@alwaysai/device-agent 0.0.9 → 0.0.11

package/src/infrastructure/certificates-and-tokens.ts

@@ -1,24 +1,33 @@
-import { DeviceTokens, writeOrUpdateDeviceCfgFile } from 'alwaysai/lib/components/device';
-import { checkUserIsLoggedInComponent } from 'alwaysai/lib/components/user';
-import { LOCAL_AAI_CFG_DIR, LOCAL_CERT_AND_KEY_DIR } from 'alwaysai/lib/constants';
-import { checkPaidPlan } from 'alwaysai/lib/core/project';
 import {
-  CliRpcClient,
-  getDeviceCertificates,
-  IotRpcDevice,
-  refreshDevice,
-} from 'alwaysai/lib/infrastructure';
-import { JsSpawner, Spawner, writeCertificate, writeTokens } from 'alwaysai/lib/util';
+  DeviceTokens,
+  writeOrUpdateDeviceCfgFile,
+} from "alwaysai/lib/components/device";
+import { checkUserIsLoggedInComponent } from "alwaysai/lib/components/user";
+import {
+  LOCAL_AAI_CFG_DIR,
+  LOCAL_CERT_AND_KEY_DIR,
+} from "alwaysai/lib/constants";
+import { checkPaidPlan } from "alwaysai/lib/core/project";
+import {
+  JsSpawner,
+  Spawner,
+  writeCertificate,
+  writeTokens,
+} from "alwaysai/lib/util";
+import { logger } from "../util/logger";
 
 // NOTE: This is reimplemented from the CLI to work for local checks
 export async function getTargetHardwareUuid(spawner: Spawner) {
-  if (await spawner.exists('/var/lib/dbus/machine-id')) {
-    return await spawner.run({ exe: 'cat', args: ['/var/lib/dbus/machine-id'] });
+  if (await spawner.exists("/var/lib/dbus/machine-id")) {
+    return await spawner.run({
+      exe: "cat",
+      args: ["/var/lib/dbus/machine-id"],
+    });
   }
-  if (await spawner.exists('/etc/machine-id')) {
-    return await spawner.run({ exe: 'cat', args: ['/etc/machine-id'] });
+  if (await spawner.exists("/etc/machine-id")) {
+    return await spawner.run({ exe: "cat", args: ["/etc/machine-id"] });
   }
-  return await spawner.run({ exe: 'hostname' });
+  return await spawner.run({ exe: "hostname" });
 }
 
 // NOTE: This closely follows the flow of deviceCheckAndUpdateComponent in the CLI
@@ -26,46 +35,19 @@ export async function writeCertificateAndToken(props: { deviceUuid: string }) {
   const { deviceUuid } = props;
   await checkUserIsLoggedInComponent({ yes: true });
   if (!(await checkPaidPlan())) {
-    throw new Error(`This action only supported for Enterprise alwaysAI accounts!`);
-  }
-  const device: IotRpcDevice = (await CliRpcClient().getDeviceByUUID({
-    uuid: deviceUuid,
-  })) as IotRpcDevice;
-  if (!device) {
-    throw new Error(`Device not found for deviceId=${deviceUuid}`);
+    throw new Error(
+      `This action only supported for Enterprise alwaysAI accounts!`
+    );
   }
-  // TODO: Update HW ID if not there
-  if (device.hardware_ids && device.hardware_ids !== '') {
-    const spawner = JsSpawner();
-    const hardwareId = await getTargetHardwareUuid(spawner);
-    if (hardwareId !== device.hardware_ids) {
-      throw new Error('Certificates not intended for this device!');
-    }
-  }
-  const response = await refreshDevice(device.uuid);
   const tokens: DeviceTokens = {
     deviceId: deviceUuid,
-    accessToken: response.accessToken,
-    refreshToken: response.refreshToken,
-    idToken: response.idToken,
+    accessToken: "",
+    refreshToken: "",
+    idToken: "",
   };
   const tokenSpawner = JsSpawner({ path: LOCAL_AAI_CFG_DIR });
   await writeTokens({ spawner: tokenSpawner, tokens });
   await writeOrUpdateDeviceCfgFile({ spawner: tokenSpawner });
 
