def setup_resources(oci_cfg, compartment_id, name, image: str):
"""
Setup the minimal OCI resources required to establish an invocable function.
:param compartment_id: The compartment_id in which to create the resources.
:type compartment_id: str
:param name: The name to identify all created resources with.
:type name: str
:param image: An accessible OCIR Function image that can be invoked.
:type image: str
"""
identity_client = identity.IdentityClient(oci_cfg)
network_client = core.VirtualNetworkClient(oci_cfg)
fn_management_client = functions.FunctionsManagementClient(oci_cfg)
print("setup_resources")
# 1. A VCN is required to host subnets.
vcn_display_name = vcn_name(name)
vcn_cidr_block = "10.0.0.0/16"
vcn = create_vcn(network_client, compartment_id, vcn_display_name,
vcn_cidr_block)
# 2. An Internet Gateway is required to enable the VCN to talk to the wider world.
ig_display_name = ig_name(name)
ig = create_ig(network_client, compartment_id, vcn.id, ig_display_name)
# 3. We must configure the VCN's traffic to be routed through the Internet Gateway.
drt_display_name = drt_name(name)
configure_ig(network_client, compartment_id, vcn.id, ig.id,
drt_display_name)
# 4. To create subnets we need to place them in a valid 'Availability Domain' for
# our 'Region'.
ad = get_availability_domains(identity_client, compartment_id)[0]
print("Using AD: ", ad.name)
# 5. A subnet is required to expose and be able invoke the function.
# In multiple AD regions, subnets can be created in multiple ADs to provide
# redundency.
subnet_display_name = subnet_name(name)
subnet_cidr_block = "10.0.0.0/24"
subnet = create_subnet(network_client, compartment_id, vcn.id,
subnet_display_name, ad.name, subnet_cidr_block)
# 6. Create an Application to host and manage the function(s).
app_display_name = application_name(name)
subnet_ids = [subnet.id]
app = create_application(fn_management_client, compartment_id,
app_display_name, subnet_ids)
# 7. Create a single Function, set its execution image and limits.
fn_display_name = function_name(name)
memory_in_mbs = 128
timeout_in_seconds = 30
fn = create_function(fn_management_client, app.id, fn_display_name, image,
memory_in_mbs, timeout_in_seconds)
def teardown_resources(oci_cfg, compartment_id, name: str):
"""
Clean up all Function resources for this example.
NB: If nay errors occur, please tidy up resources manually using the OCI console.
:param compartment_id: The compartment_id in which to create the resources.
:type compartment_id: str
:param name: The name to identify all created resources with.
:type name: str
"""
network_client = core.VirtualNetworkClient(oci_cfg)
identity_client = identity.IdentityClient(oci_cfg)
fn_management_client = functions.FunctionsManagementClient(oci_cfg)
print("teardown_resources")
vcn = get_unique_vcn_by_name(network_client, compartment_id,
vcn_name(name))
ig = get_unique_ig_by_name(network_client, compartment_id, vcn.id,
ig_name(name))
rt = get_unique_route_table_by_name(network_client, compartment_id, vcn.id,
drt_name(name))
sn = get_unique_subnet_by_name(network_client, compartment_id, vcn.id,
subnet_name(name))
app = get_unique_application_by_name(fn_management_client, compartment_id,
application_name(name))
fn = get_unique_function_by_name(fn_management_client, app.id,
function_name(name))
if fn is not None:
delete_function(fn_management_client, fn.id)
if app is not None:
delete_application(fn_management_client, app.id)
if sn is not None:
delete_subnet(network_client, sn.id)
if rt is not None:
prepare_route_table_for_delete(network_client, rt.id)
if ig is not None:
delete_ig(network_client, ig.id)
if vcn is not None:
delete_vcn(network_client, vcn.id)
return
def get_compartment(signer, compartment_name):
"""
Identifies compartment ID by its name within the particular tenancy
:param signer: OCI resource principal signer
:param compartment_name: OCI tenancy compartment name
:return: OCI tenancy compartment
"""
identity_client = identity.IdentityClient(config={}, signer=signer)
result = pagination.list_call_get_all_results(
identity_client.list_compartments,
signer.tenancy_id,
compartment_id_in_subtree=True,
access_level="ACCESSIBLE",
)
for c in result.data:
if compartment_name == c.name:
print(type(c))
return c
raise Exception("compartment not found")
def get_compartment(oci_cfg,
compartment_name: str) -> identity_models.Compartment:
"""
Identifies compartment ID by its name within the particular tenancy
:param oci_cfg: OCI auth config
:param compartment_name: OCI tenancy compartment name
:return: OCI tenancy compartment
"""
identity_client = identity.IdentityClient(oci_cfg)
result = pagination.list_call_get_all_results(
identity_client.list_compartments,
cfg["tenancy"],
compartment_id_in_subtree=True,
access_level="ACCESSIBLE",
)
for c in result.data:
if compartment_name == c.name:
print(type(c))
return c
raise Exception("compartment not found")
def get_compartment_id(oci_cfg, compartment_name):
"""
Get the compartment_id by name for the configured tenancy.
:param oci_cfg: OCI auth config
:param compartment_name: OCI tenancy compartment name
:return: OCI tenancy compartment.
:rtype: str
"""
identity_client = identity.IdentityClient(oci_cfg)
result = pagination.list_call_get_all_results(
identity_client.list_compartments,
cfg["tenancy"],
compartment_id_in_subtree=True,
access_level="ACCESSIBLE",
)
for c in result.data:
if compartment_name == c.name:
return c
raise Exception("Compartment not found.")
def setup_resources(oci_cfg, compartment_id, name, image):
"""
Setup the minimal OCI resources required to establish an invocable function.
:param compartment_id: The compartment_id in which to create the resources.
:type compartment_id: str
:param name: The name to identify all created resources with.
:type name: str
:param image: An accessible OCIR Function image that can be invoked.
:type image: str
"""
identity_client = identity.IdentityClient(oci_cfg)
network_client = core.VirtualNetworkClient(oci_cfg)
fn_management_client = functions.FunctionsManagementClient(oci_cfg)
vn_composite_ops = oci.core.VirtualNetworkClientCompositeOperations(
network_client)
print("setup_resources")
# 1. A VCN is required to host subnets.
vcn = get_unique_vcn_by_name(network_client, compartment_id,
vcn_name(name))
if vcn is None:
vcn_details = core_models.CreateVcnDetails(
compartment_id=compartment_id,
display_name=vcn_name(name),
cidr_block="10.0.0.0/16")
result = vn_composite_ops.create_vcn_and_wait_for_state(
vcn_details,
wait_for_states=[oci.core.models.Vcn.LIFECYCLE_STATE_AVAILABLE])
print('Created Vcn: {}'.format(result.data.display_name))
vcn = result.data
# 2. An Internet Gateway is required to enable the VCN to talk to the wider world.
ig = get_unique_ig_by_name(network_client, compartment_id, vcn.id,
ig_name(name))
if ig is None:
gateway_details = core_models.CreateInternetGatewayDetails(
compartment_id=compartment_id,
vcn_id=vcn.id,
display_name=ig_name(name),
is_enabled=True)
result = vn_composite_ops.create_internet_gateway_and_wait_for_state(
gateway_details,
wait_for_states=[
oci.core.models.InternetGateway.LIFECYCLE_STATE_AVAILABLE
])
print('Created Internet Gateway: {}'.format(result.data.display_name))
ig = result.data
# 3. We must configure the VCN's traffic to be routed through the Internet Gateway.
rt = get_unique_route_table_by_name(network_client, compartment_id, vcn.id,
drt_name(name))
if rt is not None:
configure_ig(network_client, compartment_id, vcn.id, ig.id,
drt_name(name))
