search

terraform-aws-modules / terraform-aws-lambda

Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations πŸ‡ΊπŸ‡¦
https://registry.terraform.io/modules/terraform-aws-modules/lambda/aws
Apache License 2.0
911 stars 683 forks source link

feat: Added support for Code Signing Configuration #351

Closed tsoe77 closed 1 year ago

tsoe77 commented 1 year ago

Description

This PR adds code_signing_config_arn support.

The change doesn't effect any other things except it takes in code_signing_config_arn if user wants to provide one.

tsoe77 commented 1 year ago

@bryantbiggs I appreciate your review and feedback for #262. I addressed all of those in this PR. Could I get your review for this please?

agjmills commented 1 year ago

πŸ‘ looks good to me

@bryantbiggs thoughts?

antonbabenko commented 1 year ago

Thanks to everyone! I will review it and merge it later this week. I have some other things to do before.

tsoe77 commented 1 year ago

taking a look

tsoe77 commented 1 year ago

I tried to run example/code-signing and this was the error:

β•·
β”‚ Error: error starting Signing Job: ValidationException: StartSigningJobRequest:source:version should not be empty
β”‚ {
β”‚   RespMetadata: {
β”‚     StatusCode: 400,
β”‚     RequestID: "35c2c96f-8ac7-488d-a2a2-779a9aad584a"
β”‚   },
β”‚   Code_: "InvalidJobParameters",
β”‚   Message_: "StartSigningJobRequest:source:version should not be empty"
β”‚ }
β”‚ 
β”‚   with aws_signer_signing_job.this,
β”‚   on main.tf line 52, in resource "aws_signer_signing_job" "this":
β”‚   52: resource "aws_signer_signing_job" "this" {
β”‚ 
β•΅

Please take a look and fix it.

@antonbabenko

This error occurs if S3 isn't ready to do the versioning yet. S3 object has version id of null when versioning is still propagating for the first time. I can reproduce the error as well but if I re-run the same in 5-10mins, it can pick up the version within the module itself. I will put a sleep 15mins in there.

Note

If you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully > propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket. Enabling versioning on buckets

tsoe77 commented 1 year ago

@antonbabenko I added 5mins timer before uploading the s3 object in the example, example will run fine at first attempt now. Example README is also updated with time_sleep resource information and main README's example section has been updated as well.

antonbabenko commented 1 year ago

This PR is included in version 4.2.0 :tada:

github-actions[bot] commented 1 year ago

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.