serverless-plugin-canary-deployments 正在参加 2021 年度 OSC 中国开源项目评选,请投票支持!
serverless-plugin-canary-deployments 在 2021 年度 OSC 中国开源项目评选 中已获得 {{ projectVoteCount }} 票,请投票支持!
2021 年度 OSC 中国开源项目评选 正在火热进行中,快来投票支持你喜欢的开源项目!
2021 年度 OSC 中国开源项目评选 >>> 中场回顾
serverless-plugin-canary-deployments 获得 2021 年度 OSC 中国开源项目评选「最佳人气项目」 !
授权协议 ISC License
开发语言 JavaScript
操作系统 跨平台
软件类型 开源软件
所属分类 云计算Serverless 系统
开源组织
地区 不详
投 递 者 首席测试
适用人群 未知
收录时间 2021-12-02

软件简介

npm version

Serverless Plugin Canary Deployments

A Serverless plugin to implement canary deployments of Lambda functions, making use of the traffic shifting feature in combination with AWS CodeDeploy

Contents

Installation

npm i --save-dev serverless-plugin-canary-deployments

Usage

To enable gradual deployments for Lambda functions, your serverless.yml should look like this:

service: canary-deployments
provider:
  name: aws
  runtime: nodejs6.10
  iamRoleStatements:
    - Effect: Allow
      Action:
        - codedeploy:*
      Resource:
        - "*"

plugins:
  - serverless-plugin-canary-deployments

functions:
  hello:
    handler: handler.hello
    events:
      - http: GET hello
    deploymentSettings:
      type: Linear10PercentEvery1Minute
      alias: Live
      preTrafficHook: preHook
      postTrafficHook: postHook
      alarms:
        - FooAlarm          # When a string is provided, it expects the alarm Logical ID
        - name: BarAlarm    # When an object is provided, it expects the alarm name in the name property

  preHook:
    handler: hooks.pre
  postHook:
    handler: hooks.post

You can see a working example in the example folder.

Configuration

  • type: (required) defines how the traffic will be shifted between Lambda function versions. It must be one of the following:
    • Canary10Percent5Minutes: shifts 10 percent of traffic in the first increment. The remaining 90 percent is deployed five minutes later.
    • Canary10Percent10Minutes: shifts 10 percent of traffic in the first increment. The remaining 90 percent is deployed 10 minutes later.
    • Canary10Percent15Minutes: shifts 10 percent of traffic in the first increment. The remaining 90 percent is deployed 15 minutes later.
    • Canary10Percent30Minutes: shifts 10 percent of traffic in the first increment. The remaining 90 percent is deployed 30 minutes later.
    • Linear10PercentEvery1Minute: shifts 10 percent of traffic every minute until all traffic is shifted.
    • Linear10PercentEvery2Minutes: shifts 10 percent of traffic every two minutes until all traffic is shifted.
    • Linear10PercentEvery3Minutes: shifts 10 percent of traffic every three minutes until all traffic is shifted.
    • Linear10PercentEvery10Minutes: shifts 10 percent of traffic every 10 minutes until all traffic is shifted.
    • AllAtOnce: shifts all the traffic to the new version, useful when you only need to execute the validation hooks.
  • alias: (required) name that will be used to create the Lambda function alias.
  • preTrafficHook: (optional) validation Lambda function that runs before traffic shifting. It must use the CodeDeploy SDK to notify about this step's success or failure (more info here).
  • postTrafficHook: (optional) validation Lambda function that runs after traffic shifting. It must use the CodeDeploy SDK to notify about this step's success or failure (more info here)
  • alarms: (optional) list of CloudWatch alarms. If any of them is triggered during the deployment, the associated Lambda function will automatically roll back to the previous version.
  • triggerConfigurations: (optional) list of CodeDeploy Triggers. See more details in the CodeDeploy TriggerConfiguration Documentation, or this CodeDeploy notifications guide for example uses

Default configurations

You can set default values for all functions in a top-level custom deploymentSettings section. E.g.:

custom:
  deploymentSettings:
    codeDeployRole: some_arn_value
    codeDeployRolePermissionsBoundary: some_arn_value
    stages:
      - dev
      - prod

functions:
  ...

Some values are only available as top-level configurations. They are:

  • codeDeployRole: (optional) an ARN specifying an existing IAM role for CodeDeploy. If absent, one will be created for you. See the codeDeploy policy for an example of what is needed.
  • codeDeployRolePermissionsBoundary: (optional) an ARN specifying an existing IAM permissions boundary, this permission boundary is set on the code deploy that is being created when codeDeployRole is not defined.
  • stages: (optional) list of stages where you want to deploy your functions gradually. If not present, it assumes that are all of them.

How it works

The plugin relies on the AWS Lambda traffic shifting feature to balance traffic between versions and AWS CodeDeploy to automatically update its weight. It modifies the CloudFormation template generated by Serverless, so that:

  1. It creates a Lambda function Alias for each function with deployment settings.
  2. It creates a CodeDeploy Application and adds a CodeDeploy DeploymentGroup per Lambda function, according to the specified settings.
  3. It modifies events that trigger Lambda functions, so that they invoke the newly created alias.

Limitations

For now, the plugin only works with Lambda functions invoked by

  • API Gateway
  • Stream based (such as the triggered by Kinesis, DynamoDB Streams or SQS)
  • SNS based events
  • S3 events
  • CloudWatch Scheduled events
  • CloudWatch Logs
  • IoT rules

More events will be added soon.

License

ISC © David García

展开阅读全文

代码

评论

点击引领话题📣
暂无内容
发表了博客
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
发表了问答
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
pathval 输入验证错误漏洞
原型污染
pathval是Chai.js团队的一个用于基于 String 字符串来检索和设置对象的 Npm 代码库 pathval 1.1.1之前版本存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。
CVE-2020-7751 MPS-2020-15246
2022-08-08 19:28
Axios 拒绝服务 漏洞
拒绝服务
Axios 是一个基于promise 网络请求库。 漏洞版本的axios 容易受到低效正则表达式复杂性的影响,从而引发拒绝服务 (ReDoS) 的攻击。
CVE-2021-3749 MPS-2021-30688
2022-08-08 19:28
Async 安全漏洞
原型污染
Async是英国Caolan McMahon个人开发者的一个实用模块。用于使用异步 JavaScript。 Async 3.2.1 及之前版本存在安全漏洞,该漏洞源于 mapValues() 方法。攻击者可通过 mapValues() 方法获取权限。
CVE-2021-43138 MPS-2021-34434
2022-08-08 19:28
Moment.js 正则拒绝服务漏洞
拒绝服务
Moment.js 是一个 JavaScript 日期库。用于解析、验证、操作和格式化日期。 Moment.js 在处理嵌套 rfc2822 注释内容时正则表达式执行时间不断的指数增大,导致服务不可用。 攻击者可利用该漏洞使目标服务停止响应甚至崩溃。
CVE-2022-31129 MPS-2022-11159
2022-08-08 19:28
adm-zip 存在路径遍历漏洞
路径遍历
adm-zip 是用于 NodeJS 的 zip 数据压缩的 JavaScript 实现。此软件包的受影响版本容易受到目录遍历的影响。
MPS-2022-13529
2022-08-08 19:28
follow-redirects project信息暴露漏洞
信息暴露
Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.
CVE-2022-0536 MPS-2022-3636
2022-08-08 19:28
nanoid安全漏洞
不正确的类型转换
nanoid是用于 JavaScript 的小型、安全、URL 友好、唯一的字符串 ID 生成器。 nanoid安全中存在漏洞,该漏洞源于nanoid 容易通过 valueOf() 函数受到信息暴露的影响,该函数允许重现最后生成的 id。
CVE-2021-23566 MPS-2021-19605
2022-08-08 19:28
Follow Redirects 安全漏洞
侵犯隐私
Follow Redirects是一个自动遵循 Http(s) 重定向的 Node.js 模块。 Follow Redirects 存在安全漏洞,该漏洞源于follow-redirects容易暴露私人个人信息给未经授权的参与者。
CVE-2022-0155 MPS-2022-0815
2022-08-08 19:28
flat 存在拒绝服务漏洞
拒绝服务
flat 是一个使用嵌套的 Javascript 对象并将其展平,或使用分隔键取消展平对象此包的受影响版本容易受到原型污染。
MPS-2022-13681
2022-08-08 19:28
ramda 存在拒绝服务漏洞
拒绝服务
此软件包的受影响版本容易受到源/修剪中的正则表达式拒绝服务 (ReDoS) 的攻击。
MPS-2022-13991
2022-08-08 19:28
Moment.js 路径遍历漏洞
路径遍历
Moment.js 是一个 JavaScript 日期库。用于解析、验证、操作和格式化日期。 Moment.js 的 npm 版本中处理目录遍历序列时对于输入验证不严格导致可以构造特制的 HTTP 请求读取系统上的任意文件。 攻击者可利用该漏洞访问系统敏感文件。
CVE-2022-24785 MPS-2022-3752
2022-08-08 19:28
simple-git-hooks存在未明漏洞
命令注入
simple-git-hooks是一个应用软件。一个简单的git钩子经理小型项目。simple-git-hooks 3.5.0之前版本存在安全漏洞,攻击者利用该漏洞进行命令注入。
CVE-2022-24066 MPS-2022-5073
2022-08-08 19:28
没有更多内容
加载失败,请刷新页面
点击加载更多
加载中
下一页
0 评论
0 收藏
分享
OSCHINA
登录后可查看更多优质内容
返回顶部
顶部