# 4. A subnet is required to expose and be able invoke the function.
# In multiple AD regions, subnets can be created in multiple ADs to provide redundency.
sn = get_unique_subnet_by_name(network_client, compartment_id, vcn.id,
subnet_name(name))
if sn is None:
ad = get_availability_domains(identity_client, compartment_id)[0]
print("Using AD: " + str(ad.name))
subnet_details = core_models.CreateSubnetDetails(
compartment_id=compartment_id,
vcn_id=vcn.id,
availability_domain=ad.name,
display_name=subnet_name(name),
cidr_block="10.0.0.0/24")
result = vn_composite_ops.create_subnet_and_wait_for_state(
subnet_details,
wait_for_states=[oci.core.models.Subnet.LIFECYCLE_STATE_AVAILABLE])
print('Created Subnet: {}'.format(result.data.display_name))
sn = result.data
# 5. Create an Application to host and manage the function(s).
app = get_unique_application_by_name(fn_management_client, compartment_id,
application_name(name))
if app is None:
fm_composite_ops = oci.functions.FunctionsManagementClientCompositeOperations(
fn_management_client)
app_details = fn_models.CreateApplicationDetails(
compartment_id=compartment_id,
display_name=application_name(name),
subnet_ids=[sn.id])
result = fm_composite_ops.create_application_and_wait_for_state(
app_details,
wait_for_states=[fn_models.Application.LIFECYCLE_STATE_ACTIVE])
print('Created Application: {}'.format(result.data.display_name))
app = result.data
# 6. Create a single Function, set its execution image and limits.
fn = get_unique_function_by_name(fn_management_client, app.id,
function_name(name))
if fn is None:
fm_composite_ops = oci.functions.FunctionsManagementClientCompositeOperations(
fn_management_client)
fn_details = fn_models.CreateFunctionDetails(
application_id=app.id,
display_name=function_name(name),
image=image,
memory_in_mbs=128,
timeout_in_seconds=30)
result = fm_composite_ops.create_function_and_wait_for_state(
fn_details,
wait_for_states=[fn_models.Function.LIFECYCLE_STATE_ACTIVE])
print('Created Function: {}'.format(result.data.display_name))
fn = result.data
def identity_client(config):
return identity.IdentityClient(config)
def bootstrap_oci_cli(ctx):
user_session = create_user_session()
public_key = user_session.public_key
private_key = user_session.private_key
region = user_session.region
token = user_session.token
tenancy_ocid = user_session.tenancy_ocid
user_ocid = user_session.user_ocid
fingerprint = user_session.fingerprint
# create initial SDK client which targets region that user specified
signer = oci.auth.signers.SecurityTokenSigner(token, private_key)
client = identity.IdentityClient({'region': region}, signer=signer)
# find home region and create new client targeting home region to use for subsequent identity requests
result = client.list_region_subscriptions(tenancy_ocid)
for r in result.data:
if r.is_home_region:
home_region = r.region_name
break
client = identity.IdentityClient({'region': home_region}, signer=signer)
create_api_key_details = identity.models.CreateApiKeyDetails()
create_api_key_details.key = cli_util.serialize_key(
public_key=public_key).decode('UTF-8')
try:
result = client.upload_api_key(user_ocid, create_api_key_details)
except oci.exceptions.ServiceError as e:
if e.status == 409 and e.code == 'ApiKeyLimitExceeded':
# User cannot upload any more API keys, so ask if they'd like to delete one
result = client.list_api_keys(user_ocid)
click.echo('ApiKey limit has been reached for this user account.')
click.echo(
'The following API keys are currently enabled for this account:'
)
count = 1
for result in result.data:
click.echo(
'\tKey [{index}]: Fingerprint: {fingerprint}, Time Created: {time_created}'
.format(index=count,
fingerprint=result.fingerprint,
time_created=result.time_created), sys.stderr)
count += 1
delete_thumbprint = click.prompt(
text=
'Enter the fingerprint of the API key to delete to make space for the new key (leave empty to skip deletion and exit command)',
confirmation_prompt=True)
if not delete_thumbprint:
click.echo(BOOTSTRAP_PROCESS_CANCELED_MESSAGE)
sys.exit(0)
client.delete_api_key(user_ocid, delete_thumbprint)
click.echo('Deleted Api key with fingerprint: {}'.format(
delete_thumbprint))
client.upload_api_key(user_ocid, create_api_key_details)
else:
raise e
click.echo('Uploaded new API key with fingerprint: {}'.format(fingerprint))
# write credentials to filesystem
profile_name, config_location = persist_user_session(user_session,
persist_token=False,
bootstrap=True)
click.echo('Config written to: {}'.format(config_location))
click.echo("""
Try out your newly registered credentials with the following example command:
oci iam region list --config-file {config_file} --profile {profile}
""".format(config_file=config_location, profile=profile_name))
