From 1dc61cea67a4bda43bf5256e4dbd43e356e7b4a6 Mon Sep 17 00:00:00 2001
From: Luke Williams <lawilliams1993@gmail.com>
Date: Thu, 20 Jun 2024 15:45:18 +0100
Subject: [PATCH 1/6] attempted fix with empty programme failed to compile, so
 attempting empty shell script

---
 scripts/echo-hello.sh                                         | 3 +++
 .../electronic-monitoring-data/modules/lambdas/main.tf        | 4 ++++
 2 files changed, 7 insertions(+)
 create mode 100644 scripts/echo-hello.sh

diff --git a/scripts/echo-hello.sh b/scripts/echo-hello.sh
new file mode 100644
index 00000000000..407e3cdfda0
--- /dev/null
+++ b/scripts/echo-hello.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+echo "hello world"
\ No newline at end of file
diff --git a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
index 58c7a88134c..81ced01dda7 100644
--- a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
@@ -7,6 +7,10 @@ resource "aws_sqs_queue" "lambda_dlq" {
   kms_master_key_id = aws_kms_key.lambda_env_key.id
 }
 
+data "external" "latest_image_update_log_table" {
+  program = ["bash", "${path.root}/bash_scripts/echo_hello.sh"] # var.ecr_repo_name, var.function_name
+}
+
 resource "aws_kms_key" "lambda_env_key" {
   description         = "KMS key for encrypting Lambda environment variables for ${var.function_name}"
   enable_key_rotation = true

From 2eda3df1a327c2e7a5a54db52b69f5255373c4f4 Mon Sep 17 00:00:00 2001
From: Luke Williams <lawilliams1993@gmail.com>
Date: Thu, 20 Jun 2024 15:51:00 +0100
Subject: [PATCH 2/6] misspelled bash script name

---
 .../electronic-monitoring-data/modules/lambdas/main.tf          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
index 81ced01dda7..cfd37e9189a 100644
--- a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
@@ -8,7 +8,7 @@ resource "aws_sqs_queue" "lambda_dlq" {
 }
 
 data "external" "latest_image_update_log_table" {
-  program = ["bash", "${path.root}/bash_scripts/echo_hello.sh"] # var.ecr_repo_name, var.function_name
+  program = ["bash", "${path.root}/bash_scripts/echo-hello.sh"] # var.ecr_repo_name, var.function_name
 }
 
 resource "aws_kms_key" "lambda_env_key" {

From 707a24ca1a805a4814c8e3b572b6fa330485e499 Mon Sep 17 00:00:00 2001
From: Luke Williams <lawilliams1993@gmail.com>
Date: Thu, 20 Jun 2024 15:54:08 +0100
Subject: [PATCH 3/6] trying to find out where the scripts are saved, changed
 directory

---
 .../electronic-monitoring-data/modules/lambdas/main.tf          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
index cfd37e9189a..4b793b30b23 100644
--- a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
@@ -8,7 +8,7 @@ resource "aws_sqs_queue" "lambda_dlq" {
 }
 
 data "external" "latest_image_update_log_table" {
-  program = ["bash", "${path.root}/bash_scripts/echo-hello.sh"] # var.ecr_repo_name, var.function_name
+  program = ["bash", "${path.root}/scripts/echo-hello.sh"] # var.ecr_repo_name, var.function_name
 }
 
 resource "aws_kms_key" "lambda_env_key" {

From 5594161aef7c6bbe6b7a167785cee38aba2a81a6 Mon Sep 17 00:00:00 2001
From: Luke Williams <lawilliams1993@gmail.com>
Date: Thu, 20 Jun 2024 15:58:04 +0100
Subject: [PATCH 4/6] tried hardcoding the bash script

---
 .../electronic-monitoring-data/modules/lambdas/main.tf        | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
index 4b793b30b23..1fa7541688e 100644
--- a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
@@ -8,7 +8,9 @@ resource "aws_sqs_queue" "lambda_dlq" {
 }
 
 data "external" "latest_image_update_log_table" {
-  program = ["bash", "${path.root}/scripts/echo-hello.sh"] # var.ecr_repo_name, var.function_name
+  program = [
+    "bash", "-c",
+    "echo 'hello world'"]
 }
 
 resource "aws_kms_key" "lambda_env_key" {

From 4fe079e1cf8bb39a87f1145ef173057bc92ee8a9 Mon Sep 17 00:00:00 2001
From: Luke Williams <lawilliams1993@gmail.com>
Date: Thu, 20 Jun 2024 16:06:39 +0100
Subject: [PATCH 5/6] attempted to recreate similar to Matt H within Lambda
 module, attempting a map output

