Skip to content

Commit

Permalink
Reformatting everything with black and adding a test for it
Browse files Browse the repository at this point in the history
  • Loading branch information
@rshade
rshade committed Jan 10, 2025
1 parent b5deb9d commit ba94d01
Show file tree
Hide file tree
Showing 143 changed files with 4,785 additions and 3,663 deletions.
26 changes: 26 additions & 0 deletions .github/workflows/test-examples.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,32 @@ jobs:
npm install
npm test
format-py:
name: Python Code Format and Validation
runs-on: pulumi-ubuntu-8core

steps:
# Step 1: Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3

# Step 2: Set up Python
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.9 # Adjust the version as needed

# Step 3: Install Make (already installed on Ubuntu, but explicit just in case)
- name: Ensure Make is Installed
run: |
sudo apt-get update
sudo apt-get install -y make
# Step 4: Run Makefile targets
- name: Run Make Targets
run: |
make check_python_formatting
unit-py:
name: Python unit tests
runs-on: pulumi-ubuntu-8core
Expand Down
31 changes: 30 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
all: ensure only_test

ensure:
ensure: setup_python
cd misc/test && go mod tidy
cd misc/test && go mod download
npm --prefix testing-unit-ts/mocha install
Expand Down Expand Up @@ -32,3 +32,32 @@ test_example.%:
bench_example.%:
mkdir -p ./traces
cd misc/test && PULUMI_TRACING_DIR=${PWD}/traces go test -test.v -run "^$*$$" -tags all

.PHONY: format setup_python clean

# Create a virtual environment and install black
setup_python:
@if [ ! -d "venv" ]; then \
python3 -m venv venv; \
venv/bin/pip install --upgrade pip; \
venv/bin/pip install black; \
echo "Virtual environment created and black installed."; \
else \
echo "Virtual environment already exists."; \
fi

# Validate that all Python files are properly formatted with Black
check_python_formatting: setup_python
@if find . -name "*.py" -not -path "./venv/*" | xargs venv/bin/black --check; then \
echo "All Python files are properly formatted."; \
else \
echo "Some files are not formatted. Run 'make format' to fix."; \
exit 1; \
fi
# Run Black against all Python files in the project, excluding venv
format: setup_python
find . -name "*.py" -not -path "./venv/*" | xargs venv/bin/black

# Clean up the virtual environment
clean:
rm -rf venv
195 changes: 115 additions & 80 deletions aws-apigateway-py-routes/__main__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,90 +9,121 @@
# Create a Cognito User Pool of authorized users
user_pool = aws.cognito.UserPool("user-pool")
user_pool_client = aws.cognito.UserPoolClient(
"user-pool-client", user_pool_id=user_pool.id, explicit_auth_flows=["ADMIN_NO_SRP_AUTH"])
"user-pool-client",
user_pool_id=user_pool.id,
explicit_auth_flows=["ADMIN_NO_SRP_AUTH"],
)

# Define an endpoint that invokes a lambda to handle requests
api = apigateway.RestAPI('api', routes=[
# Serve an entire directory of static content
apigateway.RouteArgs(path="static", local_path="www"),
# Invoke our Lambda to handle a single route
apigateway.RouteArgs(path="lambda", method="GET",
event_handler=lambdas.hello_handler),
# Proxy requests to another service
apigateway.RouteArgs(path="proxy", target=apigateway.TargetArgs(
uri="https://www.google.com", type="http_proxy")),
# Use Swagger to define an HTTP proxy route
apigateway.RouteArgs(path="swagger", method="GET", data={
"x-amazon-apigateway-integration": {
"httpMethod": "GET",
"passthroughBehavior": "when_no_match",
"type": "http_proxy",
"uri": "https://httpbin.org/uuid",
},
}),
# Authorize requests using Cognito
apigateway.RouteArgs(
path="cognito-authorized",
method="GET",
event_handler=lambdas.hello_handler,
# Define an authorizer which uses Cognito to validate the token from the Authorization header
authorizers=[apigateway.AuthorizerArgs(
parameter_name="Authorization",
identity_source=["method.request.header.Authorization"],
provider_arns=[user_pool.arn]
)]
),
# Authorize requests using a Lambda function
apigateway.RouteArgs(path="lambda-authorized", method="GET", event_handler=lambdas.hello_handler,
authorizers=[apigateway.AuthorizerArgs(
auth_type="custom",
parameter_name="Authorization",
type="request",
identity_source=[
"method.request.header.Authorization"],
handler=lambdas.auth_lambda
)]),
apigateway.RouteArgs(path="key-authorized", method="GET",
event_handler=lambdas.hello_handler,
api_key_required=True)
])
api = apigateway.RestAPI(
"api",
routes=[
# Serve an entire directory of static content
apigateway.RouteArgs(path="static", local_path="www"),
# Invoke our Lambda to handle a single route
apigateway.RouteArgs(
path="lambda", method="GET", event_handler=lambdas.hello_handler
),
# Proxy requests to another service
apigateway.RouteArgs(
path="proxy",
target=apigateway.TargetArgs(
uri="https://www.google.com", type="http_proxy"
),
),
# Use Swagger to define an HTTP proxy route
apigateway.RouteArgs(
path="swagger",
method="GET",
data={
"x-amazon-apigateway-integration": {
"httpMethod": "GET",
"passthroughBehavior": "when_no_match",
"type": "http_proxy",
"uri": "https://httpbin.org/uuid",
},
},
),
# Authorize requests using Cognito
apigateway.RouteArgs(
path="cognito-authorized",
method="GET",
event_handler=lambdas.hello_handler,
# Define an authorizer which uses Cognito to validate the token from the Authorization header
authorizers=[
apigateway.AuthorizerArgs(
parameter_name="Authorization",
identity_source=["method.request.header.Authorization"],
provider_arns=[user_pool.arn],
)
],
),
# Authorize requests using a Lambda function
apigateway.RouteArgs(
path="lambda-authorized",
method="GET",
event_handler=lambdas.hello_handler,
authorizers=[
apigateway.AuthorizerArgs(
auth_type="custom",
parameter_name="Authorization",
type="request",
identity_source=["method.request.header.Authorization"],
handler=lambdas.auth_lambda,
)
],
),
apigateway.RouteArgs(
path="key-authorized",
method="GET",
event_handler=lambdas.hello_handler,
api_key_required=True,
),
],
)

# Define whole API using swagger (OpenAPI)
swagger_api = apigateway.RestAPI("swagger-api",
swagger_string=json.dumps({
"swagger": "2.0",
"info": {
"title": "example",
"version": "1.0",
},
"paths": {
"/": {
"get": {
"x-amazon-apigateway-integration": {
"httpMethod": "GET",
"passthroughBehavior": "when_no_match",
"type": "http_proxy",
"uri": "https://httpbin.org/uuid",
},
},
},
},
"x-amazon-apigateway-binary-media-types": ["*/*"],
})
)
swagger_api = apigateway.RestAPI(
"swagger-api",
swagger_string=json.dumps(
{
"swagger": "2.0",
"info": {
"title": "example",
"version": "1.0",
},
"paths": {
"/": {
"get": {
"x-amazon-apigateway-integration": {
"httpMethod": "GET",
"passthroughBehavior": "when_no_match",
"type": "http_proxy",
"uri": "https://httpbin.org/uuid",
},
},
},
},
"x-amazon-apigateway-binary-media-types": ["*/*"],
}
),
)

# Create an API key to manage usage
api_key = aws.apigateway.ApiKey("api-key")
# Define usage plan for an API stage
usage_plan = aws.apigateway.UsagePlan("usage-plan",
api_stages=[aws.apigateway.UsagePlanApiStageArgs(
api_id=api.api.id,
stage=api.stage.stage_name)])
usage_plan = aws.apigateway.UsagePlan(
"usage-plan",
api_stages=[
aws.apigateway.UsagePlanApiStageArgs(
api_id=api.api.id, stage=api.stage.stage_name
)
],
)
# Associate the key to the plan
aws.apigateway.UsagePlanKey('usage-plan-key',
key_id=api_key.id,
key_type="API_KEY",
usage_plan_id=usage_plan.id)
aws.apigateway.UsagePlanKey(
"usage-plan-key", key_id=api_key.id, key_type="API_KEY", usage_plan_id=usage_plan.id
)

# Set up DNS if a domain name has been configured
config = pulumi.Config()
Expand All @@ -103,12 +134,16 @@
# Create SSL Certificate and DNS entries
api_domain_name = configure_dns(domain=domain, zone_id=zone.id)
# Tell API Gateway what to serve on our custom domain
base_path_mapping = aws.apigateway.BasePathMapping("api-domain-mapping",
rest_api=api.api.id,
stage_name=api.stage.stage_name,
domain_name=api_domain_name.domain_name)
base_path_mapping = aws.apigateway.BasePathMapping(
"api-domain-mapping",
rest_api=api.api.id,
stage_name=api.stage.stage_name,
domain_name=api_domain_name.domain_name,
)
pulumi.export(
"custom-url", base_path_mapping.domain_name.apply(lambda domain: f'https://{domain}/'))
"custom-url",
base_path_mapping.domain_name.apply(lambda domain: f"https://{domain}/"),
)

pulumi.export("url", api.url)
pulumi.export("user-pool-id", user_pool.id)
Expand Down
16 changes: 11 additions & 5 deletions aws-apigateway-py-routes/authorizer/handler.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,16 @@ def handler(event, context):
"principalId": "my-user",
"policyDocument": {
"Version": "2012-10-17",
"Statement": [{
"Action": "execute-api:Invoke",
"Effect": "Allow" if event["headers"]["Authorization"] == "goodToken" else "Deny",
"Resource": event["methodArn"],
}]
"Statement": [
{
"Action": "execute-api:Invoke",
"Effect": (
"Allow"
if event["headers"]["Authorization"] == "goodToken"
else "Deny"
),
"Resource": event["methodArn"],
}
],
},
}
74 changes: 46 additions & 28 deletions aws-apigateway-py-routes/dns.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,36 +8,54 @@ def configure_dns(domain: str, zone_id: pulumi.Input):
# SSL Cert must be created in us-east-1 unrelated to where the API is deployed.
aws_us_east_1 = aws.Provider("aws-provider-us-east-1", region="us-east-1")
# Request ACM certificate
ssl_cert = aws.acm.Certificate("ssl-cert",
domain_name=domain,
validation_method="DNS",
opts=ResourceOptions(provider=aws_us_east_1))
ssl_cert = aws.acm.Certificate(
"ssl-cert",
domain_name=domain,
validation_method="DNS",
opts=ResourceOptions(provider=aws_us_east_1),
)
# Create DNS record to prove to ACM that we own the domain
ssl_cert_validation_dns_record = aws.route53.Record("ssl-cert-validation-dns-record",
zone_id=zone_id,
name=ssl_cert.domain_validation_options.apply(
lambda options: options[0].resource_record_name),
type=ssl_cert.domain_validation_options.apply(
lambda options: options[0].resource_record_type),
records=[ssl_cert.domain_validation_options.apply(
lambda options: options[0].resource_record_value)],
ttl=10*60)
ssl_cert_validation_dns_record = aws.route53.Record(
"ssl-cert-validation-dns-record",
zone_id=zone_id,
name=ssl_cert.domain_validation_options.apply(
lambda options: options[0].resource_record_name
),
type=ssl_cert.domain_validation_options.apply(
lambda options: options[0].resource_record_type
),
records=[
ssl_cert.domain_validation_options.apply(
lambda options: options[0].resource_record_value
)
],
ttl=10 * 60,
)
# Wait for the certificate validation to succeed
validated_ssl_certificate = aws.acm.CertificateValidation("ssl-cert-validation",
certificate_arn=ssl_cert.arn,
validation_record_fqdns=[ssl_cert_validation_dns_record.fqdn],
opts=ResourceOptions(provider=aws_us_east_1))
validated_ssl_certificate = aws.acm.CertificateValidation(
"ssl-cert-validation",
certificate_arn=ssl_cert.arn,
validation_record_fqdns=[ssl_cert_validation_dns_record.fqdn],
opts=ResourceOptions(provider=aws_us_east_1),
)
# Configure API Gateway to be able to use domain name & certificate
api_domain_name = aws.apigateway.DomainName("api-domain-name",
certificate_arn=validated_ssl_certificate.certificate_arn,
domain_name=domain)
api_domain_name = aws.apigateway.DomainName(
"api-domain-name",
certificate_arn=validated_ssl_certificate.certificate_arn,
domain_name=domain,
)
# Create DNS record
aws.route53.Record("api-dns",
zone_id=zone_id,
type="A",
name=domain,
aliases=[aws.route53.RecordAliasArgs(
name=api_domain_name.cloudfront_domain_name,
evaluate_target_health=False,
zone_id=api_domain_name.cloudfront_zone_id)])
aws.route53.Record(
"api-dns",
zone_id=zone_id,
type="A",
name=domain,
aliases=[
aws.route53.RecordAliasArgs(
name=api_domain_name.cloudfront_domain_name,
evaluate_target_health=False,
zone_id=api_domain_name.cloudfront_zone_id,
)
],
)
return api_domain_name
Loading

0 comments on commit ba94d01

Please sign in to comment.