refactor(aws-lambda) integrate with aws-lambda (#6)

This commit integrates the `liamp` plugin with the `aws-lambda` plugin.

The `liamp` plugin will be renamed back to `aws-lambda`, stay in its
own external repo, and then the upstream changes would be to remove
Lambda there, and update the rockspec to include this external one.

We're bumping from 0.2.0 to 3.0.0 to supersede the `aws-lambda` plugin
in the Kong/kong open source repository (which was already at 2.0.0).

.luacheckrc

@@ -6,6 +6,7 @@ max_line_length = false
 
 globals = {
     "_KONG",
+    "kong",
     "ngx.IS_CLI",
 }
 

.travis.yml

@@ -1,7 +1,7 @@
-dist: xenial
-sudo: false
+dist: trusty
+sudo: required
 
-language: generic
+language: java
 
 jdk:
   - oraclejdk8
@@ -16,43 +16,40 @@ addons:
       - net-tools
       - libpcre3-dev
       - build-essential
-  hosts:
-    - grpcs_1.test
-    - grpcs_2.test
 
 services:
   - docker
 
 env:
   global:
-    - TEST_SUITE=integration
+    - CASSANDRA_BASE=2.2.12
+    - CASSANDRA_LATEST=3.9
+    - KONG_REPOSITORY=kong
+    - KONG_TAG=master
+    - DOWNLOAD_CACHE=$HOME/download-cache
     - INSTALL_CACHE=$HOME/install-cache
     - DOWNLOAD_ROOT=$HOME/download-root
-    - PLUGIN_NAME=liamp
+    - BUSTED_ARGS="-o gtest -v --exclude-tags=flaky,ipv6"
+    - PLUGIN_NAME=aws-lambda
     - KONG_PLUGINS=bundled,$PLUGIN_NAME
     - KONG_TEST_PLUGINS=$KONG_PLUGINS
     - TEST_FILE_PATH=$TRAVIS_BUILD_DIR/spec
-    - JOBS=2
   matrix:
-    - KONG_TEST_DATABASE=cassandra CASSANDRA=2.2.12 KONG=master BUSTED_ARGS="-o gtest -v --exclude-tags=flaky,ipv6,postgres,off"
-    - KONG_TEST_DATABASE=cassandra CASSANDRA=3.9 KONG=master BUSTED_ARGS="-o gtest -v --exclude-tags=flaky,ipv6,postgres,off"
-    - KONG_TEST_DATABASE=postgres POSTGRES=9.5 KONG=master BUSTED_ARGS="-o gtest -v --exclude-tags=flaky,ipv6,cassandra,off"
-matrix:
-  allow_failures:
-    - env: KONG_TEST_DATABASE=postgres POSTGRES=9.5 KONG=master BUSTED_ARGS="-o gtest -v --exclude-tags=flaky,ipv6,cassandra,off"
+    # This one runs both postgres and cassandra_base
+    - CASSANDRA=$CASSANDRA_BASE
+    - CASSANDRA=$CASSANDRA_LATEST
 
 install:
-  - make setup-ci
-  - pushd kong-source && source .ci/setup_env.sh && popd
-  - pushd kong-source && make dev && popd
-  - cp -r kong-source/spec/fixtures spec
-  - luarocks make
+  - git clone --single-branch --branch master https://$GITHUB_TOKEN:@github.com/Kong/kong-ci.git ../kong-ci
+  - source ../kong-ci/setup_plugin_env.sh
 
 script:
-  - pushd kong-source && bin/busted $BUSTED_ARGS ../spec && popd
+  - eval $LUACHECK_CMD
+  - eval $BUSTED_CMD
 
 cache:
   apt: true
+  pip: true
   directories:
     - $DOWNLOAD_CACHE
     - $INSTALL_CACHE

CHANGELOG.md

@@ -1,3 +1,7 @@
+## 3.0.0
+
+- supersede the `aws-lambda` plugin from Kong core
+
 ## 0.2.0
 
 ### Changed

README.md

@@ -115,11 +115,12 @@ Here's a list of all the parameters which can be used in this plugin's configura
 |`config.aws_secret` <br>*semi-optional* ||The AWS secret credential to be used when invoking the function. This value is required if `aws_key` is defined.
 |`config.aws_region` || The AWS region where the Lambda function is located. Regions supported are: `ap-northeast-1`, `ap-northeast-2`, `ap-south-1`, `ap-southeast-1`, `ap-southeast-2`, `ca-central-1`, `cn-north-1`, `cn-northwest-1`, `eu-central-1`, `eu-west-1`, `eu-west-2`, `sa-east-1`, `us-east-1`, `us-east-2`, `us-gov-west-1`, `us-west-1`, `us-west-2`.
 |`config.function_name` || The AWS Lambda function name to invoke.
+|`config.timeout`| `60000` | Timeout protection in milliseconds when invoking the function.
+|`config.keepalive`| `60000` | Max idle timeout in milliseconds when invoking the function.
 |`config.qualifier` <br>*optional* || The [`Qualifier`](http://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) to use when invoking the function.
 |`config.invocation_type` <br>*optional*| `RequestResponse` | The [`InvocationType`](http://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) to use when invoking the function. Available types are `RequestResponse`, `Event`, `DryRun`.
 |`config.log_type` <br>*optional* | `Tail`| The [`LogType`](http://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) to use when invoking the function. By default `None` and `Tail` are supported.
-|`config.port` <br>*optional* | `Tail`| The [`LogType`](http://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) to use when invoking the function. By default `None` and `Tail` are supported.
-|`config.timeout`| `60000` | An optional timeout in milliseconds when invoking the function.
+|`config.port` <br>*optional* | `443` | The TCP port that this plugin will use to connect to the server.
 |`config.unhandled_status` <br>*optional* | `200`, `202` or `204` | The response status code to use (instead of the default `200`, `202`, or `204`) in the case of an [`Unhandled` Function Error](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_ResponseSyntax)
 |`config.forward_request_body` <br>*optional* | `false` | An optional value that defines whether the request body is to be sent in the `request_body` field of the JSON-encoded request. If the body arguments can be parsed, they will be sent in the separate `request_body_args` field of the request. The body arguments can be parsed for `application/json`, `application/x-www-form-urlencoded`, and `multipart/form-data` content types.
 |`config.forward_request_headers` <br>*optional* | `false` | An optional value that defines whether the original HTTP request headers are to be sent as a map in the `request_headers` field of the JSON-encoded request.

kong-plugin-aws-lambda-3.0.0-1.rockspec

@@ -0,0 +1,29 @@
+package = "kong-plugin-aws-lambda"
+version = "3.0.0-1"
+
+supported_platforms = {"linux", "macosx"}
+source = {
+  url = "https://github.com/Kong/kong-plugin-aws-lambda/archive/3.0.0.tar.gz",
+  dir = "kong-plugin-aws-lambda-3.0.0"
+}
+
+description = {
+  summary = "Kong plugin to invoke AWS Lambda functions",
+  homepage = "http://konghq.com",
+  license = "Apache 2.0"
+}
+
+dependencies = {
+}
+
+build = {
+  type = "builtin",
+  modules = {
+    ["kong.plugins.aws-lambda.aws-serializer"]       = "kong/plugins/aws-lambda/aws-serializer.lua",
+    ["kong.plugins.aws-lambda.handler"]              = "kong/plugins/aws-lambda/handler.lua",
+    ["kong.plugins.aws-lambda.iam-ec2-credentials"]  = "kong/plugins/aws-lambda/iam-ec2-credentials.lua",
+    ["kong.plugins.aws-lambda.iam-ecs-credentials"]  = "kong/plugins/aws-lambda/iam-ecs-credentials.lua",
+    ["kong.plugins.aws-lambda.schema"]               = "kong/plugins/aws-lambda/schema.lua",
+    ["kong.plugins.aws-lambda.v4"]                   = "kong/plugins/aws-lambda/v4.lua",
+  }
+}

kong/plugins/liamp/aws-serializer.lua → kong/plugins/aws-lambda/aws-serializer.lua

@@ -99,8 +99,5 @@ return function(ctx, config)
     isBase64Encoded                 = isBase64Encoded,
   }
 
-  --print(require("pl.pretty").write(request))
-  --print(require("pl.pretty").write(ctx.router_matches))
-
   return request
-end
+end

kong/plugins/liamp/handler.lua → kong/plugins/aws-lambda/handler.lua

@@ -1,19 +1,25 @@
 -- Copyright (C) Kong Inc.
 
-local aws_v4 = require "kong.plugins.liamp.v4"
-local aws_serializer = require "kong.plugins.liamp.aws-serializer"
+local aws_v4 = require "kong.plugins.aws-lambda.v4"
+local aws_serializer = require "kong.plugins.aws-lambda.aws-serializer"
 local http = require "resty.http"
 local cjson = require "cjson.safe"
 local meta = require "kong.meta"
 local constants = require "kong.constants"
 
 
+local VIA_HEADER = constants.HEADERS.VIA
+local VIA_HEADER_VALUE = meta._NAME .. "/" .. meta._VERSION
+local IAM_CREDENTIALS_CACHE_KEY = "plugin.aws-lambda.iam_role_temp_creds"
+local AWS_PORT = 443
+
+
 local fetch_credentials
 do
   local credential_sources = {
-    require "kong.plugins.liamp.iam-ecs-credentials",
+    require "kong.plugins.aws-lambda.iam-ecs-credentials",
     -- The EC2 one will always return `configured == true`, so must be the last!
-    require "kong.plugins.liamp.iam-ec2-credentials",
+    require "kong.plugins.aws-lambda.iam-ec2-credentials",
   }
 
   for _, credential_source in ipairs(credential_sources) do
@@ -32,13 +38,7 @@ local fmt                  = string.format
 local ngx_encode_base64    = ngx.encode_base64
 local ngx_update_time      = ngx.update_time
 local ngx_now              = ngx.now
-
-local IAM_CREDENTIALS_CACHE_KEY = "plugin.liamp.iam_role_temp_creds"
-
-
-local server_header_value
-local server_header_name
-local AWS_PORT = 443
+local kong                 = kong
 
 
 local raw_content_types = {
@@ -107,28 +107,6 @@ end
 local AWSLambdaHandler = {}
 
