Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update package command to work with new deployer #772

Merged
merged 4 commits into from
Apr 2, 2018

Conversation

jamesls
Copy link
Member

@jamesls jamesls commented Mar 28, 2018

This brings numerous benefits:

  1. Full parity with chalice deploy. This means you can use the
    package command for pure lambda functions, built in authorizers,
    and scheduled events.
  2. We'll now get exceptions raised when a new resource isn't supported
    in the package command instead of silently ignoring the resource
    like we do now.

The generated template is slightly different from the old deployer,
notably:

  1. The Events key is no longer used for Api types. Instead we just
    manually create a lambda permission resource that allows api gateway to
    invoke the API handler. This also more closely matches what
    chalice deploy does.
  2. The Policies is just the generated policy (when it applies).
    Previously the value was a list of policies, but chalice only generates
    a single policy.

Here's an worked example with diffs of the old vs. new packager: https://gist.github.com/jamesls/c80880fb7df39bc33ef4d30aca7d6995

jamesls added 2 commits March 28, 2018 15:20
This moves the loading of the IAM policy specified in a
FileBasedIAMPolicy() from the planning stage to the build
stage.  This allows consumers of the FileBasedIAMPolicy to
not have to duplicate code and load the IAM policy from
disk.  This allows code reuse between the deployer and the
packager.
This brings numerous benefits:

1. Full parity with `chalice deploy`.  This means you can use the
package command for pure lambda functions, built in authorizers,
and scheduled events.
2. We'll now get exceptions raised when a new resource isn't supported
in the `package` command instead of silently ignoring the resource
like we do now.

The generated template is slightly different from the old deployer,
notably:

1. The `Events` key is no longer used for `Api` types.  Instead we just
manually create a lambda permission resource that allows api gateway to
invoke the API handler.  This also more closely matches what
`chalice deploy` does.
2. The `Policies` is just the generated policy (when it applies).
Previously the value was a list of policies, but chalice only generates
a single policy.
@stealthycoin
Copy link
Contributor

Nice I played around with this quite a bit and it seems to work well.

Copy link
Contributor

@kyleknap kyleknap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. I tested a bunch of this out as well and looked fine. I just had some comments/questions. Not sure if we should do this now, but it may be cool if we can reuse the integration tests to test that all of the cloudformation logic has feature parity with chalice deploy since we are now enforcing it.

continue
original_location = resource['Properties']['CodeUri']
new_location = os.path.join(outdir, 'deployment.zip')
self._osutils.copy(original_location, new_location)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we copying over the deployment.zip for every lambda/SAM resource? Is it possible to make sure we do this once only if we are?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah we are. I've updated this.

assert properties['DefinitionBody'] == {'swagger': 'document'}


def test_can_inject_environment_vars(sample_app,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like we missed this one when porting over the tests. I also cannot find it in the ported over implementation.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch. Updated.


def _default(self, resource, template):
# type: (models.Model, Dict[str, Any]) -> None
raise NotImplementedError(resource)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if it makes sense to add a test for this? It looks like it would work but may be nice to double check.

'Handler': resource.handler,
'CodeUri': resource.deployment_package.filename,
'Tags': resource.tags,
'Timeout': resource.timeout,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some of these values used to have if is not None check on it. It may be good to check that these values are actually never None to make sure it does not affect the generated cloudformation template.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This happens at a separate layer above. We previously had to check at this layer because we were using the config object directly. I'll double check, but I'm pretty sure it's now impossible for these values to be None now that we're using the models.

@jamesls
Copy link
Member Author

jamesls commented Mar 30, 2018

@kyleknap I believe I've fixed everything. Let me know if I missed anything.

Copy link
Contributor

@kyleknap kyleknap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. 🚢

@jamesls jamesls merged commit ce636a8 into aws:master Apr 2, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants