community icon indicating copy to clipboard operation
community copied to clipboard

Published 20 hours ago verified publisher icon aws-controllers-k8s

Lambda controller removing `code:` block

Open bjoernw opened this issue 3 years ago • 3 comments

Describe the bug I have a single Function resource defined (see below). The problem I'm having is that after the function is successfully created the code: block gets removed from the Function object and ArgoCD will show this resource as out-of-sync again. What's the recommended way of indicating there is a new version available? At first I was embedding the gitsha in the zip file name but then learned that the controller doesn't like it when the zip file name changes so I switched to updating the s3ObjectVersion for every new release. Any ideas what causes the code: block to get mutated?

Helm manifest

  apiVersion: lambda.services.k8s.aws/v1alpha1
  kind: Function
  metadata:
    name: REDACTED
  spec:
    code:
      s3Bucket: REDACTED_bucket
      s3Key: REDACTED/REDACTED.zip
      s3ObjectVersion: BYpVrqCPxd6yEZQ.bsZBlLuB9S_creyY
    memorySize: 128
    name: {{ .Release.Name }}
    description: "REDACTED Release: {{ .Values.gitsha }}"
    packageType: Zip
    handler: index.handler
    publish: true
    role: {{ .Values.roleARN }}
    runtime: {{ .Values.runtime }}
    timeout: {{ .Values.timeout }}

Live K8s object post creation:

apiVersion: lambda.services.k8s.aws/v1alpha1
kind: Function
metadata:
  labels:
    argocd.argoproj.io/instance: REDACTED
  name: REDACTED
  namespace: aws-staging
spec:
  architectures:
  - x86_64
  code: {}
  description: 'REDACTED Release: 313d869226b56635b2257116891dbc68a9f82c85'
  handler: index.handler
  memorySize: 128
  name: REDACTED
  packageType: Zip
  publish: true
  role: arn:aws:iam::REDACTED:role/REDACTED-role
  runtime: nodejs16.x
  timeout: 3
  tracingConfig:
    mode: PassThrough
status:
  ackResourceMetadata:
    arn: arn:aws:lambda:us-east-1:REDACTED:function:REDACTED
    ownerAccountID: "REDACTED"
    region: us-east-1
  codeSHA256: OR5V0WC2XajpJ0QR03SphjFMTtisMpqDkUeGtgpIE7A=
  codeSize: 60466309
  conditions:
  - lastTransitionTime: "2022-07-25T23:28:49Z"
    message: Resource synced successfully
    reason: ""
    status: "True"
    type: ACK.ResourceSynced
  lastModified: 2022-07-25T23:28:49.000+0000
  lastUpdateStatus: InProgress
  lastUpdateStatusReason: The function is being created.
  lastUpdateStatusReasonCode: Creating
  revisionID: 8512d1c8-eba7-4730-a5f9-8f37370995e7
  state: Active
  version: $LATEST

Steps to reproduce Install the above object in a cluster.

Expected outcome The controller should not edit the code: block of an existing Function object.

Environment aws eks

  • Kubernetes version: v1.21.12-eks-a64ea69
  • Using EKS (yes/no), if so version?: yes, v1.21.12-eks-a64ea69
  • AWS service targeted (S3, RDS, etc.): Lambda with zip files from s3 using versioning

bjoernw avatar Jul 25 '22 23:07 bjoernw

Forgot to add details on the version im using:

image:
  repository: public.ecr.aws/aws-controllers-k8s/lambda-controller
  tag: v0.0.16

bjoernw avatar Jul 26 '22 16:07 bjoernw

I'm trying to figure out whether to continue with my proof-of-concept. Did I misconfigure something? My understanding was that operators should not mutate anything in the spec and only edit the status section. Any idea what could be going on here @A-Hilaly ?

bjoernw avatar Aug 02 '22 17:08 bjoernw

Hi @bjoernw, so most of the lambda controllers create/delete code paths are fully generated and the reason why the fields don't stay in sync is that the Lambda API returns different code.s3bucket and code.s3key fields than the ones originally submitted. We will have to add some custom code to keep the original code.s3bucketandcode.s3key` content.

a-hilaly avatar Aug 02 '22 19:08 a-hilaly

@bjoernw this issue have been fixed in v0.0.17 release

a-hilaly avatar Aug 15 '22 21:08 a-hilaly