diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f1d8dfa..195bf2d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,8 +8,8 @@ on: env: RUN: ${{ github.run_id }}-${{ github.run_number }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-east-1 + CI_SDK_V1_ROLE: arn:aws:iam::180635532705:role/CI_SDK_V1_ROLE PACKAGE_NAME: aws-iot-device-sdk-python AWS_EC2_METADATA_DISABLED: true @@ -33,6 +33,9 @@ jobs: integration-tests: runs-on: ubuntu-latest + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout strategy: fail-fast: false matrix: @@ -43,6 +46,10 @@ jobs: - uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} + - uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.CI_SDK_V1_ROLE }} + aws-region: ${{ env.AWS_DEFAULT_REGION }} - name: Integration tests run: | pip install pytest diff --git a/.github/workflows/handle-stale-discussions.yml b/.github/workflows/handle-stale-discussions.yml index e92e660..4fbcd70 100644 --- a/.github/workflows/handle-stale-discussions.yml +++ b/.github/workflows/handle-stale-discussions.yml @@ -1,18 +1,19 @@ name: HandleStaleDiscussions on: -schedule: -- cron: '0 */4 * * *' -discussion_comment: -types: [created] + schedule: + - cron: '0 */4 * * *' + discussion_comment: + types: [created] jobs: -handle-stale-discussions: -name: Handle stale discussions -runs-on: ubuntu-latest -permissions: - discussions: write -steps: - - name: Stale discussions action - uses: aws-github-ops/handle-stale-discussions@v1 - env: - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} \ No newline at end of file + handle-stale-discussions: + name: Handle stale discussions + runs-on: ubuntu-latest + permissions: + discussions: write + steps: + - name: Stale discussions action + uses: aws-github-ops/handle-stale-discussions@v1 + env: + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + \ No newline at end of file diff --git a/test-integration/IntegrationTests/IntegrationTestAsyncAPIGeneralNotificationCallbacks.py b/test-integration/IntegrationTests/IntegrationTestAsyncAPIGeneralNotificationCallbacks.py index b69fdcd..577c5fa 100644 --- a/test-integration/IntegrationTests/IntegrationTestAsyncAPIGeneralNotificationCallbacks.py +++ b/test-integration/IntegrationTests/IntegrationTestAsyncAPIGeneralNotificationCallbacks.py @@ -32,7 +32,6 @@ TOPIC = "topic/test/async_cb/" MESSAGE_PREFIX = "MagicMessage-" NUMBER_OF_PUBLISHES = 3 -HOST = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" ROOT_CA = "./test-integration/Credentials/rootCA.crt" CERT = "./test-integration/Credentials/certificate.pem.crt" KEY = "./test-integration/Credentials/privateKey.pem.key" @@ -102,9 +101,10 @@ def get_random_string(length): ############################################################################ # Main # # Check inputs -my_check_in_manager = checkInManager(1) +my_check_in_manager = checkInManager(2) my_check_in_manager.verify(sys.argv) mode = my_check_in_manager.mode +host = my_check_in_manager.host skip_when_match(ModeIsALPN(mode).And( Python2VersionLowerThan((2, 7, 10)).Or(Python3VersionLowerThan((3, 5, 0))) @@ -115,7 +115,7 @@ def get_random_string(length): print("Connecting...") callback_manager = CallbackManager() sdk_mqtt_client = MQTTClientManager()\ - .create_nonconnected_mqtt_client(mode, CLIENT_ID, HOST, (ROOT_CA, CERT, KEY), callback_manager) + .create_nonconnected_mqtt_client(mode, CLIENT_ID, host, (ROOT_CA, CERT, KEY), callback_manager) sdk_mqtt_client.connectAsync(keepAliveIntervalSecond=1, ackCallback=callback_manager.connack) # Add callback print("Wait some time to make sure we are connected...") time.sleep(10) # 10 sec diff --git a/test-integration/IntegrationTests/IntegrationTestAutoReconnectResubscribe.py b/test-integration/IntegrationTests/IntegrationTestAutoReconnectResubscribe.py index 83b66c2..e6c1bee 100644 --- a/test-integration/IntegrationTests/IntegrationTestAutoReconnectResubscribe.py +++ b/test-integration/IntegrationTests/IntegrationTestAutoReconnectResubscribe.py @@ -135,14 +135,14 @@ def threadBRuntime(self, pyCoreClient, callback): ############################################################################ # Main # # Check inputs -myCheckInManager = checkInManager.checkInManager(1) +myCheckInManager = checkInManager.checkInManager(2) myCheckInManager.verify(sys.argv) -host = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" rootCA = "./test-integration/Credentials/rootCA.crt" certificate = "./test-integration/Credentials/certificate.pem.crt" privateKey = "./test-integration/Credentials/privateKey.pem.key" mode = myCheckInManager.mode +host = myCheckInManager.host skip_when_match(ModeIsALPN(mode).And( Python2VersionLowerThan((2, 7, 10)).Or(Python3VersionLowerThan((3, 5, 0))) diff --git a/test-integration/IntegrationTests/IntegrationTestClientReusability.py b/test-integration/IntegrationTests/IntegrationTestClientReusability.py index f747e19..56e77b8 100644 --- a/test-integration/IntegrationTests/IntegrationTestClientReusability.py +++ b/test-integration/IntegrationTests/IntegrationTestClientReusability.py @@ -40,7 +40,6 @@ NUMBER_OF_MESSAGES_PER_LOOP = 3 NUMBER_OF_LOOPS = 3 SUB_WAIT_TIME_OUT_SEC = 20 -HOST = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" ROOT_CA = "./test-integration/Credentials/rootCA.crt" CERT = "./test-integration/Credentials/certificate.pem.crt" KEY = "./test-integration/Credentials/privateKey.pem.key" @@ -94,9 +93,10 @@ def verify(self): ############################################################################ # Main # -my_check_in_manager = checkInManager(1) +my_check_in_manager = checkInManager(2) my_check_in_manager.verify(sys.argv) mode = my_check_in_manager.mode +host = my_check_in_manager.host skip_when_match(ModeIsALPN(mode).And( Python2VersionLowerThan((2, 7, 10)).Or(Python3VersionLowerThan((3, 5, 0))) @@ -104,9 +104,9 @@ def verify(self): simple_thread_manager = simpleThreadManager() -client_pub = MQTTClientManager().create_nonconnected_mqtt_client(mode, CLIENT_ID_PUB, HOST, (ROOT_CA, CERT, KEY)) +client_pub = MQTTClientManager().create_nonconnected_mqtt_client(mode, CLIENT_ID_PUB, host, (ROOT_CA, CERT, KEY)) print("Client publisher initialized.") -client_sub = MQTTClientManager().create_nonconnected_mqtt_client(mode, CLIENT_ID_SUB, HOST, (ROOT_CA, CERT, KEY)) +client_sub = MQTTClientManager().create_nonconnected_mqtt_client(mode, CLIENT_ID_SUB, host, (ROOT_CA, CERT, KEY)) print("Client subscriber initialized.") client_twins = ClientTwins(client_pub, client_sub) print("Client twins initialized.") diff --git a/test-integration/IntegrationTests/IntegrationTestConfigurablePublishMessageQueueing.py b/test-integration/IntegrationTests/IntegrationTestConfigurablePublishMessageQueueing.py index d6bfdc5..0d78f4f 100644 --- a/test-integration/IntegrationTests/IntegrationTestConfigurablePublishMessageQueueing.py +++ b/test-integration/IntegrationTests/IntegrationTestConfigurablePublishMessageQueueing.py @@ -274,10 +274,10 @@ def performConfigurableOfflinePublishQueueTest(clientPub, clientSub): # Check inputs -myCheckInManager = checkInManager.checkInManager(1) +myCheckInManager = checkInManager.checkInManager(2) myCheckInManager.verify(sys.argv) -host = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" +host = myCheckInManager.host rootCA = "./test-integration/Credentials/rootCA.crt" certificate = "./test-integration/Credentials/certificate.pem.crt" privateKey = "./test-integration/Credentials/privateKey.pem.key" diff --git a/test-integration/IntegrationTests/IntegrationTestDiscovery.py b/test-integration/IntegrationTests/IntegrationTestDiscovery.py index 8f23aa9..2fac25b 100644 --- a/test-integration/IntegrationTests/IntegrationTestDiscovery.py +++ b/test-integration/IntegrationTests/IntegrationTestDiscovery.py @@ -8,13 +8,13 @@ from TestToolLibrary.skip import ModeIsWebSocket -HOST = "arc9d2oott9lj-ats.iot.us-east-1.amazonaws.com" # 003261610643 PORT = 8443 CA = "./test-integration/Credentials/rootCA.crt" CERT = "./test-integration/Credentials/certificate_drs.pem.crt" KEY = "./test-integration/Credentials/privateKey_drs.pem.key" TIME_OUT_SEC = 30 # This is a pre-generated test data from DRS integration tests +# The test resources point to account # 003261610643 ID_PREFIX = "Id-" GGC_ARN = "arn:aws:iot:us-east-1:003261610643:thing/DRS_GGC_0kegiNGA_0" GGC_PORT_NUMBER_BASE = 8080 @@ -108,10 +108,14 @@ } ''' +my_check_in_manager = checkInManager(2) +my_check_in_manager.verify(sys.argv) +mode = my_check_in_manager.mode +host = my_check_in_manager.host def create_discovery_info_provider(): discovery_info_provider = DiscoveryInfoProvider() - discovery_info_provider.configureEndpoint(HOST, PORT) + discovery_info_provider.configureEndpoint(host, PORT) discovery_info_provider.configureCredentials(CA, CERT, KEY) discovery_info_provider.configureTimeout(TIME_OUT_SEC) return discovery_info_provider @@ -196,9 +200,6 @@ def verify_group_object(discovery_info): ############################################################################ # Main # -my_check_in_manager = checkInManager(1) -my_check_in_manager.verify(sys.argv) -mode = my_check_in_manager.mode skip_when_match(ModeIsWebSocket(mode), "This test is not applicable for mode: %s. Skipping..." % mode) diff --git a/test-integration/IntegrationTests/IntegrationTestJobsClient.py b/test-integration/IntegrationTests/IntegrationTestJobsClient.py index 18d8aa5..3653725 100644 --- a/test-integration/IntegrationTests/IntegrationTestJobsClient.py +++ b/test-integration/IntegrationTests/IntegrationTestJobsClient.py @@ -154,10 +154,10 @@ def _test_send_response_confirm(self, sendResult): ############################################################################ # Main # # Check inputs -myCheckInManager = checkInManager.checkInManager(1) +myCheckInManager = checkInManager.checkInManager(2) myCheckInManager.verify(sys.argv) -host = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" +host = myCheckInManager.host rootCA = "./test-integration/Credentials/rootCA.crt" certificate = "./test-integration/Credentials/certificate.pem.crt" privateKey = "./test-integration/Credentials/privateKey.pem.key" diff --git a/test-integration/IntegrationTests/IntegrationTestMQTTConnection.py b/test-integration/IntegrationTests/IntegrationTestMQTTConnection.py index 252770f..9adc38c 100644 --- a/test-integration/IntegrationTests/IntegrationTestMQTTConnection.py +++ b/test-integration/IntegrationTests/IntegrationTestMQTTConnection.py @@ -84,10 +84,10 @@ def _performPublish(self, pyCoreClient, topic, qos, payload): ############################################################################ # Main # # Check inputs -myCheckInManager = checkInManager.checkInManager(2) +myCheckInManager = checkInManager.checkInManager(3) myCheckInManager.verify(sys.argv) -host = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" +host = myCheckInManager.host rootCA = "./test-integration/Credentials/rootCA.crt" certificate = "./test-integration/Credentials/certificate.pem.crt" privateKey = "./test-integration/Credentials/privateKey.pem.key" diff --git a/test-integration/IntegrationTests/IntegrationTestOfflineQueueingForSubscribeUnsubscribe.py b/test-integration/IntegrationTests/IntegrationTestOfflineQueueingForSubscribeUnsubscribe.py index c06847d..37c1862 100644 --- a/test-integration/IntegrationTests/IntegrationTestOfflineQueueingForSubscribeUnsubscribe.py +++ b/test-integration/IntegrationTests/IntegrationTestOfflineQueueingForSubscribeUnsubscribe.py @@ -47,7 +47,6 @@ def get_random_string(length): TOPIC_B = "topic/test/offline_sub_unsub/b" + get_random_string(4) MESSAGE_PREFIX = "MagicMessage-" NUMBER_OF_PUBLISHES = 3 -HOST = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" ROOT_CA = "./test-integration/Credentials/rootCA.crt" CERT = "./test-integration/Credentials/certificate.pem.crt" KEY = "./test-integration/Credentials/privateKey.pem.key" @@ -74,7 +73,7 @@ def __init__(self, mode): time.sleep(2) # Make sure the subscription is valid def _create_connected_client(self, id_prefix): - return MQTTClientManager().create_connected_mqtt_client(self.__mode, id_prefix, HOST, (ROOT_CA, CERT, KEY)) + return MQTTClientManager().create_connected_mqtt_client(self.__mode, id_prefix, host, (ROOT_CA, CERT, KEY)) def start(self): thread_client_sub_unsub = Thread(target=self._thread_client_sub_unsub_runtime) @@ -192,9 +191,10 @@ def verify(self): ############################################################################ # Main # # Check inputs -my_check_in_manager = checkInManager(1) +my_check_in_manager = checkInManager(2) my_check_in_manager.verify(sys.argv) mode = my_check_in_manager.mode +host = my_check_in_manager.host skip_when_match(ModeIsALPN(mode).And( Python2VersionLowerThan((2, 7, 10)).Or(Python3VersionLowerThan((3, 5, 0))) diff --git a/test-integration/IntegrationTests/IntegrationTestProgressiveBackoff.py b/test-integration/IntegrationTests/IntegrationTestProgressiveBackoff.py index cd7b7ec..fc937ef 100644 --- a/test-integration/IntegrationTests/IntegrationTestProgressiveBackoff.py +++ b/test-integration/IntegrationTests/IntegrationTestProgressiveBackoff.py @@ -220,11 +220,11 @@ def verifyBackoffTime(answerList, resultList): ############################################################################ # Main # # Check inputs -myCheckInManager = checkInManager.checkInManager(2) +myCheckInManager = checkInManager.checkInManager(3) myCheckInManager.verify(sys.argv) #host via describe-endpoint on this OdinMS: com.amazonaws.iot.device.sdk.credentials.testing.websocket -host = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" +host = myCheckInManager.host rootCA = "./test-integration/Credentials/rootCA.crt" certificate = "./test-integration/Credentials/certificate.pem.crt" privateKey = "./test-integration/Credentials/privateKey.pem.key" diff --git a/test-integration/IntegrationTests/IntegrationTestShadow.py b/test-integration/IntegrationTests/IntegrationTestShadow.py index 9e2c2a5..9b2d85a 100644 --- a/test-integration/IntegrationTests/IntegrationTestShadow.py +++ b/test-integration/IntegrationTests/IntegrationTestShadow.py @@ -150,10 +150,10 @@ def randomString(lengthOfString): ############################################################################ # Main # # Check inputs -myCheckInManager = checkInManager.checkInManager(2) +myCheckInManager = checkInManager.checkInManager(3) myCheckInManager.verify(sys.argv) -host = "ajje7lpljulm4-ats.iot.us-east-1.amazonaws.com" +host = myCheckInManager.host rootCA = "./test-integration/Credentials/rootCA.crt" certificate = "./test-integration/Credentials/certificate.pem.crt" privateKey = "./test-integration/Credentials/privateKey.pem.key" diff --git a/test-integration/IntegrationTests/TestToolLibrary/checkInManager.py b/test-integration/IntegrationTests/TestToolLibrary/checkInManager.py index 2faaa02..aeeedd9 100644 --- a/test-integration/IntegrationTests/TestToolLibrary/checkInManager.py +++ b/test-integration/IntegrationTests/TestToolLibrary/checkInManager.py @@ -7,6 +7,7 @@ class checkInManager: def __init__(self, numberOfInputParameters): self._numberOfInputParameters = numberOfInputParameters self.mode = None + self.host = None self.customParameter = None def verify(self, args): @@ -14,5 +15,6 @@ def verify(self, args): if len(args) != self._numberOfInputParameters + 1: exit(4) self.mode = str(args[1]) - if self._numberOfInputParameters + 1 > 2: - self.customParameter = int(args[2]) + self.host = str(args[2]) + if self._numberOfInputParameters + 1 > 3: + self.customParameter = int(args[3]) diff --git a/test-integration/run/run.sh b/test-integration/run/run.sh index 0eb933b..8e23c91 100755 --- a/test-integration/run/run.sh +++ b/test-integration/run/run.sh @@ -33,14 +33,14 @@ # Define const USAGE="usage: run.sh " -AWSMutualAuth_TodWorker_private_key="arn:aws:secretsmanager:us-east-1:123124136734:secret:V1IotSdkIntegrationTestPrivateKey-vNUQU8" -AWSMutualAuth_TodWorker_certificate="arn:aws:secretsmanager:us-east-1:123124136734:secret:V1IotSdkIntegrationTestCertificate-vTRwjE" +UnitTestHostArn="arn:aws:secretsmanager:us-east-1:180635532705:secret:unit-test/endpoint-HSpeEu" +GreenGrassHostArn="arn:aws:secretsmanager:us-east-1:180635532705:secret:ci/greengrassv1/endpoint-DgM00X" -AWSGGDiscovery_TodWorker_private_key="arn:aws:secretsmanager:us-east-1:123124136734:secret:V1IotSdkIntegrationTestGGDiscoveryPrivateKey-YHQI1F" -AWSGGDiscovery_TodWorker_certificate="arn:aws:secretsmanager:us-east-1:123124136734:secret:V1IotSdkIntegrationTestGGDiscoveryCertificate-TwlAcS" +AWSMutualAuth_TodWorker_private_key="arn:aws:secretsmanager:us-east-1:180635532705:secret:ci/mqtt5/us/Mqtt5Prod/key-kqgyvf" +AWSMutualAuth_TodWorker_certificate="arn:aws:secretsmanager:us-east-1:180635532705:secret:ci/mqtt5/us/Mqtt5Prod/cert-VDI1Gd" -AWSSecretForWebsocket_TodWorker_KeyId="arn:aws:secretsmanager:us-east-1:123124136734:secret:V1IotSdkIntegrationTestWebsocketAccessKeyId-1YdB9z" -AWSSecretForWebsocket_TodWorker_SecretKey="arn:aws:secretsmanager:us-east-1:123124136734:secret:V1IotSdkIntegrationTestWebsocketSecretAccessKey-MKTSaV" +AWSGGDiscovery_TodWorker_private_key="arn:aws:secretsmanager:us-east-1:180635532705:secret:V1IotSdkIntegrationTestGGDiscoveryPrivateKey-BsLvNP" +AWSGGDiscovery_TodWorker_certificate="arn:aws:secretsmanager:us-east-1:180635532705:secret:V1IotSdkIntegrationTestGGDiscoveryCertificate-DSwdhA" SDKLocation="./AWSIoTPythonSDK" @@ -49,6 +49,8 @@ CREDENTIAL_DIR="./test-integration/Credentials/" TEST_DIR="./test-integration/IntegrationTests/" CA_CERT_URL="https://www.amazontrust.com/repository/AmazonRootCA1.pem" CA_CERT_PATH=${CREDENTIAL_DIR}rootCA.crt +TestHost=$(python ${RetrieveAWSKeys} ${UnitTestHostArn}) +GreengrassHost=$(python ${RetrieveAWSKeys} ${GreenGrassHostArn}) @@ -82,11 +84,7 @@ else python ${RetrieveAWSKeys} ${AWSDRSName_certificate} > ${CREDENTIAL_DIR}certificate_drs.pem.crt python ${RetrieveAWSKeys} ${AWSDRSName_privatekey} > ${CREDENTIAL_DIR}privateKey_drs.pem.key elif [ "$1"x == "Websocket"x ]; then - ACCESS_KEY_ID_ARN=$(python ${RetrieveAWSKeys} ${AWSSecretForWebsocket_TodWorker_KeyId}) - ACCESS_SECRET_KEY_ARN=$(python ${RetrieveAWSKeys} ${AWSSecretForWebsocket_TodWorker_SecretKey}) TestMode="Websocket" - export AWS_ACCESS_KEY_ID=${ACCESS_KEY_ID_ARN} - export AWS_SECRET_ACCESS_KEY=${ACCESS_SECRET_KEY_ARN} curl -s "${CA_CERT_URL}" > ${CA_CERT_PATH} echo -e "URL retrieved certificate data\n" elif [ "$1"x == "ALPN"x ]; then @@ -115,11 +113,11 @@ else echo "***************************************************" for file in `ls ${TEST_DIR}` do - # if [ ${file}x == "IntegrationTestMQTTConnection.py"x ]; then if [ ${file##*.}x == "py"x ]; then echo "[SUB] Running test: ${file}..." - + Scale=10 + Host=TestHost case "$file" in "IntegrationTestMQTTConnection.py") Scale=$2 ;; @@ -131,7 +129,8 @@ else ;; "IntegrationTestConfigurablePublishMessageQueueing.py") Scale="" ;; - "IntegrationTestDiscovery.py") Scale="" + "IntegrationTestDiscovery.py") Scale="" + Host=${GreengrassHost} ;; "IntegrationTestAsyncAPIGeneralNotificationCallbacks.py") Scale="" ;; @@ -142,7 +141,7 @@ else "IntegrationTestJobsClient.py") Scale="" esac - python ${TEST_DIR}${file} ${TestMode} ${Scale} + python ${TEST_DIR}${file} ${TestMode} ${TestHost} ${Scale} currentTestStatus=$? echo "[SUB] Test: ${file} completed. Exiting with status: ${currentTestStatus}" if [ ${currentTestStatus} -ne 0 ]; then