Post-test updates

Added lambda for generating database uuid,
Fixed statemachine permissions for dynamodb and copy batch utility

lib/workload/stateless/cttso_v2_pipeline_manager/deploy/bin/deploy.ts

@@ -3,18 +3,19 @@ import 'source-map-support/register';
 import * as cdk from 'aws-cdk-lib';
 import { ctTSOV2LaunchStateMachineStack } from '../lib/stacks/cttso_v2_launch_stack';
 import {
-  CTTSO_V2_LAUNCH_STATE_MACHINE_ARN_SSM_PARAMETER_PATH, CTTSO_V2_LAUNCH_STATE_MACHINE_NAME_SSM_PARAMETER_PATH,
+  CTTSO_V2_LAUNCH_STATE_MACHINE_ARN_SSM_PARAMETER_PATH,
+  CTTSO_V2_LAUNCH_STATE_MACHINE_NAME_SSM_PARAMETER_PATH,
   DYNAMODB_TABLE_NAME_SSM_PARAMETER_PATH,
   ICAV2_ACCESS_TOKEN_SECRET_ID,
-  ICAV2_COPY_BATCH_UTILITY_STATE_MACHINE_ARN_SSM_PARAMETER_PATH,
+  ICAV2_COPY_BATCH_UTILITY_STATE_MACHINE_NAME_SSM_PARAMETER_PATH,
   SSM_PARAMETER_LIST_FOR_CTTSO_LAUNCH_LAMBDAS,
 } from '../constants';
 
 const app = new cdk.App();
 new ctTSOV2LaunchStateMachineStack(app, 'ctTSOv2LaunchStatemachineStack', {
   icav2_token_secret_id: ICAV2_ACCESS_TOKEN_SECRET_ID,
   ssm_parameter_list: SSM_PARAMETER_LIST_FOR_CTTSO_LAUNCH_LAMBDAS,
-  icav2_copy_batch_utility_state_machine_name_ssm_parameter_path: ICAV2_COPY_BATCH_UTILITY_STATE_MACHINE_ARN_SSM_PARAMETER_PATH,
+  icav2_copy_batch_utility_state_machine_name_ssm_parameter_path: ICAV2_COPY_BATCH_UTILITY_STATE_MACHINE_NAME_SSM_PARAMETER_PATH,
   cttso_v2_launch_state_machine_arn_ssm_parameter_path: CTTSO_V2_LAUNCH_STATE_MACHINE_ARN_SSM_PARAMETER_PATH,
   cttso_v2_launch_state_machine_name_ssm_parameter_path: CTTSO_V2_LAUNCH_STATE_MACHINE_NAME_SSM_PARAMETER_PATH,
   dynamodb_table_ssm_parameter_path: DYNAMODB_TABLE_NAME_SSM_PARAMETER_PATH,

lib/workload/stateless/cttso_v2_pipeline_manager/deploy/constants.ts

@@ -4,7 +4,7 @@ export const DYNAMODB_TABLE_ARN_SSM_PARAMETER_PATH = `${STATEFUL_ROOT_SSM_PARAME
 export const DYNAMODB_TABLE_NAME_SSM_PARAMETER_PATH = `${STATEFUL_ROOT_SSM_PARAMETER_PATH}/analysis_table_name`;
 
 export const ICAV2_ACCESS_TOKEN_SECRET_ID = "ICAv2Jwticav2-credentials-umccr-service-user-trial"
-export const ICAV2_COPY_BATCH_UTILITY_STATE_MACHINE_ARN_SSM_PARAMETER_PATH = "/icav2_copy_batch_utility/state_machine_arn_batch"
+export const ICAV2_COPY_BATCH_UTILITY_STATE_MACHINE_NAME_SSM_PARAMETER_PATH = "/icav2_copy_batch_utility/state_machine_name_batch"
 export const PIPELINE_ID_SSM_PARAMETER_PATH = "/icav2/umccr-prod/tso500_ctdna_2.1_pipeline_id"
 export const CTTSO_V2_LAUNCH_STATE_MACHINE_ARN_SSM_PARAMETER_PATH = "/icav2/umccr-prod/cttso_launch_state_machine_arn"
 export const CTTSO_V2_LAUNCH_STATE_MACHINE_NAME_SSM_PARAMETER_PATH = "/icav2/umccr-prod/cttso_launch_state_machine_name"

lib/workload/stateless/cttso_v2_pipeline_manager/deploy/lib/constructs/cttso_v2_launch_step_function.ts

