arguments = ["mvn", "compile", "exec:java"] arguments.append("-pl") - arguments.append(parsed_commands.sample_file) - arguments.append("-Dexec.mainClass=" + - parsed_commands.sample_main_class) + arguments.append(config_json['sample_file']) + arguments.append("-Dexec.mainClass=" + config_json['sample_main_class']) arguments.append("-Daws.crt.ci=True") # We have to do this as a string, unfortunately, due to how -Dexec.args= works... - argument_string = subprocess.list2cmdline( - arguments) + " -Dexec.args=\"" + arguments_as_string + "\"" + argument_string = subprocess.list2cmdline(arguments) + " -Dexec.args=\"" + arguments_as_string + "\"" sample_return = subprocess.run(argument_string, shell=True) exit_code = sample_return.returncode - elif (parsed_commands.language == "CPP"): + # C++ + elif (config_json['language'] == "CPP"): sample_return = subprocess.run( - args=launch_arguments, executable=parsed_commands.sample_file) + args=config_json_arguments_list, executable=config_json['sample_file']) exit_code = sample_return.returncode - elif (parsed_commands.language == "Python"): - launch_arguments.append("--is_ci") - launch_arguments.append("True") + elif (config_json['language'] == "Python"): + config_json_arguments_list.append("--is_ci") + config_json_arguments_list.append("True") sample_return = subprocess.run( - args=[sys.executable, parsed_commands.sample_file] + launch_arguments) + args=[sys.executable, config_json['sample_file']] + config_json_arguments_list) exit_code = sample_return.returncode - elif (parsed_commands.language == "Javascript"): - os.chdir(parsed_commands.sample_file) + elif (config_json['language'] == "Javascript"): + os.chdir(config_json['sample_file']) - launch_arguments.append("--is_ci") - launch_arguments.append("true") + config_json_arguments_list.append("--is_ci") + config_json_arguments_list.append("true") sample_return_one = None if sys.platform == "win32" or sys.platform == "cygwin": @@ -279,68 +305,43 @@ def launch_sample(parsed_commands, sample_endpoint, sample_certificate, sample_p else: sample_return_two = None arguments = [] - if (parsed_commands.node_cmd == "" or parsed_commands.node_cmd == None): - arguments = ["node", "dist/index.js"] + if 'node_cmd' in config_json: + arguments = config_json['node_cmd'].split(" ") else: - arguments = parsed_commands.node_cmd.split(" ") + arguments = ["node", "dist/index.js"] if sys.platform == "win32" or sys.platform == "cygwin": sample_return_two = subprocess.run( - args=arguments + launch_arguments, shell=True) + args=arguments + config_json_arguments_list, shell=True) else: sample_return_two = subprocess.run( - args=arguments + launch_arguments) + args=arguments + config_json_arguments_list) if (sample_return_two != None): exit_code = sample_return_two.returncode else: exit_code = 1 - else: - print("ERROR - unknown programming language! Supported programming languages are 'Java', 'CPP', 'Python', and 'Javascript'") - return -1 - - # finish! + cleanup_sample() return exit_code +def setup_sample_and_launch(parsed_commands): + setup_result = setup_sample(parsed_commands) + if setup_result != 0: + return setup_result + + print ("About to launch sample...") + return launch_sample() def main(): argument_parser = argparse.ArgumentParser( description="Run Sample in CI") - argument_parser.add_argument("--language", metavar="", required=True, - help="The name of the programming language. Used to determine how to launch the sample") - argument_parser.add_argument("--sample_file", - metavar="", - required=True, default="", help="Sample to launch. Format varies based on programming language") - argument_parser.add_argument("--sample_region", metavar="", - required=True, default="us-east-1", help="The name of the region to use for accessing secrets") - argument_parser.add_argument("--sample_secret_endpoint", metavar="", - required=False, default="", help="The name of the secret containing the endpoint") - argument_parser.add_argument("--sample_secret_certificate", metavar="", required=False, - default="", help="The name of the secret containing the certificate PEM file") - argument_parser.add_argument("--sample_secret_private_key", metavar="", required=False, - default="", help="The name of the secret containing the private key PEM file") - argument_parser.add_argument("--sample_secret_custom_authorizer_name", metavar="", required=False, - default="", help="The name of the secret containing the custom authorizer name") - argument_parser.add_argument("--sample_secret_custom_authorizer_password", metavar="", required=False, - default="", help="The name of the secret containing the custom authorizer password") - argument_parser.add_argument("--sample_run_softhsm", metavar="", required=False, - default="", help="Runs SoftHSM on the private key passed, storing it, rather than passing it directly to the sample. Used for PKCS11 sample") - argument_parser.add_argument("--sample_run_certutil", metavar="", required=False, - default="", help="Runs CertUtil on the private key and certificate passed and makes a certificate.pfx file, " - "which is used automatically in the --cert argument. Used for Windows Certificate Connect sample") - argument_parser.add_argument("--sample_arguments", metavar="", - required=False, default="", - help="Arguments to pass to sample. In Java, these arguments will be in a double quote (\") string") - argument_parser.add_argument("--sample_main_class", metavar="", - required=False, default="", help="Java only: The main class to run") - argument_parser.add_argument("--node_cmd", metavar="", required=False, default="", - help="Javascript only: Overrides the default 'npm dist/index.js' with whatever you pass. Useful for launching pure Javascript samples") - + argument_parser.add_argument("--file", required=True, help="Configuration file to pull CI data from") + argument_parser.add_argument("--input_uuid", required=False, help="UUID data to replace '$INPUT_UUID' with. Only works in Data field") parsed_commands = argument_parser.parse_args() print("Starting to launch sample...") - sample_result = get_secrets_and_launch(parsed_commands) + sample_result = setup_sample_and_launch(parsed_commands) sys.exit(sample_result)