Closed igorsimko closed 1 year ago
Thanks for your report.
Are you able to report this to https://github.com/aws/aws-sam-build-images/issues and link back to this issue? Looks like this should be fixed from the upstream.
According to this https://github.com/aws/aws-cdk/blob/ed00f245159fe06f19f40569ca97183d8292fdf5/packages/%40aws-cdk/aws-lambda-python-alpha/lib/Dockerfile#L3
And this
I think before it is fixed from the upstream, we should be allowed to specify custom docker image label or custom DockerImage
to work it around?
I think before it is fixed from the upstream, we should be allowed to specify custom docker image label or custom
DockerImage
to work it around?
Can you give more detail on how we would specify a custom DockerImage? We have run into the same difficulties as OP while using codepipeline - synth is failing and the issue seems 'deeper' than we can touch
@igorsimko good news. This was fixed in #26823 for aws-lambda-python-alpha
. It was included in our most recent release (2.93.0). Downgrading to poetry 1.5.1 was the solution.
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
Describe the bug
When cdk bundling of python lambda function (v3.8) is running, it's using image
public.ecr.aws/sam/build-python3.8:latest
and installs latest poetry version (atm v1.6.1). Poetry relies onrequests
(v2.26.0) which needs OpenSSL 1.1.1+ which is not installed with python version installed in building image (forbuild-python3.8:latest
python version it's 3.8.17 with ssl version (1.0.2.11.15) OpenSSL 1.0.2k-fips).Running any poetry command fails afterwards with error:
urllib3 v2.0 only supports OpenSSL 1.1.1+, currently the 'ssl' module is compiled with 'OpenSSL 1.0.2k-fips 26 Jan 2017'. See: https://github.com/urllib3/urllib3/issues/2168
I tried dowgrade poetry version to 1.5.1 in docker image and it works just fine.
Expected Behavior
Bundling of python lambda function finishes successfully.
Current Behavior
Running any poetry command fails afterwards with error:
Reproduction Steps
docker run -it --entrypoint bash public.ecr.aws/sam/build-python3.8:latest
pip install poetry
poetry --version
<- raises errorCheck ssl version (inside docker container):
python
import ssl
Possible Solution
Lock poetry version in
public.ecr.aws/sam/build-python3.8:latest
to 1.5.1Additional Information/Context
These are steps which are running during bundling of a lambda function. In step 9/10 there's
pip install pipenv==2022.4.8 poetry
which installs latest poetry versionCDK CLI Version
2.81.0 (build bd920f2)
Framework Version
2.78.0
Node.js Version
v18.1.0
OS
Windows 10 with WSL Ubuntu-20.04
Language
Python
Language Version
Python (3.8.10)
Other information
There's also nothing special about cdk code in project where I discovered it:
pyproject.toml
poetry.lock