aws-lambda - Terraform：为什么这种链接资源的尝试不起作用？

问题描述

AWS Lambda 上传需要生成所需源代码和库的 zip 存档。要将 NodeJS 用作 Lambda 的语言，更常见的情况可能是您希望将源文件和 node_modules 目录包含在 zip 存档中。Terraform 存档提供程序提供了一个 file_archive 资源，该资源在可以使用时运行良好。当您需要的不仅仅是 1 个文件或 1 个目录时，不能使用它。请参阅功能请求。为了解决这个问题，我想出了下面的代码。它执行步骤但不是按要求的顺序。运行一次，它会更新 zip 文件，但不会将其上传到 AWS。我再次运行它并上传到 AWS。

# This resource checks the state of the node_modules directory, hoping to determine,
# most of the time, when there was a change in that directory. Output
# is a 'mark' file with that data in it. That file can be hashed to
# trigger updates to zip file creation.
resource "null_resource" "get_directory_mark" {
    provisioner "local-exec" {
        command     = "ls -l node_modules > node_modules.mark; find node_modules -type d -ls >> node_modules.mark"
        interpreter = ["bash", "-lc"]
    }

    triggers = {
        always = "${timestamp()}" # will trigger each run - small cost.
    }
}

resource "null_resource" "make_zip" {
    depends_on = ["null_resource.get_directory_mark"]

    provisioner "local-exec" {
        command     = "zip -r ${var.lambda_zip} ${var.lambda_function_name}.js node_modules"
        interpreter = ["bash", "-lc"]
    }

    triggers = {
        source_hash  = "${sha1("${file("lambda_process_firewall_updates.js")}")}"
        node_modules = "${sha1("${file("node_modules.mark")}")}"                  # see above
    }
}

resource "aws_lambda_function" "lambda_process" {
    depends_on       = ["null_resource.make_zip"]
    filename         = "${var.lambda_zip}"
    function_name    = "${var.lambda_function_name}"
    description      = "process items"
    role             = "${aws_iam_role.lambda_process.arn}"
    handler          = "${var.lambda_function_name}.handler"
    runtime          = "nodejs8.10"
    memory_size      = "128"
    timeout          = "60"
    source_code_hash = "${base64sha256(file("lambda_process.zip"))}"
}

其他相关讨论包括：this question on code hashing（见我的回答）和this GitHub issue。

标签： aws-lambdazipterraform