New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Don't call GetFunctionCodeSigningConfig or GetRuntimeManagementConfig on Lambdas packaged as Images (aws_lambda_functions
)
#14729
Conversation
@@ -153,9 +152,7 @@ func resolveCodeSigningConfig(ctx context.Context, meta schema.ClientMeta, resou | |||
svc := cl.Services(client.AWSServiceLambda).Lambda | |||
|
|||
// skip getting CodeSigningConfig since containerized lambda functions does not support this feature | |||
// value can be nil if the caller doesn't have GetFunctionConfiguration permission and only has List* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is still the case but theres a nil check for r.Configuration
on https://github.com/cloudquery/cloudquery/pull/14729/files#diff-93c24c91e5c0e22f86d6415f1b98b47062f7d8974b9337c0b13c01322b8df981L149
@@ -153,9 +152,7 @@ func resolveCodeSigningConfig(ctx context.Context, meta schema.ClientMeta, resou | |||
svc := cl.Services(client.AWSServiceLambda).Lambda | |||
|
|||
// skip getting CodeSigningConfig since containerized lambda functions does not support this feature | |||
// value can be nil if the caller doesn't have GetFunctionConfiguration permission and only has List* | |||
lambdaType := resource.Get("code_repository_type").(*scalar.String) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not entirely sure why we previously relied on untyped resource.Get
instead of directly accessing values from r.Configuration
. Either way, this approach seemed to not be working for us as we were still getting errors from GetRuntimeManagementConfig
.
…mentConfig on Lambdas packaged as Images (`aws_lambda_functions`)
eae2760
to
05c9355
Compare
aws_lambda_functions
)aws_lambda_functions
)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great find!
Co-authored-by: Ben Bernays <ben@bernays.me>
🤖 I have created a release *beep* *boop* --- ## [22.16.0](plugins-source-aws-v22.15.2...plugins-source-aws-v22.16.0) (2023-10-23) ### This Release has the Following Changes to Tables - Table `aws_efs_filesystems`: column added with name `file_system_policy` and type `utf8` ### Features * Add `policy` column to `aws_efs_filesystems` table ([#14672](#14672)) ([833b9c2](833b9c2)) ### Bug Fixes * Changed the condition to check for policies in policies table ([#13935](#13935)) ([f136331](f136331)) * **deps:** Update github.com/cloudquery/arrow/go/v14 digest to f46436f ([#14803](#14803)) ([f5248d7](f5248d7)) * **deps:** Update module github.com/cloudquery/codegen to v0.3.10 ([#14773](#14773)) ([98f3e2c](98f3e2c)) * **deps:** Update module github.com/cloudquery/codegen to v0.3.11 ([#14870](#14870)) ([4fa917d](4fa917d)) * Don't call GetFunctionCodeSigningConfig or GetRuntimeManagementConfig on Lambdas packaged as Images (`aws_lambda_functions`) ([#14729](#14729)) ([6fc30d3](6fc30d3)) * Handle `NotFound` error when syncing Subscriptions with deleted topic (`aws_sns_subscriptions`) ([#14771](#14771)) ([6fcf43d](6fcf43d)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Summary
When syncing
aws_lambda_functions
Cloudquery has 2 resolvers for GetFunctionCodeSigningConfig and GetRuntimeManagementConfig. The AWS API does not support calling either of these APIs with Lambdas that use containerised images and this results in errors in Cloudquery.Thankfully Cloudquery is great and doesn't panic when it encounters these errors and theres no loss in data, but it does log it as "something bad happening" when in reality this is expected behaviour from the AWS API.
It looks like there was an attempt to fix this before for GetFunctionCodeSigningConfig but it doesn't seem to be preventing the errors.
Part of #14652