feat(AWS API Gateway): Allow reuse and customization of schema models

[jmcguffee]

What did you implement

Added in model definition capabilities. This can be done globally to create one resource for a specific model vs new for every function or resources at the function level that are customizable.

Closes #6171

How can we verify it

service: test-api

frameworkVersion: ">=1.1.0 <2.0.0"

provider:
  name: aws
  runtime: nodejs12.x
  region: us-east-1
  apiGateway:
    requestSchemas:
      todo-add-model:
        name: TodoAddModel
        schema: ${file(api_schema/todo_add_schema.json)}
        description: "A Model validation for adding todos"
      todo-update-model: ${file(api_schema/todo_update_modl_schema.json)}


functions:
  create-user:
    handler: handler.createUser
    events:
      - http:
        path: users
        method: post
        cors: true
        requestSchema
           application/json:
              definition: ${file(api_schema/user_add_schema.json)}
              name: UserAddModel
              description: "Model validation when adding new users"
  update-user:
    handler: handler.updateUser
    events:
      - http:
        path: users
        method: put
        cors: true
        requestSchema:
          application/json: ${file(api_schema/user_update_schema.json)} #This will default to UpdateUserModel

  create-todo:
    handler: handler.createTodo
    events:
      - http:
        path: todos
        method: post
        cors: true
        requestSchema:
          application/json: todo-add-model
  update-todo:
    handler: handler.updateUser
    events:
      - http:
        path: todos
        method: put
        cors: true
        requestSchema: 
          application/json: todo-update-model

  

Todos

Useful Scripts

• npm run test:ci --> Run all validation checks on proposed changes
• npm run lint:updated --> Lint all the updated files
• npm run lint:fix --> Automatically fix lint problems (if possible)
• npm run prettier-check:updated --> Check if updated files adhere to Prettier config
• npm run prettify:updated --> Prettify all the updated files

• Write and run all tests
• Write documentation
• Enable "Allow edits from maintainers" for this PR
• Update the messages below

Is this ready for review?: YES
Is it a breaking change?: NO (Existing operation behaves as before, but can be extended)

[medikoo]

@jmcguffee great thanks for giving this a spin!

We definitely should have that supported. Still I think it'll be great first to agree on final configuration proposal.

I've proposed something slightly different, but I think more powerful here: #6171 (comment) It takes into account also some other needs. What do you think about it?

Let's maybe first clarify final shape at #6171 and then come back here to finalize implementation

[jmcguffee]

@medikoo Sounds good.

[jmcguffee]

@medikoo updated to include proposed in issue. Have a look and let me know what looks good and what doesn't.

[jmcguffee]

I don't know why the prettier commands aren't working properly on my machine

[codecov-io]

Codecov Report

Merging #7619 into master will increase coverage by 0.06%.
The diff coverage is 98.43%.

@@            Coverage Diff             @@
##           master    #7619      +/-   ##
==========================================
+ Coverage   87.99%   88.05%   +0.06%     
==========================================
  Files         245      246       +1     
  Lines        9188     9254      +66     
==========================================
+ Hits         8085     8149      +64     
- Misses       1103     1105       +2     

Impacted Files	Coverage Δ
...kage/compile/events/apiGateway/lib/method/index.js	100.00% <ø> (ø)
...s/package/compile/events/apiGateway/lib/restApi.js	98.00% <ø> (ø)
.../compile/events/apiGateway/lib/requestValidator.js	98.36% <98.36%> (ø)
lib/plugins/aws/lib/naming.js	98.10% <100.00%> (+0.02%)	⬆️
...ins/aws/package/compile/events/apiGateway/index.js	100.00% <100.00%> (ø)
lib/plugins/aws/info/getResourceCount.js	90.00% <0.00%> (-10.00%)	⬇️
...ib/plugins/aws/package/compile/events/sqs/index.js	100.00% <0.00%> (ø)
.../compile/events/apiGateway/lib/method/responses.js	100.00% <0.00%> (ø)
... and 3 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2e56dea...8faeea5. Read the comment docs.

[medikoo]

Thank you @jmcguffee ! It looks really promising, I've proposed some improvements that should help us in future maintenance of this feature

[medikoo]

Let's not include unrelated changes (otherwise we're happy to take it in other PR)

[jmcguffee]

I guess one of the plugins updated this file. I will revert it.

[medikoo]

If there's no name, I would let CF generate on (as automatic generation as above is immune to errors)

[medikoo]

Same here, if there's no description, then let's not add description

[medikoo]

Let's write it as if (apiGateway.schemas) {

[medikoo]

Let's not implement auto generation for name, it increases maintenance cost and we're not applying necessary guards to ensure we produce a valid name (that fits max length etc)

[medikoo]

We should use this.provider.naming.getModelLogicalId, and ensure it supports case of reusable models

[medikoo]

I would also seclude it into dedicated lib/plugins/aws/package/compile/events/apiGateway/lib/requestValidators.js (and handle generation of all AWS::ApiGateway::Model and AWS::ApiGateway::RequestValidator resources, so it's in one place)

[medikoo]

Let's use Object.assign

[medikoo]

As I suggested in other comment it'll be great to seclude logic into lib/plugins/aws/package/compile/events/apiGateway/lib/requestValidators.js, then lib/plugins/aws/package/compile/events/apiGateway/lib/requestValidators.test.js test file should have few tests configured through runServerless util.

Currently we're coming away from tests as you can see in most parts of the framework. Usually they focus on implementation internals and do not test against fully build serverless instance, which make them very weak.

See how new tests are written in those examples (sorry for not having a proper document on that yet, I will try to prepare one shortly):

• serverless/lib/plugins/aws/package/compile/functions/index.test.js

  Lines 2624 to 2719 in 7d3636f

  	describe('AwsCompileFunctions #2', () => {
  	after(fixtures.cleanup);
  	describe('Destinations', () => {
  	it('Should reference function from same service as destination', () =>
  	runServerless({
  	cwd: fixtures.map.functionDestinations,
  	cliArgs: ['package'],
  	}).then(serverless => {
  	const cfResources = serverless.service.provider.compiledCloudFormationTemplate.Resources;
  	const naming = serverless.getProvider('aws').naming;
  	const destinationConfig =
  	cfResources[naming.getLambdaEventConfigLogicalId('trigger')].Properties.DestinationConfig;
  	expect(destinationConfig).to.deep.equal({
  	OnSuccess: {
  	Destination: { 'Fn::GetAtt': [naming.getLambdaLogicalId('target'), 'Arn'] },
  	},
  	});
  	expect(destinationConfig).to.not.have.property('OnFailure');
  	}));
  	it('Should support OnFailure destinations', () =>
  	fixtures
  	.extend('functionDestinations', {
  	functions: { trigger: { destinations: { onSuccess: null, onFailure: 'target' } } },
  	})
  	.then(fixturePath =>
  	runServerless({
  	cwd: fixturePath,
  	cliArgs: ['package'],
  	}).then(serverless => {
  	const cfResources =
  	serverless.service.provider.compiledCloudFormationTemplate.Resources;
  	const naming = serverless.getProvider('aws').naming;
  	const destinationConfig =
  	cfResources[naming.getLambdaEventConfigLogicalId('trigger')].Properties
  	.DestinationConfig;
  	expect(destinationConfig).to.not.have.property('OnSuccess');
  	expect(destinationConfig).to.deep.equal({
  	OnFailure: {
  	Destination: { 'Fn::GetAtt': [naming.getLambdaLogicalId('target'), 'Arn'] },
  	},
  	});
  	})
  	));
  	it('Should support ARN to external function as destination', () => {
  	const arn = 'arn:aws:lambda:us-east-1:12313231:function:external';
  	return fixtures
  	.extend('functionDestinations', {
  	functions: { trigger: { destinations: { onSuccess: arn } } },
  	})
  	.then(fixturePath =>
  	runServerless({
  	cwd: fixturePath,
  	cliArgs: ['package'],
  	}).then(serverless => {
  	const cfResources =
  	serverless.service.provider.compiledCloudFormationTemplate.Resources;
  	const naming = serverless.getProvider('aws').naming;
  	const destinationConfig =
  	cfResources[naming.getLambdaEventConfigLogicalId('trigger')].Properties
  	.DestinationConfig;
  	expect(destinationConfig).to.deep.equal({ OnSuccess: { Destination: arn } });
  	})
  	);
  	});
  	it('Should respect `role` setting', () =>
  	fixtures
  	.extend('functionDestinations', { provider: { role: ' arn:aws:iam::XXXXXX:role/role' } })
  	.then(fixturePath =>
  	runServerless({
  	cwd: fixturePath,
  	cliArgs: ['package'],
  	}).then(serverless => {
  	const cfResources =
  	serverless.service.provider.compiledCloudFormationTemplate.Resources;
  	const naming = serverless.getProvider('aws').naming;
  	const destinationConfig =
  	cfResources[naming.getLambdaEventConfigLogicalId('trigger')].Properties
  	.DestinationConfig;
  	expect(destinationConfig).to.deep.equal({
  	OnSuccess: {
  	Destination: { 'Fn::GetAtt': [naming.getLambdaLogicalId('target'), 'Arn'] },
  	},
  	});
  	expect(destinationConfig).to.not.have.property('OnFailure');
  	})
  	));
  	});
  	});