-  let iotKeys = device.iot_keys;
-  if (!iotKeys) {
-    // there are no certificates, we need to generate new ones
-    console.log('Generating new certificate');
-    const response = await getDeviceCertificates(device.uuid, device.mode);
-    iotKeys = response.iotKeys;
-  }
-  const certSpawner = JsSpawner({ path: LOCAL_CERT_AND_KEY_DIR });
-  await writeCertificate({
-    spawner: certSpawner,
-    certificate: iotKeys.certificatePem,
-    privateKey: iotKeys.keyPair.PrivateKey,
-    rootCa: iotKeys.rootCA,
-  });
-  console.log('Updated tokens and certificate');
+  logger.info("Updated tokens and certificate");
 }

package/src/subcommands/app/app.ts

@@ -24,6 +24,7 @@ import {
   updateModels,
 } from '../../application-control';
 import { AgentConfigFile } from '../../infrastructure/agent-config';
+import { logger } from '../../util/logger';
 
 export const listAppsCliLeaf = CliLeaf({
   name: 'list',
@@ -47,7 +48,7 @@ export const listAppReleasesCliLeaf = CliLeaf({
   async action(_, opts) {
     const { project } = opts;
     const releaseHistory = await listAppReleases({ projectId: project });
-    console.log(releaseHistory);
+    logger.info(releaseHistory);
   },
 });
 
@@ -66,7 +67,7 @@ export const listAppLatestReleaseCliLeaf = CliLeaf({
     if (latestReleaseHash === undefined) {
       throw new CliTerseError('This application has not been published yet');
     }
-    console.log(latestReleaseHash);
+    logger.info(latestReleaseHash);
   },
 });
 
@@ -107,7 +108,7 @@ export const getAppStatusCliLeaf = CliLeaf({
   async action(_, opts) {
     const { project } = opts;
     const appStatus = await getAppStatus({ projectId: project });
-    console.log(appStatus);
+    logger.info(appStatus);
   },
 });
 
@@ -143,7 +144,7 @@ export const getAppLogsCliLeaf = CliLeaf({
     const readable = await getAppLogs({ projectId: project });
     readable.setEncoding('utf8');
     for await (const chunk of readable) {
-      console.log(chunk);
+      logger.info(chunk);
     }
   },
 });
@@ -307,7 +308,7 @@ export const getAllEnvsCLiLeaf = CliLeaf({
   },
   async action(_, opts) {
     const { project } = opts;
-    console.log(await getAllEnvs({ projectId: project }));
+    logger.info(await getAllEnvs({ projectId: project }));
   },
 });
 

package/src/subcommands/device/device.ts

@@ -1,62 +1,99 @@
-import { CliLeaf, CliStringInput } from '@alwaysai/alwayscli';
-import { checkUserIsLoggedInComponent } from 'alwaysai/lib/components/user';
-import { checkPaidPlan } from 'alwaysai/lib/core/project';
-import { addDevice, CliAuthenticationClient } from 'alwaysai/lib/infrastructure';
-import { JsSpawner } from 'alwaysai/lib/util';
-import { getCpuUtil, getDiskUtil, getMemUtil } from '../../device-control/device-control';
+import { CliLeaf, CliStringInput } from "@alwaysai/alwayscli";
+import { checkUserIsLoggedInComponent } from "alwaysai/lib/components/user";
+import { checkPaidPlan } from "alwaysai/lib/core/project";
+import { v4 as uuidv4 } from "uuid";
+import { CliAuthenticationClient } from "alwaysai/lib/infrastructure";
+
+import { httpClient, microServiceHttpClient } from "../../util/http-client";
+import {
+  AWS_ROOT_CERTIFICATE_FILE_NAME,
+  BOOTSTRAP_CERTIFICATES_DIR_PATH,
+} from "../../util/directories";
+
+import { LOCAL_CERT_AND_KEY_DIR } from "alwaysai/lib/constants";
+import fetch from "node-fetch";
+import { JsSpawner } from "alwaysai/lib/util";
+import {
+  getCpuUtil,
+  getDiskUtil,
+  getMemUtil,
+} from "../../device-control/device-control";
 import {
   getTargetHardwareUuid,
   writeCertificateAndToken,
-} from '../../infrastructure/certificates-and-tokens';
+} from "../../infrastructure/certificates-and-tokens";
+import { logger } from "../../util/logger";
 
