Hello @fujiwara, is there a plan to release a new version anytime soon?
I'd love to use this feature: #236

Once upgrading lambroll from v0.14.x to v1.0.0, I found that lambroll deploy with --alias fails with error.

$ lambroll version
lambroll v1.0.0
$ lambroll deploy --alias live --region $AWS_DEFAULT_REGION
2024/02/13 11:12:29 [error] FAILED. failed to parse args: unknown flag --alias, did you mean one of "--alias-name", "--alias-to-latest"?

This might have come to occur because of #315 (replacement of kingpin with Kong).
Also I found following drifts that may be the same between v0.14.7 and v1.0.0.

• on lambroll init
  • --download changes into --download-zip
• on lambroll diff
  • --code changes into --code-sha-256

If these changes are not intended (and if you think it needs to keep compatibility), I would like to create a pull request to fix them same as b80f49e. (fix for --tfstate and --prefixed-tfstate)

Hi, thanks for developing a useful deployment tool for lambda!

I recently noticed that the lambroll deploy command exited before the function update was successful. This might not have been a problem with small zip packages, but lambda can deploy also container images up to 10GB. In fact, when I deployed a 4GB image, after the lambroll deploy completed, the LastUpdateStatus remained InProgress and it took almost two minutes to Successful. This delay cannot be ignored and should be waited for before updating the alias.

The deploy logs are as follows:

$ lambroll deploy --keep-versions=3
2023/09/20 07:45:58 [info] lambroll v0.14.3 with function.json
2023/09/20 07:45:58 [info] starting deploy function foo
2023/09/20 07:45:58 [info] using docker image 012345678901.dkr.ecr.ap-northeast-1.amazonaws.com/foo:latest
2023/09/20 07:45:58 [info] updating function configuration
2023/09/20 07:45:58 [info] State:Active LastUpdateStatus:Successful
2023/09/20 07:45:58 [info] updated function configuration successfully
2023/09/20 07:45:58 [info] updating function code
2023/09/20 07:45:59 [info] State:Active LastUpdateStatus:InProgress
2023/09/20 07:45:59 [info] waiting for LastUpdateStatus Successful
2023/09/20 07:46:00 [info] State:Active LastUpdateStatus:InProgress
2023/09/20 07:46:00 [info] waiting for LastUpdateStatus Successful
2023/09/20 07:46:02 [info] State:Active LastUpdateStatus:InProgress
2023/09/20 07:46:02 [info] waiting for LastUpdateStatus Successful
2023/09/20 07:46:06 [info] State:Active LastUpdateStatus:Successful
2023/09/20 07:46:07 [info] updated function code successfully
2023/09/20 07:46:07 [info] deployed version 33
2023/09/20 07:46:07 [info] updating alias set current to version 33
2023/09/20 07:46:07 [info] alias updated
2023/09/20 07:46:07 [info] deleting function version: 30
2023/09/20 07:46:07 [info] except 3 latest versions are deleted
2023/09/20 07:46:07 [info] completed

$ while true ; do aws lambda get-function --function-name foo --query 'Configuration.[State, LastUpdateStatus]' | jq -c '[(now | todateiso8601)] + .'; sleep 1; done
["2023-09-20T07:45:55Z","Active","Successful"]
["2023-09-20T07:45:57Z","Active","Successful"]
["2023-09-20T07:45:58Z","Active","InProgress"]
["2023-09-20T07:46:00Z","Active","InProgress"]
["2023-09-20T07:46:02Z","Active","InProgress"]
["2023-09-20T07:46:04Z","Active","Successful"]
["2023-09-20T07:46:06Z","Active","Successful"]
["2023-09-20T07:46:08Z","Active","InProgress"]
["2023-09-20T07:46:09Z","Active","InProgress"]
["2023-09-20T07:46:11Z","Active","InProgress"]
(snip.)
["2023-09-20T07:48:04Z","Active","InProgress"]
["2023-09-20T07:48:06Z","Active","InProgress"]
["2023-09-20T07:48:08Z","Active","Successful"]
["2023-09-20T07:48:10Z","Active","Successful"]
["2023-09-20T07:48:12Z","Active","Successful"]
["2023-09-20T07:48:14Z","Active","Successful"]

Note the updated function code successfully at 07:46:07, but it's LastUpdateStatus is still InProgress.

Hi, thank you for your great project!

We suggest to add the installation guide with aqua to the document.
aqua is a declarative CLI Version Manager.
You can install this tool with aqua.

aqua init # Create aqua.yaml
aqua g -i fujiwara/lambroll # Add this tool to aqua.yaml
aqua i # Install tools

For the detail of aqua, please see the official document.

We expect you can just copy and paste the following guide to your document.

Install with aqua

You can install this tool with aqua.

aqua g -i fujiwara/lambroll # Add fujiwara/lambroll to aqua.yaml

Thank you.

This issue was created automatically by script. For the detail, please see here.

Currently, lambroll creates an alias to published lambda version only.

However, AWS allows aliasing to unpublished lambda version such like:

$ aws lambda create-alias --function-name $func_name --name $alias_name --function-version '$LATEST'

I think lambroll should be allow this in the same way.

What do you think about it?

Hello, I would like to use some secret values stored in the Secrets Manager as environment variables for my existing Lambda functions.
I intend to use lambroll in new deploy pipeline(simply done with build source on S3 and lambroll runs on CodeBuild). Unless if we do not use AWS Parameters and Secrets Lambda Extension, Terraform state, or anything else, we need to implement the logic to retrieve the secret value by scratch.

For example, in CloudFormation, it can be resolved to the secret value with the following format.

{{resolve:secretsmanager:secret-id:SecretString:json-key:version-stage:version-id}}

https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html

It is assumed that it would be difficult to accept this request since you wrote in your blog that lambroll only does processes that can be performed by Lambda API, but I created the issue because it might be some of your inspiration.
(Or if you have any ideas to resolve this situation, I feel really appreciated to hear that!)

Thank you.

Currently, lambroll init does not set PackageType and Code element into function.json.

Current Behavior

Invoking function with --async option causes panic.
Error logs are as follows:

❯ echo '{"Name":"lambroll"}' | lambroll invoke --region ap-northeast-1 --log-level trace --async
2020/01/13 21:51:30 [info] lambroll v0.3.2
2020/01/13 21:51:30 [debug] invoking function {
  FunctionName: "lambroll-sample",
  InvocationType: "Event",
  Payload: <binary> len 19
}

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0x15f02a8]

goroutine 1 [running]:
github.com/fujiwara/lambroll.(*App).Invoke(0xc000081780, 0xc000089c90, 0xc0000a8e76, 0xc0000a8e77, 0x0, 0xc000089da0)
	/home/runner/work/lambroll/lambroll/invoke.go:69 +0x628
main._main(0xc000086058)
	/home/runner/work/lambroll/lambroll/cmd/lambroll/main.go:103 +0x26de
main.main()
	/home/runner/work/lambroll/lambroll/cmd/lambroll/main.go:17 +0x22

Cause

Panic is caused by dereferencing res.ExecutedVersion, which is not included in response when invocation type is Event.
It seems Lambda Invoke API returns only StatusCode when invocation type is Event.

cf.

• https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html
• https://docs.aws.amazon.com/cli/latest/reference/lambda/invoke.html

How to reproduce

1. init function
2. deploy function
3. invoke function with --async option

Environment

lambroll version: v0.3.2 ( and b9a4c02 built with go 1.13)
OS: macOS 10.14.6

Hello @fujiwara, thanks for the great tool.
I found a error when exec lambda init.

Error

Nil pointer error appears using new version lambroll when execute lambroll init without exacting lambda func.

$ lambrall version
lambroll v0.14.0
$ lambroll init --function-name=testFunction
2022/11/30 01:15:06 [info] lambroll v0.14.0 with function.json
2022/11/30 01:15:08 [info] function testFunction is not found
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x198d794]

goroutine 1 [running]:
github.com/fujiwara/lambroll.newFunctionFrom(0xc00083f758, 0x0, 0x0)
        github.com/fujiwara/lambroll/lambroll.go:257 +0x214
github.com/fujiwara/lambroll.(*App).Init(0xc000091040, {0xc000511e40?, 0xc00060c60f?})
        github.com/fujiwara/lambroll/init.go:73 +0x4f5
main._main()
        github.com/fujiwara/lambroll/cmd/lambroll/main.go:146 +0x58b3
main.main()
        github.com/fujiwara/lambroll/cmd/lambroll/main.go:19 +0x19

But no error appears using v0.13.0.

$ lambrall version
lambroll v0.13.0
$ lambroll init --function-name=testFunction
2022/11/30 01:51:22 [info] lambroll v0.13.0 with function.json
2022/11/30 01:51:23 [info] function testFunction is not found
2022/11/30 01:51:24 [info] creating .lambdaignore
2022/11/30 01:51:24 [info] creating function.json
Overwrite existing file function.json? (y/n) [n]: n
2022/11/30 01:51:28 [info] completed

Environment

lambroll version: v0.14.0
OS: macOS monterey 12.3.1

We can specify an arbitrary alias name with --alias flag for lambroll deploy command.
However, we cannot specify an alias name for lambroll rollback command.
I think lambroll rollback command should have --alias flag.

When the existing lambda function is not Image runtime (i.e. packageType is Zip) and it attempts to overwrite that function by Image runtime function, lambroll deploy command behaves successfully but I deem this is not expected act.

