1#!/bin/sh 2 3# Get the S3 URL containing all of the MQTT5 testing environment variables passed in to the bash script 4testing_env_bucket=$1 5region=$2 6 7# Make sure we have something: 8if [ "${testing_env_bucket}" != "" ] && [ "${region}" != "" ]; then 9 echo "S3 bucket for environment variables found and region" 10else 11 echo "Could not get S3 bucket for environment variables and/or region." 12 echo "You need to run this script and pass the S3 URL of the file containing" 13 echo "all of the environment variables to set, as well as the secrets for certificates and private keys" 14 echo "" 15 echo "Example: mqtt5_test_setup.sh s3://<bucket>/<file> <region>" 16 echo "" 17 echo "When finished, run 'cleanup' to remove the files downloaded:" 18 echo "" 19 echo "Example: mqtt5_test_setup.sh s3://<bucket>/<file> cleanup" 20 echo "" 21 return 1 22fi 23 24# Is this just a request to clean up? 25# NOTE: This blindly assumes there is a environment_files.txt file 26if [ "${region}" != "cleanup" ]; then 27 sleep 0.1 # we have to do something to do an else... 28else 29 echo "Undoing environment variables" 30 unset $(grep -v '^#' ${PWD}/environment_files.txt | xargs | cut -d "=" -f 1) 31 unset AWS_TEST_MQTT5_CERTIFICATE_FILE 32 unset AWS_TEST_MQTT5_KEY_FILE 33 unset AWS_TEST_MQTT5_IOT_CERTIFICATE_PATH 34 unset AWS_TEST_MQTT5_IOT_KEY_PATH 35 36 echo "Cleaning up resources..." 37 rm "${PWD}/environment_files.txt" 38 rm "${PWD}/crt_certificate.pem" 39 rm "${PWD}/crt_privatekey.pem" 40 rm "${PWD}/iot_certificate.pem" 41 rm "${PWD}/iot_privatekey.pem" 42 43 echo "Success!" 44 return 0 45fi 46 47# Get the file from S3 48aws s3 cp ${testing_env_bucket} ${PWD}/environment_files.txt 49testing_env_file=$( cat environment_files.txt ) 50# Make sure we have data of some form 51if [ "${testing_env_file}" != "" ]; then 52 echo "Environment variables secret found" 53else 54 echo "Could not get environment variables from secrets!" 55 return 1 56fi 57 58# Make all the variables in mqtt5_environment_variables.txt exported 59# so we can run MQTT5 tests 60export $(grep -v '^#' environment_files.txt | xargs) 61 62# CRT/non-builder certificate and key processing 63# Get the certificate and key secrets (dumps straight to a file) 64crt_cert_file=$(aws secretsmanager get-secret-value --secret-id "${AWS_TEST_MQTT5_CERTIFICATE_FILE_SECRET}" --query "SecretString" --region ${region} | cut -f2 -d":" | cut -f2 -d\") && echo -e "$crt_cert_file" > ${PWD}/crt_certificate.pem 65crt_key_file=$(aws secretsmanager get-secret-value --secret-id "${AWS_TEST_MQTT5_KEY_FILE_SECRET}" --query "SecretString" --region ${region} | cut -f2 -d":" | cut -f2 -d\") && echo -e "$crt_key_file" > ${PWD}/crt_privatekey.pem 66# Does the certificate file have data? If not, then abort! 67if [ "${crt_cert_file}" != "" ]; then 68 echo "CRT Certificate secret found" 69else 70 echo "Could not get CRT certificate from secrets!" 71 72 # Clean up... 73 unset $(grep -v '^#' environment_files.txt | xargs | cut -d "=" -f 1) 74 rm "${PWD}/environment_files.txt" 75 rm "${PWD}/crt_certificate.pem" 76 rm "${PWD}/crt_privatekey.pem" 77 78 return 1 79fi 80# Does the private key file have data? If not, then abort! 81if [ "${crt_key_file}" != "" ]; then 82 echo "CRT Private key secret found" 83else 84 echo "Could not get CRT private key from secrets!" 85 86 # Clean up... 87 unset $(grep -v '^#' environment_files.txt | xargs | cut -d "=" -f 1) 88 rm "${PWD}/environment_files.txt" 89 rm "${PWD}/crt_certificate.pem" 90 rm "${PWD}/crt_privatekey.pem" 91 92 return 1 93fi 94# Set the certificate and key paths (absolute paths for best compatbility) 95export AWS_TEST_MQTT5_CERTIFICATE_FILE="${PWD}/crt_certificate.pem" 96export AWS_TEST_MQTT5_KEY_FILE="${PWD}/crt_privatekey.pem" 97 98 99# IoT/Builder certificate and key processing 100# Get the certificate and key secrets (dumps straight to a file) 101iot_cert_file=$(aws secretsmanager get-secret-value --secret-id "${AWS_TEST_MQTT5_IOT_CERTIFICATE_PATH_SECRET}" --query "SecretString" --region ${region} | cut -f2 -d":" | cut -f2 -d\") && echo -e "$iot_cert_file" > ./iot_certificate.pem 102iot_key_file=$(aws secretsmanager get-secret-value --secret-id "${AWS_TEST_MQTT5_IOT_KEY_PATH_SECRET}" --query "SecretString" --region ${region} | cut -f2 -d":" | cut -f2 -d\") && echo -e "$iot_key_file" > ./iot_privatekey.pem 103 104# Does the certificate file have data? If not, then abort! 105if [ "${iot_cert_file}" != "" ]; then 106 echo "IoT Certificate secret found" 107else 108 echo "Could not get IoT certificate from secrets!" 109 110 # Clean up... 111 unset $(grep -v '^#' environment_files.txt | xargs | cut -d "=" -f 1) 112 unset AWS_TEST_MQTT5_CERTIFICATE_FILE 113 unset AWS_TEST_MQTT5_KEY_FILE 114 rm "${PWD}/environment_files.txt" 115 rm "${PWD}/crt_certificate.pem" 116 rm "${PWD}/crt_privatekey.pem" 117 rm "${PWD}/iot_certificate.pem" 118 rm "${PWD}/iot_privatekey.pem" 119 120 return 1 121fi 122# Does the private key file have data? If not, then abort! 123if [ "${iot_key_file}" != "" ]; then 124 echo "IoT Private key secret found" 125else 126 echo "Could not get IoT private key from secrets!" 127 128 # Clean up... 129 unset $(grep -v '^#' environment_files.txt | xargs | cut -d "=" -f 1) 130 unset AWS_TEST_MQTT5_CERTIFICATE_FILE 131 unset AWS_TEST_MQTT5_KEY_FILE 132 rm "${PWD}/environment_files.txt" 133 rm "${PWD}/crt_certificate.pem" 134 rm "${PWD}/crt_privatekey.pem" 135 rm "${PWD}/iot_certificate.pem" 136 rm "${PWD}/iot_privatekey.pem" 137 138 return 1 139fi 140 141# Set IoT certificate and key paths 142export AWS_TEST_MQTT5_IOT_CERTIFICATE_PATH="${PWD}/iot_certificate.pem" 143export AWS_TEST_MQTT5_IOT_KEY_PATH="${PWD}/iot_privatekey.pem" 144 145# Everything is set and ready 146echo "Success: Environment variables set!" 147return 0 148