Skip to content

Commit 9b1c325

Browse files
pglombardopglombardo
authored
AWS Lambda: Add SSL validation option (#221)
* Lambda: Add SSL validation option * CLI Arguments for build script * Update env var name
1 parent 0ead503 commit 9b1c325

File tree

2 files changed

+30
-16
lines changed

2 files changed

+30
-16
lines changed

bin/lambda_build_publish_layer.py

Lines changed: 23 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,19 @@
11
#!/usr/bin/env python
22

33
import os
4+
import sys
45
import json
56
import shutil
67
import time
78
import distutils.spawn
89
from subprocess import call, check_output
910

11+
# Either -dev or -prod must be specified (and nothing else)
12+
if len(sys.argv) != 2 or (('-dev' not in sys.argv) and ('-prod' not in sys.argv)):
13+
raise ValueError('Please specify -dev or -prod to indicate which type of layer to build.')
14+
15+
dev_mode = '-dev' in sys.argv
16+
1017
# Disable aws CLI pagination
1118
os.environ["AWS_PAGER"] = ""
1219

@@ -57,14 +64,14 @@
5764
aws_zip_filename = "fileb://%s" % fq_zip_filename
5865
print("Zipfile should be at: ", fq_zip_filename)
5966

60-
regions = ['ap-northeast-1', 'ap-northeast-2', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1',
61-
'eu-central-1', 'eu-north-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-east-1',
62-
'us-east-2', 'us-west-1', 'us-west-2']
63-
64-
# regions = ['us-west-1']
65-
66-
# LAYER_NAME = "instana-py-test"
67-
LAYER_NAME = "instana-python"
67+
if dev_mode:
68+
regions = ['us-west-1']
69+
LAYER_NAME = "instana-py-dev"
70+
else:
71+
regions = ['ap-northeast-1', 'ap-northeast-2', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1',
72+
'eu-central-1', 'eu-north-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-east-1',
73+
'us-east-2', 'us-west-1', 'us-west-2']
74+
LAYER_NAME = "instana-python"
6875

6976
published = dict()
7077

@@ -81,13 +88,14 @@
8188
version = json_data['Version']
8289
print("===> Uploaded version is %s" % version)
8390

84-
print("===> Making layer public...")
85-
response = check_output(["aws", "--region", region, "lambda", "add-layer-version-permission",
86-
"--layer-name", LAYER_NAME, "--version-number", str(version),
87-
"--statement-id", "public-permission-all-accounts",
88-
"--principal", "*",
89-
"--action", "lambda:GetLayerVersion",
90-
"--output", "text"])
91+
if dev_mode is False:
92+
print("===> Making layer public...")
93+
response = check_output(["aws", "--region", region, "lambda", "add-layer-version-permission",
94+
"--layer-name", LAYER_NAME, "--version-number", str(version),
95+
"--statement-id", "public-permission-all-accounts",
96+
"--principal", "*",
97+
"--action", "lambda:GetLayerVersion",
98+
"--output", "text"])
9199

92100
published[region] = json_data['LayerVersionArn']
93101

instana/agent.py

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -365,10 +365,16 @@ def report_data_payload(self, payload):
365365

366366
logger.debug("using these headers: %s" % self.report_headers)
367367

368+
if 'INSTANA_DISABLE_CA_CHECK' in os.environ:
369+
ssl_verify = False
370+
else:
371+
ssl_verify = True
372+
368373
response = self.client.post(self.__data_bundle_url(),
369374
data=to_json(payload),
370375
headers=self.report_headers,
371-
timeout=self.options.timeout)
376+
timeout=self.options.timeout,
377+
verify=ssl_verify)
372378

373379
logger.debug("report_data_payload: response.status_code is %s" % response.status_code)
374380
except (requests.ConnectTimeout, requests.ConnectionError):

0 commit comments

Comments
 (0)