def setup_resources(oci_cfg, compartment_id, name, image: str): """ Setup the minimal OCI resources required to establish an invocable function. :param compartment_id: The compartment_id in which to create the resources. :type compartment_id: str :param name: The name to identify all created resources with. :type name: str :param image: An accessible OCIR Function image that can be invoked. :type image: str """ identity_client = identity.IdentityClient(oci_cfg) network_client = core.VirtualNetworkClient(oci_cfg) fn_management_client = functions.FunctionsManagementClient(oci_cfg) print("setup_resources") # 1. A VCN is required to host subnets. vcn_display_name = vcn_name(name) vcn_cidr_block = "10.0.0.0/16" vcn = create_vcn(network_client, compartment_id, vcn_display_name, vcn_cidr_block) # 2. An Internet Gateway is required to enable the VCN to talk to the wider world. ig_display_name = ig_name(name) ig = create_ig(network_client, compartment_id, vcn.id, ig_display_name) # 3. We must configure the VCN's traffic to be routed through the Internet Gateway. drt_display_name = drt_name(name) configure_ig(network_client, compartment_id, vcn.id, ig.id, drt_display_name) # 4. To create subnets we need to place them in a valid 'Availability Domain' for # our 'Region'. ad = get_availability_domains(identity_client, compartment_id)[0] print("Using AD: ", ad.name) # 5. A subnet is required to expose and be able invoke the function. # In multiple AD regions, subnets can be created in multiple ADs to provide # redundency. subnet_display_name = subnet_name(name) subnet_cidr_block = "10.0.0.0/24" subnet = create_subnet(network_client, compartment_id, vcn.id, subnet_display_name, ad.name, subnet_cidr_block) # 6. Create an Application to host and manage the function(s). app_display_name = application_name(name) subnet_ids = [subnet.id] app = create_application(fn_management_client, compartment_id, app_display_name, subnet_ids) # 7. Create a single Function, set its execution image and limits. fn_display_name = function_name(name) memory_in_mbs = 128 timeout_in_seconds = 30 fn = create_function(fn_management_client, app.id, fn_display_name, image, memory_in_mbs, timeout_in_seconds)
def teardown_resources(oci_cfg, compartment_id, name: str): """ Clean up all Function resources for this example. NB: If nay errors occur, please tidy up resources manually using the OCI console. :param compartment_id: The compartment_id in which to create the resources. :type compartment_id: str :param name: The name to identify all created resources with. :type name: str """ network_client = core.VirtualNetworkClient(oci_cfg) identity_client = identity.IdentityClient(oci_cfg) fn_management_client = functions.FunctionsManagementClient(oci_cfg) print("teardown_resources") vcn = get_unique_vcn_by_name(network_client, compartment_id, vcn_name(name)) ig = get_unique_ig_by_name(network_client, compartment_id, vcn.id, ig_name(name)) rt = get_unique_route_table_by_name(network_client, compartment_id, vcn.id, drt_name(name)) sn = get_unique_subnet_by_name(network_client, compartment_id, vcn.id, subnet_name(name)) app = get_unique_application_by_name(fn_management_client, compartment_id, application_name(name)) fn = get_unique_function_by_name(fn_management_client, app.id, function_name(name)) if fn is not None: delete_function(fn_management_client, fn.id) if app is not None: delete_application(fn_management_client, app.id) if sn is not None: delete_subnet(network_client, sn.id) if rt is not None: prepare_route_table_for_delete(network_client, rt.id) if ig is not None: delete_ig(network_client, ig.id) if vcn is not None: delete_vcn(network_client, vcn.id) return
def get_compartment(signer, compartment_name): """ Identifies compartment ID by its name within the particular tenancy :param signer: OCI resource principal signer :param compartment_name: OCI tenancy compartment name :return: OCI tenancy compartment """ identity_client = identity.IdentityClient(config={}, signer=signer) result = pagination.list_call_get_all_results( identity_client.list_compartments, signer.tenancy_id, compartment_id_in_subtree=True, access_level="ACCESSIBLE", ) for c in result.data: if compartment_name == c.name: print(type(c)) return c raise Exception("compartment not found")
