Merge branch 'main' into custom_authorizer_connect_policy

aws · Aug 12, 2024 · 46ea9be · 46ea9be
2 parents c829f0f + aa195da
commit 46ea9be
Show file tree

Hide file tree

Showing 31 changed files with 937 additions and 78 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -29,6 +29,7 @@ env:
   CI_DEVICE_ADVISOR: arn:aws:iam::180635532705:role/CI_DeviceAdvisor_Role
   CI_MQTT5_ROLE: arn:aws:iam::180635532705:role/CI_MQTT5_Role
   CI_GREENGRASS_ROLE: arn:aws:iam::180635532705:role/CI_Greengrass_Role
+  CI_GREENGRASS_INSTALLER_ROLE: arn:aws:iam::180635532705:role/CI_GreengrassInstaller_Role
   CI_SHADOW_SERVICE_CLIENT_ROLE: arn:aws:iam::180635532705:role/CI_ShadowServiceClient_Role
   CI_JOBS_SERVICE_CLIENT_ROLE: arn:aws:iam::180635532705:role/CI_JobsServiceClient_Role
 
@@ -112,7 +113,12 @@ jobs:
         python ./deviceadvisor/script/DATestRun.py
 
   osx:
-    runs-on: macos-latest
+    runs-on: ${{ matrix.runner }}
+    strategy:
+      matrix:
+        runner:
+          - macos-13
+          - macos-latest
     permissions:
       id-token: write # This is required for requesting the JWT
     steps:
@@ -123,6 +129,8 @@ jobs:
         ./builder build -p ${{ env.PACKAGE_NAME }}
     - name: Running samples in CI setup
       run: |
+        python3 -m venv .venv
+        source .venv/bin/activate
         python3 -m pip install boto3
     - name: configure AWS credentials (PubSub)
       uses: aws-actions/configure-aws-credentials@v2
@@ -131,19 +139,22 @@ jobs:
         aws-region: ${{ env.AWS_DEFAULT_REGION }}
     - name: run PubSub sample
       run: |
+        source .venv/bin/activate
         python3 ./aws-iot-device-sdk-js-v2/utils/run_in_ci.py --file ./aws-iot-device-sdk-js-v2/.github/workflows/ci_run_pubsub_cfg.json
 
     # The electron app in CI would not perform any IoT operations. The CI only verify the app is launched correctly.
     # This is because electron requires manually input for pwd while processing the credentials. Currently we don't have a good way to workaround it.
     - name: run PubSub Electron sample
       run: |
-        python ./aws-iot-device-sdk-js-v2/utils/run_in_ci.py --file ./aws-iot-device-sdk-js-v2/.github/workflows/ci_run_pubsub_electron_cfg.json
+        source .venv/bin/activate
+        python3 ./aws-iot-device-sdk-js-v2/utils/run_in_ci.py --file ./aws-iot-device-sdk-js-v2/.github/workflows/ci_run_pubsub_electron_cfg.json
     - name: run PKCS12 sample
       run: |
         cert=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/cert" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$cert" > /tmp/certificate.pem
         key=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/key" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key" > /tmp/privatekey.pem
         pkcs12_password=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/key_pkcs12_password" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\")
         openssl pkcs12 -export -in /tmp/certificate.pem -inkey /tmp/privatekey.pem -out /tmp/pkcs12-key.p12 -name PubSub_Thing_Alias -password pass:$pkcs12_password
+        source .venv/bin/activate
         python3 ./aws-iot-device-sdk-js-v2/utils/run_in_ci.py --file ./aws-iot-device-sdk-js-v2/.github/workflows/ci_run_pkcs12_connect_cfg.json
     - name: configure AWS credentials (Device Advisor)
       uses: aws-actions/configure-aws-credentials@v2
@@ -152,6 +163,7 @@ jobs:
         aws-region: ${{ env.AWS_DEFAULT_REGION }}
     - name: run DeviceAdvisor
       run: |
+        source .venv/bin/activate
         cd ./aws-iot-device-sdk-js-v2
         python3 ./deviceadvisor/script/DATestRun.py
 
@@ -373,14 +385,57 @@ jobs:
     - name: run MQTT5 Shared Subscription sample
       run: |
         python3 ./aws-iot-device-sdk-js-v2/utils/run_in_ci.py --file ./aws-iot-device-sdk-js-v2/.github/workflows/ci_run_mqtt5_shared_subscription_cfg.json
-    - name: configure AWS credentials (Greengrass)
-      uses: aws-actions/configure-aws-credentials@v2
-      with:
-        role-to-assume: ${{ env.CI_GREENGRASS_ROLE }}
-        aws-region: ${{ env.AWS_DEFAULT_REGION }}
-    - name: run Greengrass Discovery sample
-      run: |
-        python3 ./aws-iot-device-sdk-js-v2/utils/run_in_ci.py --file ./aws-iot-device-sdk-js-v2/.github/workflows/ci_run_greengrass_discovery_cfg.json
+
+  # Runs the Greengrass samples
+  linux-greengrass-tests:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write # This is required for requesting the JWT
+    steps:
+      - name: Build ${{ env.PACKAGE_NAME }}
+        run: |
+          python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')"
+          chmod a+x builder
+          ./builder build -p ${{ env.PACKAGE_NAME }}
+      - name: Install Greengrass Development Kit
+        run: |
+          python3 -m pip install awsiotsdk
+          python3 -m pip install -U git+https://github.com/aws-greengrass/[email protected]
+      - name: Configure AWS credentials (Greengrass)
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: ${{ env.CI_GREENGRASS_INSTALLER_ROLE }}
+          aws-region: ${{ env.AWS_DEFAULT_REGION }}
+      - name: Build and run Greengrass basic discovery sample
+        working-directory: ./aws-iot-device-sdk-js-v2/test/greengrass/basic_discovery
+        run: |
+          gdk component build
+          gdk test-e2e build
+          gdk test-e2e run
+      - name: Show logs
+        working-directory: ./aws-iot-device-sdk-js-v2/test/greengrass/basic_discovery
+        # Print logs unconditionally to provide more details on Greengrass run even if the test failed.
+        if: always()
+        run: |
+          echo "=== greengrass.log"
+          cat testResults/gg*/greengrass.log
+          echo "=== software.amazon.awssdk.sdk-gg-test-discovery.log"
+          cat testResults/gg*/software.amazon.awssdk.sdk-gg-test-discovery.log
+      - name: Build and run Greengrass IPC sample
+        working-directory: ./aws-iot-device-sdk-js-v2/test/greengrass/ipc
+        run: |
+          gdk component build
+          gdk test-e2e build
+          gdk test-e2e run
+      - name: Show logs
+        working-directory: ./aws-iot-device-sdk-js-v2/test/greengrass/ipc
+        # Print logs unconditionally to provide more details on Greengrass run even if the test failed.
+        if: always()
+        run: |
+          echo "=== greengrass.log"
+          cat testResults/gg*/greengrass.log
+          echo "=== software.amazon.awssdk.sdk-gg-ipc.log"
+          cat testResults/gg*/software.amazon.awssdk.sdk-gg-ipc.log
 
   # check that docs can still build
   check-docs:

diff --git a/.github/workflows/ci_run_greengrass_discovery_cfg.json b/.github/workflows/ci_run_greengrass_discovery_cfg.json
@@ -1,40 +1,44 @@
 {
     "language": "Javascript",
-    "runnable_file": "./aws-iot-device-sdk-js-v2/samples/node/basic_discovery",
+    "runnable_file": ".",
     "runnable_region": "us-east-1",
     "runnable_main_class": "",
-
+    "node_cmd": "node package/dist/index.js",
+    "skip_install": 1,
     "arguments": [
         {
             "name": "--cert",
-            "secret": "ci/Greengrass/cert",
+            "secret": "ci/GreengrassDiscovery/cert",
             "filename": "tmp_certificate.pem"
         },
         {
             "name": "--key",
-            "secret": "ci/Greengrass/key",
+            "secret": "ci/GreengrassDiscovery/key",
             "filename": "tmp_key.pem"
         },
-        {
-            "name": "--ca_file",
-            "secret": "ci/Greengrass/ca",
-            "filename": "tmp_ca.pem"
-        },
         {
             "name": "--region",
             "data": "us-east-1"
         },
         {
             "name": "--thing_name",
-            "data": "CI_GreenGrass_Thing"
+            "data": "CI_Greengrass_Discovery_Thing"
+        },
+        {
+            "name": "--topic",
+            "data": "clients/CI_Greengrass_Discovery_Thing/hello/world/$INPUT_UUID"
+        },
+        {
+            "name": "--message",
+            "data": "hello GG"
         },
         {
-            "name": "--is_ci",
-            "data": "true"
+            "name": "--count",
+            "data": "2"
         },
         {
-            "name": "--print_discover_resp_only",
-            "data": ""
+            "name": "--mode",
+            "data": "publish"
         }
     ]
 }
diff --git a/.github/workflows/ci_run_greengrass_ipc_cfg.json b/.github/workflows/ci_run_greengrass_ipc_cfg.json
@@ -0,0 +1,23 @@
+{
+    "language": "Javascript",
+    "runnable_file": ".",
+    "runnable_region": "us-east-1",
+    "runnable_main_class": "",
+    "node_cmd": "node package/dist/index.js",
+    "skip_install": 1,
+    "arguments": [
+        {
+            "name": "--topic",
+            "data": "test/gg-ipc-topic/$INPUT_UUID"
+        },
+        {
+            "name": "--message",
+            "data": "hello"
+        },
+        {
+            "name": "--is_ci",
+            "data": "true"
+        }
+
+    ]
+}
diff --git a/README.md b/README.md
@@ -76,4 +76,4 @@ is provided by code that been generated from a model of the service.
 
 This library is licensed under the [Apache 2.0 License](https://github.com/aws/aws-iot-device-sdk-js-v2/blob/main/documents/LICENSE).
 
-Latest released version: v1.19.5
+Latest released version: v1.20.0
diff --git a/lib/greengrasscoreipc/model.ts b/lib/greengrasscoreipc/model.ts
@@ -888,7 +888,12 @@ export interface GetSecretValueRequest {
     /**
      * (Optional) The staging label of the version to get. If you don't specify versionId or versionStage, this operation defaults to the version with the AWSCURRENT label.
      */
-    versionStage?: string
+    versionStage?: string,
+
+    /**
+     * (Optional) Whether to fetch the latest secret from cloud when the request is handled. Defaults to false.
+     */
+    refresh?: boolean
 
 }
 

diff --git a/lib/greengrasscoreipc/model_utils.ts b/lib/greengrasscoreipc/model_utils.ts
@@ -1178,6 +1178,7 @@ export function normalizeGetSecretValueRequest(value : model.GetSecretValueReque
     eventstream_rpc_utils.setDefinedProperty(normalizedValue, 'secretId', value.secretId);
     eventstream_rpc_utils.setDefinedProperty(normalizedValue, 'versionId', value.versionId);
     eventstream_rpc_utils.setDefinedProperty(normalizedValue, 'versionStage', value.versionStage);
+    eventstream_rpc_utils.setDefinedProperty(normalizedValue, 'refresh', value.refresh);
 
     return normalizedValue;
 }
@@ -1892,6 +1893,7 @@ export function validateGetSecretValueRequest(value : model.GetSecretValueReques
     eventstream_rpc_utils.validateValueAsString(value.secretId, 'secretId', 'GetSecretValueRequest');
     eventstream_rpc_utils.validateValueAsOptionalString(value.versionId, 'versionId', 'GetSecretValueRequest');
     eventstream_rpc_utils.validateValueAsOptionalString(value.versionStage, 'versionStage', 'GetSecretValueRequest');
+    eventstream_rpc_utils.validateValueAsOptionalBoolean(value.refresh, 'refresh', 'GetSecretValueRequest');
 }
 
 export function validateGetLocalDeploymentStatusResponse(value : model.GetLocalDeploymentStatusResponse) : void {

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -43,6 +43,6 @@
   },
   "dependencies": {
     "@aws-sdk/util-utf8-browser": "^3.109.0",
-    "aws-crt": "^1.21.2"
+    "aws-crt": "1.21.2"
   }
 }