From 551ff5e52c4bbf525c94d558198ac42025e5e93b Mon Sep 17 00:00:00 2001 From: chrispsheehan Date: Tue, 23 Sep 2025 15:46:30 +0100 Subject: [PATCH 1/4] feat: add lambda-prune script --- .github/workflows/deploy.yml | 9 +++++++++ justfile | 27 +++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2715ceb..54ae95a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -121,3 +121,12 @@ jobs: with: aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }} just_action: lambda-deploy + + - name: prune lambda + uses: chrispsheehan/just-aws-oidc-action@0.1.3 + env: + FUNCTION_NAME: ${{ steps.get-api-vars.outputs.lambda_function_name }} + ALIAS_NAME: ${{ steps.get-api-vars.outputs.lambda_alias_name }} + with: + aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }} + just_action: lambda-prune diff --git a/justfile b/justfile index 70e79c0..d6b0fd1 100644 --- a/justfile +++ b/justfile @@ -230,3 +230,30 @@ lambda-deploy: echo "❌ Deployment $DEPLOYMENT_ID did not complete within expected time." exit 1 + +lambda-prune: + #!/usr/bin/env bash + KEEP=3 + + live_version=$(aws lambda get-alias \ + --function-name "$FUNCTION_NAME" \ + --name "$ALIAS_NAME" \ + --region "$REGION" \ + | jq -r '.FunctionVersion') + + echo "Alias '$ALIAS_NAME' points to: ${live_version:-}" + + # All published versions (exclude $LATEST), newest first + versions=$(aws lambda list-versions-by-function \ + --function-name "$FUNCTION_NAME" \ + --region "$AWS_REGION" \ + | jq -r '.Versions[] | select(.Version != "$LATEST") | .Version' \ + | sort -nr) + + keep_newest=$(echo "$versions" | head -n "$KEEP") + keep_set=$(printf "%s\n%s\n" "$keep_newest" "$live_version" | sort -u) + to_delete=$(comm -23 <(echo "$versions" | sort -u) <(echo "$keep_set" | sort -u)) + + echo "Keeping: $(echo "$keep_set" | tr '\n' ' ')" + echo "Deleting: $(echo "$to_delete" | tr '\n' ' ')" + # aws lambda delete-function --function-name "$FUNCTION_NAME" --qualifier "$v" --region "$REGION" From 2c37819dd17298a7feedce4b9be3fc7cc843f240 Mon Sep 17 00:00:00 2001 From: chrispsheehan Date: Tue, 23 Sep 2025 15:53:58 +0100 Subject: [PATCH 2/4] fix: depends_on = [aws_lambda_alias.live] --- infra/modules/aws/lambda/main.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/infra/modules/aws/lambda/main.tf b/infra/modules/aws/lambda/main.tf index 75120a1..e9301a0 100644 --- a/infra/modules/aws/lambda/main.tf +++ b/infra/modules/aws/lambda/main.tf @@ -116,6 +116,8 @@ resource "aws_appautoscaling_target" "pc_target" { resource_id = "function:${local.lambda_name}:${var.environment}" scalable_dimension = "lambda:function:ProvisionedConcurrency" service_namespace = "lambda" + + depends_on = [aws_lambda_alias.live] } resource "aws_appautoscaling_policy" "pc_policy" { From 35aa3e2bd2d5447eb119ffe670f87b213152e416 Mon Sep 17 00:00:00 2001 From: chrispsheehan Date: Tue, 23 Sep 2025 16:21:47 +0100 Subject: [PATCH 3/4] feat: delete older x versions --- .github/workflows/deploy.yml | 1 + justfile | 18 ++++++++++-------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 54ae95a..038a59d 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -125,6 +125,7 @@ jobs: - name: prune lambda uses: chrispsheehan/just-aws-oidc-action@0.1.3 env: + KEEP: 5 FUNCTION_NAME: ${{ steps.get-api-vars.outputs.lambda_function_name }} ALIAS_NAME: ${{ steps.get-api-vars.outputs.lambda_alias_name }} with: diff --git a/justfile b/justfile index d6b0fd1..98b4407 100644 --- a/justfile +++ b/justfile @@ -233,17 +233,13 @@ lambda-deploy: lambda-prune: #!/usr/bin/env bash - KEEP=3 - live_version=$(aws lambda get-alias \ --function-name "$FUNCTION_NAME" \ --name "$ALIAS_NAME" \ - --region "$REGION" \ + --region "$AWS_REGION" \ | jq -r '.FunctionVersion') echo "Alias '$ALIAS_NAME' points to: ${live_version:-}" - - # All published versions (exclude $LATEST), newest first versions=$(aws lambda list-versions-by-function \ --function-name "$FUNCTION_NAME" \ --region "$AWS_REGION" \ @@ -254,6 +250,12 @@ lambda-prune: keep_set=$(printf "%s\n%s\n" "$keep_newest" "$live_version" | sort -u) to_delete=$(comm -23 <(echo "$versions" | sort -u) <(echo "$keep_set" | sort -u)) - echo "Keeping: $(echo "$keep_set" | tr '\n' ' ')" - echo "Deleting: $(echo "$to_delete" | tr '\n' ' ')" - # aws lambda delete-function --function-name "$FUNCTION_NAME" --qualifier "$v" --region "$REGION" + echo "Keeping version(s): $(echo "$keep_set" | tr '\n' ' ')" + if [[ -z "${to_delete// }" ]]; then + echo "Nothing to delete." + exit 0 + fi + for v in $to_delete; do + echo "Deleting $FUNCTION_NAME:$v" + aws lambda delete-function --function-name "$FUNCTION_NAME" --qualifier "$v" --region "$REGION" + done From de518eb9d6feb00a3e376a760c862b77c37d31ae Mon Sep 17 00:00:00 2001 From: chrispsheehan Date: Tue, 23 Sep 2025 16:23:16 +0100 Subject: [PATCH 4/4] chore: ci input lambda_keep --- .github/workflows/deploy.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 038a59d..e19afe2 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -17,6 +17,10 @@ on: description: "Valid lambda version" required: true type: string + lambda_keep: + description: "Number of lambda versions to keep" + default: '5' + type: string concurrency: # only run one instance of workflow at any one time @@ -125,7 +129,7 @@ jobs: - name: prune lambda uses: chrispsheehan/just-aws-oidc-action@0.1.3 env: - KEEP: 5 + KEEP: ${{ inputs.lambda_keep }} FUNCTION_NAME: ${{ steps.get-api-vars.outputs.lambda_function_name }} ALIAS_NAME: ${{ steps.get-api-vars.outputs.lambda_alias_name }} with: