Allow Lambda targets to point to python_aws_lambda_layers and exclude code automatically
#19256
Comments
huonw
changed the title
python_aws_lambda_function to point to python_aws_lambda_layers and exclude code automaticallypython_aws_lambda_layers and exclude code automatically
Doing this probably also requires pex-tool/pex#2097: e.g. pants would enumerate all the requirements in the parent layer(s), and tell PEX to specifically not include them (against it's better judgement 😅 ). |
|
This would make it easy to have code implicitly use the packages that AWS automatically provides (e.g. boto3), or an external-provided layer (e.g. https://docs.powertools.aws.dev/lambda/python/latest/#lambda-layer) by reifying those layers, so pants can reason about them, but not using them when publishing: # dependencies provided by the AWS Lambda runtime
python_aws_lambda_layer(
name="aws-runtime-implicit-layer"
dependencies=[":reqs#boto3", ...]
)
# dependencies provided by the AWS-published Powertools layer
python_aws_lambda_layer(
name="aws-powertools-implicit-layer"
dependencies=[":reqs#aws-lambda-powertools", ...],
layers=[":aws-runtime-implicit-layer"]
)
python_aws_lambda_layer(
name="func-deps"
layers=[":aws-powertools-implicit-layer"],
dependencies=["./foo.py"]
)
python_aws_lambda_function(
name="func",
dependencies=["./foo.py"]
layers=[":func-deps"],
)Then, to deploy:
If this is a useful pattern, Pants can presumably grow automatic management of it (although if pants is managing it, it'll need to have a point of view on version skew between the layers and the runtime environment, e.g. I assume the AWS runtime updates boto3 semi-regularly, and thus may be on a different version to what the user's code specifies). |
- https://github.com/pantsbuild/pex/releases/tag/v2.1.152 : bug fix for a regression in 2.1.149 that blocked this upgrade - https://github.com/pantsbuild/pex/releases/tag/v2.1.151 : support for an `--exclude`, that'd help with #19552 and #19256 - https://github.com/pantsbuild/pex/releases/tag/v2.1.150 : pip 23.3.1 (incl. 23.3) support: https://pip.pypa.io/en/stable/news/#v23-3-1 - https://github.com/pantsbuild/pex/releases/tag/v2.1.149 : bug fix for a supposedly-rare edge case
|
With pex 2.1.151 (https://github.com/pantsbuild/pex/releases/tag/v2.1.151), which Pants now includes (#20149), there's a flag There's also future plans for |
Similar to #20237, this allows passing arbitrary arguments to the first pex invocation when building a FaaS (AWS Lambda or Google Cloud Function) artifact. This can serve as a stop-gap for #19256, because a user can write then pass `--exclude` themselves when they really need that (or similar) functionality. --------- Co-authored-by: Huon Wilson <huon@exoflare.io>
Highlighted changelogs: * https://github.com/pex-tool/pex/releases/tag/v2.4.0 * https://github.com/pex-tool/pex/releases/tag/v2.4.1 * https://github.com/pex-tool/pex/releases/tag/v2.5.0 * https://github.com/pex-tool/pex/releases/tag/v2.6.0 * https://github.com/pex-tool/pex/releases/tag/v2.7.0 * https://github.com/pex-tool/pex/releases/tag/v2.8.0 * https://github.com/pex-tool/pex/releases/tag/v2.8.1 * https://github.com/pex-tool/pex/releases/tag/v2.9.0 * https://github.com/pex-tool/pex/releases/tag/v2.10.0 * https://github.com/pex-tool/pex/releases/tag/v2.10.1 * https://github.com/pex-tool/pex/releases/tag/v2.11.0 (!) ``` Lockfile diff: 3rdparty/python/user_reqs.lock [python-default] == Upgraded dependencies == certifi 2024.6.2 --> 2024.7.4 exceptiongroup 1.2.1 --> 1.2.2 pex 2.3.3 --> 2.11.0 pydantic 1.10.16 --> 1.10.17 ``` NOTE: This updates the scrupulously backwards compatible Pex, but does not use any new features yet. The minimum version is unchanged. Possibly relevant for: #15704 #21103 #20852 #15454 #21100 #11324 #19256 #19552 #19681
Is your feature request related to a problem? Please describe.
In #19123, Pants grows support for
python_aws_lambda_layerto package layers for AWS Lambda. These are a bunch of code that's loaded into the Lambda environment, in addition to the core package. When packaging an in-repo layer for use with in-repo functions, typically the function doesn't need to include the code in the layer. Pants could automatically manage this, without needing to specifyinclude_requirements=Falseand/ordependencies=["!!foo", "!!bar"].Describe the solution you'd like
Potentially a
layersfield that takes a list of layer targets. To begin with, this can be just used for excluding the dependencies. This field can be used on both functions and other layers.(NB. a package built like this is cannot be used in isolation, only with the right layers hooked into the deployed function in AWS.)
For instance, in this example:
boto3-layerincludes theboto3library and its dependencies, likerequestsfuncdepends onboto3,requestsandnumpyThe
layersfield means pants would notice thatboto3(and, preferably, its transitive dependencies likerequests, which may require #12733) will already be provided byboto3-layer, and thus only includenumpyandfoo.pyin thefuncpackage.Describe alternatives you've considered
The current approach of manually spelling out dependencies and exclusions probably works fine for many cases, e.g. a naive "requirements in a layer"/"sources in the function" split is trivial via
include_requirements/include_sources.Additional context
There's a long discussion in #19123 that touches on this.
The text was updated successfully, but these errors were encountered: