comcalvi
commented
1 month ago Broader context:
We used to store GPG and openssl in zip files, containing binaries that we have downloaded from an EC2 instance. When we discovered that these were out of date, we decided to store these through a Dockerfile. Lambda vends the Node runtime environments as docker images, which we can use to get the latest versions of these that Lambda supports.
Ideally, we'd rebuild this dockerfile every time we build, so that dependency upgrade PRs happen to fetch the latest versions of these for us.
This change removed the Lambda layers we used to add the pgp and openssl binaries to the lambda functions that are used to implement the OpenPGPKeyPair, RsaPrivateKeySecret, CodeSigningCertificate, and CertificateSigningRequest constructs.
The change is to make these lambda functions to be of Image package type, so we can install the required binaries in the docker image, instead of maintaining the binaries in the github repo.
I followed this section https://github.com/cdklabs/aws-delivlib/blob/main/CONTRIBUTING.md#testing for testing these changes, and mainly the part of running
yarn integ:updateBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.