From 9248fdcbd6a08a132a9f7054b16d792ab2611c05 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 21 Oct 2022 15:07:54 -0400 Subject: [PATCH 1/7] Use new CodeBuild workflow --- codebuild/samples/connect-linux.sh | 43 +++++++++++++++++++ .../samples/custom-auth-connect-linux.sh | 21 +++++++++ codebuild/samples/linux-smoke-tests.yml | 4 ++ codebuild/samples/pkcs11-connect-linux.sh | 36 ++++++++++++++++ codebuild/samples/pubsub-linux.sh | 2 +- codebuild/samples/setup-linux.sh | 5 ++- codebuild/samples/shadow-linux.sh | 21 +++++++++ 7 files changed, 129 insertions(+), 3 deletions(-) create mode 100755 codebuild/samples/connect-linux.sh create mode 100755 codebuild/samples/custom-auth-connect-linux.sh create mode 100755 codebuild/samples/pkcs11-connect-linux.sh create mode 100755 codebuild/samples/shadow-linux.sh diff --git a/codebuild/samples/connect-linux.sh b/codebuild/samples/connect-linux.sh new file mode 100755 index 000000000..f4298b6a0 --- /dev/null +++ b/codebuild/samples/connect-linux.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +set -e + +env + +pushd $CODEBUILD_SRC_DIR/samples/mqtt/basic_connect + +mkdir _build +cd _build +cmake -DCMAKE_PREFIX_PATH=/tmp/install .. +make -j + +ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') + +echo "Basic Connect test" +./basic-connect --endpoint $ENDPOINT --key /tmp/privatekey.pem --cert /tmp/certificate.pem + +popd + +pushd $CODEBUILD_SRC_DIR/samples/mqtt/websocket_connect + +mkdir _build +cd _build +cmake -DCMAKE_PREFIX_PATH=/tmp/install .. +make -j + +echo "Websocket test" +./websocket-connect --endpoint $ENDPOINT --signing_region us-east-1 + +popd + +pushd $CODEBUILD_SRC_DIR/samples/mqtt/raw_connect + +mkdir _build +cd _build +cmake -DCMAKE_PREFIX_PATH=/tmp/install .. +make -j + +echo "Raw Connect test" +./raw-connect --endpoint $ENDPOINT --key /tmp/privatekey.pem --cert /tmp/certificate.pem + +popd diff --git a/codebuild/samples/custom-auth-connect-linux.sh b/codebuild/samples/custom-auth-connect-linux.sh new file mode 100755 index 000000000..2a2c4bbb1 --- /dev/null +++ b/codebuild/samples/custom-auth-connect-linux.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +set -e + +env + +pushd $CODEBUILD_SRC_DIR/samples/mqtt/custom_authorizer_connect + +mkdir _build +cd _build +cmake -DCMAKE_PREFIX_PATH=/tmp/install .. +make -j + +ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') +AUTH_NAME=$(aws secretsmanager get-secret-value --secret-id "ci/CustomAuthorizer/name" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') +AUTH_PASSWORD=$(aws secretsmanager get-secret-value --secret-id "ci/CustomAuthorizer/password" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') + +echo "Custom Authorizer Connnect Test" +./custom-authorizer-connect --endpoint $ENDPOINT --custom_auth_authorizer_name $AUTH_NAME --custom_auth_password $AUTH_PASSWORD + +popd diff --git a/codebuild/samples/linux-smoke-tests.yml b/codebuild/samples/linux-smoke-tests.yml index 087f32d76..25ca63527 100644 --- a/codebuild/samples/linux-smoke-tests.yml +++ b/codebuild/samples/linux-smoke-tests.yml @@ -15,7 +15,11 @@ phases: commands: - echo Build started on `date` - $CODEBUILD_SRC_DIR/codebuild/samples/setup-linux.sh + - $CODEBUILD_SRC_DIR/codebuild/samples/connect-linux.sh + - $CODEBUILD_SRC_DIR/codebuild/samples/custom-auth-linux.sh + - $CODEBUILD_SRC_DIR/codebuild/samples/pkcs11-connect-linux.sh - $CODEBUILD_SRC_DIR/codebuild/samples/pubsub-linux.sh + - $CODEBUILD_SRC_DIR/codebuild/samples/shadow-linux.sh post_build: commands: - echo Build completed on `date` diff --git a/codebuild/samples/pkcs11-connect-linux.sh b/codebuild/samples/pkcs11-connect-linux.sh new file mode 100755 index 000000000..692d9cce4 --- /dev/null +++ b/codebuild/samples/pkcs11-connect-linux.