For example, myfunc runs on go1.x runtime and once it has tried to deploy the new version according to the following function.json:

{
  "FunctionName": "myfunc",
  "MemorySize": 128,
  "Role": "arn:aws:iam::XXXXXXXXXXXX:role/__ROLE__",
  "Architectures": ["arm64"],
  "PackageType": "Image",
  "Code": {
    "ImageUri": "__IMAGE_URI__"
  }
}

lambroll deploy said like the following:

2021/12/17 16:08:32 [info] lambroll v0.12.3
2021/12/17 16:08:32 [info] starting deploy function myfunc
2021/12/17 16:08:33 [info] using docker image XXXXXXXXXXXX.dkr.ecr.__REGION__.amazonaws.com/__IMAGE__
2021/12/17 16:08:33 [info] creating function
2021/12/17 16:08:34 [info] State:Pending LastUpdateStatus:
2021/12/17 16:08:34 [info] waiting for LastUpdateStatus Successful
2021/12/17 16:08:35 [info] State:Pending LastUpdateStatus:
2021/12/17 16:08:35 [info] waiting for LastUpdateStatus Successful
2021/12/17 16:08:37 [info] State:Pending LastUpdateStatus:
2021/12/17 16:08:37 [info] waiting for LastUpdateStatus Successful
2021/12/17 16:08:42 [info] State:Pending LastUpdateStatus:
2021/12/17 16:08:42 [info] waiting for LastUpdateStatus Successful
2021/12/17 16:08:50 [info] State:Active LastUpdateStatus:Successful
2021/12/17 16:08:50 [info] deployed function version 10
2021/12/17 16:08:50 [info] creating alias set current to version 10
2021/12/17 16:08:50 [info] alias created
2021/12/17 16:08:50 [info] completed

I think this would be nicer if this fails under the situation...

Apendix

$ lambroll version
lambroll v0.12.3

expected behavior

Passing either AWS_REGION environment variable or no --region argument but having ~/.aws/config that contains region = ap-northeast-1, lambroll expected to consume region from ~/.aws/config.

actual behavior

The lambroll does not respect region config in ~/.aws/config:

[2021-08-09 12:29:54] ✘╹◡╹✘ < lambroll --profile default init --function-name my-func
2021/08/09 12:29:57 [info] lambroll v0.11.5
2021/08/09 12:29:57 [error] failed to GetFunctionmy-func: MissingRegion: could not find region configuration

solution

The lambroll could consume shared config.

version info

[2021-08-09 12:27:13] ✘╹◡╹✘ < lambroll version
lambroll v0.11.5

When you update lambroll you have to change function.json to make a difference.
I want to ignore this difference.
For example, SnapStart.
Also, I want to manage some settings only with terraform.
For example, subnet.
To satisfy the above, deploys and diffs require the "--ignore-change" option

aws lambda invoke command has --payload option.
It's useful if lambroll invoke has the same flag.

Thank you for your useful tool. I'd like to share an insight about codes that probably is better to be fixed.

Recently my team encountered an issue about deployment docker image to Lambda. The cause is something related to docker build, not to lambroll.
But strangely, in our workflow lambroll deploy was running successfully and seemed ok while the error happens.

After solving our issue, I've found the code that probably is the reason of the behavior.

This code catches all awserr.Errors at the first if statement but only lambda.ErrCodeResourceConflictException is handled. All other awserr.Error are ignored and go forward to the successful return.

I think the switch should have default clause and handle unexpected errors, or remove else from the if statement, to handle every awserr.Errors.

It is nice lambroll deploy --dry-run keeps the zip archive to be uploaded.

#310

Add ssm template function same as ecspresso.

Like AWS CLI v2, I would like to watch the Lambda function logs in Cloudwatch logs with a single command such as 'lambroll logs'.

Lambda deployment step has improved by lambroll(I use it for almost all of my functions.) , but it has still some steps to watch these function logs.

Thanks you.

I would like to get the codeSha256 diff by doing something like the following URL.
I want to get CodeSha256 diff by lambroll.
The response is whether there is a diff.
https://stackoverflow.com/questions/33825815/how-to-calculate-the-codesha256-of-aws-lambda-deployment-package-before-uploadin

I found error when refer tfstate in different region from deploy target.

$ AWS_REGION=us-east-1 lambroll deploy --tfstate s3://bucket/terraform.tfstate
2021/04/19 16:35:34 [error] failed to read tfstate: s3://bucket/terraform.tfstate: failed to read tfstate from s3://lobi-terraform/stg/all/terraform.tfstate: AuthorizationHeaderMalformed: The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'ap-northeast-1'
	status code: 400, request id: ***, host id: ***

To avoid this, I downloading tfstate before run lambroll deploy like this:

$ aws --region ap-northeast-1 s3 s3://bucket/terraform.tfstate
$ AWS_REGION=us-east-1 lambroll deploy --tfstate terraform.tfstate

We execute lambroll command like below:

$ lambroll deploy --region=ap-northeast-1 --tfstate=s3://bucket/terraform.tfstate --src=build
2021/03/29 08:01:18 [error] failed to read tfstate: s3://bucket/terraform.tfstate: failed to read tfstate from s3://bucket/terraform.tfstate: MissingRegion: could not find region configuration

We set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY via environment variables, but we don't set AWS_REGION.
We can avoid this error when we set the environment variable AWS_REGION with --tfstate option.