add fw + docker setup

deployment/edge/ansible/inventories/group_vars/all.yml → deployment/edge/aws/ansible/inventories/group_vars/all.yml

@@ -4,11 +4,10 @@ aws_access_key_id: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
 aws_secret_access_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
 aws_session_token: "{{ lookup('env', 'AWS_SESSION_TOKEN') }}"
 
-
-java_apt_package: default-jdk
 aws_iot_greengrass_core_software: greengrass-nucleus-latest.zip
 aws_iot_greengrass_group: ggc_group
 aws_iot_greengrass_user: ggc_user
+aws_iot_greengrass_password: "{{ lookup('env', 'AWS_IOT_GREENGRASS_PASSWORD') }}"
 greengrass_aws_region: eu-west-1
 greengrass_root_dir: /greengrass/v2/
 

deployment/edge/aws/ansible/playbooks/setup_the_device_environment_for_aws_iot_greengrass_core_software.yml

@@ -0,0 +1,15 @@
+- name: "Set up the device environment for AWS IoT Greengrass Core software"
+  hosts: all
+  roles:
+    - role: roles/check_env_vars
+      vars:
+        env_vars: [SSH_PUB_KEY_PATH, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN]
+    - role: roles/setup_device_in_passwordless_mode_with_ssh
+    - role: roles/install_required_tools
+    - role: roles/create_user_for_aws_iot_greengrass
+      become: true
+    - role: roles/download_aws_iot_greengrass_core_software
+      remote_user: root
+    - role: roles/install_aws_iot_greengrass_core_software
+    - role: roles/install_docker
+      become: true

deployment/edge/aws/ansible/requirements.yml

@@ -0,0 +1,5 @@
+# requirements.yml
+---
+
+roles:
+- name: staticdev.pyenv

deployment/edge/ansible/roles/create_user_for_aws_iot_greengrass/tasks/main.yml → deployment/edge/aws/ansible/roles/create_user_for_aws_iot_greengrass/tasks/main.yml

@@ -9,9 +9,21 @@
   ansible.builtin.user:
     name: "{{ aws_iot_greengrass_user }}"
     group: "{{ aws_iot_greengrass_group }}"
+    password: "{{ aws_iot_greengrass_password }}"
     create_home: yes
     expires: -1
 
+- name: Add the user "{{ aws_iot_greengrass_user }}" to docker group
+  ansible.builtin.user:
+    name: "{{ aws_iot_greengrass_user }}"
+    group: docker
+
+- name: Set authorized key taken from file
+  ansible.posix.authorized_key:
+    user: "{{ aws_iot_greengrass_user }}"
+    state: present
+    key: "{{ lookup('file', lookup('env','SSH_PUB_KEY_PATH')) }}"
+
 - name: Allow the "root" user to run any commands
   community.general.sudoers:
     name: allow-all-to-root

deployment/edge/ansible/roles/install_aws_iot_greengrass_core_software/tasks/main.yml → deployment/edge/aws/ansible/roles/install_aws_iot_greengrass_core_software/tasks/main.yml

@@ -34,3 +34,9 @@
     AWS_SESSION_TOKEN: "{{ aws_session_token }}"
   when: not gg_dir.stat.exists and not gg_service_file.stat.exists
 
+- name: Enable service greengrass and ensure it is not masked
+  ansible.builtin.systemd_service:
+    name: greengrass
+    enabled: true
+    state: restarted
+    masked: no

deployment/edge/aws/ansible/roles/install_docker/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

deployment/edge/aws/ansible/roles/install_docker/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for install_docker

deployment/edge/aws/ansible/roles/install_docker/files/docker-compose

@@ -0,0 +1 @@
+docker compose "$@"

deployment/edge/aws/ansible/roles/install_docker/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for install_docker

deployment/edge/aws/ansible/roles/install_docker/meta/main.yml

@@ -0,0 +1,34 @@
+galaxy_info:
+  author: your name
+  description: your role description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.

deployment/edge/aws/ansible/roles/install_docker/tasks/main.yml

@@ -0,0 +1,40 @@
+---
+# tasks file for install_docker
+
+- name: Create /etc/apt/keyrings
+  ansible.builtin.file:
+    path: /etc/apt/keyrings
+    state: directory
+    mode: '0755'
+
+- name: Add Docker GPG apt Key
+  ansible.builtin.get_url:
+    url: https://download.docker.com/linux/raspbian/gpg
+    dest: /etc/apt/keyrings/docker.asc
+
+- name: Add Docker Repository
+  apt_repository:
+    repo: "deb [arch=armhf signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/raspbian buster stable"
+    state: present
+
+- name: Update apt and install docker and useful plugins
+  apt:
+    name: "{{ item }}"
+    state: latest
+    update_cache: true
+  loop: [docker-ce, docker-ce-cli, containerd.io, docker-buildx-plugin, docker-compose-plugin]
+
+- name: Copy docker-compose file with owner and permissions
+  ansible.builtin.copy:
+    src: files/docker-compose
+    dest: /usr/bin/docker-compose
+    owner: root
+    group: root
+    mode: '0755'
+
+- name: Enable service docker and ensure it is not masked
+  ansible.builtin.systemd_service:
+    name: docker
+    enabled: true
+    state: restarted
+    masked: no

deployment/edge/aws/ansible/roles/install_docker/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

deployment/edge/aws/ansible/roles/install_docker/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - install_docker

deployment/edge/aws/ansible/roles/install_docker/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for install_docker

deployment/edge/aws/ansible/roles/install_required_tools/files/useful_debian_packages

@@ -0,0 +1,26 @@
+acl
+build-essential
+curl
+default-jdk
+gcc
+git
+libbz2-dev
+libffi-dev
+liblzma-dev
+libncurses5-dev
+libncursesw5-dev
+libreadline-dev
+libsqlite3-dev
+libssl-dev
+libxml2-dev
+libxmlsec1-dev
+llvm
+lsb-release
+make
+python3-openssl
+python3-pip
+tk-dev
+xz-utils
+vim
+wget
+zlib1g-dev

deployment/edge/ansible/roles/install_required_tools/tasks/main.yml → deployment/edge/aws/ansible/roles/install_required_tools/tasks/main.yml

@@ -6,7 +6,7 @@
     state: present
     update_cache: yes
   become: true
-  loop: ["{{ java_apt_package }}", acl, git, gcc, make, python3-pip, vim]
+  loop: "{{ lookup('file', 'files/useful_debian_packages').splitlines() }}"
 
 - name: Print the Java version
   ansible.builtin.shell: java -version
@@ -15,3 +15,12 @@
   ansible.builtin.pip:
     name: pip
     state: latest
+
+# - name: install pyenv
+#   import_role:
+#     name: staticdev.pyenv
+#   vars:
+#     pyenv_env: 'system'
+#     pyenv_global: ["3.9"]
+#     pyenv_python_versions: ["3.9"]
+#     pyenv_enable_autocompletion: true

deployment/hub/aws/aws-greengrass-labs-s3-file-uploader/README.md

@@ -0,0 +1,16 @@
+# Getting Started
+
+## Step 1: Install the Greengrass Development Kit CLI
+
+```shell
+python3 -m pip install -U git+https://github.com/aws-greengrass/[email protected]
+```
+
+## Step 2: Develop a component that defers updates
+
+Prepare the [gdk-config.json](./gdk-config.json) file for publication.
+
+See the [AWS Greengrass doc](https://docs.aws.amazon.com/greengrass/v2/developerguide/develop-component-defer-updates.html) for more information.
+
+## Step 3: Publish the component to the AWS IoT Greengrass service
+

deployment/hub/aws/aws-greengrass-labs-s3-file-uploader/main.py

@@ -0,0 +1,74 @@
+#  Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#  
+#  Licensed under the Apache License, Version 2.0 (the "License").
+#  You may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#  
+#      http://www.apache.org/licenses/LICENSE-2.0
+#  
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+
+
+
+
+import sys
+import time
+import asyncio
+import logging
+from urllib.parse import urlparse
+from src.DirectoryUploader import DirectoryUploader
+
+# This example scans a folder for a file pattern and upload the files that match to S3
+# The program monitor the completion of the S3 operation and upon succefull 
+
+
+async def main(logger:logging.Logger, pathname,bucket_name,bucket_path,interval):
+
+    logger.info("==== main ====")
+
+    while True:
+        du = None
+        try:
+            du = DirectoryUploader(pathname=pathname,bucket_name=bucket_name,bucket_path=bucket_path,interval=interval,logger=logger)
+            await du.Run()
+        except Exception:
+            logger.exception("Exception while running")
+        finally:
+            if du is not None:
+                du.Close()
+        #something very wrong happened. Let's pause for 1 minute and start again
+        time.sleep(60)
+
+
+
+# Start up this sample code
+
+if __name__ == "__main__":
+    #args :  pathname, bucket_name, interval, log_level
+    if len(sys.argv) == 6:
+        #Todo: validate arguments.
+
+        print("PRINTING INCOMING ARGUMENTS")
+        print(sys.argv)
+        pathname = sys.argv[1]
+        bucket_name = sys.argv[2]
+        bucket_path = sys.argv[3]
+        interval = sys.argv[4]
+        log_level = sys.argv[5]
+
+        logging.basicConfig(level=log_level)
+        logger=logging.getLogger()
+
+        logger.info(f'File uploader started with; pathname={pathname}, bucket_name={bucket_name}, bucket_path={bucket_path}, interval={interval}')
+        asyncio.run(main(logger,pathname,bucket_name,bucket_path,int(interval)))
+    else:
+        logging.basicConfig(level=logging.INFO)
+        logger=logging.getLogger()
+        logger.error(f'6 argument required, only {len(sys.argv)} provided.')
+
+

deployment/hub/aws/aws-greengrass-labs-s3-file-uploader/recipe.yaml

@@ -0,0 +1,26 @@
+---
+RecipeFormatVersion: "2020-01-25"
+ComponentName: "{COMPONENT_NAME}"
+ComponentVersion: "{COMPONENT_VERSION}"
+ComponentDescription: "This is simple file uploader component written in Python."
+ComponentPublisher: "{COMPONENT_AUTHOR}"
+ComponentDependencies:
+  aws.greengrass.StreamManager:
+    VersionRequirement: "^2.0.0"
+    DependencyType: "HARD"
+ComponentConfiguration:
+  DefaultConfiguration:
+    PathName: "<PLACEHOLDER PATH HERE>"
+    BucketName: "<PLACEHOLDER BUCKET HERE>"
+    ObjectKeyPrefix: "<PLACEHOLDER OBJECT PREFIX HERE>"
+    Interval: "1"
+    LogLevel: "INFO"
+Manifests:
+  - Platform:
+      os: linux
+    Artifacts:
+      - URI: "s3://BUCKET_NAME/COMPONENT_NAME/COMPONENT_VERSION/aws-greengrass-labs-s3-file-uploader.zip"
+        Unarchive: ZIP
+    Lifecycle:
+      Run: "python3 -u {artifacts:decompressedPath}/aws-greengrass-labs-s3-file-uploader/main.py \"{configuration:/PathName}\" \"{configuration:/BucketName}\" \"{configuration:/ObjectKeyPrefix}\" \"{configuration:/Interval}\" \"{configuration:/LogLevel}\""
+      Install: "pip3 install --user -r {artifacts:decompressedPath}/aws-greengrass-labs-s3-file-uploader/requirements.txt"

deployment/hub/aws/aws-greengrass-labs-s3-file-uploader/requirements.txt

@@ -0,0 +1 @@
+stream-manager==1.1.1

deployment/hub/aws/aws-greengrass-labs-s3-file-uploader/requirements_dev.txt

@@ -0,0 +1,3 @@
+-r requirements.txt
+pytest==7.0.1
+git+https://github.com/aws-greengrass/[email protected]#egg=gdk