def get_compartment(oci_cfg, compartment_name: str) -> identity_models.Compartment: """ Identifies compartment ID by its name within the particular tenancy :param oci_cfg: OCI auth config :param compartment_name: OCI tenancy compartment name :return: OCI tenancy compartment """ identity_client = identity.IdentityClient(oci_cfg) result = pagination.list_call_get_all_results( identity_client.list_compartments, cfg["tenancy"], compartment_id_in_subtree=True, access_level="ACCESSIBLE", ) for c in result.data: if compartment_name == c.name: print(type(c)) return c raise Exception("compartment not found")
def get_compartment_id(oci_cfg, compartment_name): """ Get the compartment_id by name for the configured tenancy. :param oci_cfg: OCI auth config :param compartment_name: OCI tenancy compartment name :return: OCI tenancy compartment. :rtype: str """ identity_client = identity.IdentityClient(oci_cfg) result = pagination.list_call_get_all_results( identity_client.list_compartments, cfg["tenancy"], compartment_id_in_subtree=True, access_level="ACCESSIBLE", ) for c in result.data: if compartment_name == c.name: return c raise Exception("Compartment not found.")
def setup_resources(oci_cfg, compartment_id, name, image): """ Setup the minimal OCI resources required to establish an invocable function. :param compartment_id: The compartment_id in which to create the resources. :type compartment_id: str :param name: The name to identify all created resources with. :type name: str :param image: An accessible OCIR Function image that can be invoked. :type image: str """ identity_client = identity.IdentityClient(oci_cfg) network_client = core.VirtualNetworkClient(oci_cfg) fn_management_client = functions.FunctionsManagementClient(oci_cfg) vn_composite_ops = oci.core.VirtualNetworkClientCompositeOperations( network_client) print("setup_resources") # 1. A VCN is required to host subnets. vcn = get_unique_vcn_by_name(network_client, compartment_id, vcn_name(name)) if vcn is None: vcn_details = core_models.CreateVcnDetails( compartment_id=compartment_id, display_name=vcn_name(name), cidr_block="10.0.0.0/16") result = vn_composite_ops.create_vcn_and_wait_for_state( vcn_details, wait_for_states=[oci.core.models.Vcn.LIFECYCLE_STATE_AVAILABLE]) print('Created Vcn: {}'.format(result.data.display_name)) vcn = result.data # 2. An Internet Gateway is required to enable the VCN to talk to the wider world. ig = get_unique_ig_by_name(network_client, compartment_id, vcn.id, ig_name(name)) if ig is None: gateway_details = core_models.CreateInternetGatewayDetails( compartment_id=compartment_id, vcn_id=vcn.id, display_name=ig_name(name), is_enabled=True) result = vn_composite_ops.create_internet_gateway_and_wait_for_state( gateway_details, wait_for_states=[ oci.core.models.InternetGateway.LIFECYCLE_STATE_AVAILABLE ]) print('Created Internet Gateway: {}'.format(result.data.display_name)) ig = result.data # 3. We must configure the VCN's traffic to be routed through the Internet Gateway. rt = get_unique_route_table_by_name(network_client, compartment_id, vcn.id, drt_name(name)) if rt is not None: configure_ig(network_client, compartment_id, vcn.id, ig.id, drt_name(name)) # 4. A subnet is required to expose and be able invoke the function. # In multiple AD regions, subnets can be created in multiple ADs to provide redundency. sn = get_unique_subnet_by_name(network_client, compartment_id, vcn.id, subnet_name(name)) if sn is None: ad = get_availability_domains(identity_client, compartment_id)[0] print("Using AD: " + str(ad.name)) subnet_details = core_models.CreateSubnetDetails( compartment_id=compartment_id, vcn_id=vcn.id, availability_domain=ad.name, display_name=subnet_name(name), cidr_block="10.0.0.0/24") result = vn_composite_ops.create_subnet_and_wait_for_state( subnet_details, wait_for_states=[oci.core.models.Subnet.LIFECYCLE_STATE_AVAILABLE]) print('Created Subnet: {}'.format(result.data.display_name)) sn = result.data # 5. Create an Application to host and manage the function(s). app = get_unique_application_by_name(fn_management_client, compartment_id, application_name(name)) if app is None: fm_composite_ops = oci.functions.FunctionsManagementClientCompositeOperations( fn_management_client) app_details = fn_models.CreateApplicationDetails( compartment_id=compartment_id, display_name=application_name(name), subnet_ids=[sn.id]) result = fm_composite_ops.create_application_and_wait_for_state( app_details, wait_for_states=[fn_models.Application.LIFECYCLE_STATE_ACTIVE]) print('Created Application: {}'.format(result.data.display_name)) app = result.data # 6. Create a single Function, set its execution image and limits. fn = get_unique_function_by_name(fn_management_client, app.id, function_name(name)) if fn is None: fm_composite_ops = oci.functions.FunctionsManagementClientCompositeOperations( fn_management_client) fn_details = fn_models.CreateFunctionDetails( application_id=app.id, display_name=function_name(name), image=image, memory_in_mbs=128, timeout_in_seconds=30) result = fm_composite_ops.create_function_and_wait_for_state( fn_details, wait_for_states=[fn_models.Function.LIFECYCLE_STATE_ACTIVE]) print('Created Function: {}'.format(result.data.display_name)) fn = result.data
def identity_client(config): return identity.IdentityClient(config)
def bootstrap_oci_cli(ctx): user_session = create_user_session() public_key = user_session.public_key private_key = user_session.private_key region = user_session.region token = user_session.token tenancy_ocid = user_session.tenancy_ocid user_ocid = user_session.user_ocid fingerprint = user_session.fingerprint # create initial SDK client which targets region that user specified signer = oci.auth.signers.SecurityTokenSigner(token, private_key) client = identity.IdentityClient({'region': region}, signer=signer) # find home region and create new client targeting home region to use for subsequent identity requests result = client.list_region_subscriptions(tenancy_ocid) for r in result.data: if r.is_home_region: home_region = r.region_name break client = identity.IdentityClient({'region': home_region}, signer=signer) create_api_key_details = identity.models.CreateApiKeyDetails() create_api_key_details.key = cli_util.serialize_key( public_key=public_key).decode('UTF-8') try: result = client.upload_api_key(user_ocid, create_api_key_details) except oci.exceptions.ServiceError as e: if e.status == 409 and e.code == 'ApiKeyLimitExceeded': # User cannot upload any more API keys, so ask if they'd like to delete one result = client.list_api_keys(user_ocid) click.echo('ApiKey limit has been reached for this user account.') click.echo( 'The following API keys are currently enabled for this account:' ) count = 1 for result in result.data: click.echo( '\tKey [{index}]: Fingerprint: {fingerprint}, Time Created: {time_created}' .format(index=count, fingerprint=result.fingerprint, time_created=result.time_created), sys.stderr) count += 1 delete_thumbprint = click.prompt( text= 'Enter the fingerprint of the API key to delete to make space for the new key (leave empty to skip deletion and exit command)', confirmation_prompt=True) if not delete_thumbprint: click.echo(BOOTSTRAP_PROCESS_CANCELED_MESSAGE) sys.exit(0) client.delete_api_key(user_ocid, delete_thumbprint) click.echo('Deleted Api key with fingerprint: {}'.format( delete_thumbprint)) client.upload_api_key(user_ocid, create_api_key_details) else: raise e click.echo('Uploaded new API key with fingerprint: {}'.format(fingerprint)) # write credentials to filesystem profile_name, config_location = persist_user_session(user_session, persist_token=False, bootstrap=True) click.echo('Config written to: {}'.format(config_location)) click.echo(""" Try out your newly registered credentials with the following example command: oci iam region list --config-file {config_file} --profile {profile} """.format(config_file=config_location, profile=profile_name))