@axway/axway-central-cli 4.7.0 → 4.9.0-rc.0

package/dist/commands/install/agents.js

@@ -15,6 +15,7 @@ var _CliConfigManager = require("../../common/CliConfigManager");
 var _Renderer = _interopRequireDefault(require("../../common/Renderer"));
 var _types = require("../../common/types");
 var _utils = require("../../common/utils");
+var akamaiAgents = _interopRequireWildcard(require("./akamaiAgents"));
 var apigeeXAgents = _interopRequireWildcard(require("./apigeexAgents"));
 var awsAgents = _interopRequireWildcard(require("./awsAgents"));
 var awsSaaSAgents = _interopRequireWildcard(require("./awsSaasAgents"));
@@ -40,6 +41,8 @@ var sensediaAgents = _interopRequireWildcard(require("./sensediaAgents"));
 var wso2Agents = _interopRequireWildcard(require("./wso2Agents"));
 function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); }
 function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+// import * as akamaiSaasAgents from './akamaiSaasAgents';
+
 const {
   log
 } = (0, _snooplogg.default)('engage: install: agents');
@@ -50,6 +53,7 @@ const prompts = exports.prompts = {
   selectGatewayType: 'Select the type of gateway you want to connect'
 };
 const agentInstallFlows = {
+  [_types.GatewayTypes.AKAMAI]: akamaiAgents.AkamaiInstallMethods,
   [_types.GatewayTypes.EDGE_GATEWAY]: edgeAgents.EdgeInstallMethods,
   [_types.GatewayTypes.EDGE_GATEWAY_ONLY]: edgeAgents.EdgeGWOnlyInstallMethods,
   [_types.GatewayTypes.AWS_GATEWAY]: awsAgents.AWSInstallMethods,
@@ -69,6 +73,7 @@ const agentInstallFlows = {
   [_types.GatewayTypes.WSO2]: wso2Agents.WSO2InstallMethods
 };
 const saasAgentInstallFlows = {
+  // [GatewayTypes.AKAMAI]: akamaiSaasAgents.AkamaiSaaSInstallMethods,
   [_types.SaaSGatewayTypes.AWS_GATEWAY]: awsSaaSAgents.AWSSaaSInstallMethods,
   [_types.SaaSGatewayTypes.GITHUB]: gitHubAgents.GitHubSaaSInstallMethods,
   [_types.SaaSGatewayTypes.APIGEEX_GATEWAY]: apigeeSaaSAgents.APIGEEXSaaSInstallMethods,
@@ -145,7 +150,7 @@ const agents = exports.agents = {
       installConfig.centralConfig.region = await determineRegion(orgRegion);
       let gatewayTypeChoices = [];
       Object.values(_types.GatewayTypes).forEach(v => gatewayTypeChoices.push(v));
-      Object.values(_types.SaaSGatewayTypes).filter(v => v !== _types.SaaSGatewayTypes.AWS_GATEWAY && v !== _types.SaaSGatewayTypes.APIGEEX_GATEWAY && v !== _types.SaaSGatewayTypes.TRACEABLE).forEach(v => gatewayTypeChoices.push(v));
+      Object.values(_types.SaaSGatewayTypes).filter(v => v !== _types.SaaSGatewayTypes.AWS_GATEWAY && v !== _types.SaaSGatewayTypes.APIGEEX_GATEWAY && v !== _types.SaaSGatewayTypes.TRACEABLE && v !== _types.SaaSGatewayTypes.AKAMAI).forEach(v => gatewayTypeChoices.push(v));
       let gatewayChoices = gatewayTypeChoices.sort().filter(v => v !== _types.GatewayTypes.EDGE_GATEWAY_ONLY);
       let gatewayType = await (0, _basicPrompts.askList)({
         msg: prompts.selectGatewayType,
@@ -164,7 +169,9 @@ const agents = exports.agents = {
       }
 
       // if this check gets bigger, may think about an array of agents that can be both ground and embedded until ground agents become obsolete
-      if (gatewayType === _types.GatewayTypes.AWS_GATEWAY || gatewayType === _types.GatewayTypes.AZURE_GATEWAY || gatewayType === _types.GatewayTypes.AZURE_EVENTHUB || gatewayType === _types.GatewayTypes.APIGEEX_GATEWAY || gatewayType === _types.GatewayTypes.TRACEABLE) {
+      if (gatewayType === _types.GatewayTypes.AWS_GATEWAY || gatewayType === _types.GatewayTypes.AZURE_GATEWAY || gatewayType === _types.GatewayTypes.AZURE_EVENTHUB || gatewayType === _types.GatewayTypes.APIGEEX_GATEWAY || gatewayType === _types.GatewayTypes.TRACEABLE
+      // gatewayType === GatewayTypes.AKAMAI
+      ) {
         // hosted vs on premise
         installConfig.switches.isHostedInstall = (await (0, _basicPrompts.askList)({
           msg: prompts.hostedAgentOption,

