feat(plugins) AWS Lambda plugin #1777
Conversation
|
On the plugin gallery we now have to create a new category called: Serverless |
| ["X-Amz-Invocation-Type"] = conf.invocation_type, | ||
| ["X-Amx-Log-Type"] = conf.log_type, | ||
| ["Content-Type"] = "application/x-amz-json-1.1", | ||
| ["Content-Length"] = tostring(string.len(bodyJson)) |
There was a problem hiding this comment.
don't use the len method, just use tostring(#bodyJson)
| local bodyJson = cjson.encode(retrieve_parameters()) | ||
|
|
||
| local host = string.format("lambda.%s.amazonaws.com", conf.aws_region) | ||
| local path = string.format("/2015-03-31/functions/%s/invocations", |
There was a problem hiding this comment.
I don't know the aws lambda stuff, but are these literals here intentional?
| ["kong.plugins.aws-lambda.handler"] = "kong/plugins/aws-lambda/handler.lua", | ||
| ["kong.plugins.aws-lambda.schema"] = "kong/plugins/aws-lambda/schema.lua", | ||
| ["kong.plugins.aws-lambda.access"] = "kong/plugins/aws-lambda/access.lua", | ||
| ["kong.plugins.aws-lambda.v4"] = "kong/plugins/aws-lambda/v4.lua" |
There was a problem hiding this comment.
please use trailing comma for table costructors
|
|
||
| AWSLambdaHandler.PRIORITY = 750 | ||
|
|
||
| return AWSLambdaHandler |
There was a problem hiding this comment.
Merge the access.lua file with this one, no use in multiple files here
| aws_secret = {type = "string", required = true}, | ||
| aws_region = {type = "string", required = true, enum = { | ||
| "us-east-1", "us-east-2", "ap-northeast-1", "ap-northeast-2", | ||
| "ap-southeast-1", "ap-southeast-2", "eu-central-1", "eu-west-1"}}, |
There was a problem hiding this comment.
do we want those to be literals? requires maintenance when amazon decides to change things
There was a problem hiding this comment.
for now I would keep it like this - we can always change it in the future
| for name, value in pairs(headers) do | ||
| if value then -- ignore headers with 'false', they are used to override defaults | ||
| i = i + 1 | ||
| local name_lower = name:lower() |
There was a problem hiding this comment.
using lower here, while just above we're using upper on a first glance not efficient
There was a problem hiding this comment.
I don't see the upper.
There was a problem hiding this comment.
It's line 140 now, where it is commented as -- convert to standard header title case
| } | ||
| end | ||
|
|
||
| return prepare_awsv4_request |
There was a problem hiding this comment.
general; lots of locals to cache; from string and table, and then some
| method = request_method; | ||
| target = target; | ||
| headers = headers; | ||
| body = req_payload; |
| @@ -95,7 +95,7 @@ local function send_response(status_code) | |||
| -- @see https://github.com/openresty/lua-nginx-module | |||
| -- @param content (Optional) The content to send as a response. | |||
| -- @return ngx.exit (Exit current context) | |||
| return function(content, headers) | |||
| return function(content, headers, raw_body) | |||
There was a problem hiding this comment.
update comments for the extra parameter
There was a problem hiding this comment.
What does this have to do with this the aws-lambda plugin?
| @@ -144,14 +146,14 @@ local closure_cache = {} | |||
| -- @param body A string or table which will be the body of the sent response. If table, the response will be encoded as a JSON object. If string, the response will be a JSON object and the string will be contained in the `message` property. | |||
| -- @param[type=table] headers Response headers to send. | |||
| -- @return ngx.exit (Exit current context) | |||
| function _M.send(status_code, body, headers) | |||
| function _M.send(status_code, body, headers, raw_body) | |||
There was a problem hiding this comment.
update comments for extra parameter
| end | ||
|
|
||
| local function hex_encode(str) -- From prosody's util.hex | ||
| local char_to_hex = {}; |
There was a problem hiding this comment.
This char_to_hex table is a constant, filled right below. This one must move outside the scope (top of module?) or it will regenerate the table on every invocation
|
also; missing integration tests. |
|
@Tieske tests in the |
subnetmarco
force-pushed
the
feat/plugin-lambda
branch
2 times, most recently
from
b352494
to
e32d94d
Compare
subnetmarco
force-pushed
the
feat/plugin-lambda
branch
from
e32d94d
to
200c54c
Compare
| @@ -1,14 +1,15 @@ | |||
| return { | |||
| fields = { | |||
There was a problem hiding this comment.
What does this have to do with the aws-lambda plugin?
|
Why does this drop the support of IAM Instance Role authentication that was in #1190 ? |
|
Why does this drop the the support for implicit configuration (via parsed aws-lambda:// url definition) that was in #1190 ? |
|
What is the explanation/expectation of behavior when specifying anything other than RequestResponse invocation_type? It is undefined, and that is why it was left off #1190 . |
|
Why does this drop support for supplying IAM credentials in the Authorization header as had been in #1190 ? |
|
This does not appear to have proper error handling as was in #1190 . On error, AWS Lambda returns a 200 with a response header indicating the presence of the error. Lambda execution is essentially RPC not restful. |
The older implementation is blocking and needs to be rewritten with a non-blocking cosocket API. It is missing in this PR and it just has to be done.
Looking at the big picture it seems like Kong will have two kind of routes: proxy routes, and functional routes that don't proxy to anything but expect a plugin to take over and return a response (like this plugin). We can start discussing about this so we can properly support all those future plugins that return a response without proxying it to an upstream. Also, the previous implementation was changing the core, breaking the core/plugin separation. A better internal API is needed instead.
I have added some more tests that show the usage of the other invocation types. Basically the behavior of the plugin is that it invokes the Lambda function with the specified type and returns whatever response Lambda returns.
Because the user might want to add other plugins on top of the Lambda plugin that might conflict with the
The plugin returns the response the same way Lambda returns it. I didn't change the response being returned by Lambda, because I don't think the plugin should do it. The user can refer to the Lambda documentation to understand how to handle the response. Thoughts? |
|
On a second though this plugin should also be using |
As we know though, only one content handler must be provided per location in Nginx, and thus |
I am just brainstorming, but maybe we could leverage worker_processes auto;
error_log logs/error.log info;
daemon off;
events {
worker_connections 1024;
}
http {
server {
listen 9000;
location @proxy {
internal;
proxy_pass http://httpbin.org;
}
location / {
content_by_lua '
local content_handler = plugin.handler.content
if content_handler then
content_handler()
else
return ngx.exec("@proxy")
end
';
}
}
}Although it seems like |
|
@sonicaghi "On the plugin gallery we now have to create a new category called: Serverless" Where is this defined in the doc? I do not see it here: |
|
@shavo007 coming soon. |
AWS Lambda support.
Closes #1005, and #1190 from which it is heavily inspired (by @timerickson).