From 2633ed08c5a22fe27155f7b65ee66499509e7b03 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 30 Nov 2022 15:24:30 +0100 Subject: [PATCH 1/4] feat(lambda-go): allow configuration of GOPROXY (#23171) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We used to require direct Go package access, because Go proxies may be blocked by corporate network policies (and wouldn't you know it, it actually is at our particular workplace 🙃). This produces a good bit of instability in our CI builds though, as `gopkg.in` website which is used to reference some of our transitive dependencies is regularly experiencing downtime. Make Go proxies configurable and switch them back on in CI builds. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-lambda-go/README.md | 13 +++++++++++ .../@aws-cdk/aws-lambda-go/lib/bundling.ts | 6 ++++- .../@aws-cdk/aws-lambda-go/lib/function.ts | 5 +++++ packages/@aws-cdk/aws-lambda-go/lib/types.ts | 22 +++++++++++++++++++ .../cli/sam_cdk_integ_app/lib/test-stack.js | 4 ++++ 5 files changed, 49 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-lambda-go/README.md b/packages/@aws-cdk/aws-lambda-go/README.md index e4de2d1641113..b6bfcd0017f8b 100644 --- a/packages/@aws-cdk/aws-lambda-go/README.md +++ b/packages/@aws-cdk/aws-lambda-go/README.md @@ -170,6 +170,19 @@ new lambda.GoFunction(this, 'handler', { }); ``` +By default this construct doesn't use any Go module proxies. This is contrary to +a standard Go installation, which would use the Google proxy by default. To +recreate that behavior, do the following: + +```ts +new go.GoFunction(this, 'GoFunction', { + entry: 'app/cmd/api', + bundling: { + goProxies: [go.GoFunction.GOOGLE_GOPROXY, 'direct'], + }, +}); +``` + ## Command hooks It is possible to run additional commands by specifying the `commandHooks` prop: diff --git a/packages/@aws-cdk/aws-lambda-go/lib/bundling.ts b/packages/@aws-cdk/aws-lambda-go/lib/bundling.ts index afc233479ef3b..d30c753df7839 100644 --- a/packages/@aws-cdk/aws-lambda-go/lib/bundling.ts +++ b/packages/@aws-cdk/aws-lambda-go/lib/bundling.ts @@ -106,7 +106,7 @@ export class Bundling implements cdk.BundlingOptions { const cgoEnabled = props.cgoEnabled ? '1' : '0'; - const environment = { + const environment: Record = { CGO_ENABLED: cgoEnabled, GO111MODULE: 'on', GOARCH: props.architecture.dockerPlatform.split('/')[1], @@ -114,6 +114,10 @@ export class Bundling implements cdk.BundlingOptions { ...props.environment, }; + if (props.goProxies) { + environment.GOPROXY = props.goProxies.join(','); + } + // Docker bundling const shouldBuildImage = props.forcedDockerBundling || !Bundling.runsLocally; this.image = shouldBuildImage diff --git a/packages/@aws-cdk/aws-lambda-go/lib/function.ts b/packages/@aws-cdk/aws-lambda-go/lib/function.ts index 4c7220ee27dce..ada12836d0833 100644 --- a/packages/@aws-cdk/aws-lambda-go/lib/function.ts +++ b/packages/@aws-cdk/aws-lambda-go/lib/function.ts @@ -74,6 +74,11 @@ export interface GoFunctionProps extends lambda.FunctionOptions { * A Golang Lambda function */ export class GoFunction extends lambda.Function { + /** + * The address of the Google Go proxy + */ + public static readonly GOOGLE_GOPROXY = 'https://proxy.golang.org'; + constructor(scope: Construct, id: string, props: GoFunctionProps) { if (props.runtime && (props.runtime.family !== lambda.RuntimeFamily.GO && props.runtime.family != lambda.RuntimeFamily.OTHER)) { throw new Error('Only `go` and `provided` runtimes are supported.'); diff --git a/packages/@aws-cdk/aws-lambda-go/lib/types.ts b/packages/@aws-cdk/aws-lambda-go/lib/types.ts index 28e058e1a685e..c754cbdbcf664 100644 --- a/packages/@aws-cdk/aws-lambda-go/lib/types.ts +++ b/packages/@aws-cdk/aws-lambda-go/lib/types.ts @@ -96,6 +96,28 @@ export interface BundlingOptions { * @default - false */ readonly cgoEnabled?: boolean; + + /** + * What Go proxies to use to fetch the packages involved in the build + * + * Pass a list of proxy addresses in order, and/or the string `'direct'` to + * attempt direct access. + * + * By default this construct uses no proxies, but a standard Go install would + * use the Google proxy by default. To recreate that behavior, do the following: + * + * ```ts + * new go.GoFunction(this, 'GoFunction', { + * entry: 'app/cmd/api', + * bundling: { + * goProxies: [go.GoFunction.GOOGLE_GOPROXY, 'direct'], + * }, + * }); + * ``` + * + * @default - Direct access + */ + readonly goProxies?: string[]; } /** diff --git a/packages/aws-cdk/test/integ/cli/sam_cdk_integ_app/lib/test-stack.js b/packages/aws-cdk/test/integ/cli/sam_cdk_integ_app/lib/test-stack.js index 5294bc0e2b5f8..9df6588f83bd3 100644 --- a/packages/aws-cdk/test/integ/cli/sam_cdk_integ_app/lib/test-stack.js +++ b/packages/aws-cdk/test/integ/cli/sam_cdk_integ_app/lib/test-stack.js @@ -20,6 +20,8 @@ if (process.env.PACKAGE_LAYOUT_VERSION === '1') { var { RetentionDays } = require('aws-cdk-lib/aws-logs'); } +const isRunningOnCodeBuild = !!process.env.CODEBUILD_BUILD_ID; + class CDKSupportDemoRootStack extends Stack{ constructor(scope, id, props) { super(scope, id, props); @@ -99,6 +101,8 @@ class CDKSupportDemoRootStack extends Stack{ entry: './src/go/GoFunctionConstruct', bundling: { forcedDockerBundling: true, + // Only use Google proxy in the CI tests, as it is blocked on workstations + goProxies: isRunningOnCodeBuild ? [GoFunction.GOOGLE_GOPROXY, 'direct'] : undefined, }, }); From 338d563bffba2954ec51a9864d06221a12a99bb6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=F0=9F=A7=91=F0=9F=8F=BB=E2=80=8D=F0=9F=92=BB=20Romain=20M?= =?UTF-8?q?arcadier?= Date: Wed, 7 Dec 2022 10:38:47 +0100 Subject: [PATCH 2/4] fix example code with bad namespace --- packages/@aws-cdk/aws-lambda-go/lib/types.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-lambda-go/lib/types.ts b/packages/@aws-cdk/aws-lambda-go/lib/types.ts index c754cbdbcf664..9efa41b074ab7 100644 --- a/packages/@aws-cdk/aws-lambda-go/lib/types.ts +++ b/packages/@aws-cdk/aws-lambda-go/lib/types.ts @@ -107,10 +107,10 @@ export interface BundlingOptions { * use the Google proxy by default. To recreate that behavior, do the following: * * ```ts - * new go.GoFunction(this, 'GoFunction', { + * new lambda.GoFunction(this, 'GoFunction', { * entry: 'app/cmd/api', * bundling: { - * goProxies: [go.GoFunction.GOOGLE_GOPROXY, 'direct'], + * goProxies: [lambda.GoFunction.GOOGLE_GOPROXY, 'direct'], * }, * }); * ``` From 7cc2787196e30c56a6257778ac1266d061afb3d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=F0=9F=A7=91=F0=9F=8F=BB=E2=80=8D=F0=9F=92=BB=20Romain=20M?= =?UTF-8?q?arcadier?= Date: Wed, 7 Dec 2022 11:31:34 +0100 Subject: [PATCH 3/4] Fix invalid namespace in doc --- packages/@aws-cdk/aws-lambda-go/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-lambda-go/README.md b/packages/@aws-cdk/aws-lambda-go/README.md index b6bfcd0017f8b..b24e72268534c 100644 --- a/packages/@aws-cdk/aws-lambda-go/README.md +++ b/packages/@aws-cdk/aws-lambda-go/README.md @@ -175,10 +175,10 @@ a standard Go installation, which would use the Google proxy by default. To recreate that behavior, do the following: ```ts -new go.GoFunction(this, 'GoFunction', { +new lambda.GoFunction(this, 'GoFunction', { entry: 'app/cmd/api', bundling: { - goProxies: [go.GoFunction.GOOGLE_GOPROXY, 'direct'], + goProxies: [lambda.GoFunction.GOOGLE_GOPROXY, 'direct'], }, }); ``` From 3c60874fc4d6b636551b7c8851badc04153b640e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=F0=9F=A7=91=F0=9F=8F=BB=E2=80=8D=F0=9F=92=BB=20Romain=20M?= =?UTF-8?q?arcadier?= Date: Wed, 7 Dec 2022 13:43:32 +0100 Subject: [PATCH 4/4] attempt to state whether asset hashes were ignored or not --- .../integ-runner/lib/runner/snapshot-test-runner.ts | 7 ++++++- packages/@aws-cdk/integ-runner/lib/workers/common.ts | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/integ-runner/lib/runner/snapshot-test-runner.ts b/packages/@aws-cdk/integ-runner/lib/runner/snapshot-test-runner.ts index 956d392cbea2a..b94c4dafe08c9 100644 --- a/packages/@aws-cdk/integ-runner/lib/runner/snapshot-test-runner.ts +++ b/packages/@aws-cdk/integ-runner/lib/runner/snapshot-test-runner.ts @@ -165,9 +165,11 @@ export class IntegSnapshotRunner extends IntegRunner { // if we are not verifying asset hashes then remove the specific // asset hashes from the templates so they are not part of the diff // comparison + let verifiedAssetHashes = true; if (!this.actualTestSuite.getOptionsForStack(templateId)?.diffAssets) { actualTemplate = canonicalizeTemplate(actualTemplate); expectedTemplate = canonicalizeTemplate(expectedTemplate); + verifiedAssetHashes = false; } const templateDiff = diffTemplate(expectedTemplate, actualTemplate); if (!templateDiff.isEmpty) { @@ -206,7 +208,10 @@ export class IntegSnapshotRunner extends IntegRunner { formatDifferences(writable, templateDiff); failures.push({ reason: DiagnosticReason.SNAPSHOT_FAILED, - message: writable.data, + message: [ + verifiedAssetHashes ? '(asset hashes were verified)' : '(asset hashes were ignored)', + writable.data, + ].join('\n'), testName: this.testName, }); } diff --git a/packages/@aws-cdk/integ-runner/lib/workers/common.ts b/packages/@aws-cdk/integ-runner/lib/workers/common.ts index 0ceb3bfa5786e..4b9841ee10f7f 100644 --- a/packages/@aws-cdk/integ-runner/lib/workers/common.ts +++ b/packages/@aws-cdk/integ-runner/lib/workers/common.ts @@ -300,4 +300,4 @@ export function printLaggards(testNames: Set) { ]; logger.print(chalk.grey(parts.filter(x => x).join(' '))); -} \ No newline at end of file +}