package/dist/commands/install/akamaiAgents.js

@@ -0,0 +1,256 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.testables = exports.gatewayConnectivity = exports.completeInstall = exports.askConfigType = exports.askBundleType = exports.amplifyAgentsNs = exports.ConfigFiles = exports.AkamaiInstallMethods = void 0;
+var _chalk = _interopRequireDefault(require("chalk"));
+var _snooplogg = _interopRequireDefault(require("snooplogg"));
+var _Kubectl = require("../../common/Kubectl");
+var _basicPrompts = require("../../common/basicPrompts");
+var _inputs = require("./helpers/inputs");
+var _types = require("../../common/types");
+var helpers = _interopRequireWildcard(require("./helpers"));
+var _akamaiTemplates = require("./helpers/templates/akamaiTemplates");
+var _utils = require("../../common/utils");
+var _agents = require("./agents");
+function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); }
+function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+// @ts-ignore
+const {
+  log
+} = (0, _snooplogg.default)('central: install: agents: Akamai');
+const caImage = `${_types.PublicDockerRepoBaseUrl}${_types.BasePaths.DockerAgentPublicRepo}/${_types.AgentNames.AKAMAI_CA}`;
+const amplifyAgentsNs = exports.amplifyAgentsNs = 'amplify-agents';
+
+// ConfigFiles - all the config file that are used in the setup
+const ConfigFiles = exports.ConfigFiles = {
+  helmOverride: 'agent-overrides.yaml',
+  agentEnvVars: `${helpers.configFiles.AGENT_ENV_VARS}`
+};
+const prompts = {
+  configTypeMsg: 'Select the mode of installation',
+  agentNamespace: 'Enter the namespace to use for the Amplify Akamai Agents',
+  enterBaseUrl: 'Enter the Akamai Base URL',
+  enterClientId: 'Enter the Akamai Client ID',
+  enterClientSecret: 'Enter the Akamai Client Secret',
+  enterSegmentLength: 'Enter the Akamai Segment Length',
+  enterEnvironments: 'Enter an Akamai environment',
+  enterMoreEnvironments: 'Do you want to enter another mapping?',
+  selectCentralMappingEnvironment: 'Select an Engage environment to map to the provided Akamai environment',
+  environmentsDescription: 'Configure a mapping of Akamai environment to Engage environment that the agent will use'
+};
+const askBundleType = async () => {
+  return _types.BundleType.TRACEABILITY;
+};
+exports.askBundleType = askBundleType;
+const askConfigType = async () => {
+  return await (0, _basicPrompts.askList)({
+    msg: prompts.configTypeMsg,
+    choices: [_types.AgentConfigTypes.DOCKERIZED, _types.AgentConfigTypes.HELM]
+  });
+};
+
+//
+// Questions for the configuration of Akamai agents
+//
+exports.askConfigType = askConfigType;
+const askAkamaiBaseUrl = async () => await (0, _basicPrompts.askInput)({
+  msg: prompts.enterBaseUrl,
+  validate: (0, _basicPrompts.validateRegex)(helpers.AkamaiRegexPatterns.baseURLRegex, helpers.invalidValueExampleErrMsg('baseURL', 'https://akamai.com'))
+});
+const askAkamaiClientId = async () => await (0, _basicPrompts.askInput)({
+  msg: prompts.enterClientId
+});
+const askAkamaiClientSecret = async () => await (0, _basicPrompts.askInput)({
+  msg: prompts.enterClientSecret
+});
+const askAkamaiSegmentLength = async () => await (0, _basicPrompts.askInput)({
+  msg: prompts.enterSegmentLength,
+  type: 'number',
+  validate: (0, _basicPrompts.validateValueRange)(0)
+});
+const askEnvironments = async (centralEnvs, akamaiAgentValues, excludeEnvironment) => {
+  // Filter out the already-selected agent installation environment
+  if (excludeEnvironment) {
+    centralEnvs = centralEnvs.filter(env => env.name !== excludeEnvironment);
+  }
+
+  // If no central environments are available, exit the installation
+  if (centralEnvs.length === 0) {
+    console.log(_chalk.default.red('Installation cannot proceed: No Engage environments are available for mapping.'));
+    console.log(_chalk.default.yellow('Please create at least one Engage environment before installing the Akamai agent.'));
+    console.log(_chalk.default.gray('You can create an environment using: axway engage create environment'));
+    process.exit(1);
+  }
+  let askEnvs = true;
+  let envs = [];
+  let mappedCentralEnvs = [];
+  console.log(_chalk.default.gray(prompts.environmentsDescription));
+  while (askEnvs) {
+    const env = await (0, _basicPrompts.askInput)({
+      msg: prompts.enterEnvironments,
+      allowEmptyInput: true
+    });
+    if (envs.length === 0 && (!env || env.toString().trim() === "")) {
+      break;
+    }
+    if (env && env.toString().trim() !== "") {
+      envs.push(env);
+    }
+    const centralMappingEnv = await (0, _basicPrompts.askList)({
+      msg: prompts.selectCentralMappingEnvironment,
+      choices: centralEnvs.map(e => e.name)
+    });
+    if (centralMappingEnv && centralMappingEnv.toString().trim() !== "") {
+      mappedCentralEnvs.push(centralMappingEnv);
+    }
+
+    // Remove the selected environment from available choices for next iteration
+    centralEnvs = centralEnvs.filter(env => env.name !== centralMappingEnv);
+
+    // Only ask to continue if there are remaining central environments
+    if (centralEnvs.length > 0) {
+      askEnvs = (await (0, _basicPrompts.askList)({
+        msg: prompts.enterMoreEnvironments,
+        default: _types.YesNo.No,
+        choices: _types.YesNoChoices
+      })) === _types.YesNo.Yes;
+    } else {
+      askEnvs = false; // Auto-stop when no environments remain
+    }
+  }
+  akamaiAgentValues.environments = envs;
+  akamaiAgentValues.centralEnvironments = mappedCentralEnvs;
+};
+const gatewayConnectivity = async installConfig => {
+  let akamaiAgentValues = new _akamaiTemplates.AkamaiAgentValues();
+  if (installConfig.switches.isHelmInstall) {
+    console.log(_chalk.default.gray(`The Amplify Akamai Agent needs to be deployed to your Kubernetes cluster to discover APIs for publishing to Amplify Central.`));
+    const {
+      error
+    } = await _Kubectl.kubectl.isInstalled();
+    if (error) {
+      throw new Error(`Kubectl is required to fill out the following prompts. It appears to be missing or misconfigured.\n${error}`);
+    }
+    akamaiAgentValues.namespace = await (0, _inputs.askNamespace)(prompts.agentNamespace, amplifyAgentsNs);
+  }
+  if (installConfig.switches.isDockerInstall) {
+    console.log('\nCONNECTION TO AKAMAI API GATEWAY:');
+    console.log(_chalk.default.gray("The Compliance Agent needs to connect to the Akamai API Gateway to discover API's for publishing to Amplify Central."));
+  }
+  akamaiAgentValues.baseUrl = await askAkamaiBaseUrl();
+  akamaiAgentValues.clientId = await askAkamaiClientId();
+  akamaiAgentValues.clientSecret = await askAkamaiClientSecret();
+  akamaiAgentValues.segmentLength = await askAkamaiSegmentLength();
+  await helpers.getCentralEnvironments(installConfig.centralConfig.apiServerClient, installConfig.centralConfig.definitionManager).then(async envs => {
+    if (envs) {
+      var _installConfig$centra;
+      // Pass the already-selected agent installation environment to exclude it from mapping choices
+      const agentInstallEnv = (_installConfig$centra = installConfig.centralConfig.ampcEnvInfo) === null || _installConfig$centra === void 0 ? void 0 : _installConfig$centra.name;
+      await askEnvironments(envs, akamaiAgentValues, agentInstallEnv);
+    }
+  });
+  return akamaiAgentValues;
+};
+exports.gatewayConnectivity = gatewayConnectivity;
+const dockerSuccessMsg = installConfig => {
+  let dockerInfo;
+  const runAgentLinuxMsg = `docker run -it --env-file ${helpers.pwd}/${helpers.configFiles.AGENT_ENV_VARS} -v ${helpers.pwd}:/keys ${helpers.eolChar}`;
+  const runAgentWinMsg = `docker run -it --env-file ${helpers.pwdWin}/${helpers.configFiles.AGENT_ENV_VARS} -v ${helpers.pwdWin}:/keys ${helpers.eolCharWin}`;
+  const startAgentLinuxMsg = `\nStart the Akamai Agent on a Linux based machine`;
+  const startAgentWinMsg = `\nStart the Akamai Agent on a Windows machine`;
+  dockerInfo = `To utilize the agent, pull the latest Docker image and run it using the appropriate supplied environment file, (${helpers.configFiles.AGENT_ENV_VARS}):`;
+  console.log(_chalk.default.whiteBright(dockerInfo), '\n');
+  const caImageVersion = `${caImage}:${installConfig.caVersion}`;
+  console.log(_chalk.default.white('Pull the latest image of the Agent:'));
+  console.log(_chalk.default.cyan(`docker pull ${caImageVersion}`));
+  console.log(_chalk.default.white(_utils.isWindows ? startAgentWinMsg : startAgentLinuxMsg));
+  console.log(_chalk.default.cyan(_utils.isWindows ? runAgentWinMsg : runAgentLinuxMsg));
+  console.log('\t', _chalk.default.cyan(`-v /data ${caImageVersion}`), '\n');
+};
+const helmSuccessMsg = namespace => {
+  console.log(`Akamai Agent override file has been placed at ${process.cwd()}/${ConfigFiles.helmOverride}`);
+  helpers.helmImageSecretInfo(namespace);
+  let agentHelmInfo = new Set();
+  agentHelmInfo.add({
+    helmReleaseName: 'akamai-agent',
+    helmChartName: ' axway/akamai-agent',
+    overrideFileName: ConfigFiles.helmOverride,
+    imageSecretOverrides: `--set image.pullSecret=<image-pull-secret-name>`
+  });
+  helpers.helmInstallInfo('Akamai', namespace, agentHelmInfo);
+};
+const generateSuccessHelpMsg = installConfig => {
+  const akamaiAgentValues = installConfig.gatewayConfig;
+  const configType = installConfig.deploymentType;
+  if (installConfig.centralConfig.ampcDosaInfo.isNew && !installConfig.switches.isHelmInstall) {
+    console.log(_chalk.default.yellow(_agents.svcAccMsg));
+  }
+  if (configType === _types.AgentConfigTypes.DOCKERIZED) {
+    dockerSuccessMsg(installConfig);
+  } else if (configType === _types.AgentConfigTypes.HELM) {
+    helmSuccessMsg(akamaiAgentValues.namespace.name);
+  }
+  console.log('Configuration file(s) have been successfully created.\n');
+  console.log(_chalk.default.gray(`\nAdditional information about agent features can be found here:\n${helpers.agentsDocsUrl.AKAMAI}`));
+};
+const completeInstall = async installConfig => {
+  // Add final settings to AkamaiAgentValues
+  const akamaiAgentValues = installConfig.gatewayConfig;
+  akamaiAgentValues.centralConfig = installConfig.centralConfig;
+  akamaiAgentValues.traceabilityConfig = installConfig.traceabilityConfig;
+  if (installConfig.switches.isHelmInstall) {
+    akamaiAgentValues.akamaiSecret = helpers.amplifyAgentsCredsSecret;
+    akamaiAgentValues.agentKeysSecret = helpers.amplifyAgentsKeysSecret;
+    if (akamaiAgentValues.namespace.isNew) {
+      await helpers.createNamespace(akamaiAgentValues.namespace.name);
+    }
+    await helpers.createSecret(akamaiAgentValues.namespace.name, helpers.amplifyAgentsKeysSecret, async () => {
+      if (installConfig.centralConfig.ampcDosaInfo.isNew) {
+        console.log(_chalk.default.yellow(`The secret '${helpers.amplifyAgentsKeysSecret}' will be created with the same "private_key.pem" and "public_key.pem" that was auto generated to create the Service Account.`));
+      }
+      await helpers.createAmplifyAgentKeysSecret(akamaiAgentValues.namespace.name, helpers.amplifyAgentsKeysSecret, 'publicKey', akamaiAgentValues.centralConfig.dosaAccount.publicKey, 'privateKey', akamaiAgentValues.centralConfig.dosaAccount.privateKey);
+    });
+    await helpers.createSecret(akamaiAgentValues.namespace.name, helpers.amplifyAgentsCredsSecret, async () => {
+      await createAkamaiCredsSecret(akamaiAgentValues.namespace.name, helpers.amplifyAgentsCredsSecret, akamaiAgentValues.akamaiSecret, akamaiAgentValues.agentKeysSecret);
+    });
+  }
+  console.log('Generating the configuration file(s)...');
+  if (installConfig.switches.isDockerInstall) {
+    (0, _utils.writeTemplates)(ConfigFiles.agentEnvVars, akamaiAgentValues, helpers.akamaiEnvVarTemplate);
+  } else if (installConfig.switches.isHelmInstall) {
+    (0, _utils.writeTemplates)(ConfigFiles.helmOverride, akamaiAgentValues, helpers.akamaiHelmOverrideTemplate);
+  }
+  generateSuccessHelpMsg(installConfig);
+};
+exports.completeInstall = completeInstall;
+const createAkamaiCredsSecret = async (namespace, secretName, clientID, clientSecret) => {
+  const {
+    error
+  } = await _Kubectl.kubectl.create('secret', `-n ${namespace} generic ${secretName} \
+		--from-literal=clientID=${clientID} \
+		--from-literal=clientSecret=${clientSecret}`);
+  if (error) {
+    throw Error(error);
+  }
+  console.log(`Created ${secretName} in the ${namespace} namespace.`);
+};
+const AkamaiInstallMethods = exports.AkamaiInstallMethods = {
+  GetBundleType: askBundleType,
+  GetDeploymentType: askConfigType,
+  AskGatewayQuestions: gatewayConnectivity,
+  FinalizeGatewayInstall: completeInstall,
+  ConfigFiles: Object.values(ConfigFiles),
+  AgentNameMap: {
+    [_types.AgentTypes.ca]: _types.AgentNames.AKAMAI_CA
+  },
+  GatewayDisplay: _types.GatewayTypes.AKAMAI
+};
+const testables = exports.testables = {
+  prompts,
+  ConfigFiles,
+  askEnvironments,
+  gatewayConnectivity,
+  createAkamaiCredsSecret
+};

package/dist/commands/install/akamaiSaasAgents.js

@@ -0,0 +1,285 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.testables = exports.askBundleType = exports.AkamaiSaaSInstallMethods = void 0;
+var _snooplogg = _interopRequireDefault(require("snooplogg"));
+var _types = require("../../common/types");
+var _chalk = _interopRequireDefault(require("chalk"));
+var _basicPrompts = require("../../common/basicPrompts");
+var helpers = _interopRequireWildcard(require("./helpers"));
+var _crypto = _interopRequireDefault(require("crypto"));
+function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); }
+function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+function _defineProperty(e, r, t) { return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, { value: t, enumerable: !0, configurable: !0, writable: !0 }) : e[r] = t, e; }
+function _toPropertyKey(t) { var i = _toPrimitive(t, "string"); return "symbol" == typeof i ? i : i + ""; }
+function _toPrimitive(t, r) { if ("object" != typeof t || !t) return t; var e = t[Symbol.toPrimitive]; if (void 0 !== e) { var i = e.call(t, r || "default"); if ("object" != typeof i) return i; throw new TypeError("@@toPrimitive must return a primitive value."); } return ("string" === r ? String : Number)(t); }
+const {
+  log
+} = (0, _snooplogg.default)('engage: install: agents: Akamai');
+class DataplaneConfig {
+  constructor(type) {
+    _defineProperty(this, "type", void 0);
+    this.type = type || '';
+  }
+}
+class AkamaiDataplaneConfig extends DataplaneConfig {
+  constructor(clientId, baseUrl, segmentLength, groups) {
+    super("Akamai");
+    _defineProperty(this, "clientId", void 0);
+    _defineProperty(this, "baseUrl", void 0);
+    _defineProperty(this, "segmentLength", void 0);
+    _defineProperty(this, "groups", void 0);
+    this.clientId = clientId;
+    this.baseUrl = baseUrl;
+    this.segmentLength = segmentLength;
+    this.groups = groups;
+  }
+}
+class AkamaiGroups {
+  constructor(akamai, environment) {
+    _defineProperty(this, "akamai", void 0);
+    _defineProperty(this, "environment", void 0);
+    this.akamai = akamai;
+    this.environment = environment;
+  }
+}
+class SaasAgentValues {
+  constructor() {
+    _defineProperty(this, "dataplaneConfig", void 0);
+    _defineProperty(this, "centralConfig", void 0);
+    this.dataplaneConfig = new DataplaneConfig();
+    this.centralConfig = new _types.CentralAgentConfig();
+  }
+  getAccessData() {
+    return '';
+  }
+}
+class SaasAkamaiAgentValues extends SaasAgentValues {
+  constructor() {
+    super();
+    _defineProperty(this, "baseUrl", void 0);
+    _defineProperty(this, "clientId", void 0);
+    _defineProperty(this, "clientSecret", void 0);
+    _defineProperty(this, "segmentLength", void 0);
+    _defineProperty(this, "environments", void 0);
+    _defineProperty(this, "centralEnvironments", void 0);
+    this.baseUrl = '';
+    this.clientId = '';
+    this.clientSecret = '';
+    this.segmentLength = 1;
+    this.environments = [];
+    this.centralEnvironments = [];
+  }
+  getAccessData() {
+    let data = JSON.stringify({
+      client_secret: this.clientSecret
+    });
+    return data;
+  }
+}
+
+// ConfigFiles - all the config file that are used in the setup
+const ConfigFiles = {};
+
+// AkamaiSaaSPrompts - all Akamai Saas prompts to the user for input
+const SaasPrompts = {
+  configTypeMsg: 'Select the mode of installation',
+  agentNamespace: 'Enter the namespace to use for the Amplify Akamai Agents',
+  enterBaseUrl: 'Enter the Akamai Base URL',
+  enterClientId: 'Enter the Akamai Client ID',
+  enterClientSecret: 'Enter the Akamai Client Secret',
+  enterSegmentLength: 'Enter the Akamai Segment Length',
+  enterEnvironments: 'Enter an Akamai environment',
+  enterMoreEnvironments: 'Do you want to enter another mapping?',
+  selectCentralMappingEnvironment: 'Select an Engage environment to map to the provided Akamai environment',
+  environmentsDescription: 'Configure a mapping of Akamai environment to Engage environment that the agent will use'
+};
+const askBundleType = async () => {
+  return _types.BundleType.TRACEABILITY;
+};
+exports.askBundleType = askBundleType;
+const askConfigType = async () => {
+  return _types.AgentConfigTypes.HOSTED;
+};
+const askEnvironments = async (centralEnvs, hostedAgentValues, excludeEnvironment) => {
+  // Filter out the already-selected agent installation environment
+  if (excludeEnvironment) {
+    centralEnvs = centralEnvs.filter(env => env.name !== excludeEnvironment);
+  }
+  let askEnvs = true;
+  let envs = [];
+  let mappedCentralEnvs = [];
+  console.log(_chalk.default.gray(SaasPrompts.environmentsDescription));
+  while (askEnvs) {
+    const env = await (0, _basicPrompts.askInput)({
+      msg: SaasPrompts.enterEnvironments,
+      allowEmptyInput: true
+    });
+    if (envs.length === 0 && (!env || env.toString().trim() === "")) {
+      break;
+    }
+    if (env && env.toString().trim() !== "") {
+      envs.push(env);
+    }
+    const centralMappingEnv = await (0, _basicPrompts.askList)({
+      msg: SaasPrompts.selectCentralMappingEnvironment,
+      choices: centralEnvs.map(e => e.name)
+    });
+    if (centralMappingEnv && centralMappingEnv.toString().trim() !== "") {
+      mappedCentralEnvs.push(centralMappingEnv);
+    }
+    centralEnvs = centralEnvs.filter(env => env.name !== centralMappingEnv);
+
+    // Only ask if they want to continue if there are still environments available to map
+    if (centralEnvs.length > 0) {
+      askEnvs = (await (0, _basicPrompts.askList)({
+        msg: SaasPrompts.enterMoreEnvironments,
+        default: _types.YesNo.No,
+        choices: _types.YesNoChoices
+      })) === _types.YesNo.Yes;
+    } else {
+      askEnvs = false;
+    }
+  }
+  hostedAgentValues.environments = envs;
+  hostedAgentValues.centralEnvironments = mappedCentralEnvs;
+};
+const validateFrequency = () => input => {
+  let val = (0, _basicPrompts.validateRegex)(helpers.frequencyRegex, helpers.invalidValueExampleErrMsg('frequency', '3d5h12m'))(input);
+  if (typeof val === "string") {
+    return val;
+  }
+  let r = input.toString().match(/^(\d*)m/);
+  if (r) {
+    // only minutes
+    let mins = r[1];
+    if (parseInt(mins, 10) < 30) {
+      return "Minimum frequency is 30m";
+    }
+  }
+  return true;
+};
+
+//
+// Questions for the configuration of Akamai agents
+//
+const askAkamaiBaseUrl = async () => await (0, _basicPrompts.askInput)({
+  msg: SaasPrompts.enterBaseUrl,
+  validate: (0, _basicPrompts.validateRegex)(helpers.AkamaiRegexPatterns.baseURLRegex, helpers.invalidValueExampleErrMsg('baseURL', 'https://akamai.com'))
+});
+const askAkamaiClientId = async () => await (0, _basicPrompts.askInput)({
+  msg: SaasPrompts.enterClientId
+});
+const askAkamaiClientSecret = async () => await (0, _basicPrompts.askInput)({
+  msg: SaasPrompts.enterClientSecret
+});
+const askAkamaiSegmentLength = async () => await (0, _basicPrompts.askInput)({
+  msg: SaasPrompts.enterSegmentLength,
+  type: 'number',
+  validate: (0, _basicPrompts.validateValueRange)(0)
+});
+
+// @ts-ignore
+const gatewayConnectivity = async installConfig => {
+  console.log('\nCONNECTION TO AKAMAI API GATEWAY:');
+  // DeploymentType
+  let hostedAgentValues = new SaasAkamaiAgentValues();
+  if (installConfig.gatewayType === _types.SaaSGatewayTypes.AKAMAI) {
+    var _installConfig$centra;
+    log('gathering access details for akamai');
+
+    // Akamai connection details
+    hostedAgentValues = new SaasAkamaiAgentValues();
+    hostedAgentValues.baseUrl = await askAkamaiBaseUrl();
+    hostedAgentValues.clientId = await askAkamaiClientId();
+    hostedAgentValues.clientSecret = await askAkamaiClientSecret();
+    hostedAgentValues.segmentLength = await askAkamaiSegmentLength();
+    const centralEnvs = await helpers.getCentralEnvironments(installConfig.centralConfig.apiServerClient, installConfig.centralConfig.definitionManager);
+    // Pass the already-selected agent installation environment to exclude it from mapping choices
+    const agentInstallEnv = (_installConfig$centra = installConfig.centralConfig.ampcEnvInfo) === null || _installConfig$centra === void 0 ? void 0 : _installConfig$centra.name;
+    await askEnvironments(centralEnvs, hostedAgentValues, agentInstallEnv);
+  }
+  return hostedAgentValues;
+};
+const generateOutput = async installConfig => {
+  return `Install complete of hosted agent for ${installConfig.gatewayType} region`;
+};
+const createEncryptedAccessData = async (hostedAgentValues, dataplaneRes) => {
+  var _dataplaneRes$securit, _dataplaneRes$securit2;
+  // grab key from data plane resource
+  let key = ((_dataplaneRes$securit = dataplaneRes.security) === null || _dataplaneRes$securit === void 0 ? void 0 : _dataplaneRes$securit.encryptionKey) || "";
+  let hash = ((_dataplaneRes$securit2 = dataplaneRes.security) === null || _dataplaneRes$securit2 === void 0 ? void 0 : _dataplaneRes$securit2.encryptionHash) || "";
+  if (key === "" || hash === "") {
+    throw Error(`cannot encrypt access data as the encryption key info was incomplete`);
+  }
+  const accessData = hostedAgentValues.getAccessData();
+  let encData = _crypto.default.publicEncrypt({
+    key: key,
+    padding: _crypto.default.constants.RSA_PKCS1_OAEP_PADDING,
+    oaepHash: hash
+  }, new Uint8Array(Buffer.from(accessData, 'utf8')));
+  return encData.toString("base64");
+};
+const completeInstall = async (installConfig, apiServerClient, defsManager) => {
+  /**
+   * Create agent resources
+   */
+  console.log("\n");
+  let akamaiAgentValues = installConfig.gatewayConfig;
+
+  // create the environment, if necessary
+  installConfig.centralConfig.environment = installConfig.centralConfig.ampcEnvInfo.isNew ? await helpers.createByResourceType(apiServerClient, defsManager, installConfig.centralConfig.ampcEnvInfo.name, 'Environment', 'env', {
+    axwayManaged: installConfig.centralConfig.axwayManaged,
+    production: installConfig.centralConfig.production
+  }) : installConfig.centralConfig.ampcEnvInfo.name;
+  if (installConfig.gatewayType === _types.GatewayTypes.AKAMAI) {
+    const akamaiGroupObjs = (akamaiAgentValues.environments || []).map((env, idx) => new AkamaiGroups(env, akamaiAgentValues.centralEnvironments[idx]));
+    akamaiAgentValues.dataplaneConfig = new AkamaiDataplaneConfig(akamaiAgentValues.clientId, akamaiAgentValues.baseUrl, akamaiAgentValues.segmentLength, akamaiGroupObjs);
+  }
+
+  // create the data plane resource
+  let dataplaneRes = await helpers.createNewDataPlaneResource(apiServerClient, defsManager, installConfig.centralConfig.environment, _types.GatewayTypeToDataPlane[installConfig.gatewayType], akamaiAgentValues.dataplaneConfig);
+  // create data plane secret resource
+  try {
+    await helpers.createNewDataPlaneSecretResource(apiServerClient, defsManager, installConfig.centralConfig.environment, _types.GatewayTypeToDataPlane[installConfig.gatewayType], dataplaneRes.name, await createEncryptedAccessData(akamaiAgentValues, dataplaneRes));
+  } catch (error) {
+    log(error);
+    console.log(_chalk.default.redBright("rolling back installation. Please check the credential data before re-running install"));
+    if (installConfig.centralConfig.ampcEnvInfo.isNew) {
+      await helpers.deleteByResourceType(apiServerClient, defsManager, installConfig.centralConfig.ampcEnvInfo.name, 'Environment', 'env');
+    } else {
+      await helpers.deleteByResourceType(apiServerClient, defsManager, dataplaneRes.name, "Dataplane", "dp", installConfig.centralConfig.environment);
+    }
+    return;
+  }
+
+  // create compliance agent resource 
+  installConfig.centralConfig.taAgentName = await helpers.createNewAgentResource(apiServerClient, defsManager, installConfig.centralConfig.environment, _types.GatewayTypeToDataPlane[installConfig.gatewayType], _types.AgentResourceKind.ca, _types.AgentTypes.ca, installConfig.centralConfig.ampcTeamName, _types.GatewayTypeToDataPlane[installConfig.gatewayType] + " Compliance Agent", dataplaneRes.name);
+  console.log(await generateOutput(installConfig));
+};
+const AkamaiSaaSInstallMethods = exports.AkamaiSaaSInstallMethods = {
+  GetBundleType: askBundleType,
+  GetDeploymentType: askConfigType,
+  AskGatewayQuestions: gatewayConnectivity,
+  FinalizeGatewayInstall: completeInstall,
+  ConfigFiles: [],
+  AgentNameMap: {
+    [_types.AgentTypes.ca]: _types.AgentNames.AKAMAI_CA
+  },
+  GatewayDisplay: _types.GatewayTypes.AKAMAI
+};
+
+// These are the items that are not exported, but need to be for testing
+const testables = exports.testables = {
+  SaasAgentValues,
+  SaasAkamaiAgentValues,
+  SaasPrompts,
+  ConfigFiles,
+  createEncryptedAccessData,
+  // <-- already exported
+  validateFrequency,
+  // <-- add this line for test access
+  askEnvironments // <-- add this for testing the new logic
+};

