test adjustments and refactor thing creation routine

Author: rpcme

src/bulk_importer/main.py

@@ -57,35 +57,43 @@ def process_policy(policy_name, certificate_id):
 
 def process_thing(thing_name, certificate_id, thing_type_name=None):
     """Creates the IoT Thing if it does not already exist"""
+    logger.info("Processing thing %s.", thing_name)
     iot_client = boto3client('iot')
     certificate_arn = get_certificate_arn(certificate_id)
     try:
         iot_client.describe_thing(thingName=thing_name)
-        return None
-    except ClientError as error:
-        error_code = error.response['Error']['Code'] # pylint: disable=unused-variable
-        logger.info("Thing not found {error_code}. Creating.")
-
-    # Create thing
-    try:
-        if thing_type_name is None:
+        return True
+    except ClientError as err_describe:
+        error_code = err_describe.response['Error']['Code']
+        logger.info("Thing not found: %s. Creating.", error_code)
+        try:
             iot_client.create_thing(thingName=thing_name)
-        else:
-            iot_client.create_thing(thingName=thing_name,
-                                    thingTypeName=thing_type_name)
-
-    except ClientError as error:
-        error_code = error.response['Error']['Code']
-        logger.error("ERROR Thing creation failed: {error_code}")
-        return None
+        except ClientError as err_create:
+            error_code = err_create.response['Error']['Code']
+            error_message = err_create.response['Error']['Message']
+            logger.error("ERROR Thing creation failed: %s: %s", error_code, error_message)
+            return False
 
     try:
         iot_client.attach_thing_principal(thingName=thing_name,
                                           principal=certificate_arn)
     except ClientError as error:
-        print("ERROR Certificate attachment failed.")
-        print(error)
-    return None
+        error_code = error.response['Error']['Code']
+        error_message = error.response['Error']['Message']
+        logger.error("Certificate attachment failed: %s: %s", error_code, error_message)
+
+    if thing_type_name is not None:
+        try:
+            logger.info("Upating thing %s to apply thing type %s.", thing_name, thing_type_name)
+            iot_client.update_thing(thingName=thing_name,
+                                    thingTypeName=thing_type_name,
+                                    removeThingType=False)
+        except ClientError as error:
+            error_code = error.response['Error']['Code']
+            error_message = error.response['Error']['Message']
+            logger.error("Thing type not found: %s: %s.", error_code, error_message)
+            return False
+    return True
 
 def requeue(config):
     """
@@ -151,8 +159,8 @@ def process_sqs(config):
     certificate_id = process_certificate(config, requeue)
     process_thing(config.get('thing'),
                   certificate_id,
-                  config.get('thing_type_arn'))
-    process_policy(config.get('policy_arn'),
+                  config.get('thing_type_name'))
+    process_policy(config.get('policy_name'),
                    certificate_id)
     process_thing_group(config.get('thing_group_arn'),
                         config.get('thing'))

src/product_provider/main.py

@@ -67,9 +67,9 @@ def lambda_handler(event: S3Event,
         return None
 
     config = {
-        'policy_arn': os.environ.get('POLICY_NAME'),
+        'policy_name': os.environ.get('POLICY_NAME'),
         'thing_group_arn': v_thing_group,
-        'thing_type_arn': v_thing_type,
+        'thing_type_name': os.environ.get('THING_TYPE_NAME'),
         'bucket': s3_event.bucket_name
     }
 

src/provider_infineon/provider_infineon/main.py

@@ -8,6 +8,7 @@
 import os
 import json
 import logging
+from botocore.exceptions import ClientError
 from aws_lambda_powertools.utilities.typing import LambdaContext
 from aws_lambda_powertools.utilities.data_classes import SQSEvent
 from aws_utils import verify_queue
@@ -20,17 +21,21 @@ def lambda_handler(event: dict, context: LambdaContext) -> dict: # pylint: disab
     """Lambda function main entry point"""
     sqs_event = SQSEvent(event)
     queue_url = os.environ['QUEUE_TARGET']
-    if not verify_queue(queue_url=queue_url):
-        logger.error("Queue {queue_url} is not available. ")
-        return None
-
     cert_type = os.environ['CERT_TYPE']
-    if not verify_certtype(cert_type):
-        logger.error("Certificate type not valid. Must be E0E0, E0E1, or E0E2.")
-        return None
 
+    try:
+        verify_queue(queue_url=queue_url)
+    except ClientError as error:
+        error_code = error.response['Error']['Code']
+        error_message = error.response['Error']['Message']
+        logger.error("Queue %s is not available. %s: %s", queue_url, error_code, error_message)
+        return None
 
