ran-isenberg · ran-isenberg · Dec 31, 2022 · Dec 31, 2022 · Dec 31, 2022 · Dec 31, 2022
diff --git a/.github/workflows/serverless-service.yml b/.github/workflows/serverless-service.yml
@@ -43,7 +43,7 @@ jobs:
       - name: pre commit
         run: |
           make pre-commit
-      - name: Lint with flake8
+      - name: Lint with flake8 and mypy
         run: |
           make lint
       - name: file format

diff --git a/Makefile b/Makefile
@@ -9,6 +9,8 @@ dev:
 lint:
 	@echo "Running flake8"
 	flake8 service/* cdk/* tests/* docs/examples/* --exclude patterns='build,cdk.json,cdk.context.json,.yaml'
+	@echo "Running mypy"
+	make mypy-lint
 
 complex:
 	@echo "Running Radon"
@@ -22,6 +24,9 @@ sort:
 pre-commit:
 	pre-commit run -a --show-diff-on-failure
 
+mypy-lint:
+	mypy --pretty service docs/examples cdk tests
+
 deps:
 	pipenv requirements --dev > dev_requirements.txt
 	pipenv requirements  > lambda_requirements.txt
@@ -47,10 +52,10 @@ deploy:
 	make deps
 	mkdir -p .build/lambdas ; cp -r service .build/lambdas
 	mkdir -p .build/common_layer ; pipenv requirements > .build/common_layer/requirements.txt
-	cdk deploy --app="python3 ${PWD}/cdk/my_service/app.py" --require-approval=never
+	cdk deploy --app="python3 ${PWD}/app.py" --require-approval=never
 
 destroy:
-	cdk destroy --app="python3 ${PWD}/cdk/my_service/app.py" --force
+	cdk destroy --app="python3 ${PWD}/app.py" --force
 
 docs:
 	mkdocs serve

diff --git a/Pipfile b/Pipfile
@@ -23,6 +23,9 @@ boto3 = "*"
 mkdocs-material = "*"
 mkdocs-git-revision-date-plugin = "*"
 setuptools = ">=65.5.1"
+types-cachetools = "*"
+mypy = "*"
+types-requests = "*"
 
 [packages]
 aws-lambda-powertools= {extras = ["all"],version = "*"}

diff --git a/Pipfile.lock b/Pipfile.lock
diff --git a/README.md b/README.md
@@ -43,7 +43,7 @@ This project aims to reduce cognitive load and answer these questions for you by
 
 - Python Serverless service with a recommended file structure.
 - CDK infrastructure with infrastructure tests and security tests.
-- CI/CD pipelines based on Github actions that deploys to AWS with python linters, complexity checks and style formatters.
+- CI/CD pipelines based on Github actions that deploys to AWS with python linters, static code analysis, complexity checks and style formatters.
 - The AWS Lambda handler embodies Serverless best practices and has all the bells and whistles for a proper production ready handler.
 - AWS Lambda handler uses [AWS Lambda Powertools](https://awslabs.github.io/aws-lambda-powertools-python/).
 - Unit, integration and E2E tests.

diff --git a/app.py b/app.py
@@ -0,0 +1,18 @@
+#!/usr/bin/env python3
+import os
+
+from aws_cdk import App, Environment
+from boto3 import client, session
+
+from cdk.my_service.service_stack import ServiceStack, get_stack_name
+
+account = client('sts').get_caller_identity()['Account']
+region = session.Session().region_name
+app = App()
+my_stack = ServiceStack(
+    app,
+    get_stack_name(),
+    env=Environment(account=os.environ.get('AWS_DEFAULT_ACCOUNT', account), region=os.environ.get('AWS_DEFAULT_REGION', region)),
+)
+
+app.synth()
diff --git a/cdk.context.json b/cdk.context.json
@@ -0,0 +1 @@
+{}
diff --git a/cdk/my_service/cdk.json → cdk.json b/cdk/my_service/cdk.json → cdk.json
diff --git a/cdk/my_service/app.py b/cdk/my_service/app.py
diff --git a/cdk/my_service/cdk.context.json b/cdk/my_service/cdk.context.json
diff --git a/__init__.py → cdk/my_service/configuration/__init__.py b/__init__.py → cdk/my_service/configuration/__init__.py
diff --git a/.../configuration/configuration_construct.py → .../configuration/configuration_construct.py b/.../configuration/configuration_construct.py → .../configuration/configuration_construct.py
@@ -3,7 +3,8 @@
 
 import aws_cdk.aws_appconfig as appconfig
 from constructs import Construct
-from my_service.service_stack.configuration.schema import FeatureFlagsConfiguration
+
+from cdk.my_service.configuration.schema import FeatureFlagsConfiguration
 
 DEFAULT_DEPLOYMENT_STRATEGY = 'AppConfig.AllAtOnce'
 

diff --git a/...configuration/json/dev_configuration.json → ...configuration/json/dev_configuration.json b/...configuration/json/dev_configuration.json → ...configuration/json/dev_configuration.json
diff --git a/...ice/service_stack/configuration/schema.py → cdk/my_service/configuration/schema.py b/...ice/service_stack/configuration/schema.py → cdk/my_service/configuration/schema.py
diff --git a/cdk/my_service/service_stack/constants.py → cdk/my_service/constants.py b/cdk/my_service/service_stack/constants.py → cdk/my_service/constants.py
diff --git a/...ervice/service_stack/service_construct.py → cdk/my_service/service_construct.py b/...ervice/service_stack/service_construct.py → cdk/my_service/service_construct.py
@@ -1,4 +1,3 @@
-import my_service.service_stack.constants as constants
 from aws_cdk import CfnOutput, Duration, RemovalPolicy, aws_apigateway
 from aws_cdk import aws_dynamodb as dynamodb
 from aws_cdk import aws_iam as iam
@@ -7,6 +6,8 @@
 from aws_cdk.aws_lambda_python_alpha import PythonLayerVersion
 from constructs import Construct
 
+import cdk.my_service.constants as constants
+
 
 class ApiConstruct(Construct):
 
@@ -34,8 +35,8 @@ def _build_db(self, id_prefix: str) -> dynamodb.Table:
         CfnOutput(self, id=constants.TABLE_NAME_OUTPUT, value=table.table_name).override_logical_id(constants.TABLE_NAME_OUTPUT)
         return table
 
-    def _build_api_gw(self) -> aws_apigateway.LambdaRestApi:
-        rest_api: aws_apigateway.LambdaRestApi = aws_apigateway.RestApi(
+    def _build_api_gw(self) -> aws_apigateway.RestApi:
+        rest_api: aws_apigateway.RestApi = aws_apigateway.RestApi(
             self,
             'service-rest-api',
             rest_api_name='Service Rest API',

diff --git a/...my_service/service_stack/service_stack.py → cdk/my_service/service_stack.py b/...my_service/service_stack/service_stack.py → cdk/my_service/service_stack.py
@@ -4,9 +4,10 @@
 from aws_cdk import Stack
 from constructs import Construct
 from git import Repo
-from my_service.service_stack.configuration.configuration_construct import ConfigurationStore
-from my_service.service_stack.constants import CONFIGURATION_NAME, ENVIRONMENT, SERVICE_NAME
-from my_service.service_stack.service_construct import ApiConstruct
+
+from cdk.my_service.configuration.configuration_construct import ConfigurationStore
+from cdk.my_service.constants import CONFIGURATION_NAME, ENVIRONMENT, SERVICE_NAME
+from cdk.my_service.service_construct import ApiConstruct
 
 
 def get_stack_name() -> str:

diff --git a/cdk/setup.py b/cdk/setup.py
@@ -6,7 +6,7 @@
 here = path.abspath(path.dirname(__file__))
 
 setup(
-    name='aws-lambda-handler-cookbook',
+    name='service-cdk',
     version='2.2',
     description='CDK code for deploying an AWS Lambda handler that implements the best practices described at https://www.ranthebuilder.cloud',
     classifiers=[
@@ -25,6 +25,6 @@
         'aws-cdk-lib>=2.0.0',
         'constructs>=10.0.0',
         'cdk-nag>2.0.0',
-        'aws-cdk.aws-lambda-python-alpha==2.54.0-alpha.0',
+        'aws-cdk.aws-lambda-python-alpha==2.58.1-alpha.0',
     ],
 )
diff --git a/dev_requirements.txt b/dev_requirements.txt
@@ -1,30 +1,29 @@
 -i https://pypi.org/simple
 attrs==22.2.0; python_version >= '3.6'
-aws-cdk-lib==2.56.1; python_version ~= '3.7'
-aws-cdk.asset-awscli-v1==2.2.42; python_version ~= '3.7'
+aws-cdk-lib==2.58.1; python_version ~= '3.7'
+aws-cdk.asset-awscli-v1==2.2.46; python_version ~= '3.7'
 aws-cdk.asset-kubectl-v20==2.1.1; python_version ~= '3.7'
 aws-cdk.asset-node-proxy-agent-v5==2.0.38; python_version ~= '3.7'
-aws-cdk.aws-lambda-python-alpha==2.54.0a0; python_version ~= '3.7'
-boto3==1.26.37
-botocore==1.29.37; python_version >= '3.7'
+aws-cdk.aws-lambda-python-alpha==2.58.1a0; python_version ~= '3.7'
+boto3==1.26.41
+botocore==1.29.41; python_version >= '3.7'
 cattrs==22.2.0; python_version >= '3.7'
--e ./cdk
-cdk-nag==2.21.43; python_version ~= '3.7'
+cdk-nag==2.21.47; python_version ~= '3.7'
 certifi==2022.12.7; python_version >= '3.6'
 cfgv==3.3.1; python_full_version >= '3.6.1'
 charset-normalizer==2.1.1; python_version >= '3.6'
 click==8.1.3; python_version >= '3.7'
 colorama==0.4.6; python_version >= '3.5'
-constructs==10.1.201; python_version ~= '3.7'
+constructs==10.1.205; python_version ~= '3.7'
 coverage[toml]==7.0.1; python_version >= '3.7'
 distlib==0.3.6
 exceptiongroup==1.1.0; python_version < '3.11'
-filelock==3.8.2; python_version >= '3.7'
+filelock==3.9.0; python_version >= '3.7'
 flake8==6.0.0
 future==0.18.2; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'
 ghp-import==2.1.0
 gitdb==4.0.10; python_version >= '3.7'
-gitpython==3.1.29
+gitpython==3.1.30
 identify==2.5.11; python_version >= '3.7'
 idna==3.4; python_version >= '3.5'
 importlib-metadata==5.2.0; python_version < '3.10'
@@ -42,9 +41,11 @@ mkdocs==1.4.2; python_version >= '3.7'
 mkdocs-git-revision-date-plugin==0.3.2
 mkdocs-material==8.5.11
 mkdocs-material-extensions==1.1.1; python_version >= '3.7'
+mypy==0.991
+mypy-extensions==0.4.3
 nodeenv==1.7.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6'
 packaging==22.0; python_version >= '3.7'
-platformdirs==2.6.0; python_version >= '3.7'
+platformdirs==2.6.2; python_version >= '3.7'
 pluggy==1.0.0; python_version >= '3.6'
 pre-commit==2.21.0
 publication==0.0.3
@@ -71,6 +72,9 @@ six==1.16.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3
 smmap==5.0.0; python_version >= '3.6'
 tomli==2.0.1; python_version < '3.11'
 typeguard==2.13.3; python_full_version >= '3.5.3'
+types-cachetools==5.2.1
+types-requests==2.28.11.7
+types-urllib3==1.26.25.4
 typing-extensions==4.4.0; python_version >= '3.7'
 urllib3==1.26.13; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'
 virtualenv==20.17.1; python_version >= '3.6'
@@ -83,5 +87,5 @@ aws-xray-sdk==2.11.0
 cachetools==5.2.0
 fastjsonschema==2.16.2
 mypy-boto3-dynamodb==1.26.24
-pydantic==1.10.2
+pydantic==1.10.4
 wrapt==1.14.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'
diff --git a/docs/best_practices/dynamic_configuration.md b/docs/best_practices/dynamic_configuration.md
@@ -47,7 +47,7 @@ Let's review its advantages:
 1. Application (service)
 2. Environment
 3. Custom deployment strategy - immediate deploy, 0 minutes wait, no validations or AWS CloudWatch alerts
-4. The JSON configuration. It uploads the files ‘cdk/my_service/service_stack/configuration/json/{environment}_configuration.json’, where environment is a construct argument (default is 'dev')
+4. The JSON configuration. It uploads the files ‘cdk/my_service/configuration/json/{environment}_configuration.json’, where environment is a construct argument (default is 'dev')
 
 The construct **validates** the JSON file and verifies that feature flags syntax is valid and exists under the 'features' key. Feature flags are optional.
 
