Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: rework smoketests and improve usability #508

Merged
merged 3 commits into from
Jul 29, 2024
Merged

test: rework smoketests and improve usability #508

merged 3 commits into from
Jul 29, 2024

Conversation

kruskall
Copy link
Member

@kruskall kruskall commented Jul 23, 2024
edited
Loading

always tee to tf.log
improve folder name and move smoketest under testing remove smokedir, we only have one smoketest
move function under smoketest

Closes #435

@kruskall
test: rework smoketests and improve usability
b4f73e6 
always tee to tf.log
improve folder name and move smoketest under testing
remove smokedir, we only have one smoketest
move function under smoketest
@github-actions github-actions bot added the aws-λ-extension AWS Lambda Extension label Jul 23, 2024
lahsivjar
lahsivjar reviewed Jul 23, 2024
View reviewed changes
testing/smoketest/main.tf Outdated
@@ -44,7 +44,7 @@ resource "aws_iam_role" "lambda" {

data "archive_file" "lambda" {
type = "zip"
source_file = "../testdata/function/index.js"
source_file = "./function/index.js"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we reuse https://github.com/elastic/apm-aws-lambda/tree/main/testing/tf-modules/lambda_deployment instead of having a separate custom module for smoketest?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll open a followup for this so the ebpf team can pick it up

@rockdaboot rockdaboot requested a review from lahsivjar July 24, 2024 14:01
@kruskall kruskall merged commit 59396a5 into elastic:main Jul 29, 2024
10 checks passed
@kruskall kruskall deleted the testing/smoketest branch July 29, 2024 18:59
@v1v
Copy link
Member

v1v commented Aug 7, 2024
edited
Loading

As far as I see these changes need to be reflected in the existing OIDC settings, otherwise:


Error: creating CloudWatch Logs Log Group (/aws/lambda/github-actions-smoke-testing-test): operation error CloudWatch Logs: CreateLogGroup, https response error StatusCode: 400, RequestID: a8b0d29f-46bb-4427-aef0-c0fe1c3ae0b9, api error AccessDeniedException: User: arn:aws:sts::697149045717:assumed-role/gha-55ef6f9ad3e07084a079d653f88b25e629e0812c646a890bd344605-role/GitHubActions is not authorized to perform: logs:CreateLogGroup on resource: arn:aws:logs:eu-central-1:697149045717:log-group:/aws/lambda/github-actions-smoke-testing-test:log-stream: because no identity-based policy allows the logs:CreateLogGroup action

  with aws_cloudwatch_log_group.example,
  on main.tf line 105, in resource "aws_cloudwatch_log_group" "example":
 105: resource "aws_cloudwatch_log_group" "example" {


Error: creating IAM Policy (smoketest_extension_lambda_logging): operation error IAM: CreatePolicy, https response error StatusCode: 403, RequestID: 14eaa9ba-a9f1-4cbc-b943-d2413df9cd8e, api error AccessDenied: User: arn:aws:sts::697149045717:assumed-role/gha-55ef6f9ad3e07084a079d653f88b25e629e0812c646a890bd344605-role/GitHubActions is not authorized to perform: iam:CreatePolicy on resource: policy smoketest_extension_lambda_logging because no identity-based policy allows the iam:CreatePolicy action

  with aws_iam_policy.lambda_logging,
  on main.tf line 124, in resource "aws_iam_policy" "lambda_logging":
 124: resource "aws_iam_policy" "lambda_logging" {

Error: Terraform exited with code 1.
-> Calling the lambda function...

An error occurred (AccessDeniedException) when calling the Invoke operation: User: arn:aws:sts::697149045717:assumed-role/gha-55ef6f9ad3e07084a079d653f88b25e629e0812c646a890bd344605-role/GitHubActions is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:eu-central-1:697149045717:function:github-actions-smoke-testing-test because no identity-based policy allows the lambda:InvokeFunction action

I'm gonna fix this

@rockdaboot
Copy link
Contributor

@v1v See also #526

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rockdaboot rockdaboot rockdaboot approved these changes

@lahsivjar lahsivjar Awaiting requested review from lahsivjar

Assignees
No one assigned
Labels
aws-λ-extension AWS Lambda Extension
Projects
APM-Agents (OLD)
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move tf folder and simplify testing
4 participants
@kruskall @v1v @rockdaboot @lahsivjar