Topcoder Auth0 backup to Github automation

Challenge description

This challenge will build a small AWS Lambda function that will:

• Download the contents of an Auth0 tenant
• Commit the contents downloaded to a branch in Github
  • We must account for new files, updated files, and deleted files

Project setup

Auth0

This project will require you to have your own Auth0 tenant.  You can signup for a free account here:  https://auth0.com/signup

This project will target the a0deploy command from the Auth0 deploy CLI extension.  Installation instructions are here:  https://auth0.com/docs/extensions/deploy-cli/guides/install-deploy-cli 

This link will help show the export and expected directory structure:  https://auth0.com/docs/extensions/deploy-cli/guides/import-export-directory-structure

This link helps show how to call the tool programtically:  https://auth0.com/docs/extensions/deploy-cli/guides/call-deploy-cli-programmatically

AWS

The code will run as an AWS Lambda function.  You will need to use your own AWS account, and you will need to clearly document how to deploy the code to a reviewer's AWS account in your deployment guide.

We will target Node 12.x for the Lambda runtime, with the function written in Javascript.

Also, note that specific configuration values must be stored in AWS Systems Manager Parameters, detailed below.

Github

The Github repo and branch will be configurable.  The repo will be accessed by the AWS Lambda function over SSH.  The configuration for the function will contain the private key and the public key will be configured on the repo.  Please ensure that the repo setup is documented in your deployment guide.

The branch will need to be accessible and already created. 

You can look at this guide for help with accessing Git in an AWS Lambda function:  https://github.com/lambci/git-lambda-layer

Serverless (minor requirement)

The solution should be deployable via serverless. 

Configuration

These values must be configurable for the function:

• Client SSH key for Github access
• Github URL
• Github branch to commit to.  You can assume the branch exists already in Github
• Auth0 domain
• Auth0 client ID
• Auth0 client secret
• Auth0 keyword replace mappings

These values will be stored in AWS Systems Manager Parameters:

• Client SSH key for Github access
• Auth0 client ID
• Auth0 client secret

Requirements

The AWS Lambda function will:

• Use git to check out the remote repository and branch from Github
• Call the Auth0 deploy CLI to download a single Auth0 tenant config
• Update the contents of the repo with the tenant config downloaded
• Commit and push the changes back to the Github repo branch

Logging

The AWS Lambda function should log all operations, including each step, whether or not an action was successful, and output of all commands, including any errors.  The more verbose the log is, the more useful it will be. 
Do not log secure configuration values / keys or secrets

Validation

Your validation guide should be explicit so that we can:

• Validate the Auth0 config, run the function, see the results in Github
• Make changes to the Auth0 config
• Run the function again, and validate that the config changes reflect in Github

Basically, we want reviewers to have information to not only see that the config is being uploaded, but we need to be able to validate properly that any updates to the Auth0 config are being exported properly and sent to Github on subsequent runs of the AWS Lambda function.

What to submit

• The code for the AWS Lambda function
• A clear deployment guide for deploying the solution via serverless
  • Make sure to cover how to use a reviewer's own AWS account
  • Ensure that the reviewer's can target their own Github repo and branch, with instructions on how to set up SSH access with a generated key
• Configuration guide for setting up AWS Systems Manager Parameter
• Validation guide on how to deploy and run the function and then validate the results

 

Final Submission Guidelines

Please see above