package/dist/commands/install/awsSaasAgents.js

@@ -367,11 +367,12 @@ const createEncryptedAccessData = async (hostedAgentValues, dataplaneRes) => {
   if (key === '' || hash === '') {
     throw Error(`cannot encrypt access data as the encryption key info was incomplete`);
   }
+  let accessData = hostedAgentValues.getAccessData();
   let encData = _crypto.default.publicEncrypt({
     key: key,
     padding: _crypto.default.constants.RSA_PKCS1_OAEP_PADDING,
     oaepHash: hash
-  }, Buffer.from(hostedAgentValues.getAccessData()));
+  }, new Uint8Array(Buffer.from(accessData, 'utf8')));
   return encData.toString('base64');
 };
 const completeInstall = async (installConfig, apiServerClient, defsManager) => {

package/dist/commands/install/helpers/index.js

@@ -80,6 +80,18 @@ Object.keys(_regex).forEach(function (key) {
     }
   });
 });
+var _akamaiTemplates = require("./templates/akamaiTemplates");
+Object.keys(_akamaiTemplates).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _akamaiTemplates[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _akamaiTemplates[key];
+    }
+  });
+});
 var _apigeexTemplates = require("./templates/apigeexTemplates");
 Object.keys(_apigeexTemplates).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
@@ -263,6 +275,7 @@ const configFiles = exports.configFiles = {
 };
 const agentsDocsUrl = exports.agentsDocsUrl = {
   V7: 'https://docs.axway.com/bundle/amplify-central/page/docs/connect_manage_environ/connect_api_manager/index.html',
+  AKAMAI: 'https://docs.axway.com/bundle/amplify-central/page/docs/runtime_security/configure_runtime_compliance_akamai/index.html',
   APIGEEX: 'https://docs.axway.com/bundle/amplify-central/page/docs/connect_manage_environ/connect_apigeex_gateway/index.html',
   AWS: 'https://docs.axway.com/bundle/amplify-central/page/docs/connect_manage_environ/connect_aws_gateway/index.html',
   AZURE: 'https://docs.axway.com/bundle/amplify-central/page/docs/connect_manage_environ/connect_azure_gateway/index.html',