 
-local function send(status, content, headers)
-  headers = kong.table.merge(headers) -- create a copy of headers
-
-  if server_header_value then
-    headers[server_header_name] = server_header_value
-  end
-
-  return kong.response.exit(status, content, headers)
-end
-
-
-function AWSLambdaHandler:init_worker()
-  if kong.configuration.enabled_headers[constants.HEADERS.VIA] then
-    server_header_value = meta._SERVER_TOKENS
-    server_header_name = constants.HEADERS.VIA
-  else
-    server_header_value = nil
-    server_header_name = nil
-  end
-end
-
-
 function AWSLambdaHandler:access(conf)
   local upstream_body = kong.table.new(0, 6)
   local var = ngx.var
@@ -151,13 +129,7 @@ function AWSLambdaHandler:access(conf)
     end
 
     if conf.forward_request_uri then
-      local path = kong.request.get_path()
-      local query = kong.request.get_raw_query()
-      if query ~= "" then
-        upstream_body.request_uri = path .. "?" .. query
-      else
-        upstream_body.request_uri = path
-      end
+      upstream_body.request_uri = kong.request.get_path_with_query()
       upstream_body.request_uri_args = kong.request.get_query()
     end
 
@@ -216,7 +188,7 @@ function AWSLambdaHandler:access(conf)
 
   if not conf.aws_key then
     -- no credentials provided, so try the IAM metadata service
-    local iam_role_credentials, err = kong.cache:get(
+    local iam_role_credentials = kong.cache:get(
       IAM_CREDENTIALS_CACHE_KEY,
       nil,
       fetch_credentials
@@ -267,8 +239,7 @@ function AWSLambdaHandler:access(conf)
     return kong.response.exit(500, { message = "An unexpected error occurred" })
   end
 
-  local res
-  res, err = client:request {
+  local res, err = client:request {
     method = "POST",
     path = request.url,
     body = request.body,
@@ -331,11 +302,16 @@ function AWSLambdaHandler:access(conf)
     end
   end
 
+  headers = kong.table.merge(headers) -- create a copy of headers
+
+  if kong.configuration.enabled_headers[VIA_HEADER] then
+    headers[VIA_HEADER] = VIA_HEADER_VALUE
+  end
 
-  return send(status, content, headers)
+  return kong.response.exit(status, content, headers)
 end
 
 AWSLambdaHandler.PRIORITY = 750
-AWSLambdaHandler.VERSION = "0.2.0"
+AWSLambdaHandler.VERSION = "3.0.0"
 
 return AWSLambdaHandler

kong/plugins/liamp/iam-ec2-credentials.lua → kong/plugins/aws-lambda/iam-ec2-credentials.lua

@@ -4,10 +4,7 @@ local parse_date = require("luatz").parse.rfc_3339
 local ngx_now = ngx.now
 
 
-local plugin_name = ({...})[1]:match("^kong%.plugins%.([^%.]+)")
-
-
-local LOG_PREFIX = "[" .. plugin_name .. " ec2] "
+local kong = kong
 local METADATA_SERVICE_PORT = 80
 local METADATA_SERVICE_REQUEST_TIMEOUT = 5000
 local METADATA_SERVICE_HOST = "169.254.169.254"
@@ -40,7 +37,7 @@ local function fetch_ec2_credentials()
 
   local iam_role_name = role_name_request_res:read_body()
 
-  ngx.log(ngx.DEBUG, LOG_PREFIX, "Found IAM role on instance with name: ", iam_role_name)
+  kong.log.debug("Found IAM role on instance with name: ", iam_role_name)
 
   local ok, err = client:connect(METADATA_SERVICE_HOST, METADATA_SERVICE_PORT)
 
@@ -71,7 +68,7 @@ local function fetch_ec2_credentials()
 
   local iam_security_token_data = json.decode(iam_security_token_request:read_body())
 
-  ngx.log(ngx.DEBUG, LOG_PREFIX, "Received temporary IAM credential from metadata service for role '",
+  kong.log.debug("Received temporary IAM credential from metadata service for role '",
                      iam_role_name, "' with session token: ", iam_security_token_data.Token)
 
   local result = {
@@ -89,7 +86,7 @@ local function fetchCredentialsLogged()
   if creds then
     return creds, err, ttl
   end
-  ngx.log(ngx.ERR, LOG_PREFIX, err)
+  kong.log.err(err)
 end
 
 return {