---
 scripts/echo-hello.sh                         |  3 --
 .../modules/lambdas/main.tf                   | 30 ++++++++++++-------
 2 files changed, 19 insertions(+), 14 deletions(-)
 delete mode 100644 scripts/echo-hello.sh

diff --git a/scripts/echo-hello.sh b/scripts/echo-hello.sh
deleted file mode 100644
index 407e3cdfda0..00000000000
--- a/scripts/echo-hello.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-echo "hello world"
\ No newline at end of file
diff --git a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
index 1fa7541688e..548203991ca 100644
--- a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
@@ -7,12 +7,6 @@ resource "aws_sqs_queue" "lambda_dlq" {
   kms_master_key_id = aws_kms_key.lambda_env_key.id
 }
 
-data "external" "latest_image_update_log_table" {
-  program = [
-    "bash", "-c",
-    "echo 'hello world'"]
-}
-
 resource "aws_kms_key" "lambda_env_key" {
   description         = "KMS key for encrypting Lambda environment variables for ${var.function_name}"
   enable_key_rotation = true
@@ -126,18 +120,32 @@ resource "aws_cloudwatch_log_group" "lambda_cloudwatch_group" {
   kms_key_id        = aws_kms_key.lambda_env_key.arn
 }
 
+data "external" "latest_image_update_log_table" {
+  for_each = var.is_image ? { image = 1 } : {} # Use empty map if not fetching image
+
+  program = [
+    "bash", "-c",
+    "echo 'hello world'"
+  ]
+}
 
 resource "aws_lambda_function" "this" {
   #checkov:skip=CKV_AWS_272:Lambda needs code-signing, see ELM-1975
-  filename         = var.filename
+  # Zip File config
+  filename         = var.is_image ? null : var.filename
+  handler          = var.is_image ? null : var.handler
+  layers           = var.is_image ? null : var.layers
+  source_code_hash = var.is_image ? null : var.source_code_hash
+  runtime          = var.is_image ? null : var.runtime
+  # Image config
+  image_uri        = var.is_image ? data.external.latest_image_update_log_table["image"].result["latest_image_uri"] : null
+  package_type     = var.is_image ? "Image" : null
+  architectures    = var.is_image ? ["arm64"] : null
+  # Constants
   function_name    = var.function_name
   role             = var.role_arn
-  handler          = var.handler
-  layers           = var.layers
-  source_code_hash = var.source_code_hash
   timeout          = var.timeout
   memory_size      = var.memory_size
-  runtime          = var.runtime
 
   dynamic "vpc_config" {
     for_each = local.use_vpc_config ? [1] : []

From 4b1289898a912e818ddcad5a6dc1ac0daff92260 Mon Sep 17 00:00:00 2001
From: Luke Williams <lawilliams1993@gmail.com>
Date: Thu, 20 Jun 2024 16:14:18 +0100
Subject: [PATCH 6/6] attempted to output simple empty json from bash

---
 .../modules/lambdas/main.tf                   | 30 +++++++------------
 1 file changed, 11 insertions(+), 19 deletions(-)

diff --git a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
index 548203991ca..74a46d2b5fe 100644
--- a/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/lambdas/main.tf
@@ -7,6 +7,12 @@ resource "aws_sqs_queue" "lambda_dlq" {
   kms_master_key_id = aws_kms_key.lambda_env_key.id
 }
 
+data "external" "latest_image_update_log_table" {
+  program = [
+    "bash", "-c",
+    "echo {}"]
+}
+
 resource "aws_kms_key" "lambda_env_key" {
   description         = "KMS key for encrypting Lambda environment variables for ${var.function_name}"
   enable_key_rotation = true
@@ -120,32 +126,18 @@ resource "aws_cloudwatch_log_group" "lambda_cloudwatch_group" {
   kms_key_id        = aws_kms_key.lambda_env_key.arn
 }
 
-data "external" "latest_image_update_log_table" {
-  for_each = var.is_image ? { image = 1 } : {} # Use empty map if not fetching image
-
-  program = [
-    "bash", "-c",
-    "echo 'hello world'"
-  ]
-}
 
 resource "aws_lambda_function" "this" {
   #checkov:skip=CKV_AWS_272:Lambda needs code-signing, see ELM-1975
-  # Zip File config
-  filename         = var.is_image ? null : var.filename
-  handler          = var.is_image ? null : var.handler
-  layers           = var.is_image ? null : var.layers
-  source_code_hash = var.is_image ? null : var.source_code_hash
-  runtime          = var.is_image ? null : var.runtime
-  # Image config
-  image_uri        = var.is_image ? data.external.latest_image_update_log_table["image"].result["latest_image_uri"] : null
-  package_type     = var.is_image ? "Image" : null
-  architectures    = var.is_image ? ["arm64"] : null
-  # Constants
+  filename         = var.filename
   function_name    = var.function_name
   role             = var.role_arn
+  handler          = var.handler
+  layers           = var.layers
+  source_code_hash = var.source_code_hash
   timeout          = var.timeout
   memory_size      = var.memory_size
+  runtime          = var.runtime
 
   dynamic "vpc_config" {
     for_each = local.use_vpc_config ? [1] : []