address PR comments

serverless · Dec 4, 2021 · 353e64b · 353e64b
1 parent 577071e
commit 353e64b
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 93 deletions.
diff --git a/lib/plugins/aws/package/compile/events/kafka.js b/lib/plugins/aws/package/compile/events/kafka.js
@@ -124,13 +124,6 @@ class AwsCompileKafkaEvents {
       functionObj.events.forEach((event) => {
         if (!event.kafka) return;
 
-        if (!event.kafka.accessConfigurations || event.kafka.accessConfigurations.length === 0) {
-          throw new ServerlessError(
-            `You must provide at least one accessConfiguration for function: ${functionName}`,
-            'FUNCTION_KAFKA_ACCESS_CONFIGURATION_EMPTY'
-          );
-        }
-
         const {
           accessConfigurations: {
             vpcSecurityGroup,
@@ -143,14 +136,14 @@ class AwsCompileKafkaEvents {
         if ((vpcSecurityGroup && !vpcSubnet) || (vpcSubnet && !vpcSecurityGroup)) {
           const missing = vpcSecurityGroup ? 'vpcSubnet' : 'vpcSecurityGroup';
           throw new ServerlessError(
-            `You must specify at least one ${missing} accessConfiguration for function: ${functionName}`,
-            `FUNCTION_KAFKA_VPC_ACCESS_CONFIGURATION_MISSING_${missing.toUpperCase()}`
+            `You must specify at least one "${missing}" accessConfiguration for function: ${functionName}`,
+            'FUNCTION_KAFKA_VPC_ACCESS_CONFIGURATION_INVALID'
           );
         }
 
         if (serverRootCaCertificate && !clientCertificateTlsAuth) {
           throw new ServerlessError(
-            `You cannot specify serverRootCaCertificate accessConfiguration without providing a clientCertificateTlsAuth accessConfiguration for function: ${functionName}`,
+            `You cannot specify "serverRootCaCertificate" accessConfiguration without providing "clientCertificateTlsAuth" accessConfiguration for function: ${functionName}`,
             'FUNCTION_KAFKA_CLIENT_CERTIFICATE_TLS_AUTH_CONFIGURATION_MISSING'
           );
         }

diff --git a/test/unit/lib/plugins/aws/package/compile/events/kafka.test.js b/test/unit/lib/plugins/aws/package/compile/events/kafka.test.js
@@ -149,33 +149,7 @@ describe('test/unit/lib/plugins/aws/package/compile/events/kafka.test.js', () =>
       expect(eventSourceMappingResource.Properties).to.deep.equal(eventConfig.resource(awsNaming));
     };
 
-    describe.only('accessConfigurations', () => {
-      it('should throw an error when no accessConfiguration supplied', async () => {
-        await expect(
-          runServerless({
-            fixture: 'function',
-            configExt: {
-              functions: {
-                basic: {
-                  events: [
-                    {
-                      kafka: {
-                        topic,
-                        bootstrapServers: ['abc.xyz:9092'],
-                      },
-                    },
-                  ],
-                },
-              },
-            },
-            command: 'package',
-          })
-        ).to.be.rejected.and.eventually.have.property(
-          'code',
-          'INVALID_NON_SCHEMA_COMPLIANT_CONFIGURATION'
-        );
-      });
-
+    describe('accessConfigurations', () => {
       it('should correctly compile EventSourceMapping resource properties for VPC_SECURITY_GROUP and VPC_SUBNET', async () => {
         const vpcSecurityGroup = 'sg-abc4567890';
         const vpcSubnet = 'subnet-abc4567890';
@@ -214,13 +188,57 @@ describe('test/unit/lib/plugins/aws/package/compile/events/kafka.test.js', () =>
         await runCompileEventSourceMappingTest(eventConfig);
       });
 
+      it('should correctly compile EventSourceMapping resource properties for multiple VPC_SUBNETS', async () => {
+        const vpcSecurityGroup = 'sg-abc4567890';
+
+        const eventConfig = {
+          event: {
+            topic,
+            bootstrapServers: ['abc.xyz:9092'],
+            accessConfigurations: {
+              vpcSubnet: ['subnet-0011001100', 'subnet-0022002200'],
+              vpcSecurityGroup,
+            },
+          },
+          resource: (awsNaming) => {
+            return {
+              SelfManagedEventSource: {
+                Endpoints: {
+                  KafkaBootstrapServers: ['abc.xyz:9092'],
+                },
+              },
+              SourceAccessConfigurations: [
+                {
+                  Type: 'VPC_SUBNET',
+                  URI: 'subnet:subnet-0011001100',
+                },
+                {
+                  Type: 'VPC_SUBNET',
+                  URI: 'subnet:subnet-0022002200',
+                },
+                {
+                  Type: 'VPC_SECURITY_GROUP',
+                  URI: `security_group:${vpcSecurityGroup}`,
+                },
+              ],
+              StartingPosition: 'TRIM_HORIZON',
+              Topics: [topic],
+              FunctionName: {
+                'Fn::GetAtt': [awsNaming.getLambdaLogicalId('basic'), 'Arn'],
+              },
+            };
+          },
+        };
+        await runCompileEventSourceMappingTest(eventConfig);
+      });
+
       it('should fail to compile EventSourceMapping resource properties for VPC_SUBNET with no VPC_SECURITY GROUP', async () => {
         await expect(
           runServerless({
             fixture: 'function',
             configExt: {
               functions: {
-                noVpcSecurityGroup: {
+                basic: {
                   events: [
                     {
                       kafka: {
@@ -230,16 +248,13 @@ describe('test/unit/lib/plugins/aws/package/compile/events/kafka.test.js', () =>
                       },
                     },
                   ],
-                  handler: 'path.to.handler',
                 },
               },
             },
             command: 'package',
           })
         ).to.be.rejected.and.eventually.contain({
-          code: 'FUNCTION_KAFKA_VPC_ACCESS_CONFIGURATION_MISSING_VPCSECURITYGROUP',
-          message:
-            'You must specify at least one vpcSecurityGroup accessConfiguration for function: noVpcSecurityGroup',
+          code: 'FUNCTION_KAFKA_VPC_ACCESS_CONFIGURATION_INVALID',
         });
       });
 
@@ -249,7 +264,7 @@ describe('test/unit/lib/plugins/aws/package/compile/events/kafka.test.js', () =>
             fixture: 'function',
             configExt: {
               functions: {
-                noVpcSubnet: {
+                basic: {
                   events: [
                     {
                       kafka: {
@@ -259,63 +274,16 @@ describe('test/unit/lib/plugins/aws/package/compile/events/kafka.test.js', () =>
                       },
                     },
                   ],
-                  handler: 'path.to.handler',
                 },
               },
             },
             command: 'package',
           })
         ).to.be.rejected.and.eventually.contain({
-          code: 'FUNCTION_KAFKA_VPC_ACCESS_CONFIGURATION_MISSING_VPCSUBNET',
-          message:
-            'You must specify at least one vpcSubnet accessConfiguration for function: noVpcSubnet',
+          code: 'FUNCTION_KAFKA_VPC_ACCESS_CONFIGURATION_INVALID',
         });
       });
 
-      it('should correctly compile EventSourceMapping resource properties for multiple VPC_SUBNETS', async () => {
-        const vpcSecurityGroup = 'sg-abc4567890';
-
-        const eventConfig = {
-          event: {
-            topic,
-            bootstrapServers: ['abc.xyz:9092'],
-            accessConfigurations: {
-              vpcSubnet: ['subnet-0011001100', 'subnet-0022002200'],
-              vpcSecurityGroup,
-            },
-          },
-          resource: (awsNaming) => {
-            return {
-              SelfManagedEventSource: {
-                Endpoints: {
-                  KafkaBootstrapServers: ['abc.xyz:9092'],
-                },
-              },
-              SourceAccessConfigurations: [
-                {
-                  Type: 'VPC_SUBNET',
-                  URI: 'subnet:subnet-0011001100',
-                },
-                {
-                  Type: 'VPC_SUBNET',
-                  URI: 'subnet:subnet-0022002200',
-                },
-                {
-                  Type: 'VPC_SECURITY_GROUP',
-                  URI: `security_group:${vpcSecurityGroup}`,
-                },
-              ],
-              StartingPosition: 'TRIM_HORIZON',
-              Topics: [topic],
-              FunctionName: {
-                'Fn::GetAtt': [awsNaming.getLambdaLogicalId('basic'), 'Arn'],
-              },
-            };
-          },
-        };
-        await runCompileEventSourceMappingTest(eventConfig);
-      });
-
       it('should correctly compile EventSourceMapping resource properties for SASL_PLAIN_AUTH', async () => {
         const eventConfig = {
           event: {
@@ -498,7 +466,9 @@ describe('test/unit/lib/plugins/aws/package/compile/events/kafka.test.js', () =>
                       kafka: {
                         topic,
                         bootstrapServers: ['abc.xyz:9092'],
-                        serverRootCaCertificate: serverRootCaCertificateArn,
+                        accessConfigurations: {
+                          serverRootCaCertificate: serverRootCaCertificateArn,
+                        },
                       },
                     },
                   ],
@@ -509,7 +479,7 @@ describe('test/unit/lib/plugins/aws/package/compile/events/kafka.test.js', () =>
           })
         ).to.be.rejected.and.eventually.have.property(
           'code',
-          'INVALID_NON_SCHEMA_COMPLIANT_CONFIGURATION'
+          'FUNCTION_KAFKA_CLIENT_CERTIFICATE_TLS_AUTH_CONFIGURATION_MISSING'
         );
       });