feat: add TenancyConfig to ACK Lambda Controller #201
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: acaremrullah The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
ack-prow
bot
added
the
needs-ok-to-test
|
Hi @acaremrullah. Thanks for your PR. I'm waiting for a aws-controllers-k8s member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/assign @michaelhtm |
knottnt
left a comment
knottnt
left a comment
There was a problem hiding this comment.
@acaremrullah Thanks for the PR! Left a few comments.
| @@ -0,0 +1,17 @@ | |||
| apiVersion: lambda.services.k8s.aws/v1alpha1 | |||
There was a problem hiding this comment.
Normally there would be an e2e test associated with the resources in this folder. Could you either add a test to validate setting the tenancy config or remove this?
| metadata: | ||
| annotations: | ||
| controller-gen.kubebuilder.io/version: v0.19.0 | ||
| controller-gen.kubebuilder.io/version: v0.20.0 |
There was a problem hiding this comment.
nit: Could you use v0.19.0 here.
| A list of tags (https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) | ||
| to apply to the function. | ||
| type: object | ||
| tenancyConfig: |
There was a problem hiding this comment.
When adding a new field a CRD I'd expect to see some changes the files associated with our code-generator to fetch a new version of the AWS API model that includes the new field and/or remove it from a a list of ignored fields in generator.yaml. Since, this is a newer AWS feature you'll likely need to update the version of the AWS SDK used to generate the lambda-controller here to use a newer version of AWS Lambda's API model. If that results in additional fields being added that you don't want to take on in this PR you can add them to the ignored fields (see docs).
| } else { | ||
| ko.Spec.Timeout = nil | ||
| } | ||
| if resp.TenancyConfig != nil { |
There was a problem hiding this comment.
If TenancyConfig can only be set on creation we may want to mark this field as immutable in generator.yaml. That way user's can get some feedback if they try to change it in an update.
3 participants
Issue #, if available: N/A
Description of changes:
Summary
Adds support for AWS Lambda's Tenant Isolation Mode feature to enable per-tenant isolation for multi-tenant applications.
Changes
SDK Update
github.com/aws/aws-sdk-go-v2/service/lambdafromv1.75.0tov1.87.1to include TenancyConfig API supportAPI Types
TenancyConfigtype withTenantIsolationModefield toapis/v1alpha1/types.goTenancyConfigfield toFunctionSpecinapis/v1alpha1/function.goController Implementation
pkg/resource/function/sdk.goto handle TenancyConfig in:newCreateRequestPayload- sets TenancyConfig on CreateFunction API callsdkFind- reads TenancyConfig from GetFunction responsesdkCreate- reads TenancyConfig from CreateFunction responseCRD Updates
config/crd/bases/lambda.services.k8s.aws_functions.yamlandhelm/crds/lambda.services.k8s.aws_functions.yamlTesting
test/e2e/resources/function_tenancy.yamldemonstrating tenant isolation configurationUsage Example
AWS Documentation
Notes
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.