From 62032d6f6500b41473b008281cc22d22da05da5b Mon Sep 17 00:00:00 2001 From: Gerald Manipon Date: Thu, 17 Jul 2025 08:48:05 -0700 Subject: [PATCH 1/4] feat: support both basic and bearer (Cognito OAuth2/InitiateAuth) auth for Airflow API; update docs, schema, and tests --- .pre-commit-config.yaml | 14 +- README.md | 80 +++++++ scripts/test.sh | 18 ++ .../actions/submit_dag_by_id.py | 76 ++++++- .../resources/routers_schema.yaml | 16 ++ .../centralized_log_group/README.md | 4 +- .../.terraform.lock.hcl | 85 +++++++ .../sns-sqs-lambda-airs-retstd/README.md | 65 ++++++ .../build_lambda_package.sh | 23 ++ .../sns-sqs-lambda-airs-retstd/data.tf | 10 + .../lambda_handler.py | 23 ++ .../sns-sqs-lambda-airs-retstd/locals.tf | 15 ++ .../sns-sqs-lambda-airs-retstd/main.tf | 198 ++++++++++++++++ .../sns-sqs-lambda-airs-retstd/output.tf | 4 + .../sns-sqs-lambda/.terraform.lock.hcl | 85 +++++++ .../sns-sqs-lambda/README.md | 65 ++++++ .../sns-sqs-lambda/build_lambda_package.sh | 23 ++ .../sns-sqs-lambda/data.tf | 10 + .../sns-sqs-lambda/lambda_handler.py | 23 ++ .../sns-sqs-lambda/locals.tf | 15 ++ .../sns-sqs-lambda/main.tf | 198 ++++++++++++++++ .../sns-sqs-lambda/output.tf | 4 + .../sns-sqs-lambda/variables.tf | 21 ++ .../sns-sqs-lambda/versions.tf | 22 ++ .../sns-sqs-lambda-airs-retstd/variables.tf | 21 ++ .../sns-sqs-lambda-airs-retstd/versions.tf | 22 ++ .../.terraform.lock.hcl | 85 +++++++ .../sns-sqs-lambda-nisar-tlm/README.md | 65 ++++++ .../build_lambda_package.sh | 23 ++ .../sns-sqs-lambda-nisar-tlm/data.tf | 10 + .../lambda_handler.py | 23 ++ .../sns-sqs-lambda-nisar-tlm/locals.tf | 15 ++ .../sns-sqs-lambda-nisar-tlm/main.tf | 198 ++++++++++++++++ .../sns-sqs-lambda-nisar-tlm/output.tf | 4 + .../sns-sqs-lambda-nisar-tlm/variables.tf | 21 ++ .../sns-sqs-lambda-nisar-tlm/versions.tf | 22 ++ .../evaluators/sns-sqs-lambda/README.md | 4 +- terraform-unity/initiator/README.md | 4 +- terraform-unity/initiator/test_router.yaml | 215 ++++++++++++++++++ terraform-unity/triggers/cmr-query/README.md | 4 +- .../triggers/s3-bucket-notification/README.md | 4 +- .../scheduled-task-instrumented/README.md | 4 +- .../triggers/scheduled-task/README.md | 4 +- tests/test_submit_dag_by_id.py | 171 ++++++++++++++ 44 files changed, 1992 insertions(+), 24 deletions(-) create mode 100755 scripts/test.sh create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/.terraform.lock.hcl create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/README.md create mode 100755 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/build_lambda_package.sh create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/data.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/lambda_handler.py create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/locals.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/main.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/output.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/.terraform.lock.hcl create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/README.md create mode 100755 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/build_lambda_package.sh create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/data.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/lambda_handler.py create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/locals.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/main.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/output.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/variables.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/versions.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/variables.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/versions.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/.terraform.lock.hcl create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/README.md create mode 100755 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/build_lambda_package.sh create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/data.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/lambda_handler.py create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/locals.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/main.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/output.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/variables.tf create mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/versions.tf create mode 100644 terraform-unity/initiator/test_router.yaml create mode 100644 tests/test_submit_dag_by_id.py diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 986fcc3..7a3c2c6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,7 +1,7 @@ fail_fast: true repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.6.0 + rev: v5.0.0 hooks: # Git style - id: check-merge-conflict @@ -9,14 +9,14 @@ repos: - id: trailing-whitespace - repo: https://github.com/pycqa/isort - rev: 5.13.2 + rev: 6.0.1 hooks: - id: isort args: ["--profile", "black", "--filter-files"] # Using this mirror lets us use mypyc-compiled black, which is about 2x faster - repo: https://github.com/psf/black-pre-commit-mirror - rev: 24.4.2 + rev: 25.1.0 hooks: - id: black # It is recommended to specify the latest version of Python @@ -27,24 +27,24 @@ repos: - repo: https://github.com/astral-sh/ruff-pre-commit # Ruff version. - rev: v0.4.5 + rev: v0.12.3 hooks: - id: ruff args: ["--ignore", "E501,E402"] - repo: https://github.com/PyCQA/bandit - rev: "1.7.8" # you must change this to newest version + rev: "1.8.6" # you must change this to newest version hooks: - id: bandit args: ["--severity-level=high", "--confidence-level=high"] - repo: https://github.com/PyCQA/prospector - rev: v1.10.3 + rev: v1.17.2 hooks: - id: prospector - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.90.0 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases + rev: v1.99.5 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases hooks: # Terraform Tests - id: terraform_fmt diff --git a/README.md b/README.md index fa41d3f..1c3108c 100644 --- a/README.md +++ b/README.md @@ -83,6 +83,86 @@ The Unity initiator is the set of compute resources that enable the routing of t The initiator topic, an SNS topic, is the common interface that all triggers will submit events to. The initiator topic is subscribed to by the initiator SQS queue (complete with dead-letter queue for resiliency) which in turn is subscribed to by the router Lambda function. How the router Lambda routes payloads of the trigger events is defined by the router configuration YAML. The full YAML schema for the router configuration is located [here](src/unity_initiator/resources/routers_schema.yaml). +## Authentication in Router Configs + +The Unity Initiator supports multiple authentication methods for submitting DAG runs to Airflow. You can use legacy Basic Auth, or Bearer token authentication using AWS Cognito (either OAuth2 or InitiateAuth flows). Choose the method that matches your Airflow API deployment and security requirements. + +Below are full example router configs for each authentication method. See the [router schema](src/unity_initiator/resources/routers_schema.yaml) for all available fields. + +### 1. Basic Auth (Legacy) +```yaml +initiator_config: + name: basic-auth example + payload_type: + url: + - regexes: + - '.*\\.dat$' + evaluators: + - name: eval_basic + actions: + - name: submit_dag_by_id + params: + dag_id: my_airflow_dag + airflow_base_api_endpoint: https://airflow.example.com/api/v1 + auth_method: basic + airflow_username: my-airflow-username + airflow_password: my-airflow-password +``` + +### 2. Bearer Token (Cognito OAuth2) +```yaml +initiator_config: + name: bearer-oauth2 example + payload_type: + url: + - regexes: + - '.*\\.dat$' + evaluators: + - name: eval_oauth2 + actions: + - name: submit_dag_by_id + params: + dag_id: my_airflow_dag + airflow_base_api_endpoint: https://airflow.example.com/api/v1 + auth_method: bearer + cognito_token_method: oauth2 + cognito_token_url: https://your-cognito-domain.auth.us-west-2.amazoncognito.com/oauth2/token + cognito_client_id: your-client-id + cognito_client_secret: your-client-secret + cognito_username: your-username + cognito_password: your-password +``` + +### 3. Bearer Token (Cognito InitiateAuth) +```yaml +initiator_config: + name: bearer-initiate-auth example + payload_type: + url: + - regexes: + - '.*\\.dat$' + evaluators: + - name: eval_initauth + actions: + - name: submit_dag_by_id + params: + dag_id: my_airflow_dag + airflow_base_api_endpoint: https://airflow.example.com/api/v1 + auth_method: bearer + cognito_token_method: initiate_auth + cognito_region: us-west-2 + cognito_client_id: your-client-id + cognito_username: your-username + cognito_password: your-password +``` + +**When to use each method:** +- Use `basic` for legacy Airflow deployments with HTTP Basic Auth. +- Use `bearer` with `oauth2` for OIDC/JWT-based Airflow APIs (API Gateway/ALB with Cognito OIDC). +- Use `bearer` with `initiate_auth` for AWS-native Cognito integrations (if your API expects tokens from the InitiateAuth flow). + +For more advanced usage (e.g., on_success actions, multiple evaluators, or other action types), see the schema and additional documentation below. + #### How the router works In the context of trigger events where a new file is detected (payload_type=`url`), the router Lambda extracts the URL of the new file, instantiates a router object and attempts to match it up against of set of regular expressions defined in the router configuration file. Let's consider this minimal router configuration YAML file example: diff --git a/scripts/test.sh b/scripts/test.sh new file mode 100755 index 0000000..783237e --- /dev/null +++ b/scripts/test.sh @@ -0,0 +1,18 @@ +#!/bin/bash +BASE_PATH=$(dirname "${BASH_SOURCE}") +BASE_PATH=$(cd "${BASE_PATH}/.."; pwd) +DIST_DIR=${BASE_PATH}/dist +PKG_DIR=${DIST_DIR}/lambda_packages + +set -ex + +rm -rf $DIST_DIR +pip install hatch +hatch clean +hatch build +VERSION=0.0.2 +echo "{\"version\": \"$VERSION\"}" > ${DIST_DIR}/version.json +mkdir -p $PKG_DIR +pip install -t $PKG_DIR ${DIST_DIR}/unity_initiator-*.whl +cd $PKG_DIR +zip -rq ${DIST_DIR}/unity_initiator-${VERSION}-lambda.zip . diff --git a/src/unity_initiator/actions/submit_dag_by_id.py b/src/unity_initiator/actions/submit_dag_by_id.py index d8019bc..8c5a851 100644 --- a/src/unity_initiator/actions/submit_dag_by_id.py +++ b/src/unity_initiator/actions/submit_dag_by_id.py @@ -1,3 +1,4 @@ +import time import uuid from datetime import datetime @@ -9,21 +10,90 @@ __all__ = ["SubmitDagByID"] +def fetch_cognito_token_oauth2(token_url, client_id, client_secret, username, password): + data = { + "grant_type": "password", + "client_id": client_id, + "client_secret": client_secret, + "username": username, + "password": password, + "scope": "openid", + } + response = httpx.post(token_url, data=data) + response.raise_for_status() + token_data = response.json() + return token_data["access_token"], time.time() + token_data.get("expires_in", 3600) + + +def fetch_cognito_token_initiate_auth(region, client_id, username, password): + url = f"https://cognito-idp.{region}.amazonaws.com" + payload = { + "AuthParameters": {"USERNAME": f"{username}", "PASSWORD": f"{password}"}, + "AuthFlow": "USER_PASSWORD_AUTH", + "ClientId": f"{client_id}", + } + headers = { + "X-Amz-Target": "AWSCognitoIdentityProviderService.InitiateAuth", + "Content-Type": "application/x-amz-json-1.1", + } + res = httpx.post(url, json=payload, headers=headers).json() + if "AuthenticationResult" in res: + access_token = res["AuthenticationResult"]["AccessToken"] + # Cognito AccessToken is valid for 1 hour by default + return access_token, time.time() + 3600 + raise RuntimeError(f"Failed to fetch Cognito token: {res}") + + class SubmitDagByID(Action): def __init__(self, payload, payload_info, params): super().__init__(payload, payload_info, params) logger.info("instantiated %s", __class__.__name__) def execute(self): - # TODO: flesh this method out completely in accordance with: - # https://airflow.apache.org/docs/apache-airflow/stable/stable-rest-api-ref.html#operation/post_dag_run logger.debug("executing execute in %s", __class__.__name__) url = f"{self._params['airflow_base_api_endpoint']}/dags/{self._params['dag_id']}/dagRuns" logger.info("url: %s", url) dag_run_id = str(uuid.uuid4()) logical_date = datetime.now().strftime("%Y-%m-%dT%H:%M:%S.%fZ") headers = {"Content-Type": "application/json", "Accept": "application/json"} - auth = (self._params["airflow_username"], self._params["airflow_password"]) + auth = None + + # Determine authentication method + auth_method = self._params.get("auth_method", "basic") + if auth_method == "bearer": + # Support both Cognito token fetch methods + token = self._params.get("bearer_token") + expiry = self._params.get("bearer_token_expiry", 0) + now = time.time() + if not token or now > expiry - 60: # refresh 1 min before expiry + token_method = self._params.get("cognito_token_method", "oauth2") + if token_method == "initiate_auth": + logger.info("Fetching Cognito bearer token using InitiateAuth...") + token, expiry = fetch_cognito_token_initiate_auth( + self._params["cognito_region"], + self._params["cognito_client_id"], + self._params["cognito_username"], + self._params["cognito_password"], + ) + else: + logger.info( + "Fetching Cognito bearer token using OAuth2 password grant..." + ) + token, expiry = fetch_cognito_token_oauth2( + self._params["cognito_token_url"], + self._params["cognito_client_id"], + self._params["cognito_client_secret"], + self._params["cognito_username"], + self._params["cognito_password"], + ) + self._params["bearer_token"] = token + self._params["bearer_token_expiry"] = expiry + headers["Authorization"] = f"Bearer {token}" + auth = None + else: + # Default to basic auth + auth = (self._params["airflow_username"], self._params["airflow_password"]) + body = { "dag_run_id": dag_run_id, "logical_date": logical_date, diff --git a/src/unity_initiator/resources/routers_schema.yaml b/src/unity_initiator/resources/routers_schema.yaml index 69faea6..733ee81 100644 --- a/src/unity_initiator/resources/routers_schema.yaml +++ b/src/unity_initiator/resources/routers_schema.yaml @@ -44,8 +44,24 @@ submit_dag_by_id_action: params: dag_id: str() airflow_base_api_endpoint: str(required=False) + # Auth method: 'basic' (default) or 'bearer' + auth_method: str(required=False, enum=["basic", "bearer"]) + # For basic auth (legacy) airflow_username: str(required=False) airflow_password: str(required=False) + # For bearer token auth (Cognito) + cognito_client_id: str(required=False) + cognito_client_secret: str(required=False) + cognito_token_url: str(required=False) + cognito_username: str(required=False) + cognito_password: str(required=False) + # Optionally, allow passing a pre-fetched bearer token and its expiry + bearer_token: str(required=False) + bearer_token_expiry: int(required=False) + # Cognito token method: 'oauth2' (default) or 'initiate_auth' + cognito_token_method: str(required=False, enum=["oauth2", "initiate_auth"]) + # Cognito region (required for initiate_auth) + cognito_region: str(required=False) on_success: include("on_success_actions", required=False) # Configuration for submitting a payload to an SNS topic. diff --git a/terraform-unity/centralized_log_group/README.md b/terraform-unity/centralized_log_group/README.md index 7fabfd6..46acf8f 100644 --- a/terraform-unity/centralized_log_group/README.md +++ b/terraform-unity/centralized_log_group/README.md @@ -1,6 +1,6 @@ # terraform-unity - + ## Requirements | Name | Version | @@ -37,4 +37,4 @@ No modules. | Name | Description | |------|-------------| | [centralized\_log\_group\_name](#output\_centralized\_log\_group\_name) | The name of the centralized log group | - + diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/.terraform.lock.hcl b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/.terraform.lock.hcl new file mode 100644 index 0000000..8cbe489 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/.terraform.lock.hcl @@ -0,0 +1,85 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/archive" { + version = "2.4.2" + constraints = ">= 2.4.2" + hashes = [ + "h1:1eOz9vM/55vnQjxk23RhnYga7PZq8n2rGxG+2Vx2s6w=", + "zh:08faed7c9f42d82bc3d406d0d9d4971e2d1c2d34eae268ad211b8aca57b7f758", + "zh:3564112ed2d097d7e0672378044a69b06642c326f6f1584d81c7cdd32ebf3a08", + "zh:53cd9afd223c15828c1916e68cb728d2be1cbccb9545568d6c2b122d0bac5102", + "zh:5ae4e41e3a1ce9d40b6458218a85bbde44f21723943982bca4a3b8bb7c103670", + "zh:5b65499218b315b96e95c5d3463ea6d7c66245b59461217c99eaa1611891cd2c", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:7f45b35a8330bebd184c2545a41782ff58240ed6ba947274d9881dd5da44b02e", + "zh:87e67891033214e55cfead1391d68e6a3bf37993b7607753237e82aa3250bb71", + "zh:de3590d14037ad81fc5cedf7cfa44614a92452d7b39676289b704a962050bc5e", + "zh:e7e6f2ea567f2dbb3baa81c6203be69f9cd6aeeb01204fd93e3cf181e099b610", + "zh:fd24d03c89a7702628c2e5a3c732c0dede56fa75a08da4a1efe17b5f881c88e2", + "zh:febf4b7b5f3ff2adff0573ef6361f09b6638105111644bdebc0e4f575373935f", + ] +} + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.51.1" + constraints = ">= 5.50.0" + hashes = [ + "h1:KY/uPHIa+bHgMOAqoA2BnjIlIDuFRFwbLjLkf1gbeDk=", + "zh:03d524b70ab300d90dc4dccad0c28b18d797b8986722b7a93e40a41500450eaa", + "zh:04dbcb7ab52181a784877c409f6c882df34bda686d8c884d511ebd4abf493f0c", + "zh:2b068f7838e0f3677829258df05d8b9d73fe6434a1a809f8710956cc1c01ea03", + "zh:41a4b1e4adbf7c90015ebff17a719fc08133b8a2c4dcefd2fa281552126e59a8", + "zh:48b1adf57f695a72c88c598f99912171ef7067638fd63fb0c6ad3fa397b3f7c3", + "zh:5c2fb26ecb83adac90d06dcf5f97edbc944824c2821816b1653e1a2b9d37b3c4", + "zh:93df05f53702df829d9b9335e559ad8b313808dbd2fad8b2ff14f176732e693d", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:b5da39898602e44551b56e2803a42d92ea7115e35b1792efbf6649da37ef597b", + "zh:b7ab7f743f864ed8d479a7cb04fd3ce00c376f867ee5b53c4c1acaef6e286c54", + "zh:e7e7b2d8ee486415481a25ac7bdded20bd2897d5dd0790741798f31935b9528d", + "zh:e8008e3f5ef560fd9004d1ed1738f0f53e99b0ce961d967e95fc7c02e5954e4e", + "zh:f1296f648b8608ffa930b52519b00ed01eebedde9fdaf94205b365536e6c3916", + "zh:f8539960fd978a54990740ee984c6f7f743c9c32c7734e2601e92abfe54367e9", + "zh:fd182e6e20bb52982752a5d8c4b16887565f413a9d50d9d394d2c06eea8a195e", + ] +} + +provider "registry.terraform.io/hashicorp/local" { + version = "2.5.1" + constraints = ">= 2.5.1" + hashes = [ + "h1:/GAVA/xheGQcbOZEq0qxANOg+KVLCA7Wv8qluxhTjhU=", + "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561", + "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561", + "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5", + "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24", + "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667", + "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8", + "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0", + "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867", + "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4", + "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520", + ] +} + +provider "registry.terraform.io/hashicorp/null" { + version = "3.2.2" + constraints = ">= 3.2.2" + hashes = [ + "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=", + "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", + "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", + "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", + "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606", + "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546", + "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539", + "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422", + "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae", + "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1", + "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e", + ] +} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/README.md b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/README.md new file mode 100644 index 0000000..8b8f2f8 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/README.md @@ -0,0 +1,65 @@ +# sns_sqs_lambda + + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | ~> 1.8.2 | +| [archive](#requirement\_archive) | >=2.4.2 | +| [aws](#requirement\_aws) | >=5.50.0 | +| [local](#requirement\_local) | >=2.5.1 | +| [null](#requirement\_null) | >=3.2.2 | + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | 5.51.1 | +| [local](#provider\_local) | 2.5.1 | +| [null](#provider\_null) | 3.2.2 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_iam_policy.evaluator_lambda_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | +| [aws_iam_role.evaluator_lambda_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy_attachment.aws_xray_write_only_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_iam_role_policy_attachment.lambda_base_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_iam_role_policy_attachment.lambda_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_lambda_event_source_mapping.evaluator_queue_event_source_mapping](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_event_source_mapping) | resource | +| [aws_lambda_function.evaluator_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource | +| [aws_lambda_function_event_invoke_config.invoke_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_event_invoke_config) | resource | +| [aws_s3_object.lambda_package](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource | +| [aws_sns_topic.evaluator_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | +| [aws_sns_topic_policy.evaluator_topic_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | +| [aws_sns_topic_subscription.evaluator_subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource | +| [aws_sqs_queue.evaluator_dead_letter_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | +| [aws_sqs_queue.evaluator_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | +| [aws_sqs_queue_policy.evaluator_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy) | resource | +| [aws_ssm_parameter.evaluator_lambda_function_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource | +| [null_resource.build_lambda_package](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_iam_policy.mcp_operator_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | +| [local_file.version](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [code\_bucket](#input\_code\_bucket) | The S3 bucket where lambda zip files will be stored and accessed | `string` | n/a | yes | +| [evaluator\_name](#input\_evaluator\_name) | The evaluator name | `string` | n/a | yes | +| [project](#input\_project) | The unity project its installed into | `string` | `"uod"` | no | +| [venue](#input\_venue) | The unity venue its installed into | `string` | `"dev"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [evaluator\_topic\_arn](#output\_evaluator\_topic\_arn) | The ARN of the evaluator SNS topic | + diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/build_lambda_package.sh b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/build_lambda_package.sh new file mode 100755 index 0000000..d73b668 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/build_lambda_package.sh @@ -0,0 +1,23 @@ +#!/bin/bash +BASE_PATH=$(dirname "${BASH_SOURCE}") +BASE_PATH=$(cd "${BASE_PATH}/../../.."; pwd) +DIST_DIR=${BASE_PATH}/dist +PKG_DIR=${DIST_DIR}/lambda_packages +EVALUATOR_DIR=$(dirname "${BASH_SOURCE}") +EVALUATOR_DIR=$(cd "${EVALUATOR_DIR}"; pwd) +EVALUATOR_NAME=$1 + +set -ex + +rm -rf $DIST_DIR +pip install hatch +hatch clean +hatch build +VERSION=$(hatch run python -c 'from importlib.metadata import version; print(version("unity_initiator"))') +echo "{\"version\": \"$VERSION\"}" > ${DIST_DIR}/version.json +mkdir -p $PKG_DIR +pip install -t $PKG_DIR ${DIST_DIR}/unity_initiator-*.whl +pip install -t $PKG_DIR aws_xray_sdk +cp ${EVALUATOR_DIR}/lambda_handler.py $PKG_DIR/ +cd $PKG_DIR +zip -rq ${DIST_DIR}/${EVALUATOR_NAME}-${VERSION}-lambda.zip . diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/data.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/data.tf new file mode 100644 index 0000000..4d6b523 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/data.tf @@ -0,0 +1,10 @@ +data "aws_caller_identity" "current" {} + +data "aws_iam_policy" "mcp_operator_policy" { + name = "mcp-tenantOperator-AMI-APIG" +} + +data "local_file" "version" { + filename = "${path.module}/../../../dist/version.json" + depends_on = [null_resource.build_lambda_package] +} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/lambda_handler.py b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/lambda_handler.py new file mode 100644 index 0000000..efc63b9 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/lambda_handler.py @@ -0,0 +1,23 @@ +import json + +from aws_xray_sdk.core import patch_all, xray_recorder + +from unity_initiator.utils.logger import log_exceptions, logger + +patch_all() + + +def perform_evaluation(event, context): + logger.info("event: %s", json.dumps(event, indent=2)) + logger.info("context: %s", context) + + # Implement your adaptation-specific evaluator code here and return + # True if it successfully evaluates. False otherwise. + + return True + + +@log_exceptions +def lambda_handler(event, context): + with xray_recorder.capture(context.function_name): + return {"success": perform_evaluation(event, context)} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/locals.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/locals.tf new file mode 100644 index 0000000..16ee5e0 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/locals.tf @@ -0,0 +1,15 @@ +locals { + function_name = "${var.project}-${var.venue}-${var.evaluator_name}-evaluator" + tags = { + Venue = "dev" + ServiceArea = "cs" + Capability = "evaluator" + CapVersion = "0.0.1" + Component = "U-OD" + Name = "${var.project}-${var.venue}-cs-evaluator-od" + Proj = var.project + CreatedBy = "cs" + Env = "dev" + Stack = "U-OD" + } +} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/main.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/main.tf new file mode 100644 index 0000000..136c3d7 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/main.tf @@ -0,0 +1,198 @@ +resource "null_resource" "build_lambda_package" { + triggers = { always_run = timestamp() } + provisioner "local-exec" { + command = < +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | ~> 1.8.2 | +| [archive](#requirement\_archive) | >=2.4.2 | +| [aws](#requirement\_aws) | >=5.50.0 | +| [local](#requirement\_local) | >=2.5.1 | +| [null](#requirement\_null) | >=3.2.2 | + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | 5.51.1 | +| [local](#provider\_local) | 2.5.1 | +| [null](#provider\_null) | 3.2.2 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_iam_policy.evaluator_lambda_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | +| [aws_iam_role.evaluator_lambda_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy_attachment.aws_xray_write_only_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_iam_role_policy_attachment.lambda_base_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_iam_role_policy_attachment.lambda_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_lambda_event_source_mapping.evaluator_queue_event_source_mapping](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_event_source_mapping) | resource | +| [aws_lambda_function.evaluator_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource | +| [aws_lambda_function_event_invoke_config.invoke_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_event_invoke_config) | resource | +| [aws_s3_object.lambda_package](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource | +| [aws_sns_topic.evaluator_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | +| [aws_sns_topic_policy.evaluator_topic_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | +| [aws_sns_topic_subscription.evaluator_subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource | +| [aws_sqs_queue.evaluator_dead_letter_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | +| [aws_sqs_queue.evaluator_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | +| [aws_sqs_queue_policy.evaluator_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy) | resource | +| [aws_ssm_parameter.evaluator_lambda_function_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource | +| [null_resource.build_lambda_package](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_iam_policy.mcp_operator_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | +| [local_file.version](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [code\_bucket](#input\_code\_bucket) | The S3 bucket where lambda zip files will be stored and accessed | `string` | n/a | yes | +| [evaluator\_name](#input\_evaluator\_name) | The evaluator name | `string` | n/a | yes | +| [project](#input\_project) | The unity project its installed into | `string` | `"uod"` | no | +| [venue](#input\_venue) | The unity venue its installed into | `string` | `"dev"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [evaluator\_topic\_arn](#output\_evaluator\_topic\_arn) | The ARN of the evaluator SNS topic | + diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/build_lambda_package.sh b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/build_lambda_package.sh new file mode 100755 index 0000000..d73b668 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/build_lambda_package.sh @@ -0,0 +1,23 @@ +#!/bin/bash +BASE_PATH=$(dirname "${BASH_SOURCE}") +BASE_PATH=$(cd "${BASE_PATH}/../../.."; pwd) +DIST_DIR=${BASE_PATH}/dist +PKG_DIR=${DIST_DIR}/lambda_packages +EVALUATOR_DIR=$(dirname "${BASH_SOURCE}") +EVALUATOR_DIR=$(cd "${EVALUATOR_DIR}"; pwd) +EVALUATOR_NAME=$1 + +set -ex + +rm -rf $DIST_DIR +pip install hatch +hatch clean +hatch build +VERSION=$(hatch run python -c 'from importlib.metadata import version; print(version("unity_initiator"))') +echo "{\"version\": \"$VERSION\"}" > ${DIST_DIR}/version.json +mkdir -p $PKG_DIR +pip install -t $PKG_DIR ${DIST_DIR}/unity_initiator-*.whl +pip install -t $PKG_DIR aws_xray_sdk +cp ${EVALUATOR_DIR}/lambda_handler.py $PKG_DIR/ +cd $PKG_DIR +zip -rq ${DIST_DIR}/${EVALUATOR_NAME}-${VERSION}-lambda.zip . diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/data.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/data.tf new file mode 100644 index 0000000..4d6b523 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/data.tf @@ -0,0 +1,10 @@ +data "aws_caller_identity" "current" {} + +data "aws_iam_policy" "mcp_operator_policy" { + name = "mcp-tenantOperator-AMI-APIG" +} + +data "local_file" "version" { + filename = "${path.module}/../../../dist/version.json" + depends_on = [null_resource.build_lambda_package] +} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/lambda_handler.py b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/lambda_handler.py new file mode 100644 index 0000000..efc63b9 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/lambda_handler.py @@ -0,0 +1,23 @@ +import json + +from aws_xray_sdk.core import patch_all, xray_recorder + +from unity_initiator.utils.logger import log_exceptions, logger + +patch_all() + + +def perform_evaluation(event, context): + logger.info("event: %s", json.dumps(event, indent=2)) + logger.info("context: %s", context) + + # Implement your adaptation-specific evaluator code here and return + # True if it successfully evaluates. False otherwise. + + return True + + +@log_exceptions +def lambda_handler(event, context): + with xray_recorder.capture(context.function_name): + return {"success": perform_evaluation(event, context)} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/locals.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/locals.tf new file mode 100644 index 0000000..16ee5e0 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/locals.tf @@ -0,0 +1,15 @@ +locals { + function_name = "${var.project}-${var.venue}-${var.evaluator_name}-evaluator" + tags = { + Venue = "dev" + ServiceArea = "cs" + Capability = "evaluator" + CapVersion = "0.0.1" + Component = "U-OD" + Name = "${var.project}-${var.venue}-cs-evaluator-od" + Proj = var.project + CreatedBy = "cs" + Env = "dev" + Stack = "U-OD" + } +} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/main.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/main.tf new file mode 100644 index 0000000..136c3d7 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/main.tf @@ -0,0 +1,198 @@ +resource "null_resource" "build_lambda_package" { + triggers = { always_run = timestamp() } + provisioner "local-exec" { + command = < +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | ~> 1.8.2 | +| [archive](#requirement\_archive) | >=2.4.2 | +| [aws](#requirement\_aws) | >=5.50.0 | +| [local](#requirement\_local) | >=2.5.1 | +| [null](#requirement\_null) | >=3.2.2 | + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | 5.51.1 | +| [local](#provider\_local) | 2.5.1 | +| [null](#provider\_null) | 3.2.2 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_iam_policy.evaluator_lambda_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | +| [aws_iam_role.evaluator_lambda_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy_attachment.aws_xray_write_only_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_iam_role_policy_attachment.lambda_base_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_iam_role_policy_attachment.lambda_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_lambda_event_source_mapping.evaluator_queue_event_source_mapping](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_event_source_mapping) | resource | +| [aws_lambda_function.evaluator_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource | +| [aws_lambda_function_event_invoke_config.invoke_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_event_invoke_config) | resource | +| [aws_s3_object.lambda_package](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource | +| [aws_sns_topic.evaluator_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | +| [aws_sns_topic_policy.evaluator_topic_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | +| [aws_sns_topic_subscription.evaluator_subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource | +| [aws_sqs_queue.evaluator_dead_letter_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | +| [aws_sqs_queue.evaluator_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | +| [aws_sqs_queue_policy.evaluator_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy) | resource | +| [aws_ssm_parameter.evaluator_lambda_function_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource | +| [null_resource.build_lambda_package](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_iam_policy.mcp_operator_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | +| [local_file.version](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [code\_bucket](#input\_code\_bucket) | The S3 bucket where lambda zip files will be stored and accessed | `string` | n/a | yes | +| [evaluator\_name](#input\_evaluator\_name) | The evaluator name | `string` | n/a | yes | +| [project](#input\_project) | The unity project its installed into | `string` | `"uod"` | no | +| [venue](#input\_venue) | The unity venue its installed into | `string` | `"dev"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [evaluator\_topic\_arn](#output\_evaluator\_topic\_arn) | The ARN of the evaluator SNS topic | + diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/build_lambda_package.sh b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/build_lambda_package.sh new file mode 100755 index 0000000..d73b668 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/build_lambda_package.sh @@ -0,0 +1,23 @@ +#!/bin/bash +BASE_PATH=$(dirname "${BASH_SOURCE}") +BASE_PATH=$(cd "${BASE_PATH}/../../.."; pwd) +DIST_DIR=${BASE_PATH}/dist +PKG_DIR=${DIST_DIR}/lambda_packages +EVALUATOR_DIR=$(dirname "${BASH_SOURCE}") +EVALUATOR_DIR=$(cd "${EVALUATOR_DIR}"; pwd) +EVALUATOR_NAME=$1 + +set -ex + +rm -rf $DIST_DIR +pip install hatch +hatch clean +hatch build +VERSION=$(hatch run python -c 'from importlib.metadata import version; print(version("unity_initiator"))') +echo "{\"version\": \"$VERSION\"}" > ${DIST_DIR}/version.json +mkdir -p $PKG_DIR +pip install -t $PKG_DIR ${DIST_DIR}/unity_initiator-*.whl +pip install -t $PKG_DIR aws_xray_sdk +cp ${EVALUATOR_DIR}/lambda_handler.py $PKG_DIR/ +cd $PKG_DIR +zip -rq ${DIST_DIR}/${EVALUATOR_NAME}-${VERSION}-lambda.zip . diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/data.tf b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/data.tf new file mode 100644 index 0000000..4d6b523 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/data.tf @@ -0,0 +1,10 @@ +data "aws_caller_identity" "current" {} + +data "aws_iam_policy" "mcp_operator_policy" { + name = "mcp-tenantOperator-AMI-APIG" +} + +data "local_file" "version" { + filename = "${path.module}/../../../dist/version.json" + depends_on = [null_resource.build_lambda_package] +} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/lambda_handler.py b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/lambda_handler.py new file mode 100644 index 0000000..efc63b9 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/lambda_handler.py @@ -0,0 +1,23 @@ +import json + +from aws_xray_sdk.core import patch_all, xray_recorder + +from unity_initiator.utils.logger import log_exceptions, logger + +patch_all() + + +def perform_evaluation(event, context): + logger.info("event: %s", json.dumps(event, indent=2)) + logger.info("context: %s", context) + + # Implement your adaptation-specific evaluator code here and return + # True if it successfully evaluates. False otherwise. + + return True + + +@log_exceptions +def lambda_handler(event, context): + with xray_recorder.capture(context.function_name): + return {"success": perform_evaluation(event, context)} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/locals.tf b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/locals.tf new file mode 100644 index 0000000..16ee5e0 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/locals.tf @@ -0,0 +1,15 @@ +locals { + function_name = "${var.project}-${var.venue}-${var.evaluator_name}-evaluator" + tags = { + Venue = "dev" + ServiceArea = "cs" + Capability = "evaluator" + CapVersion = "0.0.1" + Component = "U-OD" + Name = "${var.project}-${var.venue}-cs-evaluator-od" + Proj = var.project + CreatedBy = "cs" + Env = "dev" + Stack = "U-OD" + } +} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/main.tf b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/main.tf new file mode 100644 index 0000000..136c3d7 --- /dev/null +++ b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/main.tf @@ -0,0 +1,198 @@ +resource "null_resource" "build_lambda_package" { + triggers = { always_run = timestamp() } + provisioner "local-exec" { + command = < + ## Requirements | Name | Version | @@ -62,4 +62,4 @@ No modules. | Name | Description | |------|-------------| | [evaluator\_topic\_arn](#output\_evaluator\_topic\_arn) | The ARN of the evaluator SNS topic | - + diff --git a/terraform-unity/initiator/README.md b/terraform-unity/initiator/README.md index 64d43b7..4d79947 100644 --- a/terraform-unity/initiator/README.md +++ b/terraform-unity/initiator/README.md @@ -1,6 +1,6 @@ # terraform-unity - + ## Requirements | Name | Version | @@ -60,4 +60,4 @@ No modules. | Name | Description | |------|-------------| | [initiator\_topic\_arn](#output\_initiator\_topic\_arn) | The ARN of the initiator SNS topic | - + diff --git a/terraform-unity/initiator/test_router.yaml b/terraform-unity/initiator/test_router.yaml new file mode 100644 index 0000000..7549981 --- /dev/null +++ b/terraform-unity/initiator/test_router.yaml @@ -0,0 +1,215 @@ +initiator_config: + + name: config example for multiple use cases + + payload_type: + + # url payload type supports triggers use-cases: + # - S3 event (s3://) + # - file system event (HECC or on-prem) (file://) + # - CMR based (https:// or s3://) + # Other potential payload types: JSON, SQL query result, XML, etc. + url: + + # SBG example: L1B data staged to S3 bucket and payload is S3 url + - regexes: + - '/(?PSISTER_EMIT_L1B_RDN_(?P\d{8}T\d{6})_(?P\d{3})_OBS\.bin)$' + evaluators: + + # If the regex matches, the router submits a JSON payload to the eval_sbg_l2_readiness SNS topic that contains + # the payload and the regex match groupdict() as JSON. The groupdict JSON can further provide fields to evaluate + # criteria for go/no-go but should remain lightweight. For example, if the payload was: + # + # s3://sps-dev-ds-storage/urn:nasa:unity:unity:dev:SBG-L1B_PRE___1/urn:nasa:unity:unity:dev:SBG-L1B_PRE___1:SISTER_EMIT_L1B_RDN_20240103T131936_001/SISTER_EMIT_L1B_RDN_20240103T131936_001_OBS.bin + # + # The payload submitted to the SNS topic would be: + # { + # "payload": "s3://sps-dev-ds-storage/urn:nasa:unity:unity:dev:SBG-L1B_PRE___1/urn:nasa:unity:unity:dev:SBG-L1B_PRE___1:SISTER_EMIT_L1B_RDN_20240103T131936_001/SISTER_EMIT_L1B_RDN_20240103T131936_001_OBS.bin", + # "groupdict": { + # "id": "SISTER_EMIT_L1B_RDN_20240103T131936_001/SISTER_EMIT_L1B_RDN_20240103T131936_001_OBS.bin", + # "observation_date_time": "20240103T131936", + # "product_counter": "001", + # "actions": {} TODO: fill out dag_id, airflow_base_api_endpoint, etc. + # } + # } + - name: eval_sbg_l2_readiness + actions: + - name: submit_to_sns_topic + params: + # topic_arn is optional to allow specific routing to an SNS topic; + # if this was null, empty or absent, then the assumption is a SNS + # topic in the local AWS account using the evaluator name as the SNS topic + topic_arn: arn:aws:sns:us-west-2:123456789012:eval_sbg_l2_readiness + on_success: + actions: + - name: submit_dag_by_id + params: + dag_id: submit_sbg_l2_dag + airflow_base_api_endpoint: xxx + airflow_username: + airflow_password: + + + # M2020 example: xyz left finder; example of matching any one of a set of regexes + - regexes: + - 'ids-pipeline/pipes/nonlin_xyz_left/inputque/.L.{17}_.{3}RAS_N.{26}\.VIC-link' + - 'ids-pipeline/pipes/nonlin_xyz_left/inputque/.R.{17}_.{3}RAS_N.{26}\.VIC-link' + - 'ids-pipeline/pipes/nonlin_xyz_left/inputque/.L.{17}_.{3}DSP_N.