From 8f297c06af884eea56069c8e036feada63ec0a33 Mon Sep 17 00:00:00 2001 From: Keith Cantrell Date: Tue, 1 Jul 2025 07:08:13 -0500 Subject: [PATCH] Updated the description on the README file; added list_bluexp_members; fixed a couple of bugs. --- .../Workload-Factory-API-Samples/README.md | 16 ++- .../list_bluexp_accts | 6 +- .../list_bluexp_members | 116 ++++++++++++++++++ .../list_credentials | 2 +- .../Workload-Factory-API-Samples/wf_utils | 12 +- 5 files changed, 139 insertions(+), 13 deletions(-) create mode 100755 Management-Utilities/Workload-Factory-API-Samples/list_bluexp_members diff --git a/Management-Utilities/Workload-Factory-API-Samples/README.md b/Management-Utilities/Workload-Factory-API-Samples/README.md index 164b3cc..aeb9b27 100644 --- a/Management-Utilities/Workload-Factory-API-Samples/README.md +++ b/Management-Utilities/Workload-Factory-API-Samples/README.md @@ -1,9 +1,14 @@ # Workload Factory API Samples -This folder contains various bash shell scripts that demonstrate how to use the Workload Factory APIs to perform an action. -They all depend on the [wf_utils](wf_utils) file that contains common functions used by all the scripts. One function -in particular, `get_token()`, is used to get an authentication token from the BlueXP Workload Factory API. So, if you -copy just some of the files from this repository, make sure to copy the `wf_utils` file as well. +The idea behind this folder is to show examples of how to use the [BlueXP Workload Factory APIs](https://console.workloads.netapp.com/api-doc). +Not every API is covered, but the ones required to get you started (get a refresh token, get the BlueXP accountID, +get BlueXP credentials ID) are included. Once you have the informaiton provided from these APIs are ready to start +calling the others. While these examples are implemented as bash shell scripts you should be able to translate them +to the programming language that you prefer, such as Python, Go, or JavaScript. + +Note that all these scripts depend on the [wf_utils](wf_utils) file that contains common functions used by all the +scripts. One function in particular, `get_token()`, is used to get an authentication token from the BlueXP Workload +Factory API. So, if you copy just some of the files from this repository, make sure to copy the `wf_utils` file as well. ## Prerequisites To run these scripts, you need to have the following prerequisites: @@ -17,7 +22,7 @@ command line options. For example, instead of using the `-t` option to pass the [BlueXP Refresh Token](https://docs.netapp.com/us-en/bluexp-automation/platform/create_user_token.html#1-generate-a-netapp-refresh-token), you can set the `REFRESH_TOKEN` environment variable. -- All scripts use the `-h` option to display the help message, which includes the available options and their descriptions. +- All scripts accept the `-h` option to display the help message, which includes the available options and their descriptions. Hopefully with these samples you'll be able to create your own scripts that use any the Workload Factory APIs. If you do create a new script, please consider contributing it back to this repository so that others can benefit from it. @@ -26,6 +31,7 @@ If you do create a new script, please consider contributing it back to this repo | Script | Description | | --- | --- | | [list_bluexp_accts](list_bluexp_accts) | This list all the BlueXP accounts (a.k.a. organizations) that you have access to. | +| [list_bluexp_members](list_bluexp_members) | This list all members of a provided BlueXP account. | | [list_credentials](list_credentials) | This lists all the Workload Factory credentials that you have access to. | | [list_filesystems](list_filesystems) | This lists all the FSx for ONTAP file systems that you have access to in the specified AWS region. | | [list_snapmirrors](list_snapmirrors) | This lists all the SnapMirror relationships that are associated with the specified file system. | diff --git a/Management-Utilities/Workload-Factory-API-Samples/list_bluexp_accts b/Management-Utilities/Workload-Factory-API-Samples/list_bluexp_accts index 2ea9d38..a9bf69e 100755 --- a/Management-Utilities/Workload-Factory-API-Samples/list_bluexp_accts +++ b/Management-Utilities/Workload-Factory-API-Samples/list_bluexp_accts @@ -72,9 +72,9 @@ if [ -z "$token" ]; then exit 1 fi -run_curl GET "$token" https://api.bluexp.netapp.com/tenancy/account $tmpout $tmperr -if jq -r '.[] | .accountName + " " + .accountPublicId' $tmpout > $tmperr; then - cat $tmperr | column -t -N Name,ID +run_curl GET "$token" https://api.bluexp.netapp.com/v1/management/organizations $tmpout $tmperr +if jq -r '.items[] | "\(.name) \(.legacyId) \(.id)"' $tmpout > $tmperr; then + cat $tmperr | column -t -N Name,ID,UUID else echo "Error: Failed to parse the response from the API." >&2 exit 1 diff --git a/Management-Utilities/Workload-Factory-API-Samples/list_bluexp_members b/Management-Utilities/Workload-Factory-API-Samples/list_bluexp_members new file mode 100755 index 0000000..4eb2860 --- /dev/null +++ b/Management-Utilities/Workload-Factory-API-Samples/list_bluexp_members @@ -0,0 +1,116 @@ +#!