Create Applications & automatic Subscriptions in WSO2

[ramgrandhi]

Currently Applications & automatic subscriptions of APIs deployed in WSO2 is left as a 'manual task', given it is usually one-time activity to subscribe to deployed APIs. However, if you feel there is a value in automating this - voice your opinions here.

[rayvdgugten]

This feature would really help us automate the entire process. We need to deploy multiple api's and subscribe them all to one already deployed API. Automating this process would relief us of some time consuming work.

[erik-am]

Would help us a lot! We automatically deploy wso2 api's on feature branches. Automatically creating an application and a subscription would make it possible to, for instance, automatically run integration tests against the deployed API.

[ramgrandhi]

Sounds reasonable to me.

i have some follow-on questions, @erik-am @rayvdgugten

During subscription, a client-id/client-secret values will be generated.
Currently, these can only be returned as CLI output of thr plugin’s deployment status. Is that fine?
i am in search of better alternatives / elegant solutions to hand over these details back to you (user or pipelines).

E.g. create a cloudformation stack-set after successful plugin deployment and export values as cfn exports.

• serverless-wso2-apim-CLIENT-ID
• serverless-wso2-apim-CLIENT-SECRET

E.g. use OS environment variables to store the data for next process to consume.

• SERVERLESS_WSO2_APIM_CLIENT_ID
• SERVERLESS_WSO2_APIM_CLIENT_SECRET

E.g. Serverless exports (i havent tried it, new feature) - https://www.serverless.com/framework/docs/guides/output-variables

Ideas are welcome!

[flaviostutz]

I like the idea of exposing the keys as CloudFormation Exports with an option to output to the console, so it would be accessible remotely by who has access to the stack on AWS account. This way we could even use AWS permissions in order to control the access to those variables/keys by custom API clients.

I guess the applications that will use this "automatic" key generation aren't meant for production, because the keys will be exposed, but for dev/test pipelines this feature is a great one! We already use WSO2 serverless plugin and do need this right now for our feature branch deployments :)

[ramgrandhi]

Valid points, @flaviostutz. I'm gravitated towards spitting it out as a console output to start with.

Instead of re-inventing, do you know any modules which can help to beautifully spit-out terminal output (and also provide handlers to parse it when Devs need it to consume down)?

[flaviostutz]

Valid points, @flaviostutz. I'm gravitated towards spitting it out as a console output to start with.

Instead of re-inventing, do you know any modules which can help to beautifully spit-out terminal output (and also provide handlers to parse it when Devs need it to consume down)?

An ideia is to simply output the key with a simple pattern for later parsing if needed, something like
"app_key=AJAHDHHDHDJDJDJD".

For later outputting the api key/secrets as CF variables, you could create a Custom resource in CF template so that it could later be used as a regular variable, being able to be exported, used by another resource and making this resource (that could be the actual representation of the API in WSO2) part of the CF dependency graph... in this way if you delete the stack in AWS panel the API could even be deleted without serverless runtime... are we able to change the generated CF template with serverless plugins?