1*3c7ae9deSAndroid Build Coastguard Worker#!/bin/sh 2*3c7ae9deSAndroid Build Coastguard Worker 3*3c7ae9deSAndroid Build Coastguard Worker# Get the S3 URL containing all of the MQTT5 testing environment variables passed in to the bash script 4*3c7ae9deSAndroid Build Coastguard Workertesting_env_bucket=$1 5*3c7ae9deSAndroid Build Coastguard Workerregion=$2 6*3c7ae9deSAndroid Build Coastguard Worker 7*3c7ae9deSAndroid Build Coastguard Worker# Make sure we have something: 8*3c7ae9deSAndroid Build Coastguard Workerif [ "${testing_env_bucket}" != "" ] && [ "${region}" != "" ]; then 9*3c7ae9deSAndroid Build Coastguard Worker echo "S3 bucket for environment variables found and region" 10*3c7ae9deSAndroid Build Coastguard Workerelse 11*3c7ae9deSAndroid Build Coastguard Worker echo "Could not get S3 bucket for environment variables and/or region." 12*3c7ae9deSAndroid Build Coastguard Worker echo "You need to run this script and pass the S3 URL of the file containing" 13*3c7ae9deSAndroid Build Coastguard Worker echo "all of the environment variables to set, as well as the secrets for certificates and private keys" 14*3c7ae9deSAndroid Build Coastguard Worker echo "" 15*3c7ae9deSAndroid Build Coastguard Worker echo "Example: mqtt5_test_setup.sh s3://<bucket>/<file> <region>" 16*3c7ae9deSAndroid Build Coastguard Worker echo "" 17*3c7ae9deSAndroid Build Coastguard Worker echo "When finished, run 'cleanup' to remove the files downloaded:" 18*3c7ae9deSAndroid Build Coastguard Worker echo "" 19*3c7ae9deSAndroid Build Coastguard Worker echo "Example: mqtt5_test_setup.sh s3://<bucket>/<file> cleanup" 20*3c7ae9deSAndroid Build Coastguard Worker echo "" 21*3c7ae9deSAndroid Build Coastguard Worker return 1 22*3c7ae9deSAndroid Build Coastguard Workerfi 23*3c7ae9deSAndroid Build Coastguard Worker 24*3c7ae9deSAndroid Build Coastguard Worker# Is this just a request to clean up? 25*3c7ae9deSAndroid Build Coastguard Worker# NOTE: This blindly assumes there is a environment_files.txt file 26*3c7ae9deSAndroid Build Coastguard Workerif [ "${region}" != "cleanup" ]; then 27*3c7ae9deSAndroid Build Coastguard Worker sleep 0.1 # we have to do something to do an else... 28*3c7ae9deSAndroid Build Coastguard Workerelse 29*3c7ae9deSAndroid Build Coastguard Worker echo "Undoing environment variables" 30*3c7ae9deSAndroid Build Coastguard Worker unset $(grep -v '^#' ${PWD}/environment_files.txt | xargs | cut -d "=" -f 1) 31*3c7ae9deSAndroid Build Coastguard Worker unset AWS_TEST_MQTT5_CERTIFICATE_FILE 32*3c7ae9deSAndroid Build Coastguard Worker unset AWS_TEST_MQTT5_KEY_FILE 33*3c7ae9deSAndroid Build Coastguard Worker unset AWS_TEST_MQTT5_IOT_CERTIFICATE_PATH 34*3c7ae9deSAndroid Build Coastguard Worker unset AWS_TEST_MQTT5_IOT_KEY_PATH 35*3c7ae9deSAndroid Build Coastguard Worker 36*3c7ae9deSAndroid Build Coastguard Worker echo "Cleaning up resources..." 37*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/environment_files.txt" 38*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_certificate.pem" 39*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_privatekey.pem" 40*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/iot_certificate.pem" 41*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/iot_privatekey.pem" 42*3c7ae9deSAndroid Build Coastguard Worker 43*3c7ae9deSAndroid Build Coastguard Worker echo "Success!" 44*3c7ae9deSAndroid Build Coastguard Worker return 0 45*3c7ae9deSAndroid Build Coastguard Workerfi 46*3c7ae9deSAndroid Build Coastguard Worker 47*3c7ae9deSAndroid Build Coastguard Worker# Get the file from S3 48*3c7ae9deSAndroid Build Coastguard Workeraws s3 cp ${testing_env_bucket} ${PWD}/environment_files.txt 49*3c7ae9deSAndroid Build Coastguard Workertesting_env_file=$( cat environment_files.txt ) 50*3c7ae9deSAndroid Build Coastguard Worker# Make sure we have data of some form 51*3c7ae9deSAndroid Build Coastguard Workerif [ "${testing_env_file}" != "" ]; then 52*3c7ae9deSAndroid Build Coastguard Worker echo "Environment variables secret found" 53*3c7ae9deSAndroid Build Coastguard Workerelse 54*3c7ae9deSAndroid Build Coastguard Worker echo "Could not get environment variables from secrets!" 55*3c7ae9deSAndroid Build Coastguard Worker return 1 56*3c7ae9deSAndroid Build Coastguard Workerfi 57*3c7ae9deSAndroid Build Coastguard Worker 58*3c7ae9deSAndroid Build Coastguard Worker# Make all the variables in mqtt5_environment_variables.txt exported 59*3c7ae9deSAndroid Build Coastguard Worker# so we can run MQTT5 tests 60*3c7ae9deSAndroid Build Coastguard Workerexport $(grep -v '^#' environment_files.txt | xargs) 61*3c7ae9deSAndroid Build Coastguard Worker 62*3c7ae9deSAndroid Build Coastguard Worker# CRT/non-builder certificate and key processing 63*3c7ae9deSAndroid Build Coastguard Worker# Get the certificate and key secrets (dumps straight to a file) 64*3c7ae9deSAndroid Build Coastguard Workercrt_cert_file=$(aws secretsmanager get-secret-value --secret-id "${AWS_TEST_MQTT5_CERTIFICATE_FILE_SECRET}" --query "SecretString" --region ${region} | cut -f2 -d":" | cut -f2 -d\") && echo -e "$crt_cert_file" > ${PWD}/crt_certificate.pem 65*3c7ae9deSAndroid Build Coastguard Workercrt_key_file=$(aws secretsmanager get-secret-value --secret-id "${AWS_TEST_MQTT5_KEY_FILE_SECRET}" --query "SecretString" --region ${region} | cut -f2 -d":" | cut -f2 -d\") && echo -e "$crt_key_file" > ${PWD}/crt_privatekey.pem 66*3c7ae9deSAndroid Build Coastguard Worker# Does the certificate file have data? If not, then abort! 67*3c7ae9deSAndroid Build Coastguard Workerif [ "${crt_cert_file}" != "" ]; then 68*3c7ae9deSAndroid Build Coastguard Worker echo "CRT Certificate secret found" 69*3c7ae9deSAndroid Build Coastguard Workerelse 70*3c7ae9deSAndroid Build Coastguard Worker echo "Could not get CRT certificate from secrets!" 71*3c7ae9deSAndroid Build Coastguard Worker 72*3c7ae9deSAndroid Build Coastguard Worker # Clean up... 73*3c7ae9deSAndroid Build Coastguard Worker unset $(grep -v '^#' environment_files.txt | xargs | cut -d "=" -f 1) 74*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/environment_files.txt" 75*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_certificate.pem" 76*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_privatekey.pem" 77*3c7ae9deSAndroid Build Coastguard Worker 78*3c7ae9deSAndroid Build Coastguard Worker return 1 79*3c7ae9deSAndroid Build Coastguard Workerfi 80*3c7ae9deSAndroid Build Coastguard Worker# Does the private key file have data? If not, then abort! 81*3c7ae9deSAndroid Build Coastguard Workerif [ "${crt_key_file}" != "" ]; then 82*3c7ae9deSAndroid Build Coastguard Worker echo "CRT Private key secret found" 83*3c7ae9deSAndroid Build Coastguard Workerelse 84*3c7ae9deSAndroid Build Coastguard Worker echo "Could not get CRT private key from secrets!" 85*3c7ae9deSAndroid Build Coastguard Worker 86*3c7ae9deSAndroid Build Coastguard Worker # Clean up... 87*3c7ae9deSAndroid Build Coastguard Worker unset $(grep -v '^#' environment_files.txt | xargs | cut -d "=" -f 1) 88*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/environment_files.txt" 89*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_certificate.pem" 90*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_privatekey.pem" 91*3c7ae9deSAndroid Build Coastguard Worker 92*3c7ae9deSAndroid Build Coastguard Worker return 1 93*3c7ae9deSAndroid Build Coastguard Workerfi 94*3c7ae9deSAndroid Build Coastguard Worker# Set the certificate and key paths (absolute paths for best compatbility) 95*3c7ae9deSAndroid Build Coastguard Workerexport AWS_TEST_MQTT5_CERTIFICATE_FILE="${PWD}/crt_certificate.pem" 96*3c7ae9deSAndroid Build Coastguard Workerexport AWS_TEST_MQTT5_KEY_FILE="${PWD}/crt_privatekey.pem" 97*3c7ae9deSAndroid Build Coastguard Worker 98*3c7ae9deSAndroid Build Coastguard Worker 99*3c7ae9deSAndroid Build Coastguard Worker# IoT/Builder certificate and key processing 100*3c7ae9deSAndroid