-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(AWS Lambda): Add support for self-managed kafka
event
#8784
Conversation
Codecov Report
@@ Coverage Diff @@
## master #8784 +/- ##
==========================================
+ Coverage 87.74% 87.77% +0.02%
==========================================
Files 264 265 +1
Lines 9853 9913 +60
==========================================
+ Hits 8646 8701 +55
- Misses 1207 1212 +5
Continue to review full report at Codecov.
|
f83af11
to
b0f29fa
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @lewgordon 👍 Overall it's a great work, I have a few comments, please check them out and let me know what you think. I'll also ask @medikoo for an extra review to asses the chosen approach as correct.
test/unit/lib/plugins/aws/package/compile/events/msk/index.test.js
Outdated
Show resolved
Hide resolved
86554ce
to
b62028f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @lewgordon, in general it looks good, I have a few questions though, please see my comments and let me know what you think
const functionObj = this.serverless.service.getFunction(functionName); | ||
const cfTemplate = this.serverless.service.provider.compiledCloudFormationTemplate; | ||
|
||
// It is required to add the following statement in order to be able to connect to MSK cluster |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just to confirm, is it still required at all times or only when VPC-based accessConfiguration
is used?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, not sure, but will double check.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe it's only required for VPC-based accessConfiguration
.
handler: handler.compute | ||
events: | ||
- kafka: | ||
accessConfigurations: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Which approach is the valid one in the end? I see in the documentation here that accessConfigurations
are supposed to be an Object, however, in tests and in processing logic it expects it to be an array. Based on recent discussion here #8718 I got the impression that we could go with object-based approach.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep, good catch. I think my documentation is right, but the code may need some fixes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for clarification 🙌
type: 'object', | ||
properties: { | ||
accessConfigurations: { | ||
type: 'array', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be an array or an object?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
An object.
|
||
chai.use(require('chai-as-promised')); | ||
|
||
describe('AwsCompileKafkaEvents', () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure if this is documented, but it's recommended to name new describe blocks after the name of the test file, so in this case it will be test/unit/lib/plugins/aws/package/compile/events/kafka.test.js
b62028f
to
b63dbc1
Compare
I also just verified that |
c819ab2
to
89c1083
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good overall, I have two minor comments, please let me know what you think. I'd also like to wait with final merge until @medikoo has a chance to re-review it 👍
type: 'boolean', | ||
}, | ||
bootstrapServers: { | ||
type: 'array', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we also specify the type of item that's allowed here?
if (secretsManagerStatement.Resource.length) { | ||
statement.push(secretsManagerStatement); | ||
} | ||
if (needsEc2Permissions) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
expect(eventSourceMappingResource.Properties).to.deep.equal(eventConfig.resource(awsNaming)); | ||
}; | ||
|
||
const requirePropertyTest = async (event) => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Our standard approach is not to test schema validation in such manner - we instead test all supported scenarios which you already have. I believe these tests could be removed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lewgordon that's outstanding! Thank you.
In addition to @pgrzesik comments, I have just few minor improvement suggestions from me.
Let me know if anything is not clear
type: 'object', | ||
minProperties: 1, | ||
properties: { | ||
vpcSubnet: arrayOrStringSchema('subnet-[a-z0-9]+'), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't need to use arrayOrStringSchema
, as in schema validator we have to array coercion configured to be on (https://ajv.js.org/docs/coercion.html)
So we should simply configure those properties as arrays. Singular values will automatically be allowed, and in code we can unconditionally expect arrays (as coercion will ensure all values are converted to arrays during validation phase)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for bringing that up @medikoo - I was not aware of that 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@medikoo after changing this, should I inline the lambda function or keep as is? I wasn't sure what was more readable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would inline the schema (when inspecting the schema, then it's easier to acknowledge what's defined)
saslScram256Auth: arrayOrStringSchema(secretsManagerArnRegex), | ||
saslScram512Auth: arrayOrStringSchema(secretsManagerArnRegex), | ||
}, | ||
}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Misses additionalProperties: false
let needsEc2Permissions = false; | ||
|
||
functionObj.events.forEach((event) => { | ||
if (event.kafka == null) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's improve it to simply if (!event.kafka) return;
kafkaResource.Properties.SourceAccessConfigurations = []; | ||
Object.entries(event.kafka.accessConfigurations).forEach( | ||
([accessConfigurationType, value]) => { | ||
const accessConfigurationValues = typeof value === 'string' ? [value] : value; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After we simplify schema, we can unconditionally expect an array
894d432
to
e1ed35b
Compare
In addition to the requested changes in the PR, I made a few changes to the documentation that I had forgot about. I removed references to using |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @lewgordon ! Looks great, I have just few comments
pattern: secretsManagerArnRegex, | ||
}, | ||
}, | ||
additionalProperties: false, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be set in same level as properties
(currently seems as an extra property definition)
'use strict'; | ||
class AwsCompileKafkaEvents { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's add a line space between 'use strict'
and code (sorry we should have a lint rule for that)
).to.be.eventually.rejectedWith(ServerlessError); | ||
}; | ||
|
||
it('should require access configurations', async () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As @pgrzesik pointed, let's not introduce tests that confirm that schema validation errors are thrown on invalid values
We have some sanity tests for it in other place, and otherwise schema validation engine is extensively tested in its own repository.
b059837
to
75b4af9
Compare
75b4af9
to
066a196
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @lewgordon Looks great to me!
I'll leave it for final look to @pgrzesik
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @lewgordon, outstanding work 👍
kafka
event
Closes: #8718