package/dist/commands/install/helpers/inputs.js

@@ -3,7 +3,7 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.serviceAccountNameAlreadyExists = exports.selectServiceAccount = exports.selectAWSRegion = exports.secretAlreadyExists = exports.namespaceAlreadyExists = exports.k8sClusterMessages = exports.idpTestables = exports.idpMessages = exports.getCentralEnvironments = exports.envMessages = exports.enterServiceAccountName = exports.enterPublicKeyPath = exports.enterPrivateKeyPath = exports.enterNamespaceName = exports.enterAWSRegion = exports.createNamespace = exports.createGatewayAgentCredsSecret = exports.createAmplifyAgentKeysSecret = exports.askServiceAccountName = exports.askReferencedEnvironments = exports.askPublicKeyPath = exports.askPublicAndPrivateKeysPath = exports.askPrivateKeyPath = exports.askNamespace = exports.askKeyValuePairLoop = exports.askK8sClusterName = exports.askForSecretName = exports.askForIDPConfiguration = exports.askForIDPAuthConfiguration = exports.askEnvironmentName = exports.askDosaClientId = exports.askBundleType = exports.askArrayLoop = exports.askAgentName = exports.askAWSRegion = exports.agentMessages = exports.addIdentityProvider = void 0;
+exports.serviceAccountNameAlreadyExists = exports.selectServiceAccount = exports.selectAWSRegion = exports.secretAlreadyExists = exports.namespaceAlreadyExists = exports.idpTestables = exports.idpMessages = exports.getCentralEnvironments = exports.envMessages = exports.enterServiceAccountName = exports.enterPublicKeyPath = exports.enterPrivateKeyPath = exports.enterNamespaceName = exports.enterAWSRegion = exports.createNamespace = exports.createGatewayAgentCredsSecret = exports.createAmplifyAgentKeysSecret = exports.clusterMessages = exports.askServiceAccountName = exports.askReferencedEnvironments = exports.askPublicKeyPath = exports.askPublicAndPrivateKeysPath = exports.askPrivateKeyPath = exports.askNamespace = exports.askKeyValuePairLoop = exports.askForSecretName = exports.askForIDPConfiguration = exports.askForIDPAuthConfiguration = exports.askEnvironmentName = exports.askDosaClientId = exports.askClusterName = exports.askBundleType = exports.askArrayLoop = exports.askAgentName = exports.askAWSRegion = exports.agentMessages = exports.addIdentityProvider = void 0;
 var _chalk = _interopRequireDefault(require("chalk"));
 var _snooplogg = _interopRequireDefault(require("snooplogg"));
 var _inquirer = _interopRequireDefault(require("inquirer"));
@@ -30,8 +30,8 @@ const envMessages = exports.envMessages = {
   environmentAlreadyExists: 'Environment already exists. Please enter a new name.',
   selectTeam: 'Select a team'
 };
-const k8sClusterMessages = exports.k8sClusterMessages = {
-  enterK8sClusterName: 'Enter a unique k8s cluster name'
+const clusterMessages = exports.clusterMessages = {
+  enterClusterName: 'Enter a unique cluster name'
 };
 const agentMessages = exports.agentMessages = {
   enterDiscoveryAgentName: 'Enter a new discovery agent name',
@@ -317,15 +317,15 @@ const askReferencedEnvironments = async (client, defsManager, envInfo) => {
   return selectedRefEnv;
 };
 exports.askReferencedEnvironments = askReferencedEnvironments;
-const askK8sClusterName = async () => {
+const askClusterName = async () => {
   const name = await (0, _basicPrompts.askInput)({
-    msg: k8sClusterMessages.enterK8sClusterName,
+    msg: clusterMessages.enterClusterName,
     defaultValue: cliNowString,
-    validate: (0, _basicPrompts.runValidations)((0, _basicPrompts.validateRegex)(_regex.resourceRegex, (0, _regex.invalidResourceMsg)('K8sCluster')))
+    validate: (0, _basicPrompts.runValidations)((0, _basicPrompts.validateRegex)(_regex.resourceRegex, (0, _regex.invalidResourceMsg)('Cluster')))
   });
   return name;
 };
-exports.askK8sClusterName = askK8sClusterName;
+exports.askClusterName = askClusterName;
 const askAgentName = async (client, defsManager, agentType, scopeName) => {
   var _agents;
   let resourceType;

package/dist/commands/install/helpers/regex.js

@@ -3,7 +3,7 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.resourceRegex = exports.namespaceRegex = exports.maskingRegex = exports.keyFromKeyValuePairRegex = exports.invalidResourceMsg = exports.invalidNamespace = exports.invalidDosaName = exports.invalidDomainName = exports.frequencyRegex = exports.dosaRegex = exports.domainNameRegex = exports.WSO2RegexPatterns = exports.SensediaRegexPatterns = exports.KafkaRegexPatterns = exports.GitLabRegexPatterns = exports.GitHubRegexPatterns = exports.AzureRegexPatterns = exports.AWSRegexPatterns = exports.APIGEEXRegexPatterns = void 0;
+exports.resourceRegex = exports.namespaceRegex = exports.maskingRegex = exports.keyFromKeyValuePairRegex = exports.invalidResourceMsg = exports.invalidNamespace = exports.invalidDosaName = exports.invalidDomainName = exports.frequencyRegex = exports.dosaRegex = exports.domainNameRegex = exports.WSO2RegexPatterns = exports.SensediaRegexPatterns = exports.KafkaRegexPatterns = exports.GitLabRegexPatterns = exports.GitHubRegexPatterns = exports.AzureRegexPatterns = exports.AkamaiRegexPatterns = exports.AWSRegexPatterns = exports.APIGEEXRegexPatterns = void 0;
 const resourceRegex = exports.resourceRegex = '^(?:[a-z0-9]*(?:\\.(?=[a-z0-9])|-+(?=[a-z0-9]))?)+[a-z0-9]$';
 const namespaceRegex = exports.namespaceRegex = '^[a-z0-9]?(?:[-a-z0-9]*[a-z0-9]){1,100}?$';
 const domainNameRegex = exports.domainNameRegex = '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])\\.)+([A-Za-z]){2,}$';
@@ -69,4 +69,7 @@ const SensediaRegexPatterns = exports.SensediaRegexPatterns = {
   noCommaRegex: '^[^,]+$',
   emailRegex: '^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$',
   urlRegex: '^(http:\/\/|https:\/\/)[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,5}(:[0-9]{1,5})?(\/.*)?$'
+};
+const AkamaiRegexPatterns = exports.AkamaiRegexPatterns = {
+  baseURLRegex: '^(http:\/\/|https:\/\/)[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,5}(:[0-9]{1,5})?(\/.*)?$'
 };

