Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(codedeploy) lambda application and deployment groups #1628

Merged
merged 18 commits into from
Feb 4, 2019

Conversation

sam-goodwin
Copy link
Contributor

Fixes #1020

Pull Request Checklist

  • Testing
    • Unit test added
    • CLI change?: manually run integration tests and paste output as a PR comment
    • cdk-init template change?: coordinated update of integration tests with team
  • Docs
    • jsdocs: All public APIs documented
    • README: README and/or documentation topic updated
  • Title and Description
    • Change type: title prefixed with fix, feat will appear in changelog
    • Title: use lower-case and doesn't end with a period
    • Breaking?: last paragraph: "BREAKING CHANGE: <describe what changed + link for details>"
    • Issues: Indicate issues fixed via: "Fixes #xxx" or "Closes #xxx"
  • Sensitive Modules (requires 2 PR approvers)
    • IAM Policy Document (in @aws-cdk/aws-iam)
    • EC2 Security Groups and ACLs (in @aws-cdk/aws-ec2)
    • Grant APIs (only if not based on official documentation with a reference)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license.

@sam-goodwin sam-goodwin added the @aws-cdk/aws-lambda Related to AWS Lambda label Jan 29, 2019
@sam-goodwin sam-goodwin requested review from RomainMuller, skinny85 and a team as code owners January 29, 2019 04:39
Copy link
Contributor

@eladb eladb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks great!

copy: @skinny85

packages/@aws-cdk/aws-codedeploy/README.md Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/lib/config.ts Outdated Show resolved Hide resolved
props.postHook.grantInvoke(serviceRole);
}

(props.alias.node.findChild('Resource') as lambda.CfnAlias).options.updatePolicy = {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are going to add a cfnresource to L2s so you'd be able to access it without an escape hatch. Feel free to do that now or raise an issue not to forget this escape hatch later.

Copy link
Contributor

@skinny85 skinny85 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally looks fine, some devil is in the details.

In particular, it is my strong opinion that we should not export a concept of a Compute Platform to our customers. Since Server and Lambda are already separated by different classes, I don't see the point of having a property, nor a type, for that.

packages/@aws-cdk/aws-codedeploy/README.md Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/lib/lambda/application.ts Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/lib/server/application.ts Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/lib/server/application.ts Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/lib/server/application.ts Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/lib/server/application.ts Outdated Show resolved Hide resolved
@skinny85
Copy link
Contributor

cc @yubangxi from the CodeDeploy team

this.functionName = alias.ref;
this.functionArn = alias.aliasArn;
this.functionName = `${props.version.lambda.functionArn}:${props.aliasName}`;
this.functionArn = `${props.version.lambda.functionArn}:${props.aliasName}`;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Drawing attention to this. Is this a breaking change?

I had to do this or else we can't use an alias's metrics with a deployment group, since it creates a circular dependency:

  • Alias UpdatePolicy references the deployment group
  • Deployment group references the Alias's !Ref (via) the alarm and metric.

packages/@aws-cdk/aws-codedeploy/README.md Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/lib/config.ts Outdated Show resolved Hide resolved
let serviceRole: iam.Role | undefined = props.role;
if (serviceRole) {
if (serviceRole.assumeRolePolicy) {
serviceRole.assumeRolePolicy.addStatement(new iam.PolicyStatement()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The "right" thing to do here is to add support in PolicyDocument to conditionally add a statement if a statement with the same SID was not already added and then use some UUID as a SID to avoid duplicates.

Copy link
Contributor

@skinny85 skinny85 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some changes to the existing classes that I don't understand + a few minor comments.

@skinny85
Copy link
Contributor

There are also a few places you use @param parent in JSDocs, but the actual name of the first parameter is now scope - probably an artifact of the old naming, but it should be correct in all new code.

@sam-goodwin sam-goodwin self-assigned this Feb 4, 2019
Copy link
Contributor

@skinny85 skinny85 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, some minor non-blocking comments, almost all of them documentation-related.

packages/@aws-cdk/aws-codedeploy/README.md Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Outdated Show resolved Hide resolved
packages/@aws-cdk/aws-codedeploy/README.md Show resolved Hide resolved

### Lambda Deployment Groups

To enable traffic shifting deployments for Lambda functions, CodeDeploy uses Lambda Aliases, which can balance incoming traffic between two different versions of your function. Before deployment, the alias sends 100% of invokes to the version used in production. When you publish a new version of the function to your stack, CodeDeploy will send a small percentage of traffic to the new version, monitor, and validate before shifting 100% of traffic to the new version.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you break these lines on full sentence boundaries? Makes the file read better in text mode, and is later easier to edit (the diffs are cleaner when you break on sentence boundaries).


#### Pre and Post Hooks

CodeDeploy allows you to run an arbitrary Lambda function before traffic shifting actually starts (PreTraffic Hook) and after it completes (PostTraffic Hook). With either hook, you have the opportunity to run logic that determines whether the deployment must succeed or fail. For example, with PreTraffic hook you could run integration tests against the newly created Lambda version (but not serving traffic). With PostTraffic hook, you could run end-to-end validation checks.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same note here (break lines on sentence boundaries).

* on this deployment group resource.
* @param principal to grant permission to
*/
public grantPutLifecycleEventHookExecutionStatus(principal?: iam.IPrincipal) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here (return type).

}

/**
* Properties of a reference to a CodeDeploy EC2/on-premise Deployment Group.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope :)

* Properties of a reference to a CodeDeploy EC2/on-premise Deployment Group.
*
* @see ServerDeploymentGroup#import
* @see IServerDeploymentGroup#export
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope & nope :)

application: ILambdaApplication;

/**
* The physical, human-readable name of the CodeDeploy EC2/on-premise Deployment Group
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still not an EC2/on-premise Deployment Group :)

},
"/invocations"
":my-alias/invocations"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The fact that we're changing this worries me a bit as well... maybe consult with somebody that knows a lot about the API Gateway construct whether these changes are OK? I don't feel competent enough in that area to comment on it.

@sam-goodwin sam-goodwin merged commit 4c4b015 into master Feb 4, 2019
@sam-goodwin sam-goodwin deleted the samgood/blue-green branch February 4, 2019 21:29
moofish32 pushed a commit to moofish32/aws-cdk that referenced this pull request Feb 5, 2019
Adds `LambdaApplication` and `LambdaDeploymentGroup` such that an `Alias` to a Lambda `Function` can be deployed via CodeDeploy; supports pre/post hook functions, traffic-shifting and alarm monitoring and rollback.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
@aws-cdk/aws-lambda Related to AWS Lambda
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Implement Traffic shifting support for Lambdas
3 participants