Skip to content

Commit

Permalink
New CodeBuild workflow (#328)
Browse files Browse the repository at this point in the history 
Use new CodeBuild workflow
  • Loading branch information
@TwistedTwigleg
TwistedTwigleg authored Nov 10, 2022
1 parent 922f917 commit 59ccac1
Show file tree
Hide file tree
Showing 8 changed files with 120 additions and 9 deletions.
3 changes: 2 additions & 1 deletion codebuild/samples/connect-linux.sh
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
#!/bin/bash

set -e
set -o pipefail

env

pushd $CODEBUILD_SRC_DIR/samples/BasicConnect

ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "unit-test/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')
ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')

mvn compile

Expand Down
19 changes: 19 additions & 0 deletions codebuild/samples/custom-auth-linux.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
#!/bin/bash

set -e
set -o pipefail

env

pushd $CODEBUILD_SRC_DIR/samples/CustomAuthorizerConnect

ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')
AUTH_NAME=$(aws secretsmanager get-secret-value --secret-id "ci/CustomAuthorizer/name" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')
AUTH_PASSWORD=$(aws secretsmanager get-secret-value --secret-id "ci/CustomAuthorizer/password" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')

mvn compile

echo "Mqtt Connect with Custom Authorizer test"
mvn exec:java -Dexec.mainClass="customauthorizerconnect.CustomAuthorizerConnect" -Daws.crt.ci="True" -Dexec.arguments="--endpoint,$ENDPOINT,--custom_auth_authorizer_name,$AUTH_NAME,--custom_auth_password,$AUTH_PASSWORD"

popd
16 changes: 16 additions & 0 deletions codebuild/samples/custom-key-ops-linux.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#!/bin/bash

set -e
set -o pipefail
env

pushd $CODEBUILD_SRC_DIR/samples/CustomKeyOpsPubSub

ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')

mvn compile

echo "Custom Key Ops test"
mvn exec:java -Dexec.mainClass="customkeyopspubsub.CustomKeyOpsPubSub" -Daws.crt.ci="True" -Dexec.arguments="--endpoint,$ENDPOINT,--key,/tmp/privatekey_p8.pem,--cert,/tmp/certificate.pem"

popd
18 changes: 14 additions & 4 deletions codebuild/samples/linux-smoke-tests.yml
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,29 @@
# Assumes are running using the Ubuntu Codebuild standard image
# NOTE: This script assumes that the AWS CLI-V2 is pre-installed!
# - AWS CLI-V2 is a requirement to run this script.
version: 0.2
#this build spec assumes the ubuntu aws/codebuild/java:openjdk-8 image
phases:
install:
commands:
- sudo add-apt-repository ppa:openjdk-r/ppa
- sudo add-apt-repository ppa:ubuntu-toolchain-r/test
- sudo apt-get update -y
- curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "/tmp/awscliv2.zip"
- unzip -q -d /tmp /tmp/awscliv2.zip
- sudo /tmp/aws/install
- sudo apt-get install softhsm -y
- echo "\nBuild version data:"
- echo "\nJava Version:"; java -version
- echo "\nMaven Version:"; mvn --version
- echo "\nSoftHSM (PKCS11) version:"; softhsm2-util --version
- echo "\n"
build:
commands:
- echo Build started on `date`
- $CODEBUILD_SRC_DIR/codebuild/samples/setup-linux.sh
- $CODEBUILD_SRC_DIR/codebuild/samples/connect-linux.sh
- $CODEBUILD_SRC_DIR/codebuild/samples/custom-auth-linux.sh
- $CODEBUILD_SRC_DIR/codebuild/samples/custom-key-ops-linux.sh
- $CODEBUILD_SRC_DIR/codebuild/samples/pkcs11-connect-linux.sh
- $CODEBUILD_SRC_DIR/codebuild/samples/pubsub-linux.sh
- $CODEBUILD_SRC_DIR/codebuild/samples/shadow-linux.sh
post_build:
commands:
- echo Build completed on `date`
Expand Down
31 changes: 31 additions & 0 deletions codebuild/samples/pkcs11-connect-linux.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
#!/bin/bash

set -e
set -o pipefail

pushd $CODEBUILD_SRC_DIR/samples/Pkcs11Connect

ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')

# from hereon commands are echoed. don't leak secrets
set -x

softhsm2-util --version

# SoftHSM2's default tokendir path might be invalid on this machine
# so set up a conf file that specifies a known good tokendir path
mkdir -p /tmp/tokens
export SOFTHSM2_CONF=/tmp/softhsm2.conf
echo "directories.tokendir = /tmp/tokens" > /tmp/softhsm2.conf

# create token
softhsm2-util --init-token --free --label my-token --pin 0000 --so-pin 0000

# add private key to token (must be in PKCS#8 format)
openssl pkcs8 -topk8 -in /tmp/privatekey.pem -out /tmp/privatekey.p8.pem -nocrypt
softhsm2-util --import /tmp/privatekey.p8.pem --token my-token --label my-key --id BEEFCAFE --pin 0000

# run sample
mvn exec:java -Dexec.mainClass="pkcs11connect.Pkcs11Connect" -Daws.crt.ci="True" -Dexec.arguments="--endpoint,$ENDPOINT,--cert,/tmp/certificate.pem,--pkcs11_lib,/usr/lib/softhsm/libsofthsm2.so,--pin,0000,--token_label,my-token,--key_label,my-key"

popd
17 changes: 17 additions & 0 deletions codebuild/samples/pubsub-linux.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/bin/bash

set -e
set -o pipefail

env

pushd $CODEBUILD_SRC_DIR/samples/BasicPubSub

ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')

mvn compile

echo "Basic PubSub test"
mvn exec:java -Dexec.mainClass="pubsub.PubSub" -Daws.crt.ci="True" -Dexec.arguments="--endpoint,$ENDPOINT,--key,/tmp/privatekey.pem,--cert,/tmp/certificate.pem"

popd
8 changes: 4 additions & 4 deletions codebuild/samples/setup-linux.sh
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#!/bin/bash

set -e
set -o pipefail

env

Expand All @@ -11,7 +12,6 @@ ulimit -c unlimited
mvn compile
mvn install -DskipTests=true

cert=$(aws secretsmanager get-secret-value --secret-id "unit-test/certificate" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$cert" > /tmp/certificate.pem
key=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key" > /tmp/privatekey.pem
key_p8=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey-p8" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key_p8" > /tmp/privatekey_p8.pem

cert=$(aws secretsmanager get-secret-value --secret-id "ci/CodeBuild/cert" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$cert" > /tmp/certificate.pem
key=$(aws secretsmanager get-secret-value --secret-id "ci/CodeBuild/key" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key" > /tmp/privatekey.pem
key_p8=$(aws secretsmanager get-secret-value --secret-id "ci/CodeBuild/keyp8" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key_p8" > /tmp/privatekey_p8.pem
17 changes: 17 additions & 0 deletions codebuild/samples/shadow-linux.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/bin/bash

set -e
set -o pipefail

env

pushd $CODEBUILD_SRC_DIR/samples/Shadow

ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g')

mvn compile

echo "Shadow test"
mvn exec:java -Dexec.mainClass="shadow.ShadowSample" -Daws.crt.ci="True" -Dexec.arguments="--endpoint,$ENDPOINT,--key,/tmp/privatekey.pem,--cert,/tmp/certificate.pem,--thing_name,CI_CodeBuild_Thing"

popd

0 comments on commit 59ccac1

Please sign in to comment.