@@ -72,7 +72,7 @@ Args:
 --8<-- "docs/examples/best_practices/dynamic_configuration/cdk_appconfig.py"
 ```
 
-The JSON configuration that is uploaded to AWS AppConfig resides under ``cdk/my_service/service_stack/configuration/json/dev_configuration.json``
+The JSON configuration that is uploaded to AWS AppConfig resides under ``cdk/my_service/configuration/json/dev_configuration.json``
 
 ``dev`` represents the default environment. You can add multiple configurations for different environments.
 

diff --git a/docs/cdk.md b/docs/cdk.md
@@ -24,7 +24,7 @@ In order to add a new dependency, add it to the Pipfile under the [packages] sec
 
 ### **CDK Constants**
 
-All ASW Lambda function configurations are saved as constants at the `cdk.my_service.service_stack.constants.py` file and can easily be changed.
+All ASW Lambda function configurations are saved as constants at the `cdk.my_service.constants.py` file and can easily be changed.
 
 - Memory size
 - Timeout in seconds
@@ -35,8 +35,8 @@ All ASW Lambda function configurations are saved as constants at the `cdk.my_ser
 
 ### **Deployed Resources**
 
-- AWS Cloudformation stack: **cdk.my_service.service_stack.service_stack.py** which is consisted of one construct
-- Construct: **cdk.my_service.service_stack.service_construct.py** which includes:
+- AWS Cloudformation stack: **cdk.my_service.service_stack.py** which is consisted of one construct
+- Construct: **cdk.my_service.service_construct.py** which includes:
     - **Lambda Layer** - deployment optimization meant to be used with multiple handlers under the same API GW, sharing code logic and dependencies. You can read more about it in Yan - Cui's [blog](https://medium.com/theburningmonk-com/lambda-layer-not-a-package-manager-but-a-deployment-optimization-85ddcae40a96){:target="_blank" rel="noopener"}
     - **Lambda Function** - The Lambda handler function itself. Handler code is taken from the service `folder`.
     - **Lambda Role** - The role of the Lambda function.

diff --git a/cdk/my_service/service_stack/__init__.py → ...actices/dynamic_configuration/__init__.py b/cdk/my_service/service_stack/__init__.py → ...actices/dynamic_configuration/__init__.py
diff --git a/docs/examples/best_practices/dynamic_configuration/cdk_appconfig.py b/docs/examples/best_practices/dynamic_configuration/cdk_appconfig.py
@@ -1,7 +1,8 @@
 from aws_cdk import Stack
 from constructs import Construct
-from my_service.service_stack.configuration.configuration_construct import ConfigurationStore
-from my_service.service_stack.constants import CONFIGURATION_NAME, ENVIRONMENT, SERVICE_NAME
+
+from cdk.my_service.configuration.configuration_construct import ConfigurationStore
+from cdk.my_service.constants import CONFIGURATION_NAME, ENVIRONMENT, SERVICE_NAME
 
 
 class DynamicConfigurationStack(Stack):

diff --git a/docs/examples/best_practices/dynamic_configuration/evaluate_feature_flags.py b/docs/examples/best_practices/dynamic_configuration/evaluate_feature_flags.py
@@ -15,20 +15,20 @@
 @init_environment_variables(model=MyHandlerEnvVars)
 def my_handler(event: Dict[str, Any], context: LambdaContext) -> Dict[str, Any]:
     try:
-        my_configuration: MyConfiguration = parse_configuration(model=MyConfiguration)
+        my_configuration: MyConfiguration = parse_configuration(model=MyConfiguration)  # type: ignore
         logger.debug('fetched dynamic configuration', extra={'configuration': my_configuration.dict()})
     except (SchemaValidationError, ConfigurationStoreError) as exc:
         logger.exception(f'dynamic configuration error, error={str(exc)}')
         return build_response(http_status=HTTPStatus.INTERNAL_SERVER_ERROR, body={})
 
-    campaign: bool = get_dynamic_configuration_store().evaluate(
+    campaign = get_dynamic_configuration_store().evaluate(
         name='ten_percent_off_campaign',
         context={},
         default=False,
     )
     logger.debug('campaign feature flag value', extra={'campaign': campaign})
 
-    premium: bool = get_dynamic_configuration_store().evaluate(
+    premium = get_dynamic_configuration_store().evaluate(
         name='premium_features',
         context={'customer_name': 'RanTheBuilder'},
         default=False,

diff --git a/docs/examples/best_practices/dynamic_configuration/lambda_cdk.py b/docs/examples/best_practices/dynamic_configuration/lambda_cdk.py