-    queue_url = os.environ['QUEUE_TARGET']
+    try:
+        verify_certtype(cert_type)
+    except ValueError as error:
+        logger.error("Certificate type %s did not verify: %s", queue_url, str(error))
+        return None
 
     for record in sqs_event.records:
         config = json.loads(record["body"])

src/provider_infineon/provider_infineon/manifest_handler.py

@@ -18,7 +18,7 @@ def verify_certtype(option: str) -> bool:
         case "E0E2":
             return True
         case _:
-            return False
+            raise ValueError("Bad cert type code.")
 
 def verify_certificate_set(files: list[py7zr.FileInfo], option: str) -> str:
     """Ensure that the bundlke exists in the payload"""

test/unit/src/model_product_provider.py

@@ -12,7 +12,7 @@ class LambdaSQSClass:
     """
     AWS SQS Resource Class
     """
-    def __init__(self, lambda_sqs_resource):  
+    def __init__(self, lambda_sqs_resource):
         """
         Initialize an SQS Resource
         """
@@ -24,7 +24,7 @@ class LambdaS3Class:
     """
     AWS S3 Resource Class
     """
-    def __init__(self, lambda_s3_resource):  
+    def __init__(self, lambda_s3_resource):
         """
         Initialize an S3 Resource
         """

test/unit/src/test_bulk_importer.py

@@ -55,6 +55,13 @@ def setUp(self):
                                 "queue_name" : self.test_sqs_queue_name }
         self.mocked_sqs_class = LambdaSQSClass(mocked_sqs_resource)
 
+        iot_client = client('iot')
+        self.thing_group_arn_solo = (iot_client.create_thing_group(thingGroupName="Thing Group Solo"))['thingGroupArn']
+        self.thing_group_arn_parent = (iot_client.create_thing_group(thingGroupName="Thing Group Parent"))['thingGroupArn']
+        self.thing_group_arn_child = (iot_client.create_thing_group(thingGroupName="Thing Group Child", parentGroupName="Thing Group Parent"))['thingGroupArn']
+        self.thing_type_name = "Thingpress Thing Type"
+        self.thing_type_arn = (iot_client.create_thing_type(thingTypeName=self.thing_type_name))['thingTypeArn']
+
     def test_pos_process_certificate(self):
         """Positive test case for processing certificate"""
         with open('./test/artifacts/single.pem', 'rb') as data:
@@ -113,7 +120,53 @@ def test_pos_process_thing(self):
             cr = process_certificate(c, requeue)
             n = "process_thing"
             iot_client.create_thing(thingName=n)
-            process_thing(n, cr)
+            x = process_thing(n, cr)
+            assert x is True
+
+    def test_pos_process_thing_with_type(self):
+        """Positive test case for attaching policy to certificate"""
+        iot_client = client('iot')
+        with open('./test/artifacts/single.pem', 'rb') as data:
+            pem_obj = x509.load_pem_x509_certificate(data.read(),
+                                                     backend=default_backend())
+            block = pem_obj.public_bytes(encoding=serialization.Encoding.PEM).decode('ascii')
+            cert = str(base64.b64encode(block.encode('ascii')))
+            c = {'certificate': cert}
+            cr = process_certificate(c, requeue)
+            n = "process_thing"
+            iot_client.create_thing(thingName=n)
+            x = process_thing(n, cr, self.thing_type_name)
+            assert x is True
+
+    def test_pos_process_thing_no_prev_thing(self):
+        """Positive test case for attaching policy to certificate"""
+        with open('./test/artifacts/single.pem', 'rb') as data:
+            pem_obj = x509.load_pem_x509_certificate(data.read(),
+                                                     backend=default_backend())
+            block = pem_obj.public_bytes(encoding=serialization.Encoding.PEM).decode('ascii')
+            cert = str(base64.b64encode(block.encode('ascii')))
+            c = {'certificate': cert}
+            cr = process_certificate(c, requeue)
+            n = "process_thing"
+            x = process_thing(n, cr)
+            assert x is True
+
+    def test_pos_process_thing_with_type_no_prev_thing(self):
+        """Positive test case for attaching policy to certificate"""
+        iot_client = client('iot')
+        ttn = "ThingpressThingType2"
+        tta = (iot_client.create_thing_type(thingTypeName=ttn))['thingTypeArn']
+
+        with open('./test/artifacts/single.pem', 'rb') as data:
+            pem_obj = x509.load_pem_x509_certificate(data.read(),
+                                                     backend=default_backend())
+            block = pem_obj.public_bytes(encoding=serialization.Encoding.PEM).decode('ascii')
+            cert = str(base64.b64encode(block.encode('ascii')))
+            c = {'certificate': cert}
+            cr = process_certificate(c, requeue)
+            n = "process_thing"
+            x = process_thing(n, cr, ttn)
+            assert x is True
 