package/dist/commands/install/helpers/templates/akamaiTemplates.js

@@ -0,0 +1,122 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.akamaiHelmOverrideTemplate = exports.akamaiEnvVarTemplate = exports.AkamaiAgentValues = void 0;
+var _types = require("../../../../common/types");
+var _handlebars = _interopRequireDefault(require("handlebars"));
+function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+function _defineProperty(e, r, t) { return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, { value: t, enumerable: !0, configurable: !0, writable: !0 }) : e[r] = t, e; }
+function _toPropertyKey(t) { var i = _toPrimitive(t, "string"); return "symbol" == typeof i ? i : i + ""; }
+function _toPrimitive(t, r) { if ("object" != typeof t || !t) return t; var e = t[Symbol.toPrimitive]; if (void 0 !== e) { var i = e.call(t, r || "default"); if ("object" != typeof i) return i; throw new TypeError("@@toPrimitive must return a primitive value."); } return ("string" === r ? String : Number)(t); }
+/**
+ * @description Parameters to provide to the Akamai handlebars templates.
+ */
+class AkamaiAgentValues {
+  constructor() {
+    _defineProperty(this, "namespace", void 0);
+    _defineProperty(this, "baseUrl", void 0);
+    _defineProperty(this, "clientId", void 0);
+    _defineProperty(this, "clientSecret", void 0);
+    _defineProperty(this, "segmentLength", void 0);
+    _defineProperty(this, "environments", void 0);
+    _defineProperty(this, "centralEnvironments", void 0);
+    _defineProperty(this, "centralConfig", void 0);
+    _defineProperty(this, "traceabilityConfig", void 0);
+    _defineProperty(this, "akamaiSecret", void 0);
+    _defineProperty(this, "agentKeysSecret", void 0);
+    this.namespace = {
+      name: '',
+      isNew: false
+    };
+    this.baseUrl = '';
+    this.clientId = '';
+    this.clientSecret = '';
+    this.segmentLength = 1;
+    this.environments = [];
+    this.centralEnvironments = [];
+    this.centralConfig = new _types.CentralAgentConfig();
+    this.traceabilityConfig = new _types.TraceabilityConfig();
+    this.akamaiSecret = '';
+    this.agentKeysSecret = '';
+  }
+}
+exports.AkamaiAgentValues = AkamaiAgentValues;
+_handlebars.default.registerHelper('formatIndex', index => {
+  return index + 1;
+});
+
+/**
+ * @description Generates the helm override file for the Amplify Akamai Agent.
+ */
+const akamaiHelmOverrideTemplate = () => {
+  return `---
+# Akamai Agent image overrides
+# image:
+#   fullPath:
+#   registry: docker.repository.axway.com
+#   repository: ampc-beano-docker-prod/1.1
+#   name: akamai-agent
+#   tag:
+#   pullPolicy: IfNotPresent
+#   pullSecret:
+
+akamai:
+  baseUrl: {{baseUrl}}
+  clientId: {{clientId}}
+  clientSecret: {{clientSecret}}
+  segmentLength: {{segmentLength}}
+  {{#compare . environments.length 0 operator="!=" }}
+  {{#environments}}
+  akamai_environmentmapping_akamai_{{formatIndex @index}}={{.}}
+  akamai_environmentmapping_amplify_{{formatIndex @index}}={{lookup ../centralEnvironments @index}}
+  {{/environments}}
+  {{/compare}}
+
+env:
+  CENTRAL_REGION: {{centralConfig.region}}
+  CENTRAL_ORGANIZATIONID: "{{centralConfig.orgId}}"
+  CENTRAL_TEAM: {{centralConfig.ampcTeamName}}
+  CENTRAL_ENVIRONMENT: {{centralConfig.environment}}
+  CENTRAL_AGENTNAME: {{centralConfig.caAgentName}}
+  CENTRAL_AUTH_CLIENTID: {{centralConfig.dosaAccount.clientId}}
+`;
+};
+
+/**
+ * @description Generates the Amplify Akamai Agent env vars file.
+ */
+exports.akamaiHelmOverrideTemplate = akamaiHelmOverrideTemplate;
+const akamaiEnvVarTemplate = () => {
+  return `# Akamai configs
+AKAMAI_BASEURL={{baseUrl}}
+AKAMAI_CLIENTID={{clientId}}
+AKAMAI_CLIENTSECRET={{clientSecret}}
+AKAMAI_SEGMENTLENGTH={{segmentLength}}
+{{#compare . environments.length 0 operator="!=" }}
+{{#environments}}
+AKAMAI_ENVIRONMENTMAPPING_AKAMAI_{{formatIndex @index}}={{.}}
+AKAMAI_ENVIRONMENTMAPPING_AMPLIFY_{{formatIndex @index}}={{lookup ../centralEnvironments @index}}
+{{/environments}}
+{{/compare}}
+
+# Amplify Central configs
+CENTRAL_AGENTNAME={{centralConfig.caAgentName}}
+CENTRAL_AUTH_CLIENTID={{centralConfig.dosaAccount.clientId}}
+CENTRAL_AUTH_PRIVATEKEY={{centralConfig.dosaAccount.templatePrivateKey}}
+CENTRAL_AUTH_PUBLICKEY={{centralConfig.dosaAccount.templatePublicKey}}
+CENTRAL_ENVIRONMENT={{centralConfig.environment}} 
+CENTRAL_ORGANIZATIONID={{centralConfig.orgId}}
+CENTRAL_TEAM={{centralConfig.ampcTeamName}}
+CENTRAL_REGION={{centralConfig.region}}
+# Logging configs
+# Define the logging level: info, debug, error
+LOG_LEVEL=info
+# Specify where to send the log: stdout, file, both
+LOG_OUTPUT=stdout
+# Define where the log files are written
+LOG_FILE_PATH=logs
+`;
+};
+exports.akamaiEnvVarTemplate = akamaiEnvVarTemplate;

package/dist/commands/install/helpers/templates/istioTemplates.js

@@ -53,10 +53,10 @@ als:
   #   pullPolicy: IfNotPresent
   #   pullSecret:
 
-  # Header publishing mode. Set to default or verbose.
+  # Header publishing mode. Set to ambient, default, or verbose. Ambient is the recommended baseline.
   mode: {{istioAgentValues.alsMode}}
 
-  # Name of the k8scluster
+  # Name of the cluster
   clusterName: {{istioAgentValues.clusterName}}
 
   # Name of the secret containing the public & private keys used by the provided service account client ID
@@ -95,7 +95,7 @@ da:
   # Name of the secret containing the public & private keys used by the provided service account client ID
   keysSecretName: {{istioAgentValues.keysSecretName}}
 
-  # Name of the K8SCluster the agent is connected to
+  # Name of the cluster the agent is connected to
   clusterName: {{istioAgentValues.clusterName}}
 
   # Resource discovery config

package/dist/commands/install/istioAgents.js

@@ -3,7 +3,7 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.testables = exports.setupKubernetes = exports.setupIstio = exports.istioSystemNs = exports.istioPrompts = exports.installPreprocess = exports.gatewayConnectivity = exports.gatewayCertSecret = exports.defaultLogFiles = exports.createIstioOverride = exports.createIstioGatewayCert = exports.createHybridOverride = exports.createEnvResources = exports.completeInstall = exports.askIstioSecret = exports.askConfigType = exports.askBundleType = exports.amplifyAgentsNs = exports.amplifyAgentsCredsSecret = exports.ampcDemoNs = exports.IstioInstallMethods = exports.ConfigFiles = exports.AlsMode = void 0;
+exports.testables = exports.setupKubernetes = exports.setupIstio = exports.istioSystemNs = exports.istioPrompts = exports.installPreprocess = exports.gatewayConnectivity = exports.gatewayCertSecret = exports.defaultLogFiles = exports.createIstioOverride = exports.createIstioGatewayCert = exports.createHybridOverride = exports.completeInstall = exports.askIstioSecret = exports.askConfigType = exports.askBundleType = exports.amplifyAgentsNs = exports.amplifyAgentsCredsSecret = exports.ampcDemoNs = exports.IstioInstallMethods = exports.ConfigFiles = exports.AlsMode = void 0;
 var _chalk = _interopRequireDefault(require("chalk"));
 var _snooplogg = _interopRequireDefault(require("snooplogg"));
 var _bashCommands = require("../../common/bashCommands");
@@ -30,6 +30,7 @@ const amplifyAgentsCredsSecret = exports.amplifyAgentsCredsSecret = 'amplify-age
 let AlsMode = exports.AlsMode = /*#__PURE__*/function (AlsMode) {
   AlsMode["Verbose"] = "verbose";
   AlsMode["Default"] = "default";
+  AlsMode["Ambient"] = "ambient";
   return AlsMode;
 }({}); // ConfigFiles - all the config file that are used in the setup
 const ConfigFiles = exports.ConfigFiles = {
@@ -189,12 +190,16 @@ const askALSMode = async () => {
   return (0, _basicPrompts.askList)({
     msg: istioPrompts.alsMode,
     choices: [{
+      name: AlsMode.Ambient.charAt(0).toUpperCase() + AlsMode.Ambient.slice(1),
+      value: AlsMode.Ambient
+    }, {
       name: AlsMode.Default.charAt(0).toUpperCase() + AlsMode.Default.slice(1),
       value: AlsMode.Default
     }, {
       name: AlsMode.Verbose.charAt(0).toUpperCase() + AlsMode.Verbose.slice(1),
       value: AlsMode.Verbose
-    }]
+    }],
+    default: AlsMode.Ambient
   });
 };
 const askVsNamespacePrompt = async () => {
@@ -218,7 +223,7 @@ const setupKubernetes = async istioValues => {
   let istioAgentValues = istioValues.istioAgentValues;
   console.log(_chalk.default.gray(`\nThere are several steps to prepare a Kubernetes cluster for the Amplify Istio Agents.\nThe following questions collect the namespace and secret to use for the Istio gateway.\n`));
   if (istioAgentValues.alsEnabled) {
-    console.log(_chalk.default.gray(`\nThe Istio Traceability Agent can log a minimal set of HTTP headers needed for transaction publishing (default) or it can capture all headers (verbose).\n`));
+    console.log(_chalk.default.gray(`\nThe Istio Traceability Agent supports three modes: default (minimal required header subset), ambient (baseline headers with optional Telemetry CR emission), and verbose (capture all request/response headers).\n`));
     istioAgentValues.alsMode = await askALSMode();
   }
   if (istioAgentValues.discoveryEnabled) {
@@ -233,7 +238,7 @@ const setupKubernetes = async istioValues => {
 