/bin/bash +# +# This script is used to list all the BlueXP members that are +# associated with the BlueXP account. +# +# It is dependent on the 'wf_utils' file that is included in this repo. That +# file contains the 'get_token' function that is used to obtain a valid +# access token that is needed to run the Workload Factory APIs. The file needs +# to either be in the command search path or in the current directory. +################################################################################ + +################################################################################ +# Display usage information then exits the script. +################################################################################ +usage () { + cat >&2 < + export BLUEXP_ACCOUNT_UUID= +EOF + exit 1 +} + +tmpout=/tmp/list_accounts-out.$$ +tmperr=/tmp/list_accounts-err.$$ +trap 'rm -f $tmpout $tmperr' exit + +while getopts ht:u: opt; do + case $opt in + t) REFRESH_TOKEN="$OPTARG" ;; + u) BLUEXP_ACCOUNT_UUID="$OPTARG" ;; + *) usage ;; + esac +done +# +# Source the wf_utils file. +wf_utils=$(command -v wf_utils) +if [ -z "$wf_utils" ]; then + if [ ! -x "./wf_utils" ]; then + cat <&2 +Error: The 'wf_utils' script was not found in the current directory or in the command search path. +It is required to run this script. You can download it from: +https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples +EOF + exit 1 + else + wf_utils=./wf_utils + fi +fi +. "$wf_utils" +# +# Check that all the parameters are set. +if [ -z "$REFRESH_TOKEN" ]; then + cat >&2 <&2 < /dev/null; then + echo "Error: The required command '$cmd' was not found. Please install it." >&2 + exit 1 + fi +done + +token=$(get_token) +if [ -z "$token" ]; then + echo "Error: Failed to obtain an access token. Exiting." >&2 + exit 1 +fi + +run_curl GET "$token" "https://api.bluexp.netapp.com/v1/management/organizations/$BLUEXP_ACCOUNT_UUID/users?limit=1000&filter=userType%20ne%20%27agent%27" $tmpout $tmperr "" "application/vnd.netapp.bxp.users.extended+json" +count=$(jq -r '.count' $tmpout 2> /dev/null) +if [[ "$count" == 0 ]]; then + echo "No members found for the specified BlueXP account UUID: $BLUEXP_ACCOUNT_UUID." >&2 + echo "Did you provide the UUID or the iD? This script needs the UUID." >&2 + exit 0 +fi + +if jq -r '.items[] | .name + "," + if(.userType == "user") then .userType + "," + .id else .userType + "," + .auth0Id end + "," + .email' $tmpout > $tmperr; then + cat $tmperr | sort -f | column -s, -t -N Name,Type,ID,Email +else + echo "Error: Failed to parse the response from the API." >&2 + exit 1 +fi diff --git a/Management-Utilities/Workload-Factory-API-Samples/list_credentials b/Management-Utilities/Workload-Factory-API-Samples/list_credentials index 4316ae6..82f7504 100755 --- a/Management-Utilities/Workload-Factory-API-Samples/list_credentials +++ b/Management-Utilities/Workload-Factory-API-Samples/list_credentials @@ -63,7 +63,7 @@ filter="filter=$(urlencode "type eq 'AWS_ASSUME_ROLE'")" while getopts "ht:a:o" opt; do case $opt in t) REFRESH_TOKEN="$OPTARG" ;; - a) BLUEXP_ACCOUNT="$OPTARG" ;; + a) BLUEXP_ACCOUNT_ID="$OPTARG" ;; o) filter="";; # No filter, list all credentials. *) usage ;; esac diff --git a/Management-Utilities/Workload-Factory-API-Samples/wf_utils b/Management-Utilities/Workload-Factory-API-Samples/wf_utils index d2d8d59..127f331 100755 --- a/Management-Utilities/Workload-Factory-API-Samples/wf_utils +++ b/Management-Utilities/Workload-Factory-API-Samples/wf_utils @@ -46,7 +46,7 @@ get_token() { createToken=false if [ -r $tokenFile ]; then - let diff="$(date +%s) - $(date -r wf_utils +%s)" + let diff="$(date +%s) - $(date -r $tokenFile +%s)" if [ $diff -gt $token_valid ]; then createToken=true fi @@ -94,27 +94,31 @@ run_curl () { output="$4" errorOutput="$5" data="$6" + accept="$7" if [[ -z "$method" || -z "$token" || -z "$url" || -z "$output" || -z "$errorOutput" ]]; then echo "Error: Missing required parameters for run_curl function." >&2 exit 1 fi + if [ -z "$accept" ]; then + accept="application/json, text/plain, */*" + fi case "$method" in GET|get) curl -sw "%{stderr}%{http_code},%{errormsg}" "$url" \ - -H "Accept:application/json, text/plain, */*" \ + -H "Accept: $accept" \ -H "Authorization: Bearer $token" > $output 2> $errorOutput exitCode=$? ;; POST|post) curl -X POST -sw "%{stderr}%{http_code},%{errormsg}" "$url" \ - -H "Accept:application/json, text/plain, */*" \ + -H "Accept: $accept" \ -H "Content-Type:application/json" \ -H "Authorization: Bearer $token" --data "$data" > $output 2> $errorOutput exitCode=$? ;; DELETE|delete) curl -X DELETE -sw "%{stderr}%{http_code},%{errormsg}" "$url" \ - -H "Accept:application/json, text/plain, */*" \ + -H "Accept: $accept" \ -H "Authorization: Bearer $token" > $output 2> $errorOutput exitCode=$? ;;