Build Coastguard Worker# Get the certificate and key secrets (dumps straight to a file) 101*3c7ae9deSAndroid Build Coastguard Workeriot_cert_file=$(aws secretsmanager get-secret-value --secret-id "${AWS_TEST_MQTT5_IOT_CERTIFICATE_PATH_SECRET}" --query "SecretString" --region ${region} | cut -f2 -d":" | cut -f2 -d\") && echo -e "$iot_cert_file" > ./iot_certificate.pem 102*3c7ae9deSAndroid Build Coastguard Workeriot_key_file=$(aws secretsmanager get-secret-value --secret-id "${AWS_TEST_MQTT5_IOT_KEY_PATH_SECRET}" --query "SecretString" --region ${region} | cut -f2 -d":" | cut -f2 -d\") && echo -e "$iot_key_file" > ./iot_privatekey.pem 103*3c7ae9deSAndroid Build Coastguard Worker 104*3c7ae9deSAndroid Build Coastguard Worker# Does the certificate file have data? If not, then abort! 105*3c7ae9deSAndroid Build Coastguard Workerif [ "${iot_cert_file}" != "" ]; then 106*3c7ae9deSAndroid Build Coastguard Worker echo "IoT Certificate secret found" 107*3c7ae9deSAndroid Build Coastguard Workerelse 108*3c7ae9deSAndroid Build Coastguard Worker echo "Could not get IoT certificate from secrets!" 109*3c7ae9deSAndroid Build Coastguard Worker 110*3c7ae9deSAndroid Build Coastguard Worker # Clean up... 111*3c7ae9deSAndroid Build Coastguard Worker unset $(grep -v '^#' environment_files.txt | xargs | cut -d "=" -f 1) 112*3c7ae9deSAndroid Build Coastguard Worker unset AWS_TEST_MQTT5_CERTIFICATE_FILE 113*3c7ae9deSAndroid Build Coastguard Worker unset AWS_TEST_MQTT5_KEY_FILE 114*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/environment_files.txt" 115*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_certificate.pem" 116*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_privatekey.pem" 117*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/iot_certificate.pem" 118*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/iot_privatekey.pem" 119*3c7ae9deSAndroid Build Coastguard Worker 120*3c7ae9deSAndroid Build Coastguard Worker return 1 121*3c7ae9deSAndroid Build Coastguard Workerfi 122*3c7ae9deSAndroid Build Coastguard Worker# Does the private key file have data? If not, then abort! 123*3c7ae9deSAndroid Build Coastguard Workerif [ "${iot_key_file}" != "" ]; then 124*3c7ae9deSAndroid Build Coastguard Worker echo "IoT Private key secret found" 125*3c7ae9deSAndroid Build Coastguard Workerelse 126*3c7ae9deSAndroid Build Coastguard Worker echo "Could not get IoT private key from secrets!" 127*3c7ae9deSAndroid Build Coastguard Worker 128*3c7ae9deSAndroid Build Coastguard Worker # Clean up... 129*3c7ae9deSAndroid Build Coastguard Worker unset $(grep -v '^#' environment_files.txt | xargs | cut -d "=" -f 1) 130*3c7ae9deSAndroid Build Coastguard Worker unset AWS_TEST_MQTT5_CERTIFICATE_FILE 131*3c7ae9deSAndroid Build Coastguard Worker unset AWS_TEST_MQTT5_KEY_FILE 132*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/environment_files.txt" 133*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_certificate.pem" 134*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/crt_privatekey.pem" 135*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/iot_certificate.pem" 136*3c7ae9deSAndroid Build Coastguard Worker rm "${PWD}/iot_privatekey.pem" 137*3c7ae9deSAndroid Build Coastguard Worker 138*3c7ae9deSAndroid Build Coastguard Worker return 1 139*3c7ae9deSAndroid Build Coastguard Workerfi 140*3c7ae9deSAndroid Build Coastguard Worker 141*3c7ae9deSAndroid Build Coastguard Worker# Set IoT certificate and key paths 142*3c7ae9deSAndroid Build Coastguard Workerexport AWS_TEST_MQTT5_IOT_CERTIFICATE_PATH="${PWD}/iot_certificate.pem" 143*3c7ae9deSAndroid Build Coastguard Workerexport AWS_TEST_MQTT5_IOT_KEY_PATH="${PWD}/iot_privatekey.pem" 144*3c7ae9deSAndroid Build Coastguard Worker 145*3c7ae9deSAndroid Build Coastguard Worker# Everything is set and ready 146*3c7ae9deSAndroid Build Coastguard Workerecho "Success: Environment variables set!" 147*3c7ae9deSAndroid Build Coastguard Workerreturn 0 148