Search code examples
amazon-web-servicesdockeraws-lambdaaws-samaws-sam-cli

Deploying sam template of a lambda with docker image- raises exception

Description: I'm trying to create a lambda from a docker image I have created a docker file and successfully made sam build, and sam package. Now I'm getting instructions to run sam deploy with the output template file, but getting an error when doing so:

2022-07-28 18:32:07,862 | HTTPSConnectionPool(host='aws-serverless-tools-telemetry.us-west-2.amazonaws.com', port=443): Read timed out. (read timeout=0.1) Error: Failed to create changeset for the stack: athena-schedule-builder2, ex: Waiter ChangeSetCreateComplete failed: Waiter encountered a terminal failure state: For expression "Status" we matched expected path: "FAILED" Status: FAILED. Reason: Transform AWS::Serverless-2016-10-31 failed with: Invalid Serverless Application Specification document. Number of errors found: 1. Resource with id [TestUpdateSchedule] is invalid. Runtime, Handler, Layers cannot be present when PackageType is of type Image

Steps to reproduce: I use the following template, which has only one problematic resource. If I remove the resource with the problem, the deploy will succeed.

athena-schedule-builder-packaged-template.yml (just the failed resource) :

Resources:
  TestUpdateSchedule:
    Type: AWS::Serverless::Function
    Properties:
      PackageType: Image
      ImageUri: 153975004783.dkr.ecr.us-east-1.amazonaws.com/athena-schedule-builder:testupdateschedule-9957142c3297-latest
      MemorySize: 384
      Handler: redox_etls.test.test.lambda_handler
      Runtime: python3.8
      Role:
        Fn::GetAtt:
        - ETLLambdasRole
        - Arn
      VpcConfig:
        SecurityGroupIds:
        - sg-091aab03629326710
        SubnetIds:
        - subnet-0cad98dc984619df4
      Events:
        ScheduleNew:
          Type: SNS
          Properties:
            Topic: arn:aws:sns:us-east-1:153975004783:redox-events-production
      DeadLetterQueue:
        TargetArn:
          Fn::GetAtt:
          - ScheduleBuilderDLQ
          - Arn
        Type: SQS
    Parameters:
      GithubToken:
        Type: String
    Metadata:
      DockerBuildArgs:
        GITHUB_TOKEN: GithubToken
      DockerContext: /.
      DockerTag: testupdateschedule-9957142c3297-latest
      Dockerfile: Dockerfile
      SamResourceId: TestUpdateSchedule

just to run the following:

sam deploy --template-file /Users/lev.levin/emr-data-insertion/athena-schedule-builder-packaged-template.yml --stack-name athena-schedule-builder2 --image-repository 153975004783.dkr.ecr.us-east-1.amazonaws.com/athena-schedule-builder --region us-east-1 --s3-bucket summary-lambdas-artifacts --confirm-changeset --capabilities CAPABILITY_NAMED_IAM --debug

Observed result:

2022-07-28 18:38:05,626 | Telemetry endpoint configured to be https://aws-serverless-tools-telemetry.us-west-2.amazonaws.com/metrics
2022-07-28 18:38:05,626 | Using config file: samconfig.toml, config environment: default
2022-07-28 18:38:05,626 | Expand command line arguments to:
2022-07-28 18:38:05,626 | --template_file=/Users/lev.levin/emr-data-insertion/athena-schedule-builder-packaged-template.yml --stack_name=athena-schedule-builder2 --image_repository=153975004783.dkr.ecr.us-east-1.amazonaws.com/athena-schedule-builder --s3_bucket=summary-lambdas-artifacts --confirm_changeset --capabilities=('CAPABILITY_NAMED_IAM',) --fail_on_empty_changeset --s3_prefix=athena-schedule-builder
2022-07-28 18:38:05,756 | No Parameters detected in the template
2022-07-28 18:38:05,767 | Sam customer defined id is more priority than other IDs. Customer defined id for resource TestUpdateSchedule is TestUpdateSchedule
2022-07-28 18:38:05,767 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateSchedule is UpdateSchedule
2022-07-28 18:38:05,767 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateCeqCache is UpdateCeqCache
2022-07-28 18:38:05,767 | Sam customer defined id is more priority than other IDs. Customer defined id for resource DailyCoverageReport is DailyCoverageReport
2022-07-28 18:38:05,767 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQueryDLQ is ETLCeQPatientsToQueryDLQ
2022-07-28 18:38:05,767 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQuery is ETLCeQPatientsToQuery
2022-07-28 18:38:05,767 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ScheduleBuilderDLQ is ScheduleBuilderDLQ
2022-07-28 18:38:05,767 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLLambdasRole is ETLLambdasRole
2022-07-28 18:38:05,768 | 0 stacks found in the template
2022-07-28 18:38:06,132 | Sam customer defined id is more priority than other IDs. Customer defined id for resource TestUpdateSchedule is TestUpdateSchedule
2022-07-28 18:38:06,132 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateSchedule is UpdateSchedule
2022-07-28 18:38:06,132 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateCeqCache is UpdateCeqCache
2022-07-28 18:38:06,132 | Sam customer defined id is more priority than other IDs. Customer defined id for resource DailyCoverageReport is DailyCoverageReport
2022-07-28 18:38:06,132 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQueryDLQ is ETLCeQPatientsToQueryDLQ
2022-07-28 18:38:06,132 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQuery is ETLCeQPatientsToQuery
2022-07-28 18:38:06,132 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ScheduleBuilderDLQ is ScheduleBuilderDLQ
2022-07-28 18:38:06,132 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLLambdasRole is ETLLambdasRole
2022-07-28 18:38:06,133 | Sam customer defined id is more priority than other IDs. Customer defined id for resource TestUpdateSchedule is TestUpdateSchedule
2022-07-28 18:38:06,133 | Property ImageUri of TestUpdateSchedule is already an ECR URL
2022-07-28 18:38:06,133 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateSchedule is UpdateSchedule
2022-07-28 18:38:06,133 | Property CodeUri of UpdateSchedule is already a S3 URL
2022-07-28 18:38:06,133 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateCeqCache is UpdateCeqCache
2022-07-28 18:38:06,133 | Property CodeUri of UpdateCeqCache is already a S3 URL
2022-07-28 18:38:06,133 | Sam customer defined id is more priority than other IDs. Customer defined id for resource DailyCoverageReport is DailyCoverageReport
2022-07-28 18:38:06,133 | Property CodeUri of DailyCoverageReport is already a S3 URL
2022-07-28 18:38:06,133 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQueryDLQ is ETLCeQPatientsToQueryDLQ
2022-07-28 18:38:06,133 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQuery is ETLCeQPatientsToQuery
2022-07-28 18:38:06,133 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ScheduleBuilderDLQ is ScheduleBuilderDLQ
2022-07-28 18:38:06,133 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLLambdasRole is ETLLambdasRole

    Deploying with following values
    ===============================
    Stack name                   : athena-schedule-builder2
    Region                       : us-east-1
    Confirm changeset            : True
    Disable rollback             : False
    Deployment image repository  : 
                                   153975004783.dkr.ecr.us-east-1.amazonaws.com/athena-schedule-builder
    Deployment s3 bucket         : summary-lambdas-artifacts
    Capabilities                 : ["CAPABILITY_NAMED_IAM"]
    Parameter overrides          : {}
    Signing Profiles             : {}
Initiating deployment
=====================
2022-07-28 18:38:06,357 | No Parameters detected in the template
2022-07-28 18:38:06,365 | Sam customer defined id is more priority than other IDs. Customer defined id for resource TestUpdateSchedule is TestUpdateSchedule
2022-07-28 18:38:06,365 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateSchedule is UpdateSchedule
2022-07-28 18:38:06,365 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateCeqCache is UpdateCeqCache
2022-07-28 18:38:06,365 | Sam customer defined id is more priority than other IDs. Customer defined id for resource DailyCoverageReport is DailyCoverageReport
2022-07-28 18:38:06,365 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQueryDLQ is ETLCeQPatientsToQueryDLQ
2022-07-28 18:38:06,365 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQuery is ETLCeQPatientsToQuery
2022-07-28 18:38:06,365 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ScheduleBuilderDLQ is ScheduleBuilderDLQ
2022-07-28 18:38:06,365 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLLambdasRole is ETLLambdasRole
2022-07-28 18:38:06,366 | 0 stacks found in the template
2022-07-28 18:38:06,366 | No Parameters detected in the template
2022-07-28 18:38:06,374 | Sam customer defined id is more priority than other IDs. Customer defined id for resource TestUpdateSchedule is TestUpdateSchedule
2022-07-28 18:38:06,374 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateSchedule is UpdateSchedule
2022-07-28 18:38:06,374 | Sam customer defined id is more priority than other IDs. Customer defined id for resource UpdateCeqCache is UpdateCeqCache
2022-07-28 18:38:06,374 | Sam customer defined id is more priority than other IDs. Customer defined id for resource DailyCoverageReport is DailyCoverageReport
2022-07-28 18:38:06,374 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQueryDLQ is ETLCeQPatientsToQueryDLQ
2022-07-28 18:38:06,374 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLCeQPatientsToQuery is ETLCeQPatientsToQuery
2022-07-28 18:38:06,374 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ScheduleBuilderDLQ is ScheduleBuilderDLQ
2022-07-28 18:38:06,374 | Sam customer defined id is more priority than other IDs. Customer defined id for resource ETLLambdasRole is ETLLambdasRole
2022-07-28 18:38:06,375 | 8 resources found in the stack
2022-07-28 18:38:06,375 | Found Serverless function with name='TestUpdateSchedule' and ImageUri='153975004783.dkr.ecr.us-east-1.amazonaws.com/athena-schedule-builder:testupdateschedule-9957142c3297-latest'
2022-07-28 18:38:06,375 | --base-dