-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(codedeploy) lambda application and deployment groups #1628
Conversation
… poll failure with test
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks great!
copy: @skinny85
packages/@aws-cdk/aws-codedeploy/lib/lambda/deployment-group.ts
Outdated
Show resolved
Hide resolved
props.postHook.grantInvoke(serviceRole); | ||
} | ||
|
||
(props.alias.node.findChild('Resource') as lambda.CfnAlias).options.updatePolicy = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We are going to add a cfnresource
to L2s so you'd be able to access it without an escape hatch. Feel free to do that now or raise an issue not to forget this escape hatch later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally looks fine, some devil is in the details.
In particular, it is my strong opinion that we should not export a concept of a Compute Platform to our customers. Since Server and Lambda are already separated by different classes, I don't see the point of having a property, nor a type, for that.
cc @yubangxi from the CodeDeploy team |
this.functionName = alias.ref; | ||
this.functionArn = alias.aliasArn; | ||
this.functionName = `${props.version.lambda.functionArn}:${props.aliasName}`; | ||
this.functionArn = `${props.version.lambda.functionArn}:${props.aliasName}`; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Drawing attention to this. Is this a breaking change?
I had to do this or else we can't use an alias's metrics with a deployment group, since it creates a circular dependency:
- Alias UpdatePolicy references the deployment group
- Deployment group references the Alias's
!Ref
(via) the alarm and metric.
let serviceRole: iam.Role | undefined = props.role; | ||
if (serviceRole) { | ||
if (serviceRole.assumeRolePolicy) { | ||
serviceRole.assumeRolePolicy.addStatement(new iam.PolicyStatement() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The "right" thing to do here is to add support in PolicyDocument
to conditionally add a statement if a statement with the same SID was not already added and then use some UUID as a SID to avoid duplicates.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some changes to the existing classes that I don't understand + a few minor comments.
There are also a few places you use |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, some minor non-blocking comments, almost all of them documentation-related.
|
||
### Lambda Deployment Groups | ||
|
||
To enable traffic shifting deployments for Lambda functions, CodeDeploy uses Lambda Aliases, which can balance incoming traffic between two different versions of your function. Before deployment, the alias sends 100% of invokes to the version used in production. When you publish a new version of the function to your stack, CodeDeploy will send a small percentage of traffic to the new version, monitor, and validate before shifting 100% of traffic to the new version. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you break these lines on full sentence boundaries? Makes the file read better in text mode, and is later easier to edit (the diffs are cleaner when you break on sentence boundaries).
|
||
#### Pre and Post Hooks | ||
|
||
CodeDeploy allows you to run an arbitrary Lambda function before traffic shifting actually starts (PreTraffic Hook) and after it completes (PostTraffic Hook). With either hook, you have the opportunity to run logic that determines whether the deployment must succeed or fail. For example, with PreTraffic hook you could run integration tests against the newly created Lambda version (but not serving traffic). With PostTraffic hook, you could run end-to-end validation checks. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same note here (break lines on sentence boundaries).
* on this deployment group resource. | ||
* @param principal to grant permission to | ||
*/ | ||
public grantPutLifecycleEventHookExecutionStatus(principal?: iam.IPrincipal) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same here (return type).
} | ||
|
||
/** | ||
* Properties of a reference to a CodeDeploy EC2/on-premise Deployment Group. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope :)
* Properties of a reference to a CodeDeploy EC2/on-premise Deployment Group. | ||
* | ||
* @see ServerDeploymentGroup#import | ||
* @see IServerDeploymentGroup#export |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope & nope :)
application: ILambdaApplication; | ||
|
||
/** | ||
* The physical, human-readable name of the CodeDeploy EC2/on-premise Deployment Group |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Still not an EC2/on-premise Deployment Group :)
}, | ||
"/invocations" | ||
":my-alias/invocations" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The fact that we're changing this worries me a bit as well... maybe consult with somebody that knows a lot about the API Gateway construct whether these changes are OK? I don't feel competent enough in that area to comment on it.
… add lambda application docs
Adds `LambdaApplication` and `LambdaDeploymentGroup` such that an `Alias` to a Lambda `Function` can be deployed via CodeDeploy; supports pre/post hook functions, traffic-shifting and alarm monitoring and rollback.
Fixes #1020
Pull Request Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license.