improved ckpt list

2024-03-17 23:12:43 +08:00 · 2024-03-17 23:12:43 +08:00 · 2fe3b8004e
parent c6384f778d
commit 2fe3b8004e
4 changed files with 80 additions and 4 deletions
--- a/infrastructure/src/main.ts
+++ b/infrastructure/src/main.ts
@ -91,6 +91,7 @@ export class Middleware extends Stack {
        // if the resource manager is executed, it will recheck and create resources for stack
        bucketName: s3BucketName.valueAsString,
        ecrImageTag: ecrImageTagParam.valueAsString,
+        version: 'v1.0.13',
      },
    );

--- a/infrastructure/src/shared/resource-provider-on-event.ts
+++ b/infrastructure/src/shared/resource-provider-on-event.ts
@ -1,7 +1,12 @@
 import { execFile } from 'child_process';
 import { promises as fsPromises } from 'fs';
 import { promisify } from 'util';
-import { CreateTableCommand, CreateTableCommandInput, DynamoDBClient, UpdateTableCommand } from '@aws-sdk/client-dynamodb';
+import {
+  CreateTableCommand,
+  CreateTableCommandInput,
+  DynamoDBClient, PutItemCommand, PutItemCommandInput,
+  UpdateTableCommand,
+} from '@aws-sdk/client-dynamodb';
 import { UpdateTableCommandInput } from '@aws-sdk/client-dynamodb/dist-types/commands/UpdateTableCommand';
 import { AttributeDefinition, KeySchemaElement } from '@aws-sdk/client-dynamodb/dist-types/models/models_0';
 import {
@ -71,6 +76,7 @@ export async function handler(event: Event, context: Object) {
 async function createAndCheckResources() {
  await createBucket();
  await createTables();
+  await putItemUsersTable();
  await createGlobalSecondaryIndex('SDInferenceJobTable');
  await createKms(
    'sd-extension-password-key',
@ -304,6 +310,70 @@ async function createTables() {

 }

+async function putItemUsersTable() {
+
+  await putItem('MultiUserTable', {
+    kind: { S: 'role' },
+    sort_key: { S: 'IT Operator' },
+    creator: { S: 'ESD' },
+    permissions: {
+      L: [
+        { S: 'train:all' },
+        { S: 'checkpoint:all' },
+        { S: 'inference:all' },
+        { S: 'sagemaker_endpoint:all' },
+        { S: 'user:all' },
+        { S: 'role:all' },
+      ],
+    },
+  });
+
+  await putItem('MultiUserTable', {
+    kind: { S: 'role' },
+    sort_key: { S: 'byoc' },
+    creator: { S: 'ESD' },
+    permissions: {
+      L: [
+        { S: 'train:all' },
+        { S: 'checkpoint:all' },
+        { S: 'inference:all' },
+        { S: 'sagemaker_endpoint:all' },
+        { S: 'user:all' },
+        { S: 'role:all' },
+      ],
+    },
+  });
+
+  await putItem('MultiUserTable', {
+    kind: { S: 'user' },
+    sort_key: { S: 'api' },
+    creator: { S: 'ESD' },
+    roles: {
+      L: [
+        {
+          S: 'IT Operator',
+        },
+      ],
+    },
+  });
+
+}
+
+async function putItem(tableName: string, item: any) {
+  try {
+    const putItemCommandInput: PutItemCommandInput = {
+      TableName: tableName,
+      Item: item,
+    };
+    const putItemCommand = new PutItemCommand(putItemCommandInput);
+    await ddbClient.send(putItemCommand);
+    console.log(`putItem into ${tableName}`);
+    console.log(item);
+  } catch (err: any) {
+    console.log(err);
+  }
+}
+
 async function createGlobalSecondaryIndex(tableName: string) {
  const params: UpdateTableCommandInput = {
    TableName: tableName,
@ -344,7 +414,7 @@ async function createGlobalSecondaryIndex(tableName: string) {
    const response = await ddbClient.send(command);
    console.log('Success', response);
  } catch (error) {
-    console.error('Error', error);
+    console.log('Error', error);
  }
 }

--- a/infrastructure/src/shared/resource-provider.ts
+++ b/infrastructure/src/shared/resource-provider.ts
@ -12,6 +12,7 @@ import { ESD_FILE_VERSION } from './const';
 export interface ResourceProviderProps {
  bucketName?: string;
  ecrImageTag?: string;
+  version?: string;
 }

 export class ResourceProvider extends Construct {
@ -91,6 +92,7 @@ export class ResourceProvider extends Construct {
      actions: [
        'dynamodb:CreateTable',
        'dynamodb:UpdateTable',
+        'dynamodb:PutItem',
        'sns:CreateTopic',
        'iam:ListRolePolicies',
        'iam:PutRolePolicy',
--- a/middleware_api/lambda/users/list_users.py
+++ b/middleware_api/lambda/users/list_users.py
@ -62,13 +62,16 @@ def handler(event, ctx):
        result = []
        for row in scan_rows:
            user = User(**(ddb_service.deserialize(row)))
+            password = "*"
+            if user.password:
+                password = '*' * 8 if not show_password else password_encryptor.decrypt(
+                    key_id=kms_key_id, cipher_text=user.password).decode()
            user_resp = {
                'username': user.sort_key,
                'roles': user.roles,
                'creator': user.creator,
                'permissions': set(),
-                'password': '*' * 8 if not show_password else password_encryptor.decrypt(
-                    key_id=kms_key_id, cipher_text=user.password).decode(),
+                'password': password,
            }
            for role in user.roles:
                if role in roles_permission_lookup: