This repository contains our tooling, linting rules and build pipeline helpers:
-
The
buildLambda
Jenkins shared library which should be used to build Lambdas. Located invars/buildLambda.groovy
. -
The
aws-lambda-dev-base
image which contains development tooling. Located inimages/aws-lambda-python-dev-base
. -
The
aws-lambda-release-base
image which contains the latest patched version of Python. Located inimages/aws-lambda-python-release-base
. -
The
aws-lambda-container
Terraform module. Located interraform/modules/aws-lambda-container
. -
The
example-project
which shows an example of how to build a Lambda. Located inexample-project
.
- Use batect bundles in example project to limit copy/paste. Make consistent updates across projects
- Improve the deployment pipeline.
- Could we trigger smoke tests as part of the deployment?
- Can we promote through environments?
- Decide what Jenkins role to use for updating SSM parameters/pushing images.
- Decide what mypy defaults we want.
- Work out how to re-add
ignore_missing_imports
.
- Work out how to re-add
- Fix the immutable tags issue - we need a lifecycle rule.
- Retag the
test
base image and push aslatest
. - Add Terraform linting for all Lambdas.
- Add pytest test coverage.
- Add default CloudWatch alarms for the Lambda to monitor errors.
- Provide an easier way to pull the latest dev image.
When the infrastructure-pipeline-lambda-build
pipeline is triggered in Jenkins, the following happens:
- The environment is prepared using
tonistiigi/binfmt
which allows us to buildarm64
images for our M1+ users. - A
test
tagged image of the dev and release images is created and pushed to ECR. - The
example-project
is then built usingbuildLambda
. For this, the local version of the script used rather than the global one for testing purposes. - If the project is built successfully, the built images are then pushed to ECR as
latest
.