{26}\.VIC-link' + evaluators: + + # If any of the regexes match, the router submits a JSON payload to the eval_m2020_xyz_left_finder SNS topic that contains + # the payload and the regex match groupdict() as JSON. The groupdict JSON can further provide fields to evaluate criteria + # for go/no-go but should remain lightweight. + - name: eval_m2020_xyz_left_finder + actions: + - name: submit_to_sns_topic + params: + # topic_arn is optional to allow specific routing to an SNS topic; + # if this was null, empty or absent, then the assumption is a SNS + # topic in the local AWS account using the evaluator name as the SNS topic + topic_arn: arn:aws:sns:us-west-2:123456789012:eval_m2020_xyz_left_finder + on_success: + actions: + - name: submit_dag_by_id + params: + dag_id: submit_nonlin_xyz_left + airflow_base_api_endpoint: xxx + airflow_username: + airflow_password: + + # NISAR example: GDS stages satellite telemetry to S3 bucket and payload is S3 url + - regexes: + - '/(?P(?PNISAR)_S(?P\d{3})_(?P\w{2,3})_(?P\w{3,4})_M(?P\d{2})_P(?P\d{5})_R(?P\d{2})_C(?P\d{2})_G(?P\d{2})_(?P\d{4}_\d{3}_\d{2}_\d{2}_\d{2}_\d{6})\d{3}\.vc(?P\w{2}))$' + evaluators: + + # If the regex matches, the router submits a JSON payload to the eval_nisar_ingest SNS topic that contains + # the payload and the regex match groupdict() as JSON. The groupdict JSON can further provide fields to evaluate + # criteria for go/no-go but should remain lightweight. + - name: eval_nisar_ingest + actions: + - name: submit_to_sns_topic + params: + # topic_arn is optional to allow specific routing to an SNS topic; + # if this was null, empty or absent, then the assumption is a SNS + # topic in the local AWS account using the evaluator name as the SNS topic + topic_arn: arn:aws:sns:us-west-2:271039147104:uod-dev-eval_nisar_ingest-evaluator_topic + on_success: + actions: + - name: submit_dag_by_id + params: + dag_id: submit_nisar_tlm_ingest + airflow_base_api_endpoint: xxx + airflow_username: + airflow_password: + + # NISAR example: GDS stages LDF (list of delivered files) to S3 bucket and payload is S3 url + - regexes: + - '/(?P(?PNISAR)_S(?P\d{3})_(?P\w{2,3})_(?P\w{3,4})_M(?P\d{2})_P(?P\d{5})_R(?P\d{2})_C(?P\d{2})_G(?P\d{2})_(?P\d{4}_\d{3}_\d{2}_\d{2}_\d{2}_\d{5})(?P\d{1,4})\.ldf)$' + evaluators: + + # If the regex matches, the router submits a JSON payload to the eval_nisar_l0a_readiness DAG via Airflow REST API + # that contains the the payload and the regex match groupdict() as JSON. The groupdict JSON can further provide + # fields to evaluate criteria for go/no-go but in this case we make a call to submit a dag execution for a heavyweight + # and possibly long-running evaluation (current worst case pass: 1877 telemetry files, each 200 MB, all ingested and checksum verified; dependency on GDS staging) + - name: eval_nisar_l0a_readiness + actions: + - name: submit_dag_by_id + params: + dag_id: eval_nisar_l0a_readiness + airflow_base_api_endpoint: https://100.104.10.104/api/v1 + airflow_username: + airflow_password: + on_success: + actions: + - name: submit_dag_by_id + params: + dag_id: submit_nisar_l0a_te_dag + # These are commented out because by default they will be pulled from the above configuration since we're in airflow. + # Otherwise these can be uncommented out for explicit configuration (e.g. another SPS cluster) + #airflow_base_api_endpoint: xxx + #airflow_username: + #airflow_password: + + # AIRS RetStd example: scheduled task to periodically check for new AIRS granules published to CMR + - regexes: + - '/(?P(?PAIRS)\.(?P\d{4})\.(?P\d{2})\.(?P\d{2})\.(?P\d{3})\.(?PL.+?)\.(?P.+?)\.(?Pv\d+)\.(?P\d+)\.(?P\d+)\.(?P\d+)\.(?P.+?).hdf)$' + evaluators: + + # If the regex matches, the router submits a JSON payload to the eval_airs_ingest SNS topic that contains + # the payload and the regex match groupdict() as JSON. The groupdict JSON can further provide fields to evaluate + # criteria for go/no-go but should remain lightweight. + - name: eval_airs_ingest + actions: + - name: submit_to_sns_topic + params: + # topic_arn is optional to allow specific routing to an SNS topic; + # if this was null, empty or absent, then the assumption is a SNS + # topic in the local AWS account using the evaluator name as the SNS topic + topic_arn: arn:aws:sns:us-west-2:271039147104:uod-dev-eval_airs_ingest-evaluator_topic + on_success: + actions: + - name: submit_hysds_job + params: + mozart_base_api_endpoint: https://100.104.10.104/mozart/api/v0.1/job/submit + job_spec: submit_airs_ingest:v1 + queue: ingest_queue + priority: 0 + tags: + - airs + - hysds + + - regexes: + - '(?<=/)(?Phello_world\.txt)$' + evaluators: + - name: eval_hello_world_readiness + actions: + - name: submit_ogc_process_execution + params: + process_id: eval_hello_world_readiness + ogc_processes_base_api_endpoint: ${ogc_processes_base_api_endpoint} + on_success: + actions: + - name: submit_ogc_process_execution + params: + process_id: hello_world + + # ECMWF A2/A3 + - regexes: + - '/(?P(?PECMWF)_(?PA2A3)_(?P\d{4})(?P\d{2})(?P\d{2})(?P\d{2})(?P\d{2})_(?P\d{4})(?P\d{2})(?P\d{2})(?P\d{2})(?P\d{2})_(?P\d+)\.json)$' + evaluators: + + # If the regex matches, the router submits a convert_merge_a2_a3 HySDS job that contains + # the payload and the regex match groupdict() as JSON. + - name: convert_merge_a2_a3 + actions: + - name: submit_hysds_job + params: + mozart_base_api_endpoint: https://100.104.10.104/mozart/api/v0.1/job/submit + job_spec: job-convert_merge_a2_a3:NSDS-3744 + queue: factotum-ecmwf-licensed-worker-1 + priority: 0 + tags: + - ecmwf + - a2 + - a3 + - hysds + + # ECMWF A4 + - regexes: + - '/(?P(?PECMWF)_(?PA4)_(?P\d{4})(?P\d{2})(?P\d{2})(?P\d{2})(?P\d{2})_(?P\d{4})(?P\d{2})(?P\d{2})(?P\d{2})(?P\d{2})_(?P\d+)\.json)$' + evaluators: + + # If the regex matches, the router submits a convert_a4 HySDS job that contains + # the payload and the regex match groupdict() as JSON. + - name: convert_a4 + actions: + - name: submit_hysds_job + params: + mozart_base_api_endpoint: https://100.104.10.104/mozart/api/v0.1/job/submit + job_spec: job-convert_a4:NSDS-3744 + queue: factotum-ecmwf-licensed-worker-2 + priority: 0 + tags: + - ecmwf + - a4 + - hysds diff --git a/terraform-unity/triggers/cmr-query/README.md b/terraform-unity/triggers/cmr-query/README.md index 64511ff..2fd97bf 100644 --- a/terraform-unity/triggers/cmr-query/README.md +++ b/terraform-unity/triggers/cmr-query/README.md @@ -1,6 +1,6 @@ # scheduled_task - + ## Requirements | Name | Version | @@ -63,4 +63,4 @@ No modules. ## Outputs No outputs. - + diff --git a/terraform-unity/triggers/s3-bucket-notification/README.md b/terraform-unity/triggers/s3-bucket-notification/README.md index 14c7a4e..49f3961 100644 --- a/terraform-unity/triggers/s3-bucket-notification/README.md +++ b/terraform-unity/triggers/s3-bucket-notification/README.md @@ -1,6 +1,6 @@ # s3_bucket_notification - + ## Requirements | Name | Version | @@ -38,4 +38,4 @@ No modules. ## Outputs No outputs. - + diff --git a/terraform-unity/triggers/scheduled-task-instrumented/README.md b/terraform-unity/triggers/scheduled-task-instrumented/README.md index ecdd896..52f16e3 100644 --- a/terraform-unity/triggers/scheduled-task-instrumented/README.md +++ b/terraform-unity/triggers/scheduled-task-instrumented/README.md @@ -1,6 +1,6 @@ # scheduled_task - + ## Requirements | Name | Version | @@ -54,4 +54,4 @@ No modules. ## Outputs No outputs. - + diff --git a/terraform-unity/triggers/scheduled-task/README.md b/terraform-unity/triggers/scheduled-task/README.md index 163c4bd..31c9871 100644 --- a/terraform-unity/triggers/scheduled-task/README.md +++ b/terraform-unity/triggers/scheduled-task/README.md @@ -1,6 +1,6 @@ # scheduled_task - + ## Requirements | Name | Version | @@ -49,4 +49,4 @@ No modules. ## Outputs No outputs. - + diff --git a/tests/test_submit_dag_by_id.py b/tests/test_submit_dag_by_id.py new file mode 100644 index 0000000..20b254b --- /dev/null +++ b/tests/test_submit_dag_by_id.py @@ -0,0 +1,171 @@ +import time +from unittest.mock import MagicMock, patch + +import pytest + +from src.unity_initiator.actions.submit_dag_by_id import SubmitDagByID + +BASIC_PARAMS = { + "dag_id": "test_dag", + "airflow_base_api_endpoint": "https://airflow.example.com/api/v1", + "auth_method": "basic", + "airflow_username": "user", + "airflow_password": "pass", + "on_success": None, +} + +OAUTH2_PARAMS = { + "dag_id": "test_dag", + "airflow_base_api_endpoint": "https://airflow.example.com/api/v1", + "auth_method": "bearer", + "cognito_token_method": "oauth2", + "cognito_token_url": "https://cognito-domain/oauth2/token", + "cognito_client_id": "cid", + "cognito_client_secret": "csecret", + "cognito_username": "uname", + "cognito_password": "pword", + "on_success": None, +} + +INITIATE_AUTH_PARAMS = { + "dag_id": "test_dag", + "airflow_base_api_endpoint": "https://airflow.example.com/api/v1", + "auth_method": "bearer", + "cognito_token_method": "initiate_auth", + "cognito_region": "us-west-2", + "cognito_client_id": "cid", + "cognito_username": "uname", + "cognito_password": "pword", + "on_success": None, +} + + +@pytest.mark.parametrize( + "params,expected_auth,expected_header", + [ + (BASIC_PARAMS, ("user", "pass"), None), + (OAUTH2_PARAMS, None, "Bearer fake-oauth2-token"), + (INITIATE_AUTH_PARAMS, None, "Bearer fake-initiate-token"), + ], +) +def test_submit_dag_by_id_auth_modes(params, expected_auth, expected_header): + """ + Example YAML for basic auth: + --- + submit_dag_by_id_action: + name: submit_dag_by_id + params: + dag_id: test_dag + airflow_base_api_endpoint: https://airflow.example.com/api/v1 + auth_method: basic + airflow_username: user + airflow_password: pass + + Example YAML for bearer (oauth2): + --- + submit_dag_by_id_action: + name: submit_dag_by_id + params: + dag_id: test_dag + airflow_base_api_endpoint: https://airflow.example.com/api/v1 + auth_method: bearer + cognito_token_method: oauth2 + cognito_token_url: https://cognito-domain/oauth2/token + cognito_client_id: cid + cognito_client_secret: csecret + cognito_username: uname + cognito_password: pword + + Example YAML for bearer (initiate_auth): + --- + submit_dag_by_id_action: + name: submit_dag_by_id + params: + dag_id: test_dag + airflow_base_api_endpoint: https://airflow.example.com/api/v1 + auth_method: bearer + cognito_token_method: initiate_auth + cognito_region: us-west-2 + cognito_client_id: cid + cognito_username: uname + cognito_password: pword + """ + payload = {"foo": "bar"} + payload_info = {"meta": "data"} + + # Patch httpx.post for both DAG trigger and token fetch + with patch("src.unity_initiator.actions.submit_dag_by_id.httpx.post") as mock_post: + # Mock token fetch + if params.get("auth_method") == "bearer": + if params.get("cognito_token_method") == "oauth2": + # First call: token fetch + mock_post.side_effect = [ + MagicMock( + json=lambda: { + "access_token": "fake-oauth2-token", + "expires_in": 3600, + }, + status_code=200, + ), + MagicMock(json=lambda: {"result": "ok"}, status_code=200), + ] + else: + # First call: token fetch + mock_post.side_effect = [ + MagicMock( + json=lambda: { + "AuthenticationResult": { + "AccessToken": "fake-initiate-token" + } + }, + status_code=200, + ), + MagicMock(json=lambda: {"result": "ok"}, status_code=200), + ] + else: + mock_post.return_value = MagicMock( + json=lambda: {"result": "ok"}, status_code=200 + ) + + action = SubmitDagByID(payload, payload_info, params.copy()) + result = action.execute() + assert result["success"] + # Check correct auth or header used + if expected_auth: + args, kwargs = mock_post.call_args + assert kwargs["auth"] == expected_auth + if expected_header: + # The second call is the DAG trigger + _, kwargs = mock_post.call_args + assert kwargs["headers"]["Authorization"] == expected_header + + +def test_token_refresh_on_expiry(): + params = OAUTH2_PARAMS.copy() + params["bearer_token"] = "expired-token" + params["bearer_token_expiry"] = time.time() - 10 # expired + payload = {} + payload_info = {} + with patch("src.unity_initiator.actions.submit_dag_by_id.httpx.post") as mock_post: + mock_post.side_effect = [ + MagicMock( + json=lambda: {"access_token": "new-token", "expires_in": 3600}, + status_code=200, + ), + MagicMock(json=lambda: {"result": "ok"}, status_code=200), + ] + action = SubmitDagByID(payload, payload_info, params) + result = action.execute() + assert result["success"] + # Should use new token + _, kwargs = mock_post.call_args + assert kwargs["headers"]["Authorization"] == "Bearer new-token" + + +def test_missing_required_params(): + params = BASIC_PARAMS.copy() + del params["airflow_username"] + payload = {} + payload_info = {} + with pytest.raises(KeyError): + SubmitDagByID(payload, payload_info, params).execute() From 9fe84d81d2db115361b59b603f717a811b14b885 Mon Sep 17 00:00:00 2001 From: Gerald Manipon Date: Thu, 17 Jul 2025 08:49:51 -0700 Subject: [PATCH 2/4] chore: bump version to 0.0.2 --- src/unity_initiator/__about__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/unity_initiator/__about__.py b/src/unity_initiator/__about__.py index 25bc008..ebfccfd 100644 --- a/src/unity_initiator/__about__.py +++ b/src/unity_initiator/__about__.py @@ -1,4 +1,4 @@ # SPDX-FileCopyrightText: 2024-present Gerald Manipon # # SPDX-License-Identifier: Apache-2.0 -__version__ = "0.0.1" +__version__ = "0.0.2" From 164c95d84f13ade3ac5375a66431091d746b43ef Mon Sep 17 00:00:00 2001 From: Gerald Manipon Date: Thu, 17 Jul 2025 10:14:22 -0700 Subject: [PATCH 3/4] delete --- scripts/test.sh | 18 -- .../.terraform.lock.hcl | 85 -------- .../sns-sqs-lambda-airs-retstd/README.md | 65 ------ .../build_lambda_package.sh | 23 -- .../sns-sqs-lambda-airs-retstd/data.tf | 10 - .../lambda_handler.py | 23 -- .../sns-sqs-lambda-airs-retstd/locals.tf | 15 -- .../sns-sqs-lambda-airs-retstd/main.tf | 198 ------------------ .../sns-sqs-lambda-airs-retstd/output.tf | 4 - .../sns-sqs-lambda/.terraform.lock.hcl | 85 -------- .../sns-sqs-lambda/README.md | 65 ------ .../sns-sqs-lambda/build_lambda_package.sh | 23 -- .../sns-sqs-lambda/data.tf | 10 - .../sns-sqs-lambda/lambda_handler.py | 23 -- .../sns-sqs-lambda/locals.tf | 15 -- .../sns-sqs-lambda/main.tf | 198 ------------------ .../sns-sqs-lambda/output.tf | 4 - .../sns-sqs-lambda/variables.tf | 21 -- .../sns-sqs-lambda/versions.tf | 22 -- .../sns-sqs-lambda-airs-retstd/variables.tf | 21 -- .../sns-sqs-lambda-airs-retstd/versions.tf | 22 -- .../.terraform.lock.hcl | 85 -------- .../sns-sqs-lambda-nisar-tlm/README.md | 65 ------ .../build_lambda_package.sh | 23 -- .../sns-sqs-lambda-nisar-tlm/data.tf | 10 - .../lambda_handler.py | 23 -- .../sns-sqs-lambda-nisar-tlm/locals.tf | 15 -- .../sns-sqs-lambda-nisar-tlm/main.tf | 198 ------------------ .../sns-sqs-lambda-nisar-tlm/output.tf | 4 - .../sns-sqs-lambda-nisar-tlm/variables.tf | 21 -- .../sns-sqs-lambda-nisar-tlm/versions.tf | 22 -- 31 files changed, 1416 deletions(-) delete mode 100755 scripts/test.sh delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/.terraform.lock.hcl delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/README.md delete mode 100755 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/build_lambda_package.sh delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/data.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/lambda_handler.py delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/locals.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/main.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/output.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/.terraform.lock.hcl delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/README.md delete mode 100755 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/build_lambda_package.sh delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/data.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/lambda_handler.py delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/locals.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/main.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/output.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/variables.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/versions.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/variables.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/versions.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/.terraform.lock.hcl delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/README.md delete mode 100755 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/build_lambda_package.sh delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/data.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/lambda_handler.py delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/locals.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/main.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/output.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/variables.tf delete mode 100644 terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/versions.tf diff --git a/scripts/test.sh b/scripts/test.sh deleted file mode 100755 index 783237e..0000000 --- a/scripts/test.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -BASE_PATH=$(dirname "${BASH_SOURCE}") -BASE_PATH=$(cd "${BASE_PATH}/.."; pwd) -DIST_DIR=${BASE_PATH}/dist -PKG_DIR=${DIST_DIR}/lambda_packages - -set -ex - -rm -rf $DIST_DIR -pip install hatch -hatch clean -hatch build -VERSION=0.0.2 -echo "{\"version\": \"$VERSION\"}" > ${DIST_DIR}/version.json -mkdir -p $PKG_DIR -pip install -t $PKG_DIR ${DIST_DIR}/unity_initiator-*.whl -cd $PKG_DIR -zip -rq ${DIST_DIR}/unity_initiator-${VERSION}-lambda.zip . diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/.terraform.lock.hcl b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/.terraform.lock.hcl deleted file mode 100644 index 8cbe489..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/.terraform.lock.hcl +++ /dev/null @@ -1,85 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/archive" { - version = "2.4.2" - constraints = ">= 2.4.2" - hashes = [ - "h1:1eOz9vM/55vnQjxk23RhnYga7PZq8n2rGxG+2Vx2s6w=", - "zh:08faed7c9f42d82bc3d406d0d9d4971e2d1c2d34eae268ad211b8aca57b7f758", - "zh:3564112ed2d097d7e0672378044a69b06642c326f6f1584d81c7cdd32ebf3a08", - "zh:53cd9afd223c15828c1916e68cb728d2be1cbccb9545568d6c2b122d0bac5102", - "zh:5ae4e41e3a1ce9d40b6458218a85bbde44f21723943982bca4a3b8bb7c103670", - "zh:5b65499218b315b96e95c5d3463ea6d7c66245b59461217c99eaa1611891cd2c", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:7f45b35a8330bebd184c2545a41782ff58240ed6ba947274d9881dd5da44b02e", - "zh:87e67891033214e55cfead1391d68e6a3bf37993b7607753237e82aa3250bb71", - "zh:de3590d14037ad81fc5cedf7cfa44614a92452d7b39676289b704a962050bc5e", - "zh:e7e6f2ea567f2dbb3baa81c6203be69f9cd6aeeb01204fd93e3cf181e099b610", - "zh:fd24d03c89a7702628c2e5a3c732c0dede56fa75a08da4a1efe17b5f881c88e2", - "zh:febf4b7b5f3ff2adff0573ef6361f09b6638105111644bdebc0e4f575373935f", - ] -} - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.51.1" - constraints = ">= 5.50.0" - hashes = [ - "h1:KY/uPHIa+bHgMOAqoA2BnjIlIDuFRFwbLjLkf1gbeDk=", - "zh:03d524b70ab300d90dc4dccad0c28b18d797b8986722b7a93e40a41500450eaa", - "zh:04dbcb7ab52181a784877c409f6c882df34bda686d8c884d511ebd4abf493f0c", - "zh:2b068f7838e0f3677829258df05d8b9d73fe6434a1a809f8710956cc1c01ea03", - "zh:41a4b1e4adbf7c90015ebff17a719fc08133b8a2c4dcefd2fa281552126e59a8", - "zh:48b1adf57f695a72c88c598f99912171ef7067638fd63fb0c6ad3fa397b3f7c3", - "zh:5c2fb26ecb83adac90d06dcf5f97edbc944824c2821816b1653e1a2b9d37b3c4", - "zh:93df05f53702df829d9b9335e559ad8b313808dbd2fad8b2ff14f176732e693d", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:b5da39898602e44551b56e2803a42d92ea7115e35b1792efbf6649da37ef597b", - "zh:b7ab7f743f864ed8d479a7cb04fd3ce00c376f867ee5b53c4c1acaef6e286c54", - "zh:e7e7b2d8ee486415481a25ac7bdded20bd2897d5dd0790741798f31935b9528d", - "zh:e8008e3f5ef560fd9004d1ed1738f0f53e99b0ce961d967e95fc7c02e5954e4e", - "zh:f1296f648b8608ffa930b52519b00ed01eebedde9fdaf94205b365536e6c3916", - "zh:f8539960fd978a54990740ee984c6f7f743c9c32c7734e2601e92abfe54367e9", - "zh:fd182e6e20bb52982752a5d8c4b16887565f413a9d50d9d394d2c06eea8a195e", - ] -} - -provider "registry.terraform.io/hashicorp/local" { - version = "2.5.1" - constraints = ">= 2.5.1" - hashes = [ - "h1:/GAVA/xheGQcbOZEq0qxANOg+KVLCA7Wv8qluxhTjhU=", - "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561", - "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561", - "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5", - "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24", - "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667", - "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8", - "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0", - "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867", - "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4", - "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520", - ] -} - -provider "registry.terraform.io/hashicorp/null" { - version = "3.2.2" - constraints = ">= 3.2.2" - hashes = [ - "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=", - "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", - "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", - "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", - "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606", - "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546", - "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539", - "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422", - "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae", - "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1", - "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e", - ] -} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/README.md b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/README.md deleted file mode 100644 index 8b8f2f8..