• https://github.com/serverless/serverless/blob/7d3636f9682c7c9929a9061f105ed232d139aa56/lib/plugins/aws/package/compile/events/httpApi/index.test.js

You can find documentation for runServerless util here: https://github.com/serverless/test/blob/master/docs/run-serverless.md

[jmcguffee]

@medikoo Thanks for the feedback. I will work on getting them updated today.

[jmcguffee]

@medikoo take a look at the updates and let me know if that is more of the direction that you were thinking. If so I will update all the tests and push for review again. As per your direction I will use the testing procedure specified in the PR.

[medikoo]

@jmcguffee thank you! Yes direction is perfect, just ensure to respect lint and prettier formatting, and reduce lodash usage to minimum.

[medikoo]

We can remove schema from here now, as I would consider this as deprecated

[jmcguffee]

👍

[jmcguffee]

@medikoo this is ready for review again with updated test

[medikoo]

@jmcguffee that looks great. Thank you!

Please see my suggestions, and let me know what you think. Once we have them settled I believe we're fine to get that in.

[medikoo]

I think we need something more solid, in current form we're using method which was strictly designed to resolve logical id for specific HTTP endpoint and content type, without any endpoint and content type context.

I know I suggested to use same method, but that just doesn't look good.

I propose to rename current method to getEndpointModelLogicalId, and introduce another getModelLogicalId that takes just schemaId and resolves id as:

return `ApiGateway${_.upperFirst(_.camelCase(schemaId))}Model`;

[medikoo]

I light of above comment I would refactor getValidatorLogicalId to just take modelLogicalId

[jmcguffee]

This one is going to be a little more involved. The resource only defines one validator as a whole and multiple models can be defined. With that route multiple validators will be created while only one is being referenced in the Method Resource.

[medikoo]

As i checked this method is only used in two places.. It can simply be updated to accept just modelLogicalId and places were it's invoked should then be updated to just pass it (and over there it's resolved upfront)

[jmcguffee]

This was updated and refactored out to another method

[medikoo]

Let's use Object.assign

[medikoo]

I think we can write it as if (modelName), at least I would treat eventual empty string as lack of value

[medikoo]

Let's simplify to: modelName ? ...

[medikoo]

Logic seems to be a bit leaky, as we're also running this check if schemaConfig is object.

I propose to restructure above logic into:

if (_.isObject(schemaConfig)) {
  // Schema defined inline, specific to given endpont
} else {
  // String
  if (models[schemaConfig]) {
    // Schema reused
  }  else {
    // Simple schema defined inline, specific to given endpoint
  }
}

[jmcguffee]

I will add an or to it as if (_.isObject(schemaConfig) || !models[schemaConfig]). I was trying to DRY out as much as possible without writing a bunch of helper methods.

[medikoo]

Let's use Object.assign

[medikoo]

Doesn't seem addressed

[medikoo]

Let's stick to convention of a project, so no - prefixes and postfixes.

Also let's maybe name it reusable schemas, note provider configuration, suggests it's a configuration of provider.

[medikoo]

I belive there should be no changes in that file

[jmcguffee]

@medikoo I believe all issues have been addressed.

[medikoo]

@jmcguffee that looks really good, thank you!

Please see my remarks, I believe they final, and we'd be able shortly to take that in

[medikoo]

This function can be removed, as it's used now in places where we have modelLogicalId, so we can use getValidatorLogicalId(modelLogicalId) instead

[jmcguffee]

I added the additional method because there is only 1 validator allowed per API Gateway Method. This was causing issues when using the contentType in the ModelLogicalID. This only becomes an issue when multiple content types are defined in the resource. I have updated to utilize getModelLogicalId within this method now to prevent that.

[medikoo]

Let's do:

if (event.http.requestSchema) {
 ...
} else if (event.http.request && event.http.request.schema) {
 ...
}

At least I believe we should not support both formats put together, and if it's the case, new way should be favored

[medikoo]

Doesn't seem addressed

[medikoo]

We do not extend fixture with anything, so let's not use fixture.extend

[jmcguffee]

Im really running that to help populate the serverless block using the fixturePath. I didn't see another example just using runServerless, but I will work through it.

[medikoo]

Here's an example of using fixture directly:

serverless/lib/plugins/aws/package/compile/functions/index.test.js

Lines 2629 to 2632 in 7310782

	runServerless({
	cwd: fixtures.map.functionDestinations,
	cliArgs: ['package'],
	}).then(serverless => {

[medikoo]

Same here

[medikoo]

Let's remove this change

[medikoo]

Let's use camelCase convention for file names

[medikoo]

Let's reuse one serverless instance when we do not change fixture. We can put serverless instance initialization into before block, and then in it's just confirm on generated template.

It'll run also way faster then

[jmcguffee]

@medikoo sorry for the delay. Got tied up with work and really busy. Will update and submit new commit sometime this week.

[medikoo]

@jmcguffee no problem, looking forward for update

[codecov-commenter]

Codecov Report

Merging #7619 (a32e23c) into master (3e47dcc) will increase coverage by 0.02%.
The diff coverage is 93.16%.

@@            Coverage Diff             @@
##           master    #7619      +/-   ##
==========================================
+ Coverage   87.02%   87.04%   +0.02%     
==========================================
  Files         285      287       +2     
  Lines       10922    10987      +65     
==========================================
+ Hits         9505     9564      +59     
- Misses       1417     1423       +6     

Impacted Files	Coverage Δ
...kage/compile/events/apiGateway/lib/method/index.js	100.00% <ø> (ø)
.../package/compile/events/apiGateway/lib/validate.js	96.27% <ø> (ø)
lib/plugins/aws/provider.js	94.85% <ø> (ø)
scripts/serverless.js	73.80% <60.00%> (-0.88%)	⬇️
lib/plugins/create/create.js	90.00% <84.61%> (-0.70%)	⬇️
lib/cli/conditionally-load-dotenv.js	93.33% <93.33%> (ø)
.../compile/events/apiGateway/lib/requestValidator.js	98.14% <98.14%> (ø)
lib/Serverless.js	93.52% <100.00%> (-0.40%)	⬇️
lib/cli/load-dotenv.js	94.11% <100.00%> (ø)
lib/configuration/variables/parse.js	100.00% <100.00%> (ø)
... and 5 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3e47dcc...f7d9e95. Read the comment docs.

[jmcguffee]

@medikoo should be good now. Let me know if you spot any more issues. I noticed I couldn't use the async/await for compatibility issues. Hoping the way I did it is good, but goes beyond my knowledge of best practices for JS. This is in reference to the new test file isolating runServerless to before

[medikoo]

@jmcguffee that's outsanding work, thank you!

I've pointed just few last details, having that I believe we will be ready to get this in

[medikoo]

To be on a safe side, I believe this condition should be run only if definition was provided on schemaConfig.schema property.

Otherwise we're inspecting the actual definition for those properties, and e.g. description is a perfectly valid JSON Schema property, which with logic as proposed may be used as model description, which is not right

[jmcguffee]

These properties are separate from the actual JSON for the schema definition. In that sense there should be no issues adding name even if those properties don't exist. I can do it just for the sake of it, but I am not seeing where the clash would happen.

[medikoo]

It'll be nice to add those resources to template only if those models are actually used in events

[medikoo]

Let's rename it to serverlessInstance, also we should store resolved instance and not promise that eventually resolves the instance

[medikoo]

We may add description here, to expose eventual vulnerability I've pointed in logic

[medikoo]

Seems not addressed

[medikoo]

Really great tests! Thank you!

I'm always trying to minimize dependency on implementation details, so usually I do not confirm on every single property but on one or few crucial. So e.g. some cleanup doesn't necessarily break the tests.

(just a note for future, I do not expect you to update above)

[jmcguffee]

@medikoo my greatest apologies for the delay. I picked up a couple of contracts and they have tied my time up. I submitted some of the changes requested from the feedback.

[medikoo]

@jmcguffee great thanks for update, and now worries for delay it's totally understood.

Over last months few things got improved in a framework and also critieria's for PR's change. Recently, we've added a configuration validation (that works against pre-configured JSON schema), and we're doing our best so all incoming improvements also come with fully configured schema.

Additionally we have a dedicated deprecation logging mechanism which would be good to use here for deprecating old schema configuration format.