     def test_pos_requeue(self):
         pass

test/unit/src/test_provider_infineon.py

@@ -19,7 +19,7 @@
 #from moto import mock_aws, settings
 #from unittest.mock import MagicMock, patch
 from py7zr import FileInfo
-
+from pytest import raises
 from src.layer_utils.aws_utils import s3_object_bytes
 from src.provider_infineon.provider_infineon.main import lambda_handler
 from src.provider_infineon.provider_infineon.manifest_handler import verify_certtype, select_certificate_set, verify_certificate_set, send_certificates
@@ -75,7 +75,8 @@ def test_verify_certtype(self):
         assert verify_certtype("E0E0") is True
         assert verify_certtype("E0E1") is True
         assert verify_certtype("E0E2") is True
-        assert verify_certtype("XXXX") is False
+        with raises(ValueError) as exc:
+            verify_certtype("XXXX")
 
 
     def test_verify_certificate_set(self):
@@ -91,11 +92,17 @@ def test_verify_certificate_set(self):
         assert verify_certificate_set(l1, v2) == "xxx_E0E1_Certs.7z"
         assert verify_certificate_set(l1, v3) == "xxx_E0E2_Certs.7z"
         assert verify_certificate_set(l2, v1) == "xxx_E0E0_Certs.7z"
-        assert verify_certificate_set(l2, v4) is None
-        assert verify_certificate_set(l2, v5) is None
+        with raises(ValueError) as exc:
+            verify_certificate_set(l2, v4)
+        with raises(ValueError) as exc:
+            verify_certificate_set(l2, v5)
+        with raises(ValueError) as exc:
+            verify_certificate_set(l2, v4)
         assert verify_certificate_set(l3, v1) is None
-        assert verify_certificate_set(l3, v4) is None
-        assert verify_certificate_set(l3, v5) is None
+        with raises(ValueError) as exc:
+            verify_certificate_set(l3, v4)
+        with raises(ValueError) as exc:
+            verify_certificate_set(l3, v5)
 
     def test_select_certificate_bundle(self):
         """ Test file selection of single bundle """
@@ -106,10 +113,9 @@ def test_select_certificate_bundle(self):
     @pytest.mark.xfail(raises=FileNotFoundError)
     def test_select_certificate_bundle_bad_bundle_name(self):
         """ Test file selection of single bundle """
-        select_certificate_set(io.BytesIO(self.test_s3_object_content.read()),
-                               "E0E5")
-        #err = exc.value.errno
-        #assert err == 'FileNotFoundError'
+        with raises(ValueError) as exc:
+            select_certificate_set(io.BytesIO(self.test_s3_object_content.read()),
+                                   "E0E5")
 
     def test_invoke_export(self):
         o = s3_object_bytes(self.test_s3_bucket_name, self.artifact, False)
@@ -142,6 +148,47 @@ def test_pos_lambda_handler_1(self):
         os.environ['CERT_TYPE']=""
         assert v == e
 
+
+    def test_pos_lambda_handler_2(self):
+        """Invoke the main handler with one file"""
+        r1 = {
+            'policy_arn': 'dev_policy',
+            'bucket': self.test_s3_bucket_name,
+            'key': self.artifact
+        }
+
+        e = { "Records": [{
+                    'eventSource': 'aws:sqs',
+                    'body': json.dumps(r1)
+                }]
+            }
+        os.environ['CERT_TYPE']="E0E0"
+        c = None
+        v = lambda_handler(e, c)
+        os.environ['QUEUE_TARGET']=""
+        os.environ['CERT_TYPE']=""
+        assert v is None
+
+    def test_pos_lambda_handler_3(self):
+        """Invoke the main handler with one file"""
+        r1 = {
+            'policy_arn': 'dev_policy',
+            'bucket': self.test_s3_bucket_name,
+            'key': self.artifact
+        }
+
+        e = { "Records": [{
+                    'eventSource': 'aws:sqs',
+                    'body': json.dumps(r1)
+                }]
+            }
+        os.environ['QUEUE_TARGET']=self.test_sqs_queue_name
+        c = None
+        v = lambda_handler(e, c)
+        os.environ['QUEUE_TARGET']=""
+        os.environ['CERT_TYPE']=""
+        assert v is None
+
     def tearDown(self):
         s3_resource = resource("s3",region_name="us-east-1")
         s3_bucket = s3_resource.Bucket( self.test_s3_bucket_name )