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +set -e +set -o pipefail + +pushd $CODEBUILD_SRC_DIR/samples/mqtt/pkcs11_connect + +mkdir _build +cd _build +cmake -DCMAKE_PREFIX_PATH=/tmp/install .. +make -j + +ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') + +# from hereon commands are echoed. don't leak secrets +set -x + +softhsm2-util --version + +# SoftHSM2's default tokendir path might be invalid on this machine +# so set up a conf file that specifies a known good tokendir path +mkdir -p /tmp/tokens +export SOFTHSM2_CONF=/tmp/softhsm2.conf +echo "directories.tokendir = /tmp/tokens" > /tmp/softhsm2.conf + +# create token +softhsm2-util --init-token --free --label my-token --pin 0000 --so-pin 0000 + +# add private key to token (must be in PKCS#8 format) +openssl pkcs8 -topk8 -in /tmp/privatekey.pem -out /tmp/privatekey.p8.pem -nocrypt +softhsm2-util --import /tmp/privatekey.p8.pem --token my-token --label my-key --id BEEFCAFE --pin 0000 + +# run sample +./pkcs11-connect --endpoint $ENDPOINT --cert /tmp/certificate.pem --pkcs11_lib /usr/lib/softhsm/libsofthsm2.so --pin 0000 --token_label my-token --key_label my-key + +popd diff --git a/codebuild/samples/pubsub-linux.sh b/codebuild/samples/pubsub-linux.sh index c4e69eca2..88091561f 100755 --- a/codebuild/samples/pubsub-linux.sh +++ b/codebuild/samples/pubsub-linux.sh @@ -11,7 +11,7 @@ cd _build cmake -DCMAKE_PREFIX_PATH=/tmp/install .. make -j -ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "unit-test/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') +ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') echo "Mqtt Direct test" ./basic-pub-sub --endpoint $ENDPOINT --key /tmp/privatekey.pem --cert /tmp/certificate.pem diff --git a/codebuild/samples/setup-linux.sh b/codebuild/samples/setup-linux.sh index 67476bbb9..dc1ff90e0 100755 --- a/codebuild/samples/setup-linux.sh +++ b/codebuild/samples/setup-linux.sh @@ -19,5 +19,6 @@ make install cd .. -cert=$(aws secretsmanager get-secret-value --secret-id "unit-test/certificate" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$cert" > /tmp/certificate.pem -key=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key" > /tmp/privatekey.pem +cert=$(aws secretsmanager get-secret-value --secret-id "ci/CodeBuild/cert" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$cert" > /tmp/certificate.pem +key=$(aws secretsmanager get-secret-value --secret-id "ci/CodeBuild/key" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key" > /tmp/privatekey.pem +key_p8=$(aws secretsmanager get-secret-value --secret-id "ci/CodeBuild/keyp8" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key_p8" > /tmp/privatekey_p8.pem diff --git a/codebuild/samples/shadow-linux.sh b/codebuild/samples/shadow-linux.sh new file mode 100755 index 000000000..42926b8f8 --- /dev/null +++ b/codebuild/samples/shadow-linux.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +set -e + +env + +pushd $CODEBUILD_SRC_DIR/samples/shadow/shadow_sync + +mkdir _build +cd _build +cmake -DCMAKE_PREFIX_PATH=/tmp/install .. +make -j + +ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') + +mvn compile + +echo "Shadow test" +./shadow-sync --endpoint $ENDPOINT --key /tmp/privatekey.pem --cert /tmp/certificate.pem --thing_name CI_CodeBuild_Thing --is_ci true + +popd From 986073777afad0ccdade3489650cd96b10674abd Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 21 Oct 2022 15:11:12 -0400 Subject: [PATCH 2/7] Skip forcing clang-8 --- codebuild/samples/linux-smoke-tests.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/codebuild/samples/linux-smoke-tests.yml b/codebuild/samples/linux-smoke-tests.yml index 25ca63527..18b9c8311 100644 --- a/codebuild/samples/linux-smoke-tests.yml +++ b/codebuild/samples/linux-smoke-tests.yml @@ -6,11 +6,7 @@ phases: - add-apt-repository ppa:ubuntu-toolchain-r/test - apt-add-repository "deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-8 main" - apt-get update -y - - apt-get install clang-8 cmake softhsm -y -f - pre_build: - commands: - - export CC=clang-8 - - export CXX=clang++-8 + - apt-get install cmake softhsm -y -f build: commands: - echo Build started on `date` From 1ee748c853e804c1562bc4f7741c442a150659b7 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 21 Oct 2022 15:26:40 -0400 Subject: [PATCH 3/7] Bump to trigger CodeBuild --- codebuild/samples/shadow-linux.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codebuild/samples/shadow-linux.sh b/codebuild/samples/shadow-linux.sh index 42926b8f8..e6b27ac96 100755 --- a/codebuild/samples/shadow-linux.sh +++ b/codebuild/samples/shadow-linux.sh @@ -15,7 +15,7 @@ ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query mvn compile -echo "Shadow test" +echo "Shadow-Sync test" ./shadow-sync --endpoint $ENDPOINT --key /tmp/privatekey.pem --cert /tmp/certificate.pem --thing_name CI_CodeBuild_Thing --is_ci true popd From 98ec22928de34da9701018328fa2e292ba5cae0b Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 21 Oct 2022 15:32:44 -0400 Subject: [PATCH 4/7] Use the right name for the Codebuild yaml --- .../{custom-auth-connect-linux.sh => custom-auth-linux.sh} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename codebuild/samples/{custom-auth-connect-linux.sh => custom-auth-linux.sh} (100%) diff --git a/codebuild/samples/custom-auth-connect-linux.sh b/codebuild/samples/custom-auth-linux.sh similarity index 100% rename from codebuild/samples/custom-auth-connect-linux.sh rename to codebuild/samples/custom-auth-linux.sh From dd641834f2aa9d90ec5e48d1d26302ba4cccc276 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 21 Oct 2022 15:37:06 -0400 Subject: [PATCH 5/7] Maven in copy-paste code strikes again. Fixed --- codebuild/samples/shadow-linux.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/codebuild/samples/shadow-linux.sh b/codebuild/samples/shadow-linux.sh index e6b27ac96..a04b05f1c 100755 --- a/codebuild/samples/shadow-linux.sh +++ b/codebuild/samples/shadow-linux.sh @@ -13,8 +13,6 @@ make -j ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') -mvn compile - echo "Shadow-Sync test" ./shadow-sync --endpoint $ENDPOINT --key /tmp/privatekey.pem --cert /tmp/certificate.pem --thing_name CI_CodeBuild_Thing --is_ci true From e289b5587f58c55b91825b3f8bede010a2fb4ce9 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 21 Oct 2022 15:43:41 -0400 Subject: [PATCH 6/7] Shadow property is optional in every other SDK, so make it optional here too --- samples/shadow/shadow_sync/main.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/shadow/shadow_sync/main.cpp b/samples/shadow/shadow_sync/main.cpp index bc561fe93..f9b084eff 100644 --- a/samples/shadow/shadow_sync/main.cpp +++ b/samples/shadow/shadow_sync/main.cpp @@ -112,7 +112,7 @@ int main(int argc, char *argv[]) cmdUtils.StartLoggingBasedOnCommand(&apiHandle); String thingName = cmdUtils.GetCommandRequired("thing_name"); - String shadowProperty = cmdUtils.GetCommandRequired("shadow_property"); + String shadowProperty = cmdUtils.GetCommandOrDefault("shadow_property", "color"); bool isCI = cmdUtils.HasCommand("is_ci"); /* Get a MQTT client connection from the command parser */ From e0f71211173662b01fce2f03ad55467725165d04 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Mon, 24 Oct 2022 17:41:56 -0400 Subject: [PATCH 7/7] Test that other Codebuild is disabled --- samples/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/samples/README.md b/samples/README.md index 634d5c333..c0720b1e5 100644 --- a/samples/README.md +++ b/samples/README.md @@ -1068,3 +1068,4 @@ To run the Cycle Pub-Sub sample, use the following command: ./cycle-pub-sub --endpoint --ca_file --cert --key ``` +