search

terraform-aws-modules / terraform-aws-lambda

Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations 🇺🇦
https://registry.terraform.io/modules/terraform-aws-modules/lambda/aws
Apache License 2.0
909 stars 681 forks source link

Add ignore_layer_changes flag to ignore layers that are managed externally via CI/CD. #537

Closed Posnakidesd closed 8 months ago

Posnakidesd commented 8 months ago

Is your request related to a new offering from AWS?

No

Is your request related to a problem? Please describe.

The problem is perfectly described in 273. When infrastructure and deployable artifacts are maintained separately, it is expected that they play nicely together. Sitting ignore_source_code_hash = true achieves that to some degree by not overriding function code and layers deployed via CI/CD. The issue is that terraform detects changes in layer version, that was done externally and reverts the version in the terraform state.

Describe the solution you'd like.

I would like to propose a new argument ignore_layer_changes that will add the layers to ignore_changes lifecycle block. For example

  lifecycle {
    ignore_changes = var.ignore_layer_changes ? [layers] : []
  }

I haven't tested it but in theory it looks ok

Describe alternatives you've considered.

  1. Directly using aws_lambda_function resource
  2. Using aws_lambda_layer_version. We still need to get the existing layer version that is attached to the lambda and set it again

None of the above solution is idea.

Additional context

Update.

Probably the above solution will not work because lifecycleblocks cannot be dynamic. A workaround could be to duplicate the aws_lambda_function. One without lifecycle and one with. Please let me know if that sounds ok and I will create a PR.

antonbabenko commented 8 months ago

I do not favor duplicating the code of aws_lambda_function to support the lifecycle. It will significantly increase the code complexity.

As a solution, you can keep layers in terraform.tfvars and update them during the CI/CD job when layers update.

Posnakidesd commented 8 months ago

I believe it would be nice mention this limitation in the documentation. I had to completely remove this module and define resources directly to achieve a solution.

github-actions[bot] commented 7 months ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.