feat(AWS Lambda): Add support for self-managed kafka event
#8784
Conversation
Codecov Report
@@ Coverage Diff @@
## master #8784 +/- ##
==========================================
+ Coverage 87.74% 87.77% +0.02%
==========================================
Files 264 265 +1
Lines 9853 9913 +60
==========================================
+ Hits 8646 8701 +55
- Misses 1207 1212 +5
Continue to review full report at Codecov.
|
lewgordon
force-pushed
the
event-kafka-smaa
branch
from
f83af11
to
b0f29fa
Compare
There was a problem hiding this comment.
Thank you @lewgordon 👍 Overall it's a great work, I have a few comments, please check them out and let me know what you think. I'll also ask @medikoo for an extra review to asses the chosen approach as correct.
test/unit/lib/plugins/aws/package/compile/events/msk/index.test.js
Outdated
Show resolved
Hide resolved
lewgordon
force-pushed
the
event-kafka-smaa
branch
4 times, most recently
from
86554ce
to
b62028f
Compare
There was a problem hiding this comment.
Thank you @lewgordon, in general it looks good, I have a few questions though, please see my comments and let me know what you think
| const functionObj = this.serverless.service.getFunction(functionName); | ||
| const cfTemplate = this.serverless.service.provider.compiledCloudFormationTemplate; | ||
|
|
||
| // It is required to add the following statement in order to be able to connect to MSK cluster |
There was a problem hiding this comment.
Just to confirm, is it still required at all times or only when VPC-based accessConfiguration is used?
There was a problem hiding this comment.
Hmm, not sure, but will double check.
There was a problem hiding this comment.
I believe it's only required for VPC-based accessConfiguration.
| handler: handler.compute | ||
| events: | ||
| - kafka: | ||
| accessConfigurations: |
There was a problem hiding this comment.
Which approach is the valid one in the end? I see in the documentation here that accessConfigurations are supposed to be an Object, however, in tests and in processing logic it expects it to be an array. Based on recent discussion here #8718 I got the impression that we could go with object-based approach.
There was a problem hiding this comment.
Yep, good catch. I think my documentation is right, but the code may need some fixes.
There was a problem hiding this comment.
Thanks for clarification 🙌
| type: 'object', | ||
| properties: { | ||
| accessConfigurations: { | ||
| type: 'array', |
There was a problem hiding this comment.
Should be an array or an object?
|
|
||
| chai.use(require('chai-as-promised')); | ||
|
|
||
| describe('AwsCompileKafkaEvents', () => { |
There was a problem hiding this comment.
I'm not sure if this is documented, but it's recommended to name new describe blocks after the name of the test file, so in this case it will be test/unit/lib/plugins/aws/package/compile/events/kafka.test.js
lewgordon
force-pushed
the
event-kafka-smaa
branch
from
b62028f
to
b63dbc1
Compare
|
I also just verified that |
lewgordon
force-pushed
the
event-kafka-smaa
branch
2 times, most recently
from
c819ab2
to
89c1083
Compare
| type: 'boolean', | ||
| }, | ||
| bootstrapServers: { | ||
| type: 'array', |
There was a problem hiding this comment.
Should we also specify the type of item that's allowed here?
| if (secretsManagerStatement.Resource.length) { | ||
| statement.push(secretsManagerStatement); | ||
| } | ||
| if (needsEc2Permissions) { |
| expect(eventSourceMappingResource.Properties).to.deep.equal(eventConfig.resource(awsNaming)); | ||
| }; | ||
|
|
||
| const requirePropertyTest = async (event) => { |
There was a problem hiding this comment.
Our standard approach is not to test schema validation in such manner - we instead test all supported scenarios which you already have. I believe these tests could be removed
There was a problem hiding this comment.
@lewgordon that's outstanding! Thank you.
In addition to @pgrzesik comments, I have just few minor improvement suggestions from me.
Let me know if anything is not clear
| type: 'object', | ||
| minProperties: 1, | ||
| properties: { | ||
| vpcSubnet: arrayOrStringSchema('subnet-[a-z0-9]+'), |
There was a problem hiding this comment.
We don't need to use arrayOrStringSchema, as in schema validator we have to array coercion configured to be on (https://ajv.js.org/docs/coercion.html)
So we should simply configure those properties as arrays. Singular values will automatically be allowed, and in code we can unconditionally expect arrays (as coercion will ensure all values are converted to arrays during validation phase)
There was a problem hiding this comment.
Thanks for bringing that up @medikoo - I was not aware of that 👍
There was a problem hiding this comment.
@medikoo after changing this, should I inline the lambda function or keep as is? I wasn't sure what was more readable.
There was a problem hiding this comment.
I would inline the schema (when inspecting the schema, then it's easier to acknowledge what's defined)
| saslScram256Auth: arrayOrStringSchema(secretsManagerArnRegex), | ||
| saslScram512Auth: arrayOrStringSchema(secretsManagerArnRegex), | ||
| }, | ||
| }, |
There was a problem hiding this comment.
Misses additionalProperties: false
| let needsEc2Permissions = false; | ||
|
|
||
| functionObj.events.forEach((event) => { | ||
| if (event.kafka == null) { |
There was a problem hiding this comment.
Let's improve it to simply if (!event.kafka) return;
| kafkaResource.Properties.SourceAccessConfigurations = []; | ||
| Object.entries(event.kafka.accessConfigurations).forEach( | ||
| ([accessConfigurationType, value]) => { | ||
| const accessConfigurationValues = typeof value === 'string' ? [value] : value; |
There was a problem hiding this comment.
After we simplify schema, we can unconditionally expect an array
lewgordon
force-pushed
the
event-kafka-smaa
branch
2 times, most recently
from
894d432
to
e1ed35b
Compare
|
In addition to the requested changes in the PR, I made a few changes to the documentation that I had forgot about. I removed references to using |
There was a problem hiding this comment.
Thank you @lewgordon ! Looks great, I have just few comments
| pattern: secretsManagerArnRegex, | ||
| }, | ||
| }, | ||
| additionalProperties: false, |
There was a problem hiding this comment.
This should be set in same level as properties (currently seems as an extra property definition)
| 'use strict'; | ||
| class AwsCompileKafkaEvents { |
There was a problem hiding this comment.
Let's add a line space between 'use strict' and code (sorry we should have a lint rule for that)
| ).to.be.eventually.rejectedWith(ServerlessError); | ||
| }; | ||
|
|
||
| it('should require access configurations', async () => { |
There was a problem hiding this comment.
As @pgrzesik pointed, let's not introduce tests that confirm that schema validation errors are thrown on invalid values
We have some sanity tests for it in other place, and otherwise schema validation engine is extensively tested in its own repository.
lewgordon
force-pushed
the
event-kafka-smaa
branch
2 times, most recently
from
b059837
to
75b4af9
Compare
lewgordon
force-pushed
the
event-kafka-smaa
branch
from
75b4af9
to
066a196
Compare
There was a problem hiding this comment.
Thank you @lewgordon Looks great to me!
I'll leave it for final look to @pgrzesik
pgrzesik
changed the title
kafka event
Closes: #8718