Skip to content

Lambda runtime parity #7824

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Mar 10, 2023
Merged

Lambda runtime parity #7824

merged 6 commits into from
Mar 10, 2023

Conversation

joe4dev
Copy link
Member

@joe4dev joe4dev commented Mar 8, 2023

Improves lambda runtime parity related to user and environment variables:

  • Update Lambda runtime RIE:
    • Switch to sbx_user1051 user for runtime parity and drop root privileges.
    • Unset internal environment variables
  • Systematically group environment variables fix parity mismatches
  • Extend snapshot tests for important paths regarding permissions and user/group attributes
  • Add LAMBDA_INIT_USER flag and populate it automatically to overcome RIE debugging limitation when dropping privileges

Related to localstack/lambda-runtime-init#13

Addresses #7722

@joe4dev joe4dev temporarily deployed to localstack-ext-tests March 8, 2023 23:35 — with GitHub Actions Inactive
joe4dev
joe4dev commented Mar 8, 2023
View reviewed changes
localstack/services/awslambda/packages.py
@@ -9,7 +9,7 @@

LAMBDA_RUNTIME_INIT_URL = "https://github.com/localstack/lambda-runtime-init/releases/download/{version}/aws-lambda-rie-{arch}"

LAMBDA_RUNTIME_DEFAULT_VERSION = "v0.1.11-pre"
LAMBDA_RUNTIME_DEFAULT_VERSION = "v0.1.12-pre"
Copy link
Member Author

@joe4dev joe4dev Mar 8, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the key change adopting the new RIE release including https://github.com/localstack/lambda-runtime-init/pull/13/files

@github-actions
Copy link

github-actions bot commented Mar 9, 2023
edited
Loading

LocalStack integration with Pro

       3 files  ±0         3 suites  ±0   1h 32m 51s ⏱️ +16s
1 788 tests ±0  1 406 ✔️ +1  382 💤  - 1  0 ±0 
2 514 runs  ±0  1 780 ✔️ +1  734 💤  - 1  0 ±0 

Results for commit 8a3301b. ± Comparison against base commit 4914f48.

♻️ This comment has been updated with latest results.

@joe4dev joe4dev force-pushed the lambda-runtime-parity branch from a5a5687 to f171537 Compare March 9, 2023 18:39
@joe4dev joe4dev temporarily deployed to localstack-ext-tests March 9, 2023 18:39 — with GitHub Actions Inactive
joe4dev
joe4dev commented Mar 9, 2023
View reviewed changes
localstack/services/awslambda/invocation/runtime_environment.py Outdated
}
# Conditionally added environment variables
# TODO: Can handler be None?
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can handler be None?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In image lambdas, yes

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, at API level Handler is only required for zip lambdas. I added a clarifying comment.

The _HANDLER environment variable is then populated at runtime (e.g., by RIE). Examples:

  • /application for the aws-samples app lambda-from-container
  • app.handler in our ext test tests.integration.test_lambda.TestLambdaContainer.test_lambda_from_image

Sidenote: CDK validates it TypeError: Function.__init__() missing 1 required keyword-only argument: 'handler' (see example here)

dominikschubert
dominikschubert approved these changes Mar 9, 2023
View reviewed changes
Copy link
Member

@dominikschubert dominikschubert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

Good idea to reorder the env variables by context, rather than purely alphabetically 👍

@joe4dev joe4dev force-pushed the lambda-runtime-parity branch from f171537 to a44792e Compare March 9, 2023 20:39
@joe4dev joe4dev temporarily deployed to localstack-ext-tests March 9, 2023 20:39 — with GitHub Actions Inactive
@joe4dev joe4dev force-pushed the lambda-runtime-parity branch from a44792e to 8a3301b Compare March 10, 2023 08:37
@joe4dev joe4dev temporarily deployed to localstack-ext-tests March 10, 2023 08:37 — with GitHub Actions Inactive
@coveralls
Copy link

Coverage Status

Coverage: 85.066% (+0.01%) from 85.056% when pulling 8a3301b on lambda-runtime-parity into 4914f48 on master.

@joe4dev joe4dev merged commit e9c2ce5 into master Mar 10, 2023
@joe4dev joe4dev deleted the lambda-runtime-parity branch March 10, 2023 12:24
@joe4dev joe4dev mentioned this pull request Mar 10, 2023
Closed
@joe4dev joe4dev restored the lambda-runtime-parity branch March 14, 2023 23:47
@joe4dev joe4dev deleted the lambda-runtime-parity branch March 14, 2023 23:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dominikschubert dominikschubert dominikschubert approved these changes

@dfangl dfangl Awaiting requested review from dfangl

@thrau thrau Awaiting requested review from thrau

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@joe4dev @coveralls @dominikschubert @dfangl