Update Lambda handler path in Dockerfile and Terraform configuration

[oto-macenauer-absa]

This pull request updates the Lambda function packaging and handler configuration to improve source code organization and ensure the correct entry point is used for both ZIP and container image deployments. The changes primarily affect the Dockerfile and Terraform configuration.

Lambda packaging and handler configuration:

• Updated the Dockerfile to copy the src directory into LAMBDA_TASK_ROOT/src instead of copying its contents directly, improving code organization.
• Changed the Lambda entry point in the Dockerfile CMD to use src.event_gate_lambda.lambda_handler, reflecting the new code structure.
• Modified the Terraform Lambda function resource to set the handler to src.event_gate_lambda.lambda_handler for container image deployments, while keeping the ZIP handler unchanged.

Release notes:

• Fixed incorrect script import

Related:

• Closed Lambda container fails with Runtime.ImportModuleError due to missing src package #85

Summary by CodeRabbit

• Chores
  • Added support for image-based Lambda deployments alongside zip packages and unified deployment configuration so both package types initialize consistently.
  • Made conditional packaging logic and deployment source selection more robust, improving deployment reliability, parity between package types, and maintainability of the Lambda pipeline.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Preserve the src package in the container image and align handler references: Dockerfile now copies src into $LAMBDA_TASK_ROOT/src and CMD uses src.event_gate_lambda.lambda_handler. Terraform adds conditional Image support and selects image vs zip handler/runtime accordingly.

Changes

Cohort / File(s)	Summary
Docker image layout & entrypoint Dockerfile	Change COPY from COPY src/ $LAMBDA_TASK_ROOT/ to COPY src $LAMBDA_TASK_ROOT/src and update CMD from ["event_gate_lambda.lambda_handler"] to ["src.event_gate_lambda.lambda_handler"].
Terraform Lambda packaging & config terraform/lambda.tf	Add Image package_type support (image_config.command, image_uri conditional), keep Zip behavior (runtime, handler, source_code_hash via data.aws_s3_object), make data.aws_s3_object conditional with count, and adjust handler/runtime conditionals to match Zip vs Image paths.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Dev as Developer
  participant Build as Docker build
  participant Registry as ECR / S3
  participant TF as Terraform
  participant Lambda as AWS Lambda

  Dev->>Build: Build image (COPY `src` into /var/task/src)
  Build->>Registry: Push image (Image) or upload zip (Zip)
  Dev->>TF: Apply (var.lambda_package_type = Image|Zip)
  TF->>Registry: Read image_uri or S3 object (conditional)
  TF->>Lambda: Create/Update function with:
  alt package_type == "Image"
    note right of Lambda: image_uri set\nimage_config.command = ["src.event_gate_lambda.lambda_handler"]
  else package_type == "Zip"
    note right of Lambda: s3_bucket/key + source_code_hash\nruntime = "python3.13"\nhandler = "event_gate_lambda.lambda_handler"
  end
  Lambda->>Lambda: Invoke -> Python resolves imports
  note right of Lambda: With Image + nested `src`, imports like `src.*` succeed

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Inspect Dockerfile COPY/CMD to ensure package layout and entrypoint are correct.
• Review terraform/lambda.tf conditionals: image_config.command, image_uri vs source_code_hash, runtime/handler branching, and data.aws_s3_object.count usage.
• Validate that CI/CD/ECR/S3 paths and variable assumptions match deployment pipelines.

Suggested reviewers

• Zejnilovic
• petr-pokorny-absa

Poem

🐰 I hopped through layers, kept src in place,
Nestled in /var/task, a cozy little space.
The handler now points where imports can sing,
No more ImportErrors — hooray, let’s spring! 🥕

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title accurately describes the main change: updating Lambda handler paths in both Dockerfile and Terraform configuration files.
Linked Issues check	✅ Passed	All coding objectives from issue #85 are met: src directory is copied intact into LAMBDA_TASK_ROOT/src, handler path updated to src.event_gate_lambda.lambda_handler in both Dockerfile and Terraform for image deployments.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to fixing the import error: Dockerfile COPY/CMD directives and Terraform Lambda handler/image configuration are aligned with issue #85 objectives.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bugfix/import-error

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d3072ad and 9c8c749.

📒 Files selected for processing (1)

• terraform/lambda.tf (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• terraform/lambda.tf

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Trivy has completed a full security repository scan ✅ You can find the analysis results for this PR branch on this overview.
Below is the summary of the findings:

TRIVY	CRITICAL	HIGH	MEDIUM	LOW	TOTAL
vulnerability	0	0	0	0	0
secret	0	6	0	0	6
misconfiguration	0	0	1	10	11
license	0	0	0	0	0
➡️ Total	0	6	1	10	17

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 34b3e2d and d3072ad.

📒 Files selected for processing (2)

• Dockerfile (2 hunks)
• terraform/lambda.tf (1 hunks)

🔇 Additional comments (2)

Dockerfile (2)

84-84: CMD directive correctly maps to lambda_handler with valid AWS Lambda signature.

The handler entry point now correctly reflects the nested structure created by the updated COPY directive, allowing AWS Lambda to locate and invoke src.event_gate_lambda.lambda_handler. The function signature at src/event_gate_lambda.py::lambda_handler accepts (event: Dict[str, Any], context: Any) parameters, which is compatible with AWS Lambda expectations. This change is consistent with the Dockerfile's COPY operation and aligns with the Terraform handler configuration for container image deployments.

---

74-74: COPY and CMD directives verified—no issues found.

The COPY directive at line 74 correctly preserves the nested src package structure, and the CMD directive at line 84 properly references the lambda_handler function at src.event_gate_lambda.lambda_handler. The lambda_handler function exists with the correct AWS Lambda signature (event, context parameters) and src is a valid Python package with init.py. All changes align with the PR objective to resolve import errors.

[github-actions]

Trivy has completed a full security repository scan ✅ You can find the analysis results for this PR branch on this overview.
Below is the summary of the findings:

TRIVY	CRITICAL	HIGH	MEDIUM	LOW	TOTAL
vulnerability	0	0	0	0	0
secret	0	6	0	0	6
misconfiguration	0	0	1	10	11
license	0	0	0	0	0
➡️ Total	0	6	1	10	17