-
Notifications
You must be signed in to change notification settings - Fork 472
Expand file tree
/
Copy pathnested-edge-deploy-agent.sh
More file actions
279 lines (238 loc) · 12 KB
/
nested-edge-deploy-agent.sh
File metadata and controls
279 lines (238 loc) · 12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
#!/usr/bin/env bash
# This script is intended to be used for nested edge tests. It deploys level 4 and level 5.
# Level 3 is deployed by specialized script for connectivity/long haul and quick start.
function create_certificates() {
echo "Installing test root certificate bundle."
echo "Generating edge device certificate"
device_name=$(ip route get 8.8.8.8 | sed -n '/src/{s/.*src *\([^ ]*\).*/\1/p;q}')
eval device_name=${device_name}
echo " Hostname IP: ${device_name}"
/certs/certGen.sh create_edge_device_certificate ${device_name}
}
function setup_iotedge() {
sudo touch /etc/aziot/config.toml
device_ca_cert_path="file:///certs/certs/iot-edge-device-${device_name}-full-chain.cert.pem"
trusted_ca_certs_path="file:///certs/certs/azure-iot-test-only.root.ca.cert.pem"
device_key_cert_path="file:///certs/private/iot-edge-device-${device_name}.key.pem"
echo "hostname = \"$device_name\"" | sudo tee -a /etc/aziot/config.toml
if [ ! -z $PARENT_NAME ]; then
echo "parent_hostname = \"$PARENT_NAME\"" | sudo tee -a /etc/aziot/config.toml
fi
echo "trust_bundle_cert = \"$trusted_ca_certs_path\"" | sudo tee -a /etc/aziot/config.toml
echo "" | sudo tee -a /etc/aziot/config.toml
echo "[provisioning]" | sudo tee -a /etc/aziot/config.toml
echo "source = \"manual\"" | sudo tee -a /etc/aziot/config.toml
echo "connection_string = \"${CONNECTION_STRING}\"" | sudo tee -a /etc/aziot/config.toml
echo "" | sudo tee -a /etc/aziot/config.toml
echo "[edge_ca]" | sudo tee -a /etc/aziot/config.toml
echo "cert = \"$device_ca_cert_path\"" | sudo tee -a /etc/aziot/config.toml
echo "pk = \"$device_key_cert_path\"" | sudo tee -a /etc/aziot/config.toml
echo "" | sudo tee -a /etc/aziot/config.toml
echo "[agent]" | sudo tee -a /etc/aziot/config.toml
echo "name = \"edgeAgent\"" | sudo tee -a /etc/aziot/config.toml
echo "type = \"docker\"" | sudo tee -a /etc/aziot/config.toml
echo "[agent.config]" | sudo tee -a /etc/aziot/config.toml
if [ ! -z $PARENT_NAME ]; then
echo "image = \"\$upstream:443/microsoft/azureiotedge-agent:$ARTIFACT_IMAGE_BUILD_NUMBER-linux-$image_architecture_label\"" | sudo tee -a /etc/aziot/config.toml
else
echo "image = \"${CONTAINER_REGISTRY}:443/microsoft/azureiotedge-agent:$ARTIFACT_IMAGE_BUILD_NUMBER-linux-$image_architecture_label\"" | sudo tee -a /etc/aziot/config.toml
fi
echo "createOptions = { }" | sudo tee -a /etc/aziot/config.toml
echo "" | sudo tee -a /etc/aziot/config.toml
if [ -z $PARENT_NAME ]; then
echo "[agent.config.auth]" | sudo tee -a /etc/aziot/config.toml
echo "serveraddress = \"${CONTAINER_REGISTRY}\"" | sudo tee -a /etc/aziot/config.toml
echo "username = \"${CONTAINER_REGISTRY_USERNAME}\"" | sudo tee -a /etc/aziot/config.toml
echo "password = \"${CONTAINER_REGISTRY_PASSWORD}\"" | sudo tee -a /etc/aziot/config.toml
echo "" | sudo tee -a /etc/aziot/config.toml
fi
if [ ! -z $PROXY_ADDRESS ]; then
echo "Configuring the bootstrapping edgeAgent to use http proxy"
echo "[agent.env]" | sudo tee -a /etc/aziot/config.toml
echo "https_proxy = \"${PROXY_ADDRESS}\"" | sudo tee -a /etc/aziot/config.toml
echo "" | sudo tee -a /etc/aziot/config.toml
echo "Adding proxy configuration to docker"
sudo mkdir -p /etc/systemd/system/docker.service.d/
{ echo "[Service]";
echo "Environment=HTTPS_PROXY=${PROXY_ADDRESS}";
} | sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf
sudo systemctl daemon-reload
sudo systemctl restart docker
echo "Adding proxy configuration to IoT Edge daemon"
sudo mkdir -p /etc/systemd/system/aziot-identityd.service.d/
{ echo "[Service]";
echo "Environment=HTTPS_PROXY=${PROXY_ADDRESS}";
} | sudo tee /etc/systemd/system/aziot-identityd.service.d/proxy.conf
sudo systemctl daemon-reload
echo "Adding proxy configuration to IoT Edge daemon"
sudo mkdir -p /etc/systemd/system/aziot-edged.service.d/
{ echo "[Service]";
echo "Environment=HTTPS_PROXY=${PROXY_ADDRESS}";
} | sudo tee /etc/systemd/system/aziot-edged.service.d/proxy.conf
sudo systemctl daemon-reload
fi
sudo cat /etc/aziot/config.toml
echo "Start IoT edge"
sudo iotedge config apply
}
function prepare_test_from_artifacts() {
print_highlighted_message 'Prepare test from artifacts'
echo 'Remove working folder'
rm -rf "$working_folder"
mkdir -p "$working_folder"
echo "Copy deployment file from $connectivity_deployment_artifact_file"
cp "$connectivity_deployment_artifact_file" "$deployment_working_file"
sed -i -e "s@<Architecture>@$image_architecture_label@g" "$deployment_working_file"
sed -i -e "s/<Build.BuildNumber>/$ARTIFACT_IMAGE_BUILD_NUMBER/g" "$deployment_working_file"
sed -i -e "s/<EdgeRuntime.BuildNumber>/$EDGE_RUNTIME_BUILD_NUMBER/g" "$deployment_working_file"
sed -i -e "s@<Container_Registry>@$CONTAINER_REGISTRY@g" "$deployment_working_file"
sed -i -e "s@<CR.Username>@$CONTAINER_REGISTRY_USERNAME@g" "$deployment_working_file"
sed -i -e "s@<CR.Password>@$CONTAINER_REGISTRY_PASSWORD@g" "$deployment_working_file"
sed -i -e "s@<IoTHubConnectionString>@$IOT_HUB_CONNECTION_STRING@g" "$deployment_working_file"
sed -i -e "s@<proxyAddress>@$PROXY_ADDRESS@g" "$deployment_working_file"
if [[ ! -z "$CUSTOM_EDGE_AGENT_IMAGE" ]]; then
sed -i -e "s@\"image\":.*azureiotedge-agent:.*\"@\"image\": \"$CUSTOM_EDGE_AGENT_IMAGE\"@g" "$deployment_working_file"
fi
if [[ ! -z "$CUSTOM_EDGE_HUB_IMAGE" ]]; then
sed -i -e "s@\"image\":.*azureiotedge-hub:.*\"@\"image\": \"$CUSTOM_EDGE_HUB_IMAGE\"@g" "$deployment_working_file"
fi
sudo cat ${deployment_working_file}
# 5/22/2024 - Temporary work around the issue where the az cli command cannot authorize itself within *.sh script using the service principal's service connection
#deploy the config in azure portal
#az iot edge set-modules --device-id ${DEVICE_ID} --hub-name ${IOT_HUB_NAME} --content ${deployment_working_file} --output none
}
function process_args() {
print_highlighted_message 'Process arguments'
saveNextArg=0
for arg in "$@"
do
if [ $saveNextArg -eq 1 ]; then
E2E_TEST_DIR="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 2 ]; then
RELEASE_LABEL="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 3 ]; then
ARTIFACT_IMAGE_BUILD_NUMBER="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 4 ]; then
CONTAINER_REGISTRY="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 5 ]; then
CONTAINER_REGISTRY_USERNAME="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 6 ]; then
CONTAINER_REGISTRY_PASSWORD="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 7 ]; then
IOT_HUB_CONNECTION_STRING="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 8 ]; then
BLOB_STORE_SAS="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 9 ]; then
DEPLOYMENT_FILE_NAME="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 10 ]; then
EDGE_RUNTIME_BUILD_NUMBER="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 11 ]; then
CUSTOM_EDGE_AGENT_IMAGE="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 12 ]; then
CUSTOM_EDGE_HUB_IMAGE="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 13 ]; then
