search

terraform-aws-modules / terraform-aws-lambda

Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations 🇺🇦
https://registry.terraform.io/modules/terraform-aws-modules/lambda/aws
Apache License 2.0
885 stars 658 forks source link

Allow passing source_code_hash with existing_s3_package #571

Closed nijave closed 1 month ago

nijave commented 1 month ago

Is your request related to a new offering from AWS?

N/A this is been available on the AWS side a while

Is your request related to a problem? Please describe.

We use a monorepo where pants packages our lambdas and uploads to S3. We use this module with the prebuilt package (in a artifacts S3 bucket shared across our accounts) Terraform can auto update the Lambda function when the source code changes but the file name is the same but you need to set source_code_hash.

Describe the solution you'd like.

Allow either passing in source_code_hash or use a s3 data source to pull this from the existing object (note: there are many hash types and an S3 object appears to only allow 1 hash type at a time specified during upload)

Describe alternatives you've considered.

Renaming files each time. This is a bit more cumbersome since it requires updating the filename passed into the module each time when otherwise Terraform updates wouldn't be needed.

Additional context

This is primarily helpful in our dev environments where our CI will upload as some-path/dev.zip automatically and you want to redeploy to test changes.

antonbabenko commented 1 month ago

Hi! The same question was recently asked on Reddit. Please check my answer here - https://www.reddit.com/r/Terraform/comments/1cpvqxd/comment/l3zd1zz/

tldr; You need to specify version_id of S3 object:

  s3_existing_package = {
    version_id = aws_s3_object.upload_lambda[each.key].version_id
    bucket = aws_s3_bucket.lambda_bucket.id
    key    = "${element(split(".", each.value), 0)}.zip"
  }
nijave commented 1 month ago

For future reference, this requires bucket versioning is enabled. If you want this to work without retaining versions, you have to enable bucket versioning and also add a lifecycle policy to immediately delete old versions.

source_code_hash works without bucket versioning

github-actions[bot] commented 4 hours ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.