Proof of Concept - SQS + Lambda

.gitignore

@@ -53,3 +53,8 @@ terraform/*/provision/.cache
 .kube*
 *.binding.json
 .terraform.lock.hcl
+
+# Lambda deployment files
+deployment.zip
+main.py
+test.py.quotes

Makefile

@@ -52,18 +52,16 @@ build: manifest.yml sqs.yml lambda.yml $(shell find terraform) ## Build the brok
 
 # Healthcheck solution from https://stackoverflow.com/a/47722899
 # (Alpine inclues wget, but not curl.)
-up: .env.secrets .env ## Run the broker service with the brokerpak configured. The broker listens on `0.0.0.0:8080`. curl http://127.0.0.1:8080 or visit it in your browser.
+up: ## Run the broker service with the brokerpak configured. The broker listens on `0.0.0.0:8080`. curl http://127.0.0.1:8080 or visit it in your browser.
 	docker run $(DOCKER_OPTS) \
 	-p 8080:8080 \
 	-e SECURITY_USER_NAME=$(SECURITY_USER_NAME) \
 	-e SECURITY_USER_PASSWORD=$(SECURITY_USER_PASSWORD) \
 	-e "DB_TYPE=sqlite3" \
 	-e "DB_PATH=/tmp/csb-db" \
 	-e "GSB_DEBUG=true" \
-	--env-file .env \
 	--env-file .env.secrets \
-	--name csb-service-$(BROKER_NAME) \
-	-d --network kind \
+	--name csb-service-$(BROKER_NAME) -d \
 	--health-cmd="wget --header=\"X-Broker-API-Version: 2.16\" --no-verbose --tries=1 --spider http://$(SECURITY_USER_NAME):$(SECURITY_USER_PASSWORD)@localhost:8080/v2/catalog || exit 1" \
 	--health-interval=2s \
 	--health-retries=15 \
@@ -75,34 +73,27 @@ up: .env.secrets .env ## Run the broker service with the brokerpak configured. T
 down: ## Bring the cloud-service-broker service down
 	-@docker stop csb-service-$(BROKER_NAME)
 
-.env.secrets:
-	@echo Copy .env.secrets-template to .env.secrets, then edit in your own values
-
 all: clean build up demo-up demo-down down ## Clean and rebuild, run the broker, provision/bind instance, unbind/deprovision instance, and tear the broker down
 
 demo-up: ## Provision an instance of a specific plan and output the bound credentials
 	@( \
 	set -e ;\
 	echo "Provisioning $(SERVICE_NAME):$(PLAN_NAME):$(INSTANCE_NAME)" ;\
-	$(CSB_EXEC) client provision --serviceid $(SERVICE_ID) --planid $(PLAN_ID) --instanceid "$(INSTANCE_NAME)"                     --params '$(CLOUD_PROVISION_PARAMS)';\
+	$(CSB_EXEC) client provision --serviceid $(SERVICE_ID) --planid $(PLAN_ID) --instanceid "$(INSTANCE_NAME)"                     --params $(CLOUD_PROVISION_PARAMS) | jq -r .;\
 	$(CSB_INSTANCE_WAIT) $(INSTANCE_NAME) ;\
 	echo "Binding $(SERVICE_NAME):$(PLAN_NAME):$(INSTANCE_NAME):binding" ;\
-	$(CSB_EXEC) client bind      --serviceid $(SERVICE_ID) --planid $(PLAN_ID) --instanceid "$(INSTANCE_NAME)" --bindingid binding --params "$(CLOUD_BIND_PARAMS)" | jq -r .response > $(INSTANCE_NAME).binding.json ;\
+	$(CSB_EXEC) client bind      --serviceid $(SERVICE_ID) --planid $(PLAN_ID) --instanceid "$(INSTANCE_NAME)" --bindingid "$(BIND_NAME)" | jq -r .response > $(INSTANCE_NAME).binding.json ;\
 	)
 
 demo-down: ## Clean up data left over from tests and demos
 	@( \
 	set -e ;\
 	echo "Unbinding and deprovisioning the ${SERVICE_NAME} instance";\
-	$(CSB_EXEC) client unbind --bindingid binding --instanceid $(INSTANCE_NAME) --serviceid $(SERVICE_ID) --planid $(PLAN_ID) 2>/dev/null;\
-	$(CSB_EXEC) client deprovision --instanceid $(INSTANCE_NAME) --serviceid $(SERVICE_ID) --planid $(PLAN_ID) 2>/dev/null;\
+	$(CSB_EXEC) client unbind --bindingid $(BIND_NAME) --instanceid $(INSTANCE_NAME) --serviceid $(SERVICE_ID) --planid $(PLAN_ID) | jq -r .status_code;\
+	$(CSB_EXEC) client deprovision --instanceid $(INSTANCE_NAME) --serviceid $(SERVICE_ID) --planid $(PLAN_ID) | jq -r .status_code;\
 	$(CSB_INSTANCE_WAIT) $(INSTANCE_NAME) ;\
 	)
 
-.env: generate-env.sh
-	@echo Generating a .env file containing the k8s config needed by the broker
-	@./generate-env.sh
-
 examples.json: examples.json-template
 	@./generate-examples.sh > examples.json
 

README.md

@@ -30,113 +30,29 @@ brokerpak concept, and to the Pivotal team running with the concept!
     - AWS_SECRET_ACCESS_KEY
     - AWS_DEFAULT_REGION
 
-Run the `make` command by itself for information on the various targets that are available. 
-
-```bash
-$ make
-clean      Bring down the broker service if it is up and clean out the database
-build      Build the brokerpak(s)
-up         Run the broker service with the brokerpak configured. The broker listens on `0.0.0.0:8080`. curl http://127.0.0.1:8080 or visit it in your browser. 
-down       Bring the cloud-service-broker service down
-test       Execute the brokerpak examples against the running broker (TODO)
-k8s-demo-up    Provision a SolrCloud instance and output the bound credentials
-k8s-demo-down  Clean up data left over from tests and demos
-ecs-demo-up    Provision a Solr standalone instance (configured for ckan) and output the bound credentials
-ecs-demo-down  Clean up data left over from tests and demos
-kind-up    Set up a local Kubernetes test environment using KinD
-kind-down  Tear down the Kubernetes test environment in KinD
-all        Clean and rebuild, start test environment, run the broker, run the examples, and tear the broker and test env down
-help       This help
-```
-
-Notable targets are described below.
-
-## Iterating on the Terraform code
-
-To work with the Terraform and target cluster directly (eg not through the CSB or brokerpak), you can generate an appropriate .tfvars file by running:
-
-```bash
-make .env
-```
-
-From that point on, you can `cd terraform/provision` and iterate with `terraform init/plan/apply/etc`. The same configuration is also available in `terraform/bind`.
-
-(Note if you've been working with the broker the configuration will probably already exist.)
-
-## Building and starting the brokerpak (while the test environment is available)
-
-Run
-
-```bash
-make build up 
-```
-
-The broker will start and (after about 40 seconds) listen on `0.0.0.0:8080`. You
-test that it's responding by running:
-
-```bash
-curl -i -H "X-Broker-API-Version: 2.16" http://user:pass@127.0.0.1:8080/v2/catalog
-```
-
-In response you will see a YAML description of the services and plans available
-from the brokerpak.
-
-(Note that the `X-Broker-API-version` header is [**required** by the OSBAPI
-specification](https://github.com/openservicebrokerapi/servicebroker/blob/master/spec.md#headers).
-The broker will reject requests that don't include the header with `412
-Precondition Failed`, and browsers will show that status as `Not Authorized`.)
-
-You can also inspect auto-generated documentation for the brokerpak's offerings
-by visiting [`http://127.0.0.1:8080/docs`](http://127.0.0.1:8080/docs) in your browser.
-
-### Testing manually
-
-Run
-
-```bash
-docker-compose exec -T broker /bin/cloud-service-broker client help"
-```
-
-to get a list of available commands. You can further request help for each
-sub-command. Use this command to poke at the browser one request at a time.
-
-For example to see the catalog:
-
-```bash
-docker-compose exec -T broker /bin/cloud-service-broker client catalog"
-```
-
-...and so on.
-
-## Iterating on the brokerpak itself
-
-To rebuild the brokerpak and launch it, then provision a test instance:
-
-```bash
-make down build up demo-up
-# Poke and prod 
-make demo-down down
-```
-
-## Tearing down the brokerpak
-
-Run
-
-```bash
-make down
-```
-
-The broker will be stopped.
-
-## Cleaning out the current state
-
-Run
-
-```bash
-make clean
-```
-
-The broker image, database content, and any built brokerpak files will be removed.
+## For the Demo:
+1. Ensure `ssb-development` AWS Credentials are set up.
+1. Start broker
+    ```bash
+    make clean build up
+    ```
+1. Create demo infrastructure
+    ```bash
+    ./test.sh
+    ```
+1. Log into AWS Console (`ssb-development`) and go to `SQS` to send a test message... **OR**
+    ```bash
+    aws sqs send-message --queue-url https://sqs.us-west-2.amazonaws.com/<account-id>/<queue-name> --message-body "raw data" --delay-seconds 2
+    aws sqs send-message --queue-url https://sqs.us-west-2.amazonaws.com/<account-id>/<queue-name> --message-body "anything else" --delay-seconds 2
+1. Export cloud.gov S3 Credentials to inspect exported data
+    ```bash
+    aws s3 ls s3://${BUCKET_NAME}/raw/
+    aws s3 ls s3://${BUCKET_NAME}/clean/
+    ```
+1. Destroy demo infrastructure.
+    ```bash
+    DESTROY=1 ./test.sh
+    ```
 
 ## Contributing
 

examples.json-template

@@ -1,12 +1,20 @@
 [
   {
-    "name": "Cloud in local k8s",
-    "description": "Provision a SolrCloud instance in a local k8s (K8S)",
-    "service_name": "solr-cloud",
-    "service_id": "b9013a91-9ce8-4c18-8035-a135a8cd6ff9",
-    "plan_id": "e35e9675-413f-4f42-83de-ad5003357e77",
-    "instance_name": "demo-k8s",
-    "provision_params": "{\"solrMem\":\"1G\", \"solrCpu\":\"1000m\", \"solrImageRepo\":\"ghcr.io/gsa/catalog.data.gov.solr\", \"solrImageTag\":\"8-curl\", \"solrJavaMem\":\"-Xms300m -Xmx300m\", \"cloud_name\":\"demo\"}",
+    "name": "Test SQS",
+    "description": "Provision a simple sqs instance",
+    "service_name": "test1",
+    "service_id": "b6850430-71bd-4096-9f75-e395524e7b73",
+    "plan_id": "4c0c7e5e-9f86-47be-aaed-29ae9adf7c49",
+    "instance_name": "demo-sqs",
+    "bind_params": {}
+  },
+  {
+    "name": "Test Lambda",
+    "description": "Provision a simple lambda function",
+    "service_name": "test1",
+    "service_id": "a1fa5f24-ed73-48e8-a99f-14906728b945",
+    "plan_id": "4d7f0501-77d6-4d21-a37a-8b80a0ea9c0d",
+    "instance_name": "demo-lambda",
     "bind_params": {}
   }
 ]