Closed zhanzhenzhen closed 3 weeks ago
Hi @zhanzhenzhen, thanks for reporting the issue. After chatting with the SAM team, this seems like a known issue. I am transferring the ticket to their repo for the SAM team to provide more context and any workaround.
Hi @zhanzhenzhen, As @hnnasit mentioned we are currently aware of this issue. Here is some context and a workaround:
The reason the AutoPublishAliasAllProperties property is not picking up the changes to the Layers property is because of the specific ordering that we have when transforming the resources listed in a SAM template. The current implementation will translate all AWS::Serverless::Functions
before translating the AWS::Serverless::LayerVersion
. Because the Serverless::Function
is translated first, the !Ref
to the Serverless::LayerVersion
will not have changed yet - that changes after we transform the LayerVersion
but by then it won't go back to transform the Serverless::Function
a second time.
Because SAM doesn't resolve intrinsics, we wouldn't necessarily consider this a bug, but we can definitely understand that it is not a great experience for our customers.
To address this issue with a fix, we would have to change the order in which resources are transformed which could result in unintended consequences. We have broken existing templates in the past so we try to tread carefully when making changes like this where it is difficult to estimate the full impact it would have on other customers.
As a workaround, you can pass a combined shasum
of the .zip
used for the LayerVersion's ContentUri
+ the Lambda function code to the AutoPublishCodeSha256
property. This means that whenever the lambda or the referenced layer is changed then a new lambda version will be created.
shasum ~/.../layer.zip
26babb64f2c18e1a845cbdb684e6ef2f99319773 /.../Downloads/layer.zip
The combined shasum can be passed in as a global paramater:
Parameters:
AutoDeployVersion:
Type: String
Resources:
HelloWorldFunction:
Type: AWS::Serverless::Function
Properties:
...
AutoPublishAlias: foo
AutoPublishAliasAllProperties: True
AutoPublishCodeSha256: !Ref AutoDeployVersion
Layers:
- !Ref TestEnvLayer
and this can be set with the --parameters AutoDeployVersion="sha value"
flag through the CLI deployment command you are using.
Please give this a try and let me know if you have any other questions!
@paulhcsun Thank you for providing the workaround. Could you explain this in more detail:
a combined shasum of the .zip used for the LayerVersion's ContentUri + the Lambda function code
I usually only use sam build
and sam deploy
commands. Could you tell me how to generate the layer.zip
file? I looked into sam deploy
but cannot find --parameters
. Do you mean --parameter-overrides
?
Because the
Serverless::Function
is translated first, the!Ref
to theServerless::LayerVersion
will not have changed yet - that changes after we transform theLayerVersion
but by then it won't go back to transform theServerless::Function
a second time.
But why it updates the layer version when the function is not using alias?
Sorry yes, --parameter-overrides
is the correct flag. And ah my bad, the layer.zip
is from a previous issue that I used this workaround for. In your case you could just the shasum
command for your layer/layer.mjs
file.
If you are just manually deploying and want a simpler workaround, you could just add a Description
property to your Function
and manually change the value there when you want to deploy a new Lambda Version which should be picked up by the AutoPublishAliasAllProperties
.
But why it updates the layer version when the function is not using alias?
I'm not quite sure I follow your question here, could you elaborate what you mean?
I'm not quite sure I follow your question here, could you elaborate what you mean?
It seems that if a lambda function isn't deployed with AutoPublishAlias
or AutoPublishAliasAllProperties
, it's synced with new layer versions. I don't know why.
Oh that's interesting, I'll try to investigate why that happens but at the moment I'm also not sure why it would properly sync with new layer versions if those properties are not specified.
I'll move this into Discussion to collect more feedback from anyone facing this issue in the meantime.
Description:
If we use alias for a lambda function (for provisioned concurrency, etc), it won't create a new version after its layer is updated, even if
AutoPublishAliasAllProperties
is set totrue
. So the alias still points to the old layer version. But the$LATEST
version is synced with the new layer version. Am I missing something, or is it a bug?Steps to reproduce:
sam build
, thensam deploy
. Visit the output URL."old layer"
with"new layer"
in thelayer/layer.mjs
file. Build and deploy it again. Visit the output URL.template.yaml
:lambda/app.mjs
:layer/layer.mjs
:samconfig.toml
:Observed result:
In step 1, the result is:
{"fnVersion":"1","layer":"old layer"}
.In step 2, the result remains the same.
Expected result:
I expect the result in step 2 to be
{"fnVersion":"2","layer":"new layer"}
.Additional environment details (Ex: Windows, Mac, Amazon Linux etc)
sam --version
: 1.114.0