fix: trigger cold start dispatcher after update SSM paramates

npalm · npalm · commit 2be7ab3702e7 · 2024-11-07T18:00:39.000+01:00
diff --git a/modules/webhook/eventbridge/dispatcher.tf b/modules/webhook/eventbridge/dispatcher.tf
@@ -12,14 +12,12 @@ resource "aws_cloudwatch_event_rule" "workflow_job" {
 EOF
 }
 
-
-resource "aws_cloudwatch_event_target" "github_welcome" {
+resource "aws_cloudwatch_event_target" "dispatcher" {
   arn            = aws_lambda_function.dispatcher.arn
   rule           = aws_cloudwatch_event_rule.workflow_job.name
   event_bus_name = aws_cloudwatch_event_bus.main.name
 }
 
-
 resource "aws_lambda_function" "dispatcher" {
   s3_bucket         = var.config.lambda_s3_bucket != null ? var.config.lambda_s3_bucket : null
   s3_key            = var.config.lambda_s3_key != null ? var.config.lambda_s3_key : null
@@ -45,6 +43,7 @@ resource "aws_lambda_function" "dispatcher" {
         POWERTOOLS_TRACER_CAPTURE_ERROR          = var.config.tracing_config.capture_error
         # Parameters required for lambda configuration
         PARAMETER_RUNNER_MATCHER_CONFIG_PATH = var.config.ssm_parameter_runner_matcher_config.name
+        PARAMETER_RUNNER_MATCHER_VERSION     = var.config.ssm_parameter_runner_matcher_config.version # enforce cold start after Changes in SSM parameter
         REPOSITORY_ALLOW_LIST                = jsonencode(var.config.repository_white_list)
         SQS_WORKFLOW_JOB_QUEUE               = try(var.config.sqs_workflow_job_queue.id, null)
       } : k => v if v != null
@@ -67,10 +66,6 @@ resource "aws_lambda_function" "dispatcher" {
       mode = var.config.tracing_config.mode
     }
   }
-
-  lifecycle {
-    replace_triggered_by = [null_resource.ssm_parameter_runner_matcher_config, null_resource.github_app_parameters]
-  }
 }
 
 resource "aws_cloudwatch_log_group" "dispatcher" {
diff --git a/modules/webhook/eventbridge/main.tf b/modules/webhook/eventbridge/main.tf
@@ -13,9 +13,3 @@ resource "aws_cloudwatch_event_archive" "main" {
   event_source_arn = aws_cloudwatch_event_bus.main.arn
   retention_days   = var.config.archive.retention_days
 }
-
-resource "null_resource" "ssm_parameter_runner_matcher_config" {
-  triggers = {
-    version = var.config.ssm_parameter_runner_matcher_config.version
-  }
-}
diff --git a/modules/webhook/eventbridge/webhook.tf b/modules/webhook/eventbridge/webhook.tf
@@ -1,3 +1,9 @@
+resource "null_resource" "github_app_parameters" {
+  triggers = {
+    github_app_webhook_secret_name = var.config.github_app_parameters.webhook_secret.name
+  }
+}
+
 resource "aws_lambda_function" "webhook" {
   s3_bucket         = var.config.lambda_s3_bucket != null ? var.config.lambda_s3_bucket : null
   s3_key            = var.config.lambda_s3_key != null ? var.config.lambda_s3_key : null
@@ -48,7 +54,7 @@ resource "aws_lambda_function" "webhook" {
   }
 
   lifecycle {
-    replace_triggered_by = [null_resource.ssm_parameter_runner_matcher_config, null_resource.github_app_parameters]
+    replace_triggered_by = [null_resource.github_app_parameters]
   }
 }
 
@@ -65,14 +71,9 @@ resource "aws_lambda_permission" "webhook" {
   function_name = aws_lambda_function.webhook.function_name
   principal     = "apigateway.amazonaws.com"
   source_arn    = var.config.api_gw_source_arn
-  lifecycle {
-    replace_triggered_by = [null_resource.ssm_parameter_runner_matcher_config, null_resource.github_app_parameters]
-  }
-}
 
-resource "null_resource" "github_app_parameters" {
-  triggers = {
-    github_app_webhook_secret = var.config.github_app_parameters.webhook_secret.name
+  lifecycle {
+    replace_triggered_by = [null_resource.github_app_parameters]
   }
 }
 