 export const initCliLeaf = CliLeaf({
-  name: 'init',
-  description: 'Initialize device',
+  name: "init",
+  description: "Initialize device",
   namedInputs: {
     name: CliStringInput({
-      description: 'Device name',
+      description: "Device name",
       required: true,
     }),
     description: CliStringInput({
-      description: 'Device description',
+      description: "Device description",
       required: false,
     }),
   },
   async action(_, opts) {
     const { name, description } = opts;
-    console.log('Initializing device');
+    logger.info("Initializing device");
     await checkUserIsLoggedInComponent({ yes: true });
     if (!(await checkPaidPlan())) {
-      throw new Error(`This action only supported for Enterprise alwaysAI accounts!`);
+      throw new Error(
+        `This action only supported for Enterprise alwaysAI accounts!`
+      );
     }
     const { username } = await CliAuthenticationClient().getInfo();
     const spawner = JsSpawner();
     const hardwareId = await getTargetHardwareUuid(spawner);
-    const deviceToAdd = {
-      owner: username,
-      friendly_name: name,
-      host_name: '',
-      device_user_name: '',
-      description: description || '',
-      hardware_ids: hardwareId,
-      device_hash: '',
-      iotKeys: '',
+    const device = {
+      deviceMode: "production",
+      hardwareId,
+      txId: uuidv4(),
+      userName: username,
+      friendlyName: name,
     };
-    const response = await addDevice(deviceToAdd, 'production');
-    await writeCertificateAndToken({ deviceUuid: response.deviceUUID });
-    console.log(`Initialized device as ${response.deviceUUID}`);
+
+    const response = await microServiceHttpClient(
+      "fleet-provision",
+      "addDevice",
+      "POST",
+      JSON.stringify(device)
+    );
+
+    const ROOT_CERT_AWS = await httpClient(
+      "https://www.amazontrust.com/repository/AmazonRootCA1.pem",
+      "GET"
+    );
+
+    await writeCertificateAndToken({ deviceUuid: response.deviceUuid });
+
+    await JsSpawner().mkdirp(BOOTSTRAP_CERTIFICATES_DIR_PATH);
+    JsSpawner({ path: LOCAL_CERT_AND_KEY_DIR }).writeFile(
+      AWS_ROOT_CERTIFICATE_FILE_NAME,
+      ROOT_CERT_AWS
+    );
+    const certSpawner = JsSpawner({ path: BOOTSTRAP_CERTIFICATES_DIR_PATH });
+    for (const key in response.claimCertificate) {
+      await certSpawner.writeFile(key, response.claimCertificate[key]);
+    }
+
+    logger.info(`Initialized device as ${response.deviceUuid}`);
   },
 });
 
 export const getInfoCliLeaf = CliLeaf({
-  name: 'get-info',
-  description: 'Get device info',
+  name: "get-info",
+  description: "Get device info",
   namedInputs: {},
   async action(_, opts) {
     const deviceInfo = [
-      ['CPU Utilization', `${String(await getCpuUtil())} %`],
-      ['Disk Utilization', `${String(await getDiskUtil())} %`],
-      ['Memory Utilization', `${String(await getMemUtil())} %`],
+      ["CPU Utilization", `${String(await getCpuUtil())} %`],
+      ["Disk Utilization", `${String(await getDiskUtil())} %`],
+      ["Memory Utilization", `${String(await getMemUtil())} %`],
     ];
     console.table(deviceInfo);
   },

package/src/subcommands/get-model-package.ts

@@ -2,6 +2,7 @@ import { CliLeaf, CliNumberInput, CliStringInput } from '@alwaysai/alwayscli';
 import { appInstallModel } from 'alwaysai/lib/core/app';
 import { CliRpcClient } from 'alwaysai/lib/infrastructure';
 import { JsSpawner } from 'alwaysai/lib/util';
+import { logger } from '../util/logger';
 
 export const getModelPackageCliLeaf = CliLeaf({
   name: 'get-model-package',
@@ -27,6 +28,6 @@ export const getModelPackageCliLeaf = CliLeaf({
     const version =
       opts.version || (await CliRpcClient().getModelVersion({ id })).version;
     await appInstallModel(spawner, id, version);
-    console.log(`Completed downloading ${id} to ${path}`);
+    logger.info(`Completed downloading ${id} to ${path}`);
   },
 });

package/src/util/directories.ts

@@ -1,12 +1,23 @@
 import {
-  DEVICE_CERTIFICATE_FILE_NAME,
-  DEVICE_PRIVATE_KEY_FILE_NAME,
-  DEVICE_ROOT_CERT_FILE_NAME,
   DEVICE_TOKEN_FILE_NAME,
   LOCAL_AAI_CFG_DIR,
   LOCAL_CERT_AND_KEY_DIR,
-} from 'alwaysai/lib/constants';
-import { join } from 'path';
+} from "alwaysai/lib/constants";
+import { join } from "path";
+
+export const BOOTSTRAP_DIR_NAME = "bootstrap-certificates";
+export const BOOTSTRAP_DEVICE_PRIVATE_KEY_FILE_NAME =
+  "aai-claim-private-key_qa.pem.key";
+export const BOOTSTRAP_DEVICE_CERTIFICATE_FILE_NAME =
+  "aai-claim-cert_qa.pem.crt";
+export const BOOTSTRAP_CLAIM_ID_FILE_NAME = "aai-claim-cert-id_qa.txt";
+export const AWS_ROOT_CERTIFICATE_FILE_NAME = "AmazonRootCA1.pem";
+export const CERTIFICATE_OWNERSHIP_TOKEN_FILE_NAME =
+  "certificate-ownership-token.txt";
+
+export const DEVICE_PRIVATE_KEY_FILE_NAME = "aai-claim-private-key_qa.pem.key";
+export const DEVICE_CERTIFICATE_FILE_NAME = "aai-claim-cert_qa.pem.crt";
+export const DEVICE_CLAIM_ID_FILE_NAME = "aai-claim-cert-id_qa.txt";
 
 export function getPrivateKeyFilePath() {
   return join(LOCAL_CERT_AND_KEY_DIR, DEVICE_PRIVATE_KEY_FILE_NAME);
@@ -17,9 +28,41 @@ export function getCertificateFilePath() {
 }
 
 export function getRootCertificateFilePath() {
-  return join(LOCAL_CERT_AND_KEY_DIR, DEVICE_ROOT_CERT_FILE_NAME);
+  return join(LOCAL_CERT_AND_KEY_DIR, AWS_ROOT_CERTIFICATE_FILE_NAME);
 }
 
 export function getCredentialsFilePath() {
   return join(LOCAL_AAI_CFG_DIR, DEVICE_TOKEN_FILE_NAME);
 }
+
+export const BOOTSTRAP_CERTIFICATES_DIR_PATH = join(
+  LOCAL_CERT_AND_KEY_DIR,
+  BOOTSTRAP_DIR_NAME
+);
+export const DEVICE_CLAIM_ID_FILE_PATH = join(
+  LOCAL_CERT_AND_KEY_DIR,
+  DEVICE_TOKEN_FILE_NAME
+);
+
+export const BOOTSTRAP_DEVICE_PRIVATE_KEY_FILE_PATH = join(
+  LOCAL_CERT_AND_KEY_DIR,
+  BOOTSTRAP_DIR_NAME,
+  BOOTSTRAP_DEVICE_PRIVATE_KEY_FILE_NAME
+);
+
+export const BOOTSTRAP_DEVICE_CERTIFICATE_FILE_PATH = join(
+  LOCAL_CERT_AND_KEY_DIR,
+  BOOTSTRAP_DIR_NAME,
+  BOOTSTRAP_DEVICE_CERTIFICATE_FILE_NAME
+);
+
+export const BOOTSTRAP_CLAIM_ID_FILE_PATH = join(
+  LOCAL_CERT_AND_KEY_DIR,
+  BOOTSTRAP_DIR_NAME,
+  BOOTSTRAP_CLAIM_ID_FILE_NAME
+);
+
+export const AWS_ROOT_CERTIFICATE_FILE_PATH = join(
+  LOCAL_CERT_AND_KEY_DIR,
+  AWS_ROOT_CERTIFICATE_FILE_NAME
+);

package/src/util/http-client.ts

@@ -0,0 +1,35 @@
+import fetch from "node-fetch";
+import { serviceEndpointBuilder } from "../endpoints";
+import { CliAuthenticationClient } from "alwaysai/lib/infrastructure";
+
+export async function httpClient(
+  url: string,
+  method: string,
+  data?: string,
+  headers?: object
+) {
+  const options = { method, ...(data ? { body: data } : {}) };
+  try {
+    const response = await fetch(url, options);
+    const code = response.status;
+
+    const contentType = response.headers.get("content-type");
+    if (contentType === "application/json") {
+      return await response.json();
+    } else if (contentType!.includes("text/plain")) {
+      return await response.text();
+    }
+  } catch (e) {}
+}
+
+export async function microServiceHttpClient(
+  service: string,
+  path: string,
+  method: string,
+  data?: string
+) {
+  const endpoint = serviceEndpointBuilder(service, path);
+  const { getIdAuthorizationHeader } = CliAuthenticationClient();
+  const authorizationHeader = await getIdAuthorizationHeader();
+  return await httpClient(endpoint, method, data);
+}

package/src/util/logger.ts

@@ -0,0 +1,28 @@
+import * as winston from 'winston';
+import 'winston-daily-rotate-file';
+import * as path from 'path';
+import { AAI_DIR } from 'alwaysai/lib/constants';
+import { ALWAYSAI_LOG_LEVEL, ALWAYSAI_LOG_TO_CONSOLE } from '../environment';
+
+const LOG_LEVEL = ALWAYSAI_LOG_LEVEL || 'info';
+const transports = ALWAYSAI_LOG_TO_CONSOLE
+  ? [new winston.transports.Console({ level: LOG_LEVEL })]
+  : [
+      new winston.transports.DailyRotateFile({
+        filename: path.join(AAI_DIR, 'agent-logs', 'agent-logs.txt'),
+        maxSize: '5m',
+        maxFiles: '2d',
+      }),
+    ];
+
+export const logger = winston.createLogger({
+  level: LOG_LEVEL,
+  format: winston.format.combine(
+    winston.format.errors({ stack: true }),
+    winston.format.splat(),
+    winston.format.simple(),
+  ),
+  transports,
+});
+
+logger.info(`Initialized logger with log level: ${LOG_LEVEL}`);