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/README.md +++ /dev/null @@ -1,65 +0,0 @@ -# sns_sqs_lambda - - -## Requirements - -| Name | Version | -|------|---------| -| [terraform](#requirement\_terraform) | ~> 1.8.2 | -| [archive](#requirement\_archive) | >=2.4.2 | -| [aws](#requirement\_aws) | >=5.50.0 | -| [local](#requirement\_local) | >=2.5.1 | -| [null](#requirement\_null) | >=3.2.2 | - -## Providers - -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | 5.51.1 | -| [local](#provider\_local) | 2.5.1 | -| [null](#provider\_null) | 3.2.2 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_iam_policy.evaluator_lambda_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | -| [aws_iam_role.evaluator_lambda_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role_policy_attachment.aws_xray_write_only_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_role_policy_attachment.lambda_base_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_role_policy_attachment.lambda_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_lambda_event_source_mapping.evaluator_queue_event_source_mapping](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_event_source_mapping) | resource | -| [aws_lambda_function.evaluator_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource | -| [aws_lambda_function_event_invoke_config.invoke_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_event_invoke_config) | resource | -| [aws_s3_object.lambda_package](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource | -| [aws_sns_topic.evaluator_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | -| [aws_sns_topic_policy.evaluator_topic_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | -| [aws_sns_topic_subscription.evaluator_subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource | -| [aws_sqs_queue.evaluator_dead_letter_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | -| [aws_sqs_queue.evaluator_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | -| [aws_sqs_queue_policy.evaluator_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy) | resource | -| [aws_ssm_parameter.evaluator_lambda_function_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource | -| [null_resource.build_lambda_package](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_iam_policy.mcp_operator_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | -| [local_file.version](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [code\_bucket](#input\_code\_bucket) | The S3 bucket where lambda zip files will be stored and accessed | `string` | n/a | yes | -| [evaluator\_name](#input\_evaluator\_name) | The evaluator name | `string` | n/a | yes | -| [project](#input\_project) | The unity project its installed into | `string` | `"uod"` | no | -| [venue](#input\_venue) | The unity venue its installed into | `string` | `"dev"` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [evaluator\_topic\_arn](#output\_evaluator\_topic\_arn) | The ARN of the evaluator SNS topic | - diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/build_lambda_package.sh b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/build_lambda_package.sh deleted file mode 100755 index d73b668..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/build_lambda_package.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -BASE_PATH=$(dirname "${BASH_SOURCE}") -BASE_PATH=$(cd "${BASE_PATH}/../../.."; pwd) -DIST_DIR=${BASE_PATH}/dist -PKG_DIR=${DIST_DIR}/lambda_packages -EVALUATOR_DIR=$(dirname "${BASH_SOURCE}") -EVALUATOR_DIR=$(cd "${EVALUATOR_DIR}"; pwd) -EVALUATOR_NAME=$1 - -set -ex - -rm -rf $DIST_DIR -pip install hatch -hatch clean -hatch build -VERSION=$(hatch run python -c 'from importlib.metadata import version; print(version("unity_initiator"))') -echo "{\"version\": \"$VERSION\"}" > ${DIST_DIR}/version.json -mkdir -p $PKG_DIR -pip install -t $PKG_DIR ${DIST_DIR}/unity_initiator-*.whl -pip install -t $PKG_DIR aws_xray_sdk -cp ${EVALUATOR_DIR}/lambda_handler.py $PKG_DIR/ -cd $PKG_DIR -zip -rq ${DIST_DIR}/${EVALUATOR_NAME}-${VERSION}-lambda.zip . diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/data.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/data.tf deleted file mode 100644 index 4d6b523..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/data.tf +++ /dev/null @@ -1,10 +0,0 @@ -data "aws_caller_identity" "current" {} - -data "aws_iam_policy" "mcp_operator_policy" { - name = "mcp-tenantOperator-AMI-APIG" -} - -data "local_file" "version" { - filename = "${path.module}/../../../dist/version.json" - depends_on = [null_resource.build_lambda_package] -} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/lambda_handler.py b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/lambda_handler.py deleted file mode 100644 index efc63b9..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/lambda_handler.py +++ /dev/null @@ -1,23 +0,0 @@ -import json - -from aws_xray_sdk.core import patch_all, xray_recorder - -from unity_initiator.utils.logger import log_exceptions, logger - -patch_all() - - -def perform_evaluation(event, context): - logger.info("event: %s", json.dumps(event, indent=2)) - logger.info("context: %s", context) - - # Implement your adaptation-specific evaluator code here and return - # True if it successfully evaluates. False otherwise. - - return True - - -@log_exceptions -def lambda_handler(event, context): - with xray_recorder.capture(context.function_name): - return {"success": perform_evaluation(event, context)} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/locals.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/locals.tf deleted file mode 100644 index 16ee5e0..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/locals.tf +++ /dev/null @@ -1,15 +0,0 @@ -locals { - function_name = "${var.project}-${var.venue}-${var.evaluator_name}-evaluator" - tags = { - Venue = "dev" - ServiceArea = "cs" - Capability = "evaluator" - CapVersion = "0.0.1" - Component = "U-OD" - Name = "${var.project}-${var.venue}-cs-evaluator-od" - Proj = var.project - CreatedBy = "cs" - Env = "dev" - Stack = "U-OD" - } -} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/main.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/main.tf deleted file mode 100644 index 136c3d7..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/main.tf +++ /dev/null @@ -1,198 +0,0 @@ -resource "null_resource" "build_lambda_package" { - triggers = { always_run = timestamp() } - provisioner "local-exec" { - command = < -## Requirements - -| Name | Version | -|------|---------| -| [terraform](#requirement\_terraform) | ~> 1.8.2 | -| [archive](#requirement\_archive) | >=2.4.2 | -| [aws](#requirement\_aws) | >=5.50.0 | -| [local](#requirement\_local) | >=2.5.1 | -| [null](#requirement\_null) | >=3.2.2 | - -## Providers - -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | 5.51.1 | -| [local](#provider\_local) | 2.5.1 | -| [null](#provider\_null) | 3.2.2 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_iam_policy.evaluator_lambda_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | -| [aws_iam_role.evaluator_lambda_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role_policy_attachment.aws_xray_write_only_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_role_policy_attachment.lambda_base_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_role_policy_attachment.lambda_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_lambda_event_source_mapping.evaluator_queue_event_source_mapping](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_event_source_mapping) | resource | -| [aws_lambda_function.evaluator_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource | -| [aws_lambda_function_event_invoke_config.invoke_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_event_invoke_config) | resource | -| [aws_s3_object.lambda_package](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource | -| [aws_sns_topic.evaluator_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | -| [aws_sns_topic_policy.evaluator_topic_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | -| [aws_sns_topic_subscription.evaluator_subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource | -| [aws_sqs_queue.evaluator_dead_letter_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | -| [aws_sqs_queue.evaluator_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | -| [aws_sqs_queue_policy.evaluator_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy) | resource | -| [aws_ssm_parameter.evaluator_lambda_function_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource | -| [null_resource.build_lambda_package](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_iam_policy.mcp_operator_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | -| [local_file.version](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [code\_bucket](#input\_code\_bucket) | The S3 bucket where lambda zip files will be stored and accessed | `string` | n/a | yes | -| [evaluator\_name](#input\_evaluator\_name) | The evaluator name | `string` | n/a | yes | -| [project](#input\_project) | The unity project its installed into | `string` | `"uod"` | no | -| [venue](#input\_venue) | The unity venue its installed into | `string` | `"dev"` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [evaluator\_topic\_arn](#output\_evaluator\_topic\_arn) | The ARN of the evaluator SNS topic | - diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/build_lambda_package.sh b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/build_lambda_package.sh deleted file mode 100755 index d73b668..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/build_lambda_package.