Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(lambda-layer-awscli): install awscli with pip and requirements.txt #18800

Merged
merged 5 commits into from
Feb 4, 2022
Merged

chore(lambda-layer-awscli): install awscli with pip and requirements.txt #18800

merged 5 commits into from
Feb 4, 2022

Conversation

corymhall
Copy link
Contributor

@corymhall corymhall commented Feb 2, 2022

We are currently bundling the AWS CLI in the Lambda Layer and need a
mechanism to automatically upgrade when new versions are released.

This changes the way we bundle the AWS CLI, from using the install
script to using pip to install from a requirements.txt file. This will
enable dependabot to auto upgrade the version of the awscli specified in
requirements.txt

Also added integration tests to ensure that the AWS CLI is executable from within
various Python runtimes.

The assetHash has been updated to fingerprint the entire layer directory since
we want to deploy a new version anytime anything in that directory changes, not just the
Dockerfile.


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

We are currently bundling the AWS CLI in the Lambda Layer and need a
mechanism to automatically upgrade when new versions are released.

This changes the way we bundle the AWS CLI, from using the install
script to using pip to install from a `requirements.txt` file. This will
enable dependabot to auto upgrade the version of the awscli specified in
requirements.txt
@gitpod-io
Copy link

gitpod-io bot commented Feb 2, 2022

@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Feb 2, 2022
@corymhall corymhall requested a review from rix0rrr February 2, 2022 19:32
@corymhall corymhall added the pr/do-not-merge This PR should not be merged at this time. label Feb 2, 2022
@corymhall
Copy link
Contributor Author

Actually just realized that we need to update the hash function.


# organize for self-contained usage
RUN mv /opt/awscli /opt/awscli.tmp
RUN pyver=$(python3 -c 'import sys; v = sys.version_info; print(f"{v[0]}.{v[1]}")') && \
mv /opt/awscli.tmp/lib/python${pyver}/site-packages /opt/awscli
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think if we don't do this, your statement of "this will work with any Python 3.x" runtime is going to be true. It's probably going to need to be the exact same Python version as the one that we used to install this, i.e. 3.7.

I'm saying that because I'm pretty sure the disk layout is going to look like this:

/opt/awscli/lib/python3.7/awscli

Can you confirm that, and see if there's something to be done about that?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rix0rrr The directory layout that is produced doesn't have that lib folder at all. I also don't think doing version manipulation in the build image will have an impact on the version of python in the runtime environment.

But anyway I ended up adding integration tests for Python 3.6, 3.7, & 3.9.

@corymhall corymhall requested a review from rix0rrr February 3, 2022 16:18
@corymhall corymhall removed the pr/do-not-merge This PR should not be merged at this time. label Feb 3, 2022
@mergify
Copy link
Contributor

mergify bot commented Feb 4, 2022

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
  • Commit ID: f3ee31a
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify mergify bot merged commit 8cdc2d6 into aws:master Feb 4, 2022
@mergify
Copy link
Contributor

mergify bot commented Feb 4, 2022

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

kornicameister added a commit to kornicameister/aws-cdk that referenced this pull request Feb 6, 2022
* origin/master: (27 commits)
  chore(eks): deprecate older versions of EKS (aws#18842)
  fix(tooling): update vscode devcontainer image (aws#18455)
  chore: npm-check-updates && yarn upgrade (aws#18832)
  chore(docs): Fix broken md links (aws#18384)
  chore(lambda-layer-awscli): install awscli with pip and requirements.txt (aws#18800)
  fix(aws-appsync): Strip unsupported characters from Lambda DataSource (aws#18765)
  feat(cfnspec): cloudformation spec v55.0.0 (aws#18827)
  docs(cfnspec): update CloudFormation documentation (aws#18826)
  chore(cxapi): plugin context provider limited by cx schema (aws#18709)
  feat(iotevents): add grant method to Input class (aws#18617)
  chore(cx-api): break circular dependencies (aws#18767)
  docs(core): clarify that `addOverride` does not change property casing (aws#18687)
  feat(s3-deployment): deploy data with deploy-time values (aws#18659)
  docs(cfnspec): update CloudFormation documentation (aws#18808)
  feat(cli): `cdk diff` works for Nested Stacks (aws#18207)
  docs(cfnspec): update CloudFormation documentation (aws#18783)
  chore(lambda-layer-awscli): add update mechanism for AWS CLI (aws#18780)
  chore(release): 1.143.0
  feat(fsx): add support for FSx Lustre Persistent_2 deployment type (aws#18626)
  feat(amplify): support performance mode in Branch (aws#18598)
  ...
mergify bot pushed a commit that referenced this pull request Feb 7, 2022
#18833)

This PR follows up #18800 by turning on dependabot updates for `awscli`
in `lambda-layer-awscli`.

Currently the only other place we have pip dependencies are in our tests
and the init templates. dependabot does currently look for security
updates in all of our pip dependencies, this just turns on normal
updates for this specific module.

Need to follow up this PR by adding this process to the PR checklist and
the contributing guide.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
TikiTDO pushed a commit to TikiTDO/aws-cdk that referenced this pull request Feb 21, 2022
…txt (aws#18800)

We are currently bundling the AWS CLI in the Lambda Layer and need a
mechanism to automatically upgrade when new versions are released.

This changes the way we bundle the AWS CLI, from using the install
script to using pip to install from a `requirements.txt` file. This will
enable dependabot to auto upgrade the version of the awscli specified in
requirements.txt

Also added integration tests to ensure that the AWS CLI is executable from within
various Python runtimes. 

The `assetHash` has been updated to fingerprint the entire `layer` directory since
we want to deploy a new version anytime anything in that directory changes, not just the
Dockerfile.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
TikiTDO pushed a commit to TikiTDO/aws-cdk that referenced this pull request Feb 21, 2022
aws#18833)

This PR follows up aws#18800 by turning on dependabot updates for `awscli`
in `lambda-layer-awscli`.

Currently the only other place we have pip dependencies are in our tests
and the init templates. dependabot does currently look for security
updates in all of our pip dependencies, this just turns on normal
updates for this specific module.

Need to follow up this PR by adding this process to the PR checklist and
the contributing guide.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
contribution/core This is a PR that came from AWS.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants