diff --git a/pipeline/Serverless/02_pipeline/pipeline.yml b/pipeline/Serverless/02_pipeline/pipeline.yml index 5e6eeb5a..bf5af9a8 100644 --- a/pipeline/Serverless/02_pipeline/pipeline.yml +++ b/pipeline/Serverless/02_pipeline/pipeline.yml @@ -9,35 +9,6 @@ check: - arn:aws:lambda:${self:provider.region}:770693421928:layer:Klayers-p38-requests:7 - arn:aws:lambda:${self:provider.region}:017000801446:layer:AWSLambdaPowertoolsPython:6 -build: - handler: 02_pipeline/build.main - description: Builds the package inside the lambda using pip - runtime: python3.8 - timeout: 180 - memorySize: 1769 - environment: - POWERTOOLS_SERVICE_NAME: Klayers.Build - iamRoleStatementsName: ${self:provider.stage}-build - iamRoleStatements: - - Effect: Allow - Action: - - s3:PutObject - - s3:PutObjectAcl - Resource: ${self:custom.s3LayersArn}/* - - Effect: Allow - Action: - - s3:ListBucket - Resource: ${self:custom.s3LayersArn} - - Effect: Allow - Action: - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:GetItem - Resource: ${self:custom.dbArn} - layers: - - arn:aws:lambda:${self:provider.region}:553035198032:layer:gcc-lambda2:4 # https://github.com/lambci/gcc-lambda-layer - - arn:aws:lambda:${self:provider.region}:017000801446:layer:AWSLambdaPowertoolsPython:6 - deploy: handler: 02_pipeline/deploy.main description: Deploys functions to multiple regions diff --git a/pipeline/Serverless/02_pipeline/pipeline_build_containers.yml b/pipeline/Serverless/02_pipeline/pipeline_build_containers.yml index 4e21a9fd..4f3e1ada 100644 --- a/pipeline/Serverless/02_pipeline/pipeline_build_containers.yml +++ b/pipeline/Serverless/02_pipeline/pipeline_build_containers.yml @@ -1,26 +1,3 @@ -build39: - description: Builds the package in a container for python3.9 then uploads to S3 - image: ${ssm:/${self:service}/${self:provider.stage}/build/p39/x86/repo}@${ssm:/${self:service}/${self:provider.stage}/build/p39/x86/digest} - timeout: 600 - memorySize: 1769 # exactly one vcpu - iamRoleStatementsName: ${self:provider.stage}-buildp39 - iamRoleStatements: - - Effect: Allow - Action: - - s3:PutObject - - s3:PutObjectAcl - Resource: ${self:custom.s3LayersArn}/* - - Effect: Allow - Action: - - s3:ListBucket - Resource: ${self:custom.s3LayersArn} - - Effect: Allow - Action: - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:GetItem - Resource: ${self:custom.dbArn} - build310: description: Builds the package in a container for python3.10 then uploads to S3 image: ${ssm:/${self:service}/${self:provider.stage}/build/p310/x86/repo}@${ssm:/${self:service}/${self:provider.stage}/build/p310/x86/digest} diff --git a/pipeline/Terraform/container_repositories.tf b/pipeline/Terraform/container_repositories.tf index b4a93aa0..b51c0e5c 100644 --- a/pipeline/Terraform/container_repositories.tf +++ b/pipeline/Terraform/container_repositories.tf @@ -1,5 +1,24 @@ # Container Build Images +## Python 3.9 - x86 (only) +resource "aws_ecr_repository" "p39build_x86" { + name = "p39build" + image_tag_mutability = "MUTABLE" + force_delete = true + + image_scanning_configuration { + scan_on_push = true + } +} + +resource "aws_ssm_parameter" "p39_build_repo" { + type = "String" + description = "URL for p39 x86 repo" + name = "/${var.app_name}/${local.workspace_full_name}/build/p39/x86/repo" + value = aws_ecr_repository.p39build_x86.repository_url + overwrite = true +} + ## Python 3.10 - x86 resource "aws_ecr_repository" "p310build_x86" { name = "p310build" @@ -76,20 +95,3 @@ resource "aws_ssm_parameter" "p311_arm64_build_repo" { overwrite = true } -## Python 3.12 builds - -module "python312_x86_build" { - source = "./container_repository" - app_name = var.app_name - workspace_full_name = local.workspace_full_name - python_version = "p312" - architecture = "x86" -} - -module "python312_arm64_build" { - source = "./container_repository" - app_name = var.app_name - workspace_full_name = local.workspace_full_name - python_version = "p312" - architecture = "arm64" -}