@@ -1,8 +1,9 @@
-import my_service.service_stack.constants as constants
 from aws_cdk import Duration, aws_apigateway
 from aws_cdk import aws_iam as iam
 from aws_cdk import aws_lambda as _lambda
 
+import cdk.my_service.constants as constants
+
 
 def _build_lambda_role(self) -> iam.Role:
     return iam.Role(

diff --git a/docs/examples/best_practices/dynamic_configuration/parse_configuration.py b/docs/examples/best_practices/dynamic_configuration/parse_configuration.py
@@ -15,7 +15,7 @@
 @init_environment_variables(model=MyHandlerEnvVars)
 def my_handler(event: Dict[str, Any], context: LambdaContext) -> Dict[str, Any]:
     try:
-        my_configuration: MyConfiguration = parse_configuration(model=MyConfiguration)
+        my_configuration: MyConfiguration = parse_configuration(model=MyConfiguration)  # type: ignore
     except (SchemaValidationError, ConfigurationStoreError) as exc:
         logger.exception(f'dynamic configuration error, error={str(exc)}')
         return build_response(http_status=HTTPStatus.INTERNAL_SERVER_ERROR, body={})

diff --git a/...e/service_stack/configuration/__init__.py → ...actices/environment_variables/__init__.py b/...e/service_stack/configuration/__init__.py → ...actices/environment_variables/__init__.py
diff --git a/docs/examples/best_practices/environment_variables/env_vars.py b/docs/examples/best_practices/environment_variables/env_vars.py
@@ -1,10 +1,10 @@
-from typing import Literal
+from typing import Annotated, Literal
 
-from pydantic import BaseModel, HttpUrl, constr
+from pydantic import BaseModel, Field, HttpUrl
 
 
 class MyHandlerEnvVars(BaseModel):
     REST_API: HttpUrl
-    ROLE_ARN: constr(min_length=20, max_length=2048)
-    POWERTOOLS_SERVICE_NAME: constr(min_length=1)
+    ROLE_ARN: Annotated[str, Field(min_length=20, max_length=2048)]
+    POWERTOOLS_SERVICE_NAME: Annotated[str, Field(min_length=1)]
     LOG_LEVEL: Literal['DEBUG', 'INFO', 'ERROR', 'CRITICAL', 'WARNING', 'EXCEPTION']
diff --git a/docs/examples/best_practices/environment_variables/my_handler.py b/docs/examples/best_practices/environment_variables/my_handler.py
@@ -10,5 +10,5 @@
 
 @init_environment_variables(model=MyHandlerEnvVars)
 def my_handler(event: Dict[str, Any], context: LambdaContext) -> Dict[str, Any]:
-    env_vars: MyHandlerEnvVars = get_environment_variables(model=MyHandlerEnvVars)  # noqa: F841
+    env_vars = get_environment_variables(model=MyHandlerEnvVars)  # noqa: F841
     return {'statusCode': HTTPStatus.OK, 'headers': {'Content-Type': 'application/json'}, 'body': json.dumps({'message': 'success'})}
diff --git a/docs/examples/best_practices/input_validation/__init__.py b/docs/examples/best_practices/input_validation/__init__.py
diff --git a/docs/examples/best_practices/logger/__init__.py b/docs/examples/best_practices/logger/__init__.py
diff --git a/docs/examples/best_practices/metrics/__init__.py b/docs/examples/best_practices/metrics/__init__.py
diff --git a/docs/examples/best_practices/tracer/__init__.py b/docs/examples/best_practices/tracer/__init__.py
diff --git a/docs/pipeline.md b/docs/pipeline.md
@@ -13,6 +13,7 @@ All steps can be run locally using the makefile. See details below:
 - Install dev dependencies
 - Run pre-commit checks as defined in `.pre-commit-config.yaml`
 - Lint with flake8 as defined in `.flake8` - run `make lint` in the IDE
+- Static type check with mypy as defined in `.mypy.ini` - run `make mypy-lint` in the IDE
 - Verify that Python imports are sorted according to standard - run `make sort` in the IDE
 - Python formatter Yapf as defined in `.style`  - run `make yapf` in the IDE
 - Python complexity checks: radon and xenon  - run `make complex` in the IDE

diff --git a/lambda_requirements.txt b/lambda_requirements.txt
@@ -1,12 +1,12 @@
 -i https://pypi.org/simple
 aws-lambda-powertools[all]==2.5.0
 aws-xray-sdk==2.11.0
-botocore==1.29.37; python_version >= '3.7'
+botocore==1.29.41; python_version >= '3.7'
 cachetools==5.2.0
 fastjsonschema==2.16.2
 jmespath==1.0.1; python_version >= '3.7'
 mypy-boto3-dynamodb==1.26.24
-pydantic==1.10.2
+pydantic==1.10.4
 python-dateutil==2.8.2; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
 six==1.16.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
 typing-extensions==4.4.0; python_version >= '3.7'