Terraform 中的相对路径

Relative paths in Terraform

我正在尝试使用 terraform 创建 AWS lambda 函数。 我的 terraform 目录看起来像

我的 lambda 函数存储在 /terraform/lambda/files/lambda_function.py.

每当我应用 terraform 时,我都有一个 "null_resource" 在本地机器上执行一些命令,这些命令将压缩 python 文件

variable "pythonfile" {
  description = "lambda function python filename"
  type        = "string"
}

resource "null_resource" "lambda_preconditions" {
  triggers {
    always_run = "${uuid()}"
  }
  provisioner "local-exec" {
    command = "rm -rf ${path.module}/files/zips"
  }
  provisioner "local-exec" {
    command = "mkdir -p ${path.module}/files/zips"
  }
  provisioner "local-exec" {
    command = "cp -R ${path.module}/files/${var.pythonfile} ${path.module}/files/zips/lambda_function.py"
  }
  provisioner "local-exec" {
    command = "cd ${path.module}/files/zips && zip -r lambda.zip ."
  }
}

我的 "aws_lambda_function" 资源如下所示。

resource "aws_lambda_function" "lambda_function" {
  filename         = "${path.module}/files/zips/lambda.zip"
  function_name    = "${format("%s-%s-%s-lambda-function", var.name, var.environment, var.function_name)}"
  role             = "${aws_iam_role.iam_for_lambda.arn}"
  handler          = "lambda_function.lambda_handler"
  source_code_hash = "${base64sha256(format("%s/files/zips/lambda.zip", path.module))}", length(path.cwd) + 1, -1)}")}"
  runtime          = "${var.function_runtime}"
  timeout          = "${var.function_timeout}"
  memory_size      = "${var.function_memory}"

  environment {
    variables = {
      region      = "${var.region}"
      name        = "${var.name}"
      environment = "${var.environment}"
    }
  }

  vpc_config {
    subnet_ids         = ["${var.subnet_ids}"]
    security_group_ids = ["${aws_security_group.lambda_sg.id}"]
  }

  depends_on = [
    "null_resource.lambda_preconditions"
  ]
}

问题: 每当我更改 lambda_function.py 文件并再次应用 terraform 时,一切正常,但 lambda 函数中的实际代码不会改变。 此外,如果我删除所有 terraform 状态文件并再次应用,新更改将毫无问题地传播。

这可能是什么原因?

我没有使用 null_resource,而是使用了 archive_file 数据源,它会在检测到新更改时自动创建 zip 文件。接下来,我引用了 lambda 资源 source_code_hash 属性中的 archive_file 数据。

archive_file数据源

data "archive_file" "lambda_zip" {
  type        = "zip"
  output_path = "${path.module}/files/zips/lambda.zip"

  source {
    content  = "${file("${path.module}/files/ebs_cleanup_lambda.py")}"
    filename = "lambda_function.py"
  }
}

lambda 资源

resource "aws_lambda_function" "lambda_function" {
  filename         = "${path.module}/files/zips/lambda.zip"
  function_name    = "${format("%s-%s-%s-lambda-function", var.name, var.environment, var.function_name)}"
  role             = "${aws_iam_role.iam_for_lambda.arn}"
  handler          = "lambda_function.lambda_handler"
  source_code_hash = "${data.archive_file.lambda_zip.output_base64sha256}"
  runtime          = "${var.function_runtime}"
  timeout          = "${var.function_timeout}"
  memory_size      = "${var.function_memory}"

  environment {
    variables = {
      region      = "${var.region}"
      name        = "${var.name}"
      environment = "${var.environment}"
    }
  }

  vpc_config {
    subnet_ids         = ["${var.subnet_ids}"]
    security_group_ids = ["${aws_security_group.lambda_sg.id}"]
  }
}