adding sense aws to cicd

.github/workflows/ubuntu_22_and_test.yml

@@ -18,6 +18,11 @@ env:
   FABRIC_PROJECT: ${{ secrets.FABRIC_PROJECT }}
   FABRIC_USER: ${{ secrets.FABRIC_USER }}
 
+  SENSE_USER: ${{ secrets.SENSE_USER }}
+  SENSE_PASSWORD: ${{ secrets.SENSE_PASSWORD }}
+  SENSE_SECRET: ${{ secrets.SENSE_SECRET }}
+  SENSE_SLIVER_KEY: ${{ secrets.SENSE_SLIVER_KEY }}
+
 jobs:
   UbuntuTest:
     runs-on: ubuntu-latest
@@ -64,13 +69,8 @@ jobs:
           echo ${{ env.FABRIC_BASTION_KEY }} | base64 --decode > ${{ github.workspace }}/creds/bastion
           echo ${{ env.FABRIC_SLIVER_KEY }} | base64 --decode > ${{ github.workspace }}/creds/sliver
           echo ${{ env.FABRIC_SLIVER_PUBKEY }} | base64 --decode > ${{ github.workspace }}/creds/sliver.pub
+          echo ${{ env.SENSE_SLIVER_KEY }} | base64 --decode > ${{ github.workspace }}/creds/sense
 
-      - name: Test Fabric FacilityPort
-        run: |
-          session=fabric-facility-port
-          echo "vlan: 3102" > $session-varfile.yml
-          ${{ github.workspace }}/cicd/run-fabfed.sh cicd/test_configs/fabric_facility_port $session $session-varfile.yml
-
-      - name: Test L2VPN with nodes.
+      - name: Test SENSE/AWS.
         run: |
-          ${{ github.workspace }}/cicd/run-fabfed.sh cicd/test_configs/fabric_l2_vpn fabric-l2-vpn
+          ${{ github.workspace }}/cicd/run-fabfed.sh cicd/test_configs/fabric_sense_aws cicd-sense-aws 

cicd/docker/Dockerfile.jupyter

@@ -0,0 +1,17 @@
+ARG base_image=ubuntu:24.04
+
+FROM ${base_image}
+
+ENV DEBIAN_FRONTEND noninteractive
+
+RUN apt-get update && apt-get -u -y install lsb-release python3 binutils python3-venv python3-pip wget git bash-completion vim yq jq \
+    && apt-get -qq purge && apt-get -qq clean && rm -rf /var/lib/apt/lists/*
+
+RUN pip install --break-system-packages jupyterlab
+COPY /requirements.txt /tmp/
+RUN pip install --no-cache-dir --break-system-packages --ignore-requires-python -r /tmp/requirements.txt
+
+COPY ./setup.py ./tools ./README.md ./MANIFEST.in /requirements.txt /
+COPY ./fabfed /fabfed
+COPY ./tools /tools
+RUN python3 -m pip install --break-system-packages --no-cache-dir .

cicd/fabfed_credentials.yml.cicd

@@ -13,3 +13,13 @@ aws:
 gcp:
    service_key_path: GCP_SERVICE_KEY_PATH
    project: GCP_PROJECT 
+
+sense:
+   auth_endpoint: https://sense-o.es.net:8543/auth/realms/StackV/protocol/openid-connect/token
+   api_endpoint: https://sense-o-dev.es.net:8443/StackV-web/restapi
+   client_id: StackV
+   username: SENSE_USER
+   password: SENSE_PASSWORD
+   secret: SENSE_SECRET
+   verify: False
+   slice-private-key-location: creds/sense

cicd/run-fabfed.sh

@@ -17,6 +17,12 @@ cp $script_dir/fabfed_credentials.yml.cicd ~/.fabfed/
 sed -i "s/FABRIC_PROJECT/$FABRIC_PROJECT/" ~/.fabfed/fabfed_credentials.yml.cicd
 sed -i "s/FABRIC_USER/$FABRIC_USER/" ~/.fabfed/fabfed_credentials.yml.cicd
 
+# SENSE
+sed -i "s/FABRIC_USER/$SENSE_USER/" ~/.fabfed/fabfed_credentials.yml.cicd
+sed -i "s/FABRIC_USER/$SENSE_PASSWORD/" ~/.fabfed/fabfed_credentials.yml.cicd
+sed -i "s/FABRIC_USER/$SENSE_SECRET/" ~/.fabfed/fabfed_credentials.yml.cicd
+
+
 if [ -n "$var_file" ]
 then
   options="-v $3"

cicd/test_configs/fabric_sense_aws/config.fab

@@ -0,0 +1,58 @@
+provider:
+  - sense:
+      - sense_provider:
+          - credential_file: ~/.fabfed/fabfed_credentials.yml.cicd
+            profile: sense
+  - fabric:
+      - fabric_provider:
+          credential_file: ~/.fabfed/fabfed_credentials.yml.cicd
+          profile: fabric
+
+config:
+  - layer3:
+      - fab_layer:
+          subnet: 192.168.10.0/24 # subnet: "10.0.0.0/24"  # for sense subnet.cidr
+          gateway: 192.168.10.1
+          ip_start: 192.168.10.2 # optional: auto generate if subnet is given
+          ip_end: 192.168.10.254
+      - sense_layer:
+          subnet: 10.200.1.0/24 # subnet.cidr and vpc.cidr
+  - peering:
+      - my_peering:
+          # FOR FABRIC
+          cloud_account: "296256999979"
+          cloud_facility:
+          local_device:
+          local_port:
+          cloud_region: "us-east-1"
+
+          # FOR SENSE and FABRIC
+          local_asn: "55038" # customer_asn (hard coded for now)
+          local_address: "192.168.1.1/30" # customer_ip
+          remote_asn: "64512" # amazon_asn
+          remote_address: "192.168.1.2/30" # amazon_ip
+resource:
+  - node:
+      - sense_node:
+          provider: '{{ sense.sense_provider }}'
+          network: "{{ network.sense_net }}"
+          service:
+      - fabric_node:
+          provider: '{{ fabric.fabric_provider }}'
+          site: MAX # Use RENC when deploying to fabric beta environment
+          image: default_rocky_8
+          nic_model: NIC_Basic
+  - network:
+      - sense_net:
+          provider: '{{ sense.sense_provider }}'
+          layer3: "{{ layer3.sense_layer }}"
+          peering: "{{ peering.my_peering }}"
+          stitch_with: '{{ network.fabric_network }}'
+          stitch_option: 
+              device_name: agg3.ashb
+
+      - fabric_network:
+          provider: '{{ fabric.fabric_provider }}'
+          layer3: "{{ layer3.fab_layer }}"
+          peering: "{{ peering.my_peering }}"
+          interface: '{{ node.fabric_node }}'

fabfed/provider/sense/sense_constants.py

@@ -1,7 +1,16 @@
 from fabfed.util.constants import Constants
 import enum
 
+AUTH_ENDPOINT = "auth_endpoint"
+API_ENDPOINT = "api_endpoint"
+CLIENT_ID = "client_id"
+USERNAME = "username"
+PASSWORD = "password"
+SECRET = "secret"
 SENSE_SLICE_PRIVATE_KEY_LOCATION = "slice-private-key-location"
+
+SENSE_CONF_ATTRS = [AUTH_ENDPOINT, API_ENDPOINT, CLIENT_ID, USERNAME, PASSWORD, SECRET, SENSE_SLICE_PRIVATE_KEY_LOCATION]
+
 SENSE_PROFILE_UID = "service_profile_uuid"
 SENSE_ALIAS = "alias"
 SENSE_EDIT = "options"

fabfed/provider/sense/sense_provider.py

@@ -1,9 +1,9 @@
 from fabfed.policy.policy_helper import get_stitch_port_for_provider
-from fabfed.exceptions import ResourceTypeNotSupported
+from fabfed.exceptions import ResourceTypeNotSupported, ProviderException
 from fabfed.provider.api.provider import Provider
-from fabfed.util.constants import Constants
 from fabfed.util.utils import get_logger
 from .sense_exceptions import SenseException
+from .sense_constants import *
 
 logger = get_logger()
 
@@ -16,20 +16,18 @@ def __init__(self, *, type, label, name, config: dict):
         self._handled_modify = False
 
     def setup_environment(self):
-        from fabfed.util import utils
+        for attr in SENSE_CONF_ATTRS:
+            if self.config.get(attr.lower()) is None and self.config.get(attr.upper()) is None:
+                raise ProviderException(f"{self.name}: Expecting a value for {attr}")
 
-        credential_file = self.config.get(Constants.CREDENTIAL_FILE)
-        profile = self.config.get(Constants.PROFILE)
-        config = utils.load_yaml_from_file(credential_file)
+        pkey = self.config[SENSE_SLICE_PRIVATE_KEY_LOCATION]
 
-        if profile not in config:
-            from fabfed.exceptions import ProviderException
+        from fabfed.util.utils import can_read, is_private_key, absolute_path
 
-            raise ProviderException(
-                f"credential file {credential_file} does not have a section for keyword {profile}"
-            )
+        pkey = absolute_path(pkey)
 
-        self.config = config[profile]
+        if not can_read(pkey) or not is_private_key(pkey):
+            raise ProviderException(f"{self.name}: unable to read/parse ssh key in {pkey}")
 
     @property
     def private_key_file_location(self):