SUBSCRIPTION="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 14 ]; then
LEVEL="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 15 ]; then
PARENT_NAME="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 16 ]; then
CONNECTION_STRING="$arg"
saveNextArg=0
# 5/22/2024 - Temporary work around the issue where the az cli command cannot authorize itself within *.sh script using the service principal's service connection
# elif [ $saveNextArg -eq 17 ]; then
# DEVICE_ID="$arg"
# saveNextArg=0
# elif [ $saveNextArg -eq 18 ]; then
# IOT_HUB_NAME="$arg"
# saveNextArg=0
elif [ $saveNextArg -eq 19 ]; then
PROXY_ADDRESS="$arg"
saveNextArg=0
elif [ $saveNextArg -eq 20 ]; then
CHANGE_DEPLOY_CONFIG_ONLY="$arg"
saveNextArg=0
else
case "$arg" in
'-h' | '--help' ) usage;;
'-testDir' ) saveNextArg=1;;
'-releaseLabel' ) saveNextArg=2;;
'-artifactImageBuildNumber' ) saveNextArg=3;;
'-containerRegistry' ) saveNextArg=4;;
'-containerRegistryUsername' ) saveNextArg=5;;
'-containerRegistryPassword' ) saveNextArg=6;;
'-iotHubConnectionString' ) saveNextArg=7;;
'-blobStorageAccountUriWithSasToken' ) saveNextArg=8;;
'-deploymentFileName' ) saveNextArg=9;;
'-edgeRuntimeBuildNumber' ) saveNextArg=10;;
'-customEdgeAgentImage' ) saveNextArg=11;;
'-customEdgeHubImage' ) saveNextArg=12;;
'-subscription' ) saveNextArg=13;;
'-level' ) saveNextArg=14;;
'-parentName' ) saveNextArg=15;;
'-connectionString' ) saveNextArg=16;;
'-deviceId' ) saveNextArg=17;;
'-iotHubName' ) saveNextArg=18;;
'-proxyAddress' ) saveNextArg=19;;
'-changeDeployConfigOnly' ) saveNextArg=20;;
'-waitForTestComplete' ) WAIT_FOR_TEST_COMPLETE=1;;
'-cleanAll' ) CLEAN_ALL=1;;
* )
echo "Unsupported argument: $saveNextArg $arg"
usage
;;
esac
fi
done
# Required parameters
# 5/22/2024 - Temporary work around the issue where the az cli command cannot authorize itself within *.sh script using the service principal's service connection
# [[ -z "$DEVICE_ID" ]] && { print_error 'DEVICE_ID is required.'; exit 1; }
[[ -z "$SUBSCRIPTION" ]] && { print_error 'SUBSCRIPTION is required.'; exit 1; }
[[ -z "$LEVEL" ]] && { print_error 'Level is required.'; exit 1; }
[[ -z "$ARTIFACT_IMAGE_BUILD_NUMBER" ]] && { print_error 'Artifact image build number is required'; exit 1; }
[[ -z "$CONTAINER_REGISTRY_USERNAME" ]] && { print_error 'Container registry username is required'; exit 1; }
[[ -z "$CONTAINER_REGISTRY_PASSWORD" ]] && { print_error 'Container registry password is required'; exit 1; }
[[ -z "$DEPLOYMENT_FILE_NAME" ]] && { print_error 'Deployment file name is required'; exit 1; }
[[ -z "$IOT_HUB_CONNECTION_STRING" ]] && { print_error 'IoT hub connection string is required'; exit 1; }
[[ -z "$BLOB_STORE_SAS" ]] && { print_error 'Blob storage URI is required'; exit 1; }
echo 'Required parameters are provided'
}
function set_output_params() {
echo "##vso[task.setvariable variable=deviceName;isOutput=true]${device_name}"
}
set -e
# Import test-related functions
. $(dirname "$0")/NestTestHelper.sh
#necessary to avoid tput error
export TERM=linux
process_args "$@"
get_image_architecture_label
working_folder="$E2E_TEST_DIR/working"
#@TODO remove hardcoding
#connectivity_deployment_artifact_file="$E2E_TEST_DIR/artifacts/core-linux/e2e_deployment_files/$DEPLOYMENT_FILE_NAME"
connectivity_deployment_artifact_file="e2e_deployment_files/$DEPLOYMENT_FILE_NAME"
deployment_working_file="$working_folder/deployment.json"
prepare_test_from_artifacts
if [ "$CHANGE_DEPLOY_CONFIG_ONLY" != "true" ]; then
create_iotedge_service_config
create_certificates
setup_iotedge
set_output_params
fi
#clean up
#az iot hub device-identity delete -n ${iotHubName} -d ${iotEdgeDevicesName}