-
Notifications
You must be signed in to change notification settings - Fork 44
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add scripts to deploy blank GCP project and reflect credentials (#481)
- Loading branch information
Showing
2 changed files
with
86 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
#!/bin/bash -e | ||
# Creates reflector credentials and device entry in UDMS-REFLECT for a site | ||
# | ||
# Usage: create_reflect_credentials PATH_TO_SITE_MODEL PROJECT_ID | ||
|
||
if [[ "$#" != 2 ]]; then | ||
echo $0 SITE_MODEL PROJECT_ID | ||
exit 1 | ||
fi | ||
SITE_MODEL=$1 | ||
PROJECT_ID=$2 | ||
shift 2 | ||
|
||
ROOT_DIR=$(git rev-parse --show-toplevel) | ||
|
||
registry_id=$(jq -r .registry_id $SITE_MODEL/cloud_iot_config.json) | ||
cloud_region=$(jq -r .cloud_region $SITE_MODEL/cloud_iot_config.json) | ||
|
||
if [[ -f $SITE_MODEL/validator/rsa_private.pkcs8 ]]; then | ||
echo validator credentials seem to already exist, exitting .. | ||
exit 1 | ||
fi | ||
|
||
mkdir -p $SITE_MODEL/validator | ||
$ROOT_DIR/bin/keygen RS256 $SITE_MODEL/validator | ||
|
||
gcloud iot devices create $registry_id --region=us-central1 --registry=UDMS-REFLECT --project=$PROJECT_ID \ | ||
--public-key \ | ||
path=$SITE_MODEL/validator/rsa_public.pem,type=RSA_PEM |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
#!/bin/bash -e | ||
# Setups a blank GCP project with the UDMI cloud functions and the registers | ||
# the default site model | ||
# | ||
# Usage: setup_gcp_project PROJECT_ID | ||
|
||
if [[ "$#" != 1 ]]; then | ||
echo $0 PROJECT_ID | ||
exit 1 | ||
fi | ||
PROJECT_ID=$1 | ||
shift 1 | ||
|
||
SERVICE_ACCOUNT_NAME=udmi-cloud-functions | ||
SERVICE_ACCOUNT=$(SERVICE_ACCOUNT_NAME)@$(PROJECT_ID).iam.gserviceaccount.com | ||
|
||
ROOT_DIR=$(git rev-parse --show-toplevel) | ||
|
||
gcloud services --project $PROJECT_ID enable \ | ||
cloudresourcemanager.googleapis.com \ | ||
compute.googleapis.com \ | ||
cloudbuild.googleapis.com \ | ||
cloudfunctions.googleapis.com \ | ||
cloudiot.googleapis.com \ | ||
cloudidentity.googleapis.com | ||
|
||
gcloud iam service-accounts create $SERVICE_ACCOUNT_NAME --display-name="UDMI Cloud Functions" --project=$PROJECT_ID | ||
gcloud projects add-iam-policy-binding $PROJECT_ID --member="serviceAccount:$SERVICE_ACCOUNT" --role="roles/pubsub.publisher" | ||
gcloud projects add-iam-policy-binding $PROJECT_ID --member="serviceAccount:$SERVICE_ACCOUNT" --role="roles/cloudiot.provisioner" | ||
|
||
$ROOT_DIR/dashboard/deploy_dashboard_gcloud $PROJECT_ID --service-account=$SERVICE_ACCOUNT | ||
|
||
$ROOT_DIR/bin/clone_model | ||
registry_id=$(jq -r .registry_id $ROOT_DIR/sites/udmi_site_model/cloud_iot_config.json) | ||
cloud_region=$(jq -r .cloud_region $ROOT_DIR/sites/udmi_site_model/cloud_iot_config.json) | ||
|
||
gcloud iot registries create $registry_id \ | ||
--project=$PROJECT_ID \ | ||
--region=$cloud_region \ | ||
--event-notification-config=topic=projects/$PROJECT_ID/topics/udmi_target \ | ||
--state-pubsub-topic=projects/$PROJECT_ID/topics/udmi_state | ||
|
||
$ROOT_DIR/bin/registrar sites/udmi_site_model $PROJECT_ID | ||
|
||
gcloud iot registries create UDMS-REFLECT \ | ||
--project=$PROJECT_ID \ | ||
--region=us-central1 \ | ||
--event-notification-config=topic=projects/$PROJECT_ID/topics/udmi_reflect | ||
|
||
gcloud iot devices create $registry_id --region=us-central1 --registry=UDMS-REFLECT --project=$PROJECT_ID \ | ||
--public-key \ | ||
path=$ROOT_DIR/sites/udmi_site_model/devices/AHU-1/rsa_public.pem,type=RSA_PEM | ||
|
||
gcloud pubsub subscriptions create udmi_target --project=$PROJECT_ID \ | ||
--topic=udmi_target \ | ||
--message-retention-duration=10m \ | ||
--expiration-period=never |