使用相同代码更新 Terraform lambda source_code_hash [英] Terraform lambda source_code_hash update with same code

问题描述

我有一个使用 Terraform 成功部署的 AWS Lambda:

I have an AWS Lambda deployed successfully with Terraform:

resource "aws_lambda_function" "lambda" {
  filename                       = "dist/subscriber-lambda.zip"
  function_name                  = "test_get-code"
  role                           = <my_role>
  handler                        = "main.handler"
  timeout                        = 14
  reserved_concurrent_executions = 50
  memory_size                    = 128
  runtime                        = "python3.6"
  tags                           = <my map of tags>
  source_code_hash               = "${base64sha256(file("../modules/lambda/lambda-code/main.py"))}"
  kms_key_arn                    = <my_kms_arn>
  vpc_config {
    subnet_ids         = <my_list_of_private_subnets>
    security_group_ids = <my_list_of_security_groups>
  }
  environment {
    variables = {
      environment = "dev"
    }
  }
}

现在，当我运行 terraform plan 命令时，它说我的 lambda 资源需要更新，因为 source_code_hash 已更改，但我没有更新 lambda Python 代码库(版本控制在同一个 repo 的文件夹中):

Now, when I run terraform plan command it says my lambda resource needs to be updated because the source_code_hash has changed, but I didn't update lambda Python codebase (which is versioned in a folder of the same repo):

  ~ module.app.module.lambda.aws_lambda_function.lambda
  last_modified:                     "2018-10-05T07:10:35.323+0000" => <computed>
  source_code_hash:                  "jd6U44lfe4124vR0VtyGiz45HFzDHCH7+yTBjvr400s=" => "JJIv/AQoPvpGIg01Ze/YRsteErqR0S6JsqKDNShz1w78"

我想这是因为它每次都会压缩我的 Python 源代码并且源代码会发生变化.如果 Python 代码没有变化，我该如何避免这种情况?如果我不更改 Python 代码库，我的假设是否一致(我的意思是，为什么哈希会更改)?

I suppose it is because it compresses my Python sources each time and the source changes. How can I avoid that if there are no changes in the Python code? Is my hypothesis coherent if I didn't change the Python codebase (I mean, why then the hash changes)?

推荐答案

这是因为你只是在散列 main.py 而上传的是 dist/subscriber-lambda.zip.当文件上传到 lambda 时，Terraform 将哈希值与它计算的哈希值进行比较.由于散列是在两个不同的文件上完成的，因此您最终会得到不同的散列.尝试对正在上传的完全相同的文件运行哈希.

This is because you are hashing just main.py but uploading dist/subscriber-lambda.zip. Terraform compares the hash to the hash it calculates when the file is uploaded to lambda. Since the hashing is done on two different files, you end up with different hashes. Try running the hash on the exact same file that is being uploaded.

这篇关于使用相同代码更新 Terraform lambda source_code_hash的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！