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -BASE_PATH=$(dirname "${BASH_SOURCE}") -BASE_PATH=$(cd "${BASE_PATH}/../../.."; pwd) -DIST_DIR=${BASE_PATH}/dist -PKG_DIR=${DIST_DIR}/lambda_packages -EVALUATOR_DIR=$(dirname "${BASH_SOURCE}") -EVALUATOR_DIR=$(cd "${EVALUATOR_DIR}"; pwd) -EVALUATOR_NAME=$1 - -set -ex - -rm -rf $DIST_DIR -pip install hatch -hatch clean -hatch build -VERSION=$(hatch run python -c 'from importlib.metadata import version; print(version("unity_initiator"))') -echo "{\"version\": \"$VERSION\"}" > ${DIST_DIR}/version.json -mkdir -p $PKG_DIR -pip install -t $PKG_DIR ${DIST_DIR}/unity_initiator-*.whl -pip install -t $PKG_DIR aws_xray_sdk -cp ${EVALUATOR_DIR}/lambda_handler.py $PKG_DIR/ -cd $PKG_DIR -zip -rq ${DIST_DIR}/${EVALUATOR_NAME}-${VERSION}-lambda.zip . diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/data.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/data.tf deleted file mode 100644 index 4d6b523..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/data.tf +++ /dev/null @@ -1,10 +0,0 @@ -data "aws_caller_identity" "current" {} - -data "aws_iam_policy" "mcp_operator_policy" { - name = "mcp-tenantOperator-AMI-APIG" -} - -data "local_file" "version" { - filename = "${path.module}/../../../dist/version.json" - depends_on = [null_resource.build_lambda_package] -} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/lambda_handler.py b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/lambda_handler.py deleted file mode 100644 index efc63b9..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/lambda_handler.py +++ /dev/null @@ -1,23 +0,0 @@ -import json - -from aws_xray_sdk.core import patch_all, xray_recorder - -from unity_initiator.utils.logger import log_exceptions, logger - -patch_all() - - -def perform_evaluation(event, context): - logger.info("event: %s", json.dumps(event, indent=2)) - logger.info("context: %s", context) - - # Implement your adaptation-specific evaluator code here and return - # True if it successfully evaluates. False otherwise. - - return True - - -@log_exceptions -def lambda_handler(event, context): - with xray_recorder.capture(context.function_name): - return {"success": perform_evaluation(event, context)} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/locals.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/locals.tf deleted file mode 100644 index 16ee5e0..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/locals.tf +++ /dev/null @@ -1,15 +0,0 @@ -locals { - function_name = "${var.project}-${var.venue}-${var.evaluator_name}-evaluator" - tags = { - Venue = "dev" - ServiceArea = "cs" - Capability = "evaluator" - CapVersion = "0.0.1" - Component = "U-OD" - Name = "${var.project}-${var.venue}-cs-evaluator-od" - Proj = var.project - CreatedBy = "cs" - Env = "dev" - Stack = "U-OD" - } -} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/main.tf b/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/main.tf deleted file mode 100644 index 136c3d7..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-airs-retstd/sns-sqs-lambda/main.tf +++ /dev/null @@ -1,198 +0,0 @@ -resource "null_resource" "build_lambda_package" { - triggers = { always_run = timestamp() } - provisioner "local-exec" { - command = < -## Requirements - -| Name | Version | -|------|---------| -| [terraform](#requirement\_terraform) | ~> 1.8.2 | -| [archive](#requirement\_archive) | >=2.4.2 | -| [aws](#requirement\_aws) | >=5.50.0 | -| [local](#requirement\_local) | >=2.5.1 | -| [null](#requirement\_null) | >=3.2.2 | - -## Providers - -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | 5.51.1 | -| [local](#provider\_local) | 2.5.1 | -| [null](#provider\_null) | 3.2.2 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_iam_policy.evaluator_lambda_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | -| [aws_iam_role.evaluator_lambda_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role_policy_attachment.aws_xray_write_only_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_role_policy_attachment.lambda_base_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_role_policy_attachment.lambda_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_lambda_event_source_mapping.evaluator_queue_event_source_mapping](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_event_source_mapping) | resource | -| [aws_lambda_function.evaluator_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource | -| [aws_lambda_function_event_invoke_config.invoke_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_event_invoke_config) | resource | -| [aws_s3_object.lambda_package](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource | -| [aws_sns_topic.evaluator_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | -| [aws_sns_topic_policy.evaluator_topic_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | -| [aws_sns_topic_subscription.evaluator_subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource | -| [aws_sqs_queue.evaluator_dead_letter_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | -| [aws_sqs_queue.evaluator_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource | -| [aws_sqs_queue_policy.evaluator_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy) | resource | -| [aws_ssm_parameter.evaluator_lambda_function_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource | -| [null_resource.build_lambda_package](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_iam_policy.mcp_operator_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | -| [local_file.version](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [code\_bucket](#input\_code\_bucket) | The S3 bucket where lambda zip files will be stored and accessed | `string` | n/a | yes | -| [evaluator\_name](#input\_evaluator\_name) | The evaluator name | `string` | n/a | yes | -| [project](#input\_project) | The unity project its installed into | `string` | `"uod"` | no | -| [venue](#input\_venue) | The unity venue its installed into | `string` | `"dev"` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [evaluator\_topic\_arn](#output\_evaluator\_topic\_arn) | The ARN of the evaluator SNS topic | - diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/build_lambda_package.sh b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/build_lambda_package.sh deleted file mode 100755 index d73b668..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/build_lambda_package.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -BASE_PATH=$(dirname "${BASH_SOURCE}") -BASE_PATH=$(cd "${BASE_PATH}/../../.."; pwd) -DIST_DIR=${BASE_PATH}/dist -PKG_DIR=${DIST_DIR}/lambda_packages -EVALUATOR_DIR=$(dirname "${BASH_SOURCE}") -EVALUATOR_DIR=$(cd "${EVALUATOR_DIR}"; pwd) -EVALUATOR_NAME=$1 - -set -ex - -rm -rf $DIST_DIR -pip install hatch -hatch clean -hatch build -VERSION=$(hatch run python -c 'from importlib.metadata import version; print(version("unity_initiator"))') -echo "{\"version\": \"$VERSION\"}" > ${DIST_DIR}/version.json -mkdir -p $PKG_DIR -pip install -t $PKG_DIR ${DIST_DIR}/unity_initiator-*.whl -pip install -t $PKG_DIR aws_xray_sdk -cp ${EVALUATOR_DIR}/lambda_handler.py $PKG_DIR/ -cd $PKG_DIR -zip -rq ${DIST_DIR}/${EVALUATOR_NAME}-${VERSION}-lambda.zip . diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/data.tf b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/data.tf deleted file mode 100644 index 4d6b523..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/data.tf +++ /dev/null @@ -1,10 +0,0 @@ -data "aws_caller_identity" "current" {} - -data "aws_iam_policy" "mcp_operator_policy" { - name = "mcp-tenantOperator-AMI-APIG" -} - -data "local_file" "version" { - filename = "${path.module}/../../../dist/version.json" - depends_on = [null_resource.build_lambda_package] -} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/lambda_handler.py b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/lambda_handler.py deleted file mode 100644 index efc63b9..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/lambda_handler.py +++ /dev/null @@ -1,23 +0,0 @@ -import json - -from aws_xray_sdk.core import patch_all, xray_recorder - -from unity_initiator.utils.logger import log_exceptions, logger - -patch_all() - - -def perform_evaluation(event, context): - logger.info("event: %s", json.dumps(event, indent=2)) - logger.info("context: %s", context) - - # Implement your adaptation-specific evaluator code here and return - # True if it successfully evaluates. False otherwise. - - return True - - -@log_exceptions -def lambda_handler(event, context): - with xray_recorder.capture(context.function_name): - return {"success": perform_evaluation(event, context)} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/locals.tf b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/locals.tf deleted file mode 100644 index 16ee5e0..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/locals.tf +++ /dev/null @@ -1,15 +0,0 @@ -locals { - function_name = "${var.project}-${var.venue}-${var.evaluator_name}-evaluator" - tags = { - Venue = "dev" - ServiceArea = "cs" - Capability = "evaluator" - CapVersion = "0.0.1" - Component = "U-OD" - Name = "${var.project}-${var.venue}-cs-evaluator-od" - Proj = var.project - CreatedBy = "cs" - Env = "dev" - Stack = "U-OD" - } -} diff --git a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/main.tf b/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/main.tf deleted file mode 100644 index 136c3d7..0000000 --- a/terraform-unity/evaluators/sns-sqs-lambda-nisar-tlm/main.tf +++ /dev/null @@ -1,198 +0,0 @@ -resource "null_resource" "build_lambda_package" { - triggers = { always_run = timestamp() } - provisioner "local-exec" { - command = < Date: Thu, 17 Jul 2025 11:01:13 -0700 Subject: [PATCH 4/4] fix schema --- src/unity_initiator/resources/routers_schema.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/unity_initiator/resources/routers_schema.yaml b/src/unity_initiator/resources/routers_schema.yaml index 733ee81..22e3126 100644 --- a/src/unity_initiator/resources/routers_schema.yaml +++ b/src/unity_initiator/resources/routers_schema.yaml @@ -45,7 +45,7 @@ submit_dag_by_id_action: dag_id: str() airflow_base_api_endpoint: str(required=False) # Auth method: 'basic' (default) or 'bearer' - auth_method: str(required=False, enum=["basic", "bearer"]) + auth_method: enum("basic", "bearer", required=False) # For basic auth (legacy) airflow_username: str(required=False) airflow_password: str(required=False) @@ -59,7 +59,7 @@ submit_dag_by_id_action: bearer_token: str(required=False) bearer_token_expiry: int(required=False) # Cognito token method: 'oauth2' (default) or 'initiate_auth' - cognito_token_method: str(required=False, enum=["oauth2", "initiate_auth"]) + cognito_token_method: enum("oauth2", "initiate_auth", required=False) # Cognito region (required for initiate_auth) cognito_region: str(required=False) on_success: include("on_success_actions", required=False)