@@ -20,10 +20,11 @@ interface ctTSOv2LaunchStepFunctionConstructProps {
   icav2_copy_batch_state_machine_obj: sfn.IStateMachine,
   ssm_parameter_obj_list: ssm.IStringParameter[]; // List of parameters the workflow session state machine will need access to
   /* Lambdas paths */
+  generate_db_uuid_lambda_path: string; // __dirname + '/../../../lambdas/generate_db_uuid'
   generate_trimmed_samplesheet_lambda_path: string; // __dirname + '/../../../lambdas/generate_trimmed_samplesheet_lambda_path'
-  upload_samplesheet_to_cache_dir_lambda_path: string; // __dirname + '/../../../lambdas/get_cttso_cache_and_output_paths'
-  generate_copy_manifest_dict_lambda_path: string; // __dirname + '/../../../lambdas/get_cttso_cache_and_output_paths'
-  launch_cttso_nextflow_pipeline_lambda_path: string; // __dirname + '/../../../lambdas/get_cttso_cache_and_output_paths'
+  upload_samplesheet_to_cache_dir_lambda_path: string; // __dirname + '/../../../lambdas/upload_samplesheet_to_cache_dir'
+  generate_copy_manifest_dict_lambda_path: string; // __dirname + '/../../../lambdas/generate_copy_manifest_dict'
+  launch_cttso_nextflow_pipeline_lambda_path: string; // __dirname + '/../../../lambdas/launch_cttso_nextflow_pipeline'
   /* Step function templates */
   workflow_definition_body_path: string; // __dirname + '/../../../step_functions_templates/cttso_v2_launch_step_function.json'
 }
@@ -72,6 +73,24 @@ export class ctTSOv2LaunchStepFunctionStateMachineConstruct extends Construct {
       },
     );
 
+    // generate_db_uuid_lambda_path lambda
+    // Doesnt need any ssm parameters
+    const generate_db_uuid_lambda_obj = new PythonFunction(
+      this,
+      'generate_db_uuid_lambda_python_function',
+      {
+        entry: props.generate_db_uuid_lambda_path,
+        runtime: lambda.Runtime.PYTHON_3_11,
+        index: 'handler.py',
+        handler: 'handler',
+        memorySize: 1024,
+        // @ts-ignore
+        layers: [props.lambda_layer_obj.lambda_layer_version_obj],
+        // @ts-ignore
+        timeout: Duration.seconds(60),
+      }
+    );
+
     // generate_copy_manifest_dict lambda
     // Doesnt need any ssm parameters
     const generate_copy_manifest_dict_lambda_obj = new PythonFunction(
@@ -150,6 +169,7 @@ export class ctTSOv2LaunchStepFunctionStateMachineConstruct extends Construct {
       definitionBody: DefinitionBody.fromFile(props.workflow_definition_body_path),
       // definitionSubstitutions
       definitionSubstitutions: {
+        '__generate_db_uuid__': generate_db_uuid_lambda_obj.functionArn,
         '__launch_cttso_nextflow_pipeline__': launch_cttso_nextflow_pipeline_lambda_obj.functionArn,
         '__generate_copy_manifest_dict__': generate_copy_manifest_dict_lambda_obj.functionArn,
         '__generate_trimmed_samplesheet__': generate_trimmed_samplesheet_lambda_obj.functionArn,
@@ -159,7 +179,9 @@ export class ctTSOv2LaunchStepFunctionStateMachineConstruct extends Construct {
       },
     });
 
+    // Grant lambda invoke permissions to the state machine
     [
+      generate_db_uuid_lambda_obj,
       launch_cttso_nextflow_pipeline_lambda_obj,
       generate_copy_manifest_dict_lambda_obj,
       generate_trimmed_samplesheet_lambda_obj,
@@ -173,6 +195,11 @@ export class ctTSOv2LaunchStepFunctionStateMachineConstruct extends Construct {
       }
     )
 
+    // Allow state machine to read/write to dynamodb table
+    props.dynamodb_table_obj.grantReadWriteData(
+      stateMachine.role
+    )
+
     // Because we run a nested state machine, we need to add the permissions to the state machine role
     // See https://stackoverflow.com/questions/60612853/nested-step-function-in-a-step-function-unknown-error-not-authorized-to-cr
     stateMachine.addToRolePolicy(
@@ -191,7 +218,7 @@ export class ctTSOv2LaunchStepFunctionStateMachineConstruct extends Construct {
     );
 
     // Add state machine execution permissions to stateMachine role
-    props.icav2_copy_batch_state_machine_obj.grantStartSyncExecution(
+    props.icav2_copy_batch_state_machine_obj.grantStartExecution(
       stateMachine.role
     )
 

lib/workload/stateless/cttso_v2_pipeline_manager/deploy/lib/stacks/cttso_v2_launch_stack.ts

@@ -73,7 +73,6 @@ export class ctTSOV2LaunchStateMachineStack extends cdk.Stack {
       ),
     );
 
-
     const cttso_v2_launch_state_machine = new ctTSOv2LaunchStepFunctionStateMachineConstruct(
       this,
       id,
@@ -85,6 +84,7 @@ export class ctTSOV2LaunchStateMachineStack extends cdk.Stack {
         icav2_copy_batch_state_machine_obj: icav2_copy_batch_stack_state_machine_obj,
         ssm_parameter_obj_list: ssm_parameter_obj_list,
         /* Lambdas paths */
+        generate_db_uuid_lambda_path: __dirname + '/../../../lambdas/generate_db_uuid', // __dirname + '/../../../lambdas/generate_uuid'
         generate_trimmed_samplesheet_lambda_path: __dirname + '/../../../lambdas/generate_and_trim_cttso_samplesheet_dict', // __dirname + '/../../../lambdas/generate_and_trim_cttso_samplesheet_dict'
         upload_samplesheet_to_cache_dir_lambda_path: __dirname + '/../../../lambdas/upload_samplesheet_to_cache_dir', // __dirname + '/../../../lambdas/upload_samplesheet_to_cache_dir'
         generate_copy_manifest_dict_lambda_path: __dirname + '/../../../lambdas/generate_copy_manifest_dict', // __dirname + '/../../../lambdas/generate_copy_manifest_dict'

lib/workload/stateless/cttso_v2_pipeline_manager/lambdas/generate_db_uuid/handler.py

@@ -0,0 +1,15 @@
+#!/usr/bin/env python3
+
+"""
+Generate a random uuid via the uuid7 module
+'018e83b0-ca5d-7be7-aeb6-28fc75038316'
+These are time-based UUIDs, with the timestamp encoded in the first 48 bits.
+"""
+
+from uuid6 import uuid7
+
+
+def handler(event, context):
+    return {
+        "db_uuid": str(uuid7())
+    }

lib/workload/stateless/cttso_v2_pipeline_manager/layers/pyproject.toml

@@ -20,6 +20,7 @@ botocore = "^1.31"
 aws_requests_auth = "^0.4.3"
 v2_samplesheet_maker = "^4.2.4"
 wrapica = ">=1.0.2"
+uuid6 = "^2024.1.12"
 
 [tool.poetry.group.dev]
 optional = true
@@ -30,4 +31,4 @@ pytest = "^7.0.0"  # For testing only
 # For typehinting only, not required at runtime
 mypy-boto3-ssm = "^1.34"
 mypy-boto3-secretsmanager = "^1.34"
-mypy-boto3-stepfunctions = "^1.34"
+mypy-boto3-stepfunctions = "^1.34"