Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Correlation runner module / lambda version #4077

Open
npalm opened this issue Aug 16, 2024 · 3 comments
Open

Correlation runner module / lambda version #4077

npalm opened this issue Aug 16, 2024 · 3 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@npalm
Copy link
Collaborator

npalm commented Aug 16, 2024

Problem

A common problem is that the lambda's are not updated when update the module. Since the lambda's are not part of the terraform module but referenced.

Challenge is how to figure out the lambda version.

Ideas

  • Tag instances with lambda version, but how to get the version
  • Log the lambda version. This requires the lambda build is setting the right version. Which is either the tag. Or for non tags (development / main) the git ref.
@npalm npalm added enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed labels Aug 16, 2024
@jkritzen
Copy link

@npalm:

Why you don't distribute the lambda.zip files wihtin the modules?

The code to utilize the ZIP from the module is already there:
https://github.com/philips-labs/terraform-aws-github-runner/blob/26ad5c17181f3d904972e4e1342d2d8006afeb23/modules/webhook/direct/webhook.tf#L2

The only missing is, that the zip file is not existing which gives an error on plan:

image

If you add the zip files within the module itself, you don't have to brother with the lambda versions, if you update the module, the new lambda version get's deployed.

@npalm
Copy link
Collaborator Author

npalm commented Nov 15, 2024

I think that generated artifacts should not be in source, even if it simple javascript. Indeed it will solve the issue somehow. But I can imagine users will would to verify or rebuild the lambas form a security point of view.

I think it would be better to update the package.json of lambda as port of the release and use that data in the dist build to let the lambda log the current version.

@jkritzen
Copy link

But to bundle a new release with the zip files will make the effort to update the module version smaller, not building the lambda modules from source.

We utilize renovate to update the module versions in terraform and there we need a additional worklfow to build the lambda functions, which is not handled by renovate:
image

But is already optional (from terraform variables) to use the "built-in" zip files or your own zip files.
https://github.com/philips-labs/terraform-aws-github-runner/blob/26ad5c17181f3d904972e4e1342d2d8006afeb23/modules/webhook/direct/webhook.tf#L2

Please include pre-build zip files when you release a new version. The customer can decide if they wan't use their own build's via the configuration of variables:

  • webhook_lambda_zip
  • runners_lambda_zip
  • runner_binaries_syncer_lambda_zip
  • instance_termination_watcher.zip

Kind regards,
Joerg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

2 participants