   // set keySecretName
   istioAgentValues.keysSecretName = helpers.amplifyAgentsKeysSecret;
-  istioAgentValues.clusterName = await (0, _helpers.askK8sClusterName)();
+  istioAgentValues.clusterName = await (0, _helpers.askClusterName)();
   return istioAgentValues;
 };
 exports.setupKubernetes = setupKubernetes;
@@ -273,11 +278,6 @@ const createIstioOverride = overrides => {
   }
 };
 exports.createIstioOverride = createIstioOverride;
-const createEnvResources = async (client, defs, clusterName) => {
-  // Create the mesh K8SCluster resource
-  await helpers.createByResourceType(client, defs, clusterName, 'K8SCluster', 'k8sc', {}, '');
-};
-exports.createEnvResources = createEnvResources;
 const createHybridOverride = overrides => {
   const overrideFileName = ConfigFiles.HybridOverrideFile;
   (0, _utils.writeTemplates)(overrideFileName, overrides, helpers.istioAgentsTemplate);

package/dist/commands/install/platform.js

@@ -90,8 +90,8 @@ const getCentralConfig = async (apiServerClient, platformClient, defsManager, ap
   centralConfig.taAgentName = '';
   centralConfig.caAgentName = '';
 
-  // Determine if we should use CA (compliance) or TA agent. Compliance is good for TRACEABLE and GRAYLOG (atm)
-  const isCaType = installConfig.gatewayType === _types.GatewayTypes.TRACEABLE || installConfig.gatewayType === _types.GatewayTypes.GRAYLOG;
+  // Determine if we should use CA (compliance) or TA agent. Compliance is good for TRACEABLE, AKAMAI and GRAYLOG (atm)
+  const isCaType = installConfig.gatewayType === _types.GatewayTypes.TRACEABLE || installConfig.gatewayType === _types.GatewayTypes.AKAMAI || installConfig.gatewayType === _types.GatewayTypes.GRAYLOG;
   const agentType = isCaType ? _types.AgentTypes.ca : _types.AgentTypes.ta;
   const agentNameProperty = isCaType ? 'caAgentName' : 'taAgentName';
   if (installConfig.switches.isTaEnabled && !installConfig.switches.isHostedInstall) {

package/dist/commands/install/traceableSaasAgents.js

@@ -209,7 +209,7 @@ const createEncryptedAccessData = async (hostedAgentValues, dataplaneRes) => {
     key: key,
     padding: _crypto.default.constants.RSA_PKCS1_OAEP_PADDING,
     oaepHash: hash
-  }, Buffer.from(accessData));
+  }, new Uint8Array(Buffer.from(accessData, 'utf8')));
   return encData.toString("base64");
 };
 const completeInstall = async (installConfig, apiServerClient, defsManager) => {

package/dist/common/types.js

@@ -186,6 +186,7 @@ let BundleType = exports.BundleType = /*#__PURE__*/function (BundleType) {
   return BundleType;
 }({});
 let AgentNames = exports.AgentNames = /*#__PURE__*/function (AgentNames) {
+  AgentNames["AKAMAI_CA"] = "akamai-compliance-agent";
   AgentNames["AWS_DA"] = "aws-apigw-discovery-agent";
   AgentNames["AWS_TA"] = "aws-apigw-traceability-agent";
   AgentNames["GITHUB_DA"] = "github-discovery-agent";
@@ -216,6 +217,7 @@ let AgentNames = exports.AgentNames = /*#__PURE__*/function (AgentNames) {
   return AgentNames;
 }({});
 let GatewayTypes = exports.GatewayTypes = /*#__PURE__*/function (GatewayTypes) {
+  GatewayTypes["AKAMAI"] = "Akamai";
   GatewayTypes["EDGE_GATEWAY"] = "Amplify API Gateway";
   GatewayTypes["APIGEEX_GATEWAY"] = "Apigee X Gateway";
   GatewayTypes["AWS_GATEWAY"] = "Amazon API Gateway";
@@ -236,6 +238,7 @@ let GatewayTypes = exports.GatewayTypes = /*#__PURE__*/function (GatewayTypes) {
   return GatewayTypes;
 }({});
 let SaaSGatewayTypes = exports.SaaSGatewayTypes = /*#__PURE__*/function (SaaSGatewayTypes) {
+  SaaSGatewayTypes["AKAMAI"] = "Akamai";
   SaaSGatewayTypes["AWS_GATEWAY"] = "Amazon API Gateway";
   SaaSGatewayTypes["APIGEEX_GATEWAY"] = "Apigee X Gateway";
   SaaSGatewayTypes["GITHUB"] = "GitHub";
@@ -244,6 +247,7 @@ let SaaSGatewayTypes = exports.SaaSGatewayTypes = /*#__PURE__*/function (SaaSGat
   return SaaSGatewayTypes;
 }({});
 let DataPlaneNames = exports.DataPlaneNames = /*#__PURE__*/function (DataPlaneNames) {
+  DataPlaneNames["AKAMAI"] = "Akamai";
   DataPlaneNames["APIGEEX"] = "Apigee X";
   DataPlaneNames["AWS"] = "AWS";
   DataPlaneNames["GITHUB"] = "GitHub";
@@ -266,6 +270,7 @@ let DataPlaneNames = exports.DataPlaneNames = /*#__PURE__*/function (DataPlaneNa
   return DataPlaneNames;
 }({});
 const GatewayTypeToDataPlane = exports.GatewayTypeToDataPlane = {
+  [GatewayTypes.AKAMAI]: DataPlaneNames.AKAMAI,
   [GatewayTypes.EDGE_GATEWAY]: DataPlaneNames.EDGE,
   [GatewayTypes.EDGE_GATEWAY_ONLY]: DataPlaneNames.EDGE,
   [GatewayTypes.APIGEEX_GATEWAY]: DataPlaneNames.APIGEEX,
@@ -409,6 +414,7 @@ class AgentInstallConfig {
     _defineProperty(this, "deploymentType", void 0);
     _defineProperty(this, "daVersion", void 0);
     _defineProperty(this, "taVersion", void 0);
+    _defineProperty(this, "caVersion", void 0);
     _defineProperty(this, "gatewayConfig", void 0);
     _defineProperty(this, "idpConfig", void 0);
     _defineProperty(this, "traceabilityConfig", void 0);
@@ -421,6 +427,7 @@ class AgentInstallConfig {
     this.idpConfig = [[], []];
     this.daVersion = 'latest';
     this.taVersion = 'latest';
+    this.caVersion = 'latest';
     this.switches = new AgentInstallSwitches();
     this.traceabilityConfig = new TraceabilityConfig();
   }

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@axway/axway-central-cli",
-	"version": "4.7.0",
+	"version": "4.9.0-rc.0",
 	"description": "Manage APIs, services and publish to the Amplify Marketplace",
 	"homepage": "https://platform.axway.com",
 	"author": {