Merge branch 'master' into master

google · Feb 9, 2024 · b612373 · b612373
2 parents f180bf0 + a5d0bef
commit b612373
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 25 deletions.
diff --git a/tools/README.md b/tools/README.md
@@ -75,6 +75,14 @@ $ ./tools/docker_run.sh abel
 2. Follow setup instructions for the [GUID Generator](./guid_generator).
 3. Run `sudo python setup.py` for this directory.
 
+##### Authentication
+
+To Authenticate against GCP PubSub for telemetry validation you must install 
+and initialize the [gcloud CLI](https://cloud.google.com/sdk/docs/install). 
+Then, use the 
+[gcloud auth application-default-login](https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login)
+command to create credentials for default logins.
+
 ### Toolkit CLI Workflow
 
 Run `python toolkit.py` and provide the following arguments:
@@ -87,17 +95,18 @@ Run `python toolkit.py` and provide the following arguments:
 
 4. `--validate` or `-v`: Runs instance validator to validate the building configuration file.
 
-5. [Optional] Telemetry Validation: After a building configuration's entity types are validated, validation must also be run on the telemetry payload using the following parameters. **NOTE:** The OAuth credential (`-c`) and subscription (`-s`) are provided by the Google team. Please reach out to your IoT TPM for guidance.
+5. [Optional] Telemetry Validation: After a building configuration's entity 
+   types are validated, validation must also be run on the telemetry payload 
+   using the following parameters. **NOTE:** The  subscription (`-s`) is 
+   provided by the Google team. Please reach out to your IoT TPM for guidance.
 
    * `--subscription` or `-s`: The fully-qualified path to a Google Cloud Pubsub subscription (e.g., `projects/google.com:your-project/subscriptions/your-subscription`).
 
-   * `--credential` or `-c`: An absolute or relative path to an OAuth client credential JSON file.
-
    * `--timeout` or `-t` **[Optional]**: The timeout duration in seconds for the telemetry validation test. The default value is 600 seconds, or 10 minutes. If this time limit is exceeded before the validator receives a test pubsub message for each of the entities configured in the given instance config file, the test will fail with an error and report the entities that were not heard from.
 
-7. `--report-directory` or `-d` **[Optional]**: Writes instance validation (instance_validation_report.txt) and telemetry validation (telemetry_validation_report.json) reports to the specified `report-directory`. By default, writes instance validation output to the console and telemetry validation output to the current working directory.
+6`--report-directory` or `-d` **[Optional]**: Writes instance validation(instance_validation_report.txt) and telemetry validation (telemetry_validation_report.json) reports to the specified `report-directory`. By default, writes instance validation output to the console and telemetry validation output to the current working directory.
 
-8. `--udmi` **[Optional]**: Validates entity metadata as [UDMI](https://github.com/faucetsdn/udmi/). Flag is set to `True` by default; change this parameter to `--udmi=False` when not validating against UDMI.
+7`--udmi` **[Optional]**: Validates entity metadata as [UDMI](https://github.com/faucetsdn/udmi/). Flag is set to `True` by default; change this parameter to `--udmi=False` when not validating against UDMI.
 
 For example, the following input
 
@@ -107,10 +116,13 @@ python toolkit.py -i //path/to/building/configuration/file.yaml -g -v -s subscri
 
 results in these actions:
 1. Ingests a building configuration file.
-2. Generates guids for every entity instance in the buiding configuration file and re-writes building configuration file in the new format.
-4. Validates the building configuration file with the instance validator.
-5. Validates the telemetry payloads for each reporting entity in the building configuration file.
-6. Writes instance and telemetry validation results to the report directory as `//path/to/report-directory/instance_validation_report.txt` and `//path/to/report-directory/telemetry_validation_report.json`.
+2. Generates guids for every entity instance in the building configuration 
+   file and re-writes building configuration file in the new format.
+3. Validates the building configuration file with the instance validator.
+4. Validates the telemetry payloads for each reporting entity in the building 
+   configuration file.
+5. Writes instance and telemetry validation results to the report directory as 
+   `//path/to/report-directory/instance_validation_report.txt` and `//path/to/report-directory/telemetry_validation_report.json`.
 
 **NOTE:** The new building configuration format requires that entities are keyed by Version 4 UUIDs (referred to as guids) instead of the code. To convert from old format to the new format, run your building configuration file(.yaml) through the [guid generator](https://github.com/google/digitalbuildings/tree/master/tools/guid_generator).
 

diff --git a/tools/validators/instance_validator/README.md b/tools/validators/instance_validator/README.md
@@ -74,11 +74,22 @@ Navigate to `digitalbuildings/tools/validators/instance_validator` and run `pyth
 
 ### Telemetry Validation
 
-The validator supports a telemetry validation mode. When this mode is enabled, the validator will listen on a provided pubsub subscription for telemetry messages, and validate the message contents against the instance configuration. **It is recommended that you first use the instance validator with telemetry validation mode disabled, and then enable it after that passes.**
+#### Authentication
+
+To Authenticate against GCP PubSub for telemetry validation you must install 
+and initialize the [gcloud CLI](https://cloud.google.com/sdk/docs/install). 
+Then, use the 
+[gcloud auth application-default-login](https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login)
+command to create credentials for default logins.
 
-If you would like to use the telemetry validation mode, you must provide the `--subscription` parameter and the `--credential` parameter. **NOTE:** The OAuth credential and subscription are provided by the Google team. Please reach out to your IoT TPM for guidance. If a GCP Oauth client credential is not provided, then application default credentials will be used to authenticate against Google APIs. Running telemetry validation will also output a machine-readable log of the validation performed on a set of devices. This log will be output as `telemetry_validation_log.json` in the current working directory, unless otherwise specefied using the `--report_directory` parameter.
+#### Validation
+
+The validator supports a telemetry validation mode. When this mode is enabled, the validator will listen on a provided pubsub subscription for telemetry messages, and validate the message contents against the instance configuration. **It is recommended that you first use the instance validator with telemetry validation mode disabled, and then enable it after that passes.**
 
-1. `--credential` or `-c`: An absolute or relative path to an OAuth client credential JSON file.
+If you would like to use the telemetry validation mode, you must provide the 
+`--subscription` parameter. **NOTE:** The subscription is provided by the 
+Google team. Please reach out to your IoT TPM for guidance. Running 
+telemetry validation will also output a machine-readable log of the validation performed on a set of devices. This log will be output as `telemetry_validation_log.json` in the current working directory, unless otherwise specefied using the `--report_directory` parameter.
 
 2. `--subscription` or `-s`: The fully-qualified path to a Google Cloud Pubsub subscription (e.g., `projects/google.com:your-project/subscriptions/your-subscription`).
 

diff --git a/tools/validators/instance_validator/instance_validator.py b/tools/validators/instance_validator/instance_validator.py
@@ -69,14 +69,6 @@ def _ParseArgs() -> argparse.ArgumentParser:
       help='Pubsub subscription for telemetry to validate',
       metavar='subscription')
 
-  parser.add_argument(
-      '-c',
-      '--credential',
-      dest='gcp_credential',
-      required=False,
-      help='gcp credential used to authenticate against pubsub api',
-      metavar='gcp credential')
-
   parser.add_argument(
       '-t',
       '--timeout',
@@ -114,7 +106,6 @@ def _ParseArgs() -> argparse.ArgumentParser:
       filenames=args.filenames,
       modified_types_filepath=args.modified_types_filepath,
       subscription=args.subscription,
-      gcp_credential_path=args.gcp_credential,
       report_directory=args.report_directory,
       timeout=int(args.timeout),
       is_udmi=is_udmi,

diff --git a/tools/validators/instance_validator/validate/subscriber.py b/tools/validators/instance_validator/validate/subscriber.py
@@ -49,7 +49,7 @@ def __init__(
     assert subscription_name
     self.subscription_name = subscription_name
 
-  def Listen(self, callback, gcp_credential_path: str):
+  def Listen(self, callback, gcp_credential_path: str = None):
     """Listens to a pubsub subscription.
 
     Args:
@@ -71,9 +71,7 @@ def Listen(self, callback, gcp_credential_path: str):
         ) from err
       except MutualTLSChannelError as err:
         raise MutualTLSChannelError(
-            'ABEL cannot authenticate against Google Sheets API with the'
-            ' provided client credential.'
-        ) from err
+            'Instance Validator cannot authenticate against GCP.') from err
     else:
       print(
           '[INFO]\tNo GCP client credential. Using application default'