问题
I try to deploy my lambda function to AWS using serverless. Everything works fine but the function cannot be executed because two files are not found (thats what fs.readFileSync says). I include them with the following lines in the serverless.yml:
provider:
name: aws
runtime: nodejs10.x
stage: dev
region: eu-central-1
package:
exclude:
- .env
include:
- src/config/push-cert.pem
- src/config/push-key.pemWhen I look in the .zip file which is uploaded to S3, both .pem files are not included. I already tried using __dirname to get the complete file path on the lambda function.
My webpack.config.js looks as following:
const path = require("path");
const nodeExternals = require("webpack-node-externals");
const slsw = require("serverless-webpack");
module.exports = {
entry: slsw.lib.entries,
target: "node",
node: {
__dirname: true
},
mode: slsw.lib.webpack.isLocal?"development":"production",
externals: [nodeExternals()],
output: {
libraryTarget: "commonjs",
// pay attention to this
path: path.join(__dirname, ".webpack"),
filename: "[name].js"
},
module: {
rules: [
{
test: /\.js$/,
use: [
{
loader: "babel-loader",
options: {
// ... and this
presets: [["@babel/env", {targets: {node: "8.10"}}]],
plugins: [
"@babel/plugin-proposal-object-rest-spread"
]
}
}
]
},
{
test: /\.(graphql|gql)$/,
exclude: /node_modules/,
loader: "graphql-tag/loader"
}
]
}
};Can someone of you help?
Cheers!
回答1:
Since serverless-webpack does the packing for you and not the serverless framework, you'll need to use a Webpack plugin:
const path = require("path");
const nodeExternals = require("webpack-node-externals");
const slsw = require("serverless-webpack");
const CopyPlugin = require('copy-webpack-plugin');
module.exports = {
entry: slsw.lib.entries,
target: "node",
node: {
__dirname: true
},
mode: slsw.lib.webpack.isLocal?"development":"production",
externals: [nodeExternals()],
plugins: [
new CopyPlugin([
{ from: 'src/config/push-cert.pem', to: 'push-cert.pem' },
{ from: 'src/config/push-key.pem', to: 'push-key.pem' },
]),
],
output: {
libraryTarget: "commonjs",
// pay attention to this
path: path.join(__dirname, ".webpack"),
filename: "[name].js"
},
module: {
rules: [
{
test: /\.js$/,
use: [
{
loader: "babel-loader",
options: {
// ... and this
presets: [["@babel/env", {targets: {node: "8.10"}}]],
plugins: [
"@babel/plugin-proposal-object-rest-spread"
]
}
}
]
},
{
test: /\.(graphql|gql)$/,
exclude: /node_modules/,
loader: "graphql-tag/loader"
}
]
}
};
As mentioned by @hephalump it is better to use AWS Secrets Manager (or Parameter Store/Environment variables).
回答2:
Although you can definitely include your certificate files as part of your deployment package, and without more info I’m not certain why they’re not being included, a more secure method would be to store your certificate/key in AWS Secrets Manager, and then access that secret in your Lambda.
You can learn more about AWS Secrets Manager here, and there is a tutorial to store and retrieve a secret here.
来源:https://stackoverflow.com/questions/57580631/serverlesswebpack-include-pem-files-in-zip