Closed aplr closed 5 months ago
I guess the help output can be removed
I guess you also want to copy over the lockfile, as otherwise npm
would just install random (newest) versions, which can lead to inconsistencies and builds failing in docker while working locally.
I guess you also want to copy over the tsconfig.json
, as it contains the configuration for your build. Not copying it could lead to transpiling the TS code w/ a different configuration in docker than in your local dev environment.
The version of the final image does not match the build version
As declared in the limitations, "A paused job is still running compute/instance/virtual machine and will continue to incur costs". This could quickly eat up the included minutes for Github Actions, while the Github approval issue is just lying around. I would define a custom timeout of a few minutes in order to prevent this from happening.
Why are we doing three container builds and push them to separate container repositories, for dev, staging, and prod? As far as I can tell, all builds actually produce the exact same image.
Can't we just do the image build once, use one repository, and then run lambda update-function-code
, for dev and staging with --function-name lambda-feedback-{dev|staging}-pdf-generator
and after approval prod with --function-name lambda-feedback-prod-pdf-generator
, while just using the same image?
This will both reduce the time we wait for deployments, and also don't eat up the Github Actions time included in the plan
This seems a bit odd to me. Can't you just schema.safeParse
the event.body
? This should be a string, from the types at least.
You could build the date string beforehand and introduce a new variable, and then use it. Only personal preference, but I think it improves readability.
When creating the temp file, you could use node's built-in fs.mkdtemp
. This uses os-specific temp dirs and prevents clashing of file names.
In case of errors, you're re-running pandoc to get tex output. Can't you just get the tex output from the previous run, or why exactly are you doing it this way?
Done
Done
Done
Yes. Indeed. Also yum needed to be replaced by dnf because yum is not supported by nodejs v20
Done (set to 10 mins)
Not implemented (after our discussion). Though, I have added Lifecycle Policy against the PDF Generator registry so that max 2 images are stored (and older versions deleted)
Done
Done (I agree, it is much clearer)
Not implemented. We do have to use the "tmp" folder, because it is the only folder the lambda allows us to use for writing. It is very rare for more than 1 person working on the same set and I would imagine this together with the timestamp makes it unlikely to clash (this has not been changed from the original implementation and as far as I know there was no such incident, though we will have to revisit it if that would start to be an issue)
This is because pandoc generates the type of the file dependently on the output file suffix, so the first generation creates pdf file. We need to rerun it to get tex file in case of an error to be able to identify which text on which line caused the issue (at least I think this is why we are doing it, again - this part of the code was moved without a change from the backend)
One more thing: don't copy the tsconfig (or any other files) alongside package*.json. Always 1) first copy dependency declaration files, then 2) install dependencies, then 3) copy code and 4) build code.
This way image builds can use caches as long as dependencies don't change.
So in short, move the COPY tsconfig.json
down to where you copy the actual code
All done
This ticket gathers issues from my initial review on the PDF generator.