Serverless+Webpack: include .pem files in ZIP

僤鯓⒐⒋嵵緔 提交于 2021-02-08 10:57:29

问题


I try to deploy my lambda function to AWS using serverless. Everything works fine but the function cannot be executed because two files are not found (thats what fs.readFileSync says). I include them with the following lines in the serverless.yml:

provider:
  name: aws
  runtime: nodejs10.x
  stage: dev
  region: eu-central-1

package:
  exclude:
    - .env
  include:
    - src/config/push-cert.pem
    - src/config/push-key.pem

When I look in the .zip file which is uploaded to S3, both .pem files are not included. I already tried using __dirname to get the complete file path on the lambda function. My webpack.config.js looks as following:

const path = require("path");
const nodeExternals = require("webpack-node-externals");
const slsw = require("serverless-webpack");
module.exports = {
    entry: slsw.lib.entries,
    target: "node",
    node: {
        __dirname: true
    },
    mode: slsw.lib.webpack.isLocal?"development":"production",
    externals: [nodeExternals()],
    output: {
        libraryTarget: "commonjs",
        // pay attention to this
        path: path.join(__dirname, ".webpack"),
        filename: "[name].js"
    },
    module: {
        rules: [
            {
                test: /\.js$/,
                use: [
                    {
                        loader: "babel-loader",
                        options: {
                            // ... and this
                            presets: [["@babel/env", {targets: {node: "8.10"}}]],
                            plugins: [
                                "@babel/plugin-proposal-object-rest-spread"
                            ]
                        }
                    }
                ]
            },
            {
                test: /\.(graphql|gql)$/,
                exclude: /node_modules/,
                loader: "graphql-tag/loader"
            }
        ]
    }
};

Can someone of you help?

Cheers!


回答1:


Since serverless-webpack does the packing for you and not the serverless framework, you'll need to use a Webpack plugin:

const path = require("path");
const nodeExternals = require("webpack-node-externals");
const slsw = require("serverless-webpack");
const CopyPlugin = require('copy-webpack-plugin');

module.exports = {
    entry: slsw.lib.entries,
    target: "node",
    node: {
        __dirname: true
    },
    mode: slsw.lib.webpack.isLocal?"development":"production",
    externals: [nodeExternals()],
    plugins: [
      new CopyPlugin([
        { from: 'src/config/push-cert.pem', to: 'push-cert.pem' },
        { from: 'src/config/push-key.pem', to: 'push-key.pem' },
      ]),
    ],
    output: {
        libraryTarget: "commonjs",
        // pay attention to this
        path: path.join(__dirname, ".webpack"),
        filename: "[name].js"
    },
    module: {
        rules: [
            {
                test: /\.js$/,
                use: [
                    {
                        loader: "babel-loader",
                        options: {
                            // ... and this
                            presets: [["@babel/env", {targets: {node: "8.10"}}]],
                            plugins: [
                                "@babel/plugin-proposal-object-rest-spread"
                            ]
                        }
                    }
                ]
            },
            {
                test: /\.(graphql|gql)$/,
                exclude: /node_modules/,
                loader: "graphql-tag/loader"
            }
        ]
    }
};


As mentioned by @hephalump it is better to use AWS Secrets Manager (or Parameter Store/Environment variables).




回答2:


Although you can definitely include your certificate files as part of your deployment package, and without more info I’m not certain why they’re not being included, a more secure method would be to store your certificate/key in AWS Secrets Manager, and then access that secret in your Lambda.

You can learn more about AWS Secrets Manager here, and there is a tutorial to store and retrieve a secret here.



来源:https://stackoverflow.com/questions/57580631/serverlesswebpack-include-pem-files-in-zip

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!