Skip to content

Commit e7a1df1

Browse files
leandrodamascenaleandrodamascena
authored
Merge branch 'develop' into ci-changelog-11325306758
2 parents d701b26 + 58302ef commit e7a1df1

File tree

2 files changed

+33
-22
lines changed

2 files changed

+33
-22
lines changed

.github/workflows/layer_govcloud.yml

Lines changed: 33 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -120,26 +120,32 @@ jobs:
120120
aws-region: us-gov-east-1
121121
mask-aws-account-id: true
122122
- name: Create Layer
123+
id: create-layer
123124
run: |
124-
aws --region us-gov-east-1 lambda publish-layer-version \
125+
LAYER_VERSION=$(aws --region us-gov-east-1 lambda publish-layer-version \
125126
--layer-name ${{ matrix.layer }}-${{ matrix.arch }} \
126127
--zip-file fileb://./${{ matrix.layer }}_${{ matrix.arch }}.zip \
127128
--compatible-runtimes $(jq -r ".CompatibleRuntimes[0]" ${{ matrix.layer }}_${{ matrix.arch }}.json) \
128129
--compatible-architectures $(jq -r ".CompatibleArchitectures[0]" ${{ matrix.layer }}_${{ matrix.arch }}.json) \
129130
--license-info "MIT-0" \
130131
--description "$(jq -r '.Description' ${{ matrix.layer }}_${{ matrix.arch }}.json)" \
131-
--query 'Version' | \
132-
xargs aws --region us-gov-east-1 lambda add-layer-version-permission \
133-
--layer-name ${{ matrix.layer }}-${{ matrix.arch }} \
134-
--statement-id 'PublicLayer' \
135-
--action lambda:GetLayerVersion \
136-
--principal '*' \
137-
--version-number
132+
--query 'Version' \
133+
--output text)
134+
echo "LAYER_VERSION=$LAYER_VERSION" >> "$GITHUB_OUTPUT"
135+
136+
aws --region us-gov-east-1 lambda add-layer-version-permission \
137+
--layer-name ${{ matrix.layer }}-${{ matrix.arch }} \
138+
--statement-id 'PublicLayer' \
139+
--action lambda:GetLayerVersion \
140+
--principal '*' \
141+
--version-number $LAYER_VERSION
138142
- name: Verify Layer
143+
env:
144+
LAYER_VERSION: ${{ steps.create-layer.outputs.LAYER_VERSION }}
139145
run: |
140-
REMOTE_SHA=$(aws --region us-gov-east-1 lambda get-layer-version-by-arn --arn arn:aws:lambda:us-gov-east-1:${{ secrets.AWS_ACCOUNT_ID }}:layer:${{ matrix.layer }}-${{ matrix.arch }}:${{ inputs.version }} --query 'Content.CodeSha256' --output text)
146+
REMOTE_SHA=$(aws --region us-gov-east-1 lambda get-layer-version-by-arn --arn arn:aws-us-gov:lambda:us-gov-east-1:${{ secrets.AWS_ACCOUNT_ID }}:layer:${{ matrix.layer }}-${{ matrix.arch }}:${{ env.LAYER_VERSION }} --query 'Content.CodeSha256' --output text)
141147
SHA=$(jq -r '.Content.CodeSha256' ${{ matrix.layer }}_${{ matrix.arch }}.json)
142-
test $($REMOTE_SHA == $SHA && echo "SHA OK: ${SHA}" || exit 1
148+
test $REMOTE_SHA == $SHA && echo "SHA OK: ${SHA}" || exit 1
143149
144150
copy_west:
145151
name: Copy (West)
@@ -181,23 +187,30 @@ jobs:
181187
aws-region: us-gov-west-1
182188
mask-aws-account-id: true
183189
- name: Create Layer
190+
id: create-layer
184191
run: |
185-
aws --region us-gov-west-1 lambda publish-layer-version \
192+
LAYER_VERSION=$(aws --region us-gov-west-1 lambda publish-layer-version \
186193
--layer-name ${{ matrix.layer }}-${{ matrix.arch }} \
187194
--zip-file fileb://./${{ matrix.layer }}_${{ matrix.arch }}.zip \
188195
--compatible-runtimes $(jq -r ".CompatibleRuntimes[0]" ${{ matrix.layer }}_${{ matrix.arch }}.json) \
189196
--compatible-architectures $(jq -r ".CompatibleArchitectures[0]" ${{ matrix.layer }}_${{ matrix.arch }}.json) \
190197
--license-info "MIT-0" \
191198
--description "$(jq -r '.Description' ${{ matrix.layer }}_${{ matrix.arch }}.json)" \
192-
--query 'Version' | \
193-
xargs aws --region us-gov-west-1 lambda add-layer-version-permission \
194-
--layer-name ${{ matrix.layer }}-${{ matrix.arch }} \
195-
--statement-id 'PublicLayer' \
196-
--action lambda:GetLayerVersion \
197-
--principal '*' \
198-
--version-number
199+
--query 'Version' \
200+
--output text)
201+
202+
echo "LAYER_VERSION=$LAYER_VERSION" >> "$GITHUB_OUTPUT"
203+
204+
aws --region us-gov-west-1 lambda add-layer-version-permission \
205+
--layer-name ${{ matrix.layer }}-${{ matrix.arch }} \
206+
--statement-id 'PublicLayer' \
207+
--action lambda:GetLayerVersion \
208+
--principal '*' \
209+
--version-number $LAYER_VERSION
199210
- name: Verify Layer
211+
env:
212+
LAYER_VERSION: ${{ steps.create-layer.outputs.LAYER_VERSION }}
200213
run: |
201-
REMOTE_SHA=$(aws --region us-gov-west-1 lambda get-layer-version-by-arn --arn arn:aws:lambda:us-gov-west-1:${{ secrets.AWS_ACCOUNT_ID }}:layer:${{ matrix.layer }}-${{ matrix.arch }}:${{ inputs.version }} --query 'Content.CodeSha256' --output text)
214+
REMOTE_SHA=$(aws --region us-gov-west-1 lambda get-layer-version-by-arn --arn arn:aws-us-gov:lambda:us-gov-west-1:${{ secrets.AWS_ACCOUNT_ID }}:layer:${{ matrix.layer }}-${{ matrix.arch }}:${{ env.LAYER_VERSION }} --query 'Content.CodeSha256' --output text)
202215
SHA=$(jq -r '.Content.CodeSha256' ${{ matrix.layer }}_${{ matrix.arch }}.json)
203-
test $($REMOTE_SHA == $SHA && echo "SHA OK: ${SHA}" || exit 1
216+
test $REMOTE_SHA == $SHA && echo "SHA OK: ${SHA}" || exit 1

docs/utilities/data_masking.md

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -73,8 +73,6 @@ graph LR
7373

7474
### Install
7575

76-
!!! info "Our Lambda layer does not include the aws-encryption-sdk. Please install it as a dependency in your project to use this utility."
77-
7876
Add `aws-lambda-powertools[datamasking]` as a dependency in your preferred tool: _e.g._, _requirements.txt_, _pyproject.toml_. This will install the [AWS Encryption SDK](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/introduction.html){target="_blank"}.
7977

8078
<!-- markdownlint-disable MD013 -->

0 commit comments

Comments
 (0)