Comments (11)
The zip archive preserves file permissions, so if you have a 644
permissions file, deflate it and inflate it back up, you get 644
permissions for that file.
So to fix @chiuwaipun's issue, simply set the expected permissions before deflation, in Lambda's case, something like 755
will do.
I suggest this issue to be closed.
Note: tested in v1.0.3
(mentioned version) and v1.1.0
(latest), on Terraform v0.11.8
from terraform-provider-archive.
Created #80.
@matthewmueller @haideralsh @da-edra ^
from terraform-provider-archive.
I've also run into this as well. I think it's very much a bug still. The zip
command on OSX and archiver libraries like this one https://github.com/tj/go-archive work as expected.
from terraform-provider-archive.
AWS Lambda requires world-readable permissions on source files.
Try setting -rwxr-xr-x
permissions to the to-be-zipped files and delete any previously generated zip archive.
I've successfully used archive v1.1.0
(current) with Lambda before and it only causes this error when compressing non-world-readable files (eg. -rwx------
).
from terraform-provider-archive.
@ricardbejarano What's your terraform code look like? Are you using source_file
or source { content }
?
from terraform-provider-archive.
source_file
:
data "archive_file" "hello" {
type = "zip"
source_file = "hello.py"
output_path = "hello.zip"
}
resource "aws_lambda_function" "hello" {
...
filename = "hello.zip"
}
Haven't tested source_dir
nor source { content = ... }
but I guess the former works just like source_file
and maybe the latter sets non-world-readable permissions.
You can check what permissions are set yourself by unzipping the archive in your local machine and listing the files' permissions. Example:
$ unzip hello.zip
Archive: hello.zip
inflating: hello.py
$ ls -l hello.py
-rwxr-xr-x ................................. hello.py
Edit: if source { content = ... }
sets non-world-readable permissions I guess you may have to use other source arguments. See the argument reference.
from terraform-provider-archive.
@ricardbejarano ah okay, I hadn't tried the source_file
, just source { content = ... }
.. It's weird cause it's zipped up with world-readable, and unzipped with world-readable, but still causes this error. I'm thinking they need world-readable on the zip as well.
FWIW to anyone else, I wrote a custom provider for Go builds: https://github.com/matthewmueller/terraform-provider-lambda. I'd love to see other languages supported as well. For building lambdas, it seems more flexible to just write Go code rather piece together existing resources.
from terraform-provider-archive.
I'm thinking they need world-readable on the zip as well.
Probably.
I guess we could PR the changes needed so that zipped output has the same permissions than the deflated file/folder. I'll look into it, thanks for your input!
I wrote a custom provider for Go builds
Looks great!
from terraform-provider-archive.
Any updates on this? I am running through the same issue using the archive provider on windows.
from terraform-provider-archive.
Hello, are there any updates on this? Having the same issue using the provider on Linux.
from terraform-provider-archive.
@haideralsh @da-edra at this moment, the archive
provider does not support setting filemode or similar for deflated/inflated contents.
Workaround
Imagine I have a folder with source code on my local machine, this source code is to be copied over to Lambda through a zip file generated with the archive
provider.
- On your local machine, run
chmod -R 755 lambda_code
- Delete cached
archive
-provider files (runfind . -name '.*.zip' -delete
, if I recall correctly) - Run Terraform as usual
What will happen:
- Terraform will run the
archive
provider on the folder again - That will zip/deflate the contents preserving their current filemode bits (
755
) - When Lambda uncompresses that, it should preserve those settings
Permanent solution (proposal)
In my opinion, the best way around this would be to implement chmod $FILEMODE $DIRECTORY
directly into the archive
provider.
Something along the lines of:
data "archive_file" "lambda_code" {
source_dir = "${path.module}/lambda"
output_path = "${path.module}/lambda.zip"
type = "zip"
filemode = 0755 // this triggers: chmod -R 0755 "${path.module}/lambda"; before deflating
}
I will (after 3 years) begin work on this during the following days, but can't promise anything.
from terraform-provider-archive.
Related Issues (20)
- Migrate to terraform-plugin-framework HOT 1
- Run archive_file on each apply HOT 2
- data.archive_file does not support resource tainting HOT 2
- Bump Development/Build Minimum Go Version to 1.17 HOT 2
- Issue archiving base64 encoded content w/ source block HOT 5
- Bump Expected Minimum Go Version to 1.18 HOT 1
- archive_file doesn't re-create the archive upon content change
- Source_dir conflicts with source HOT 1
- Zip file created by terraform archive_file cannot be properly read by python
- Generated archive contents include an extra (empty) file when `output_path` is configured within same directory as `source_dir`. HOT 2
- Migrate acceptance testing to terraform-plugin-testing HOT 1
- Bump Expected Minimum Go Version to 1.19 HOT 1
- GitHub Actions - deprecated warnings found - action required! HOT 2
- archive_file data source gets created during "terraform plan" vs "terraform apply" and also is not deleted during destroy HOT 11
- Error generated during the execution of acceptance test on archive_file resource
- Documentation and changelog require updating HOT 1
- Support Additional Compression Types(Ex: tar.gz format) HOT 4
- Update Go Module to Go 1.20 Minimum HOT 1
- archive_file produces a corrupted zip file HOT 5
- Error generating archive with archive_file when symlink is present and exclude_symlink_directories is set to true HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-archive.