I've also noticed that our decision to name new schemas with requestSchemas is probably not great.

Please see my comments

[medikoo]

I've just looked back and our naming decisions, and I think we overlooked one thing. Currently http event has request configuration that supports both parameters and schema.

When we were discussing global configuration of schemas on provider.apiGateway I've pointed that schemas name is ambigous in that context and that it'll be better to name it requestSchemas.

Having that we followed also with introduction of requestSchemas on HTTP event, and that doesn't feel right over there, as we have now http.request.parameters and http.requestSchema.

I think it was not great decision (I missed that it's not just schema that we configure there), and I believe we should not go into that.

I propose that we go with provider.apiGateway.request.schemas and http.request.schemas, and deprecate http.request.schema (note that now we have a dedicated deprecation function that should be used for that)

Also it'll be nice to back new request schema configuration with JSON schema validation, of which support was merged recently into project (for reference issue in which we tackle complete schema for http event: #8018 )

[pgrzesik]

While I was wrapping up the last changes (deprecation), I've started wondering about this approach to having provider.apiGateway.request.schemas and http.request.schemas and deprecating http.request.schema - while provider.apiGateway.request.schemas sounds good, I'm wondering if we should/need to move from http.request.schema to http.request.schemas - what is the main reason here? Is it to be consistent and use plural schemas? Otherwise, we could totally accomodate the old http.request.schema to support both new and old approach (because it's only extending it). Please let me know what do you think. 🙇

[medikoo]

Is it to be consistent and use plural schemas?

Yes, in first it's to be consistent (it's a bit confusing to have schemas as global, and schema as local, with very same definition underneath). Also I think plural form is right, as we're configuring dictionary of schemas. Singular name may suggest we're defining the single schema, and those are its properties, which is again confusing.

While I understand the pain of creating deprecation just because we add s I feel there's good reasoning behind it, and that it'll leave our API more solid.

What do you think?

[pgrzesik]

Thanks for the explanation - that's what I thought here, but wanted to confirm as I wasn't 100% sure. I think it makes sense to be consistent here - the migration path from schema to schemas is not complicated so it shouldn't be too painful for users. Thanks for the clarification 💯

[medikoo]

It'll be nicer to name it apiGatewayConfig (apiGateway suggests we deal with API Gateway instance)

[medikoo]

It'll be nice to put precedence on event.http.request.schemas and not on deprecated event.http.request.schema

[medikoo]

Can we improve readability of this construct with:

if (_.isObject(schemaConfig) {
   modelName = schemaConfig.name ? schemaConfig.name : null;
  ...
} else {
   definition = schemaConfig;
}
...
if (_.isObject(schemaConfig) || !_.get(apiGatewayConfig.requestSchemas, definition)) {
    ...    

Above will also make it more bulletproof, e.g. with what's configured currently lack of schemaConfig.schema enforces assumption that schemaConfig is string, when it doesn't have to be the case.

[medikoo]

I think this condition is unconditionally true at this point ( it should be just } else {)

[medikoo]

Let's not use Promise.resolve (it's an anti pattern, runServerless().then() can be returned directly and effect is exactly same)

[medikoo]

It's an async operation that needs to be returned

[medikoo]

runServerless got improved over course of time, and now it needs to be setup as: ({ serverless }) => (serverlessInstance = serverless)

[medikoo]

It'll be nice to get both of this directly from runServerless result. See: https://github.com/serverless/test/blob/master/docs/run-serverless.md#result-values (it's also used in other tests across the project)

[medikoo]

It'll be nice to name paths after what they test, so:

test -> test-model-full
testSimple -> test-model-simple
test2 -> test-direct-simple
test3 -> test-direct-full
test4 -> test-deprecated-simple
test5 -> test-multiple
test6 -> test-deprecated-multiple

[pgrzesik]

Hello 👋 I've rebased + adjusted the existing changes, I've also introduced the switch to request.schemas and deprecation of http.request.schema configuration. Please let me know what do you think @medikoo 🙇

[medikoo]

Looks great @pgrzesik ! I have just one minor style suggestion

[medikoo]

In CLI logs, we usually do not use back quotes, but double quotes. They look better for wrapping configuration properties

[pgrzesik]

Good catch - fixed 👍

[medikoo]

Thanks @pgrzesik I think I also got a bit lost, as here as you pointed we will deal just with object notation.
Great job on clarifying that in upper part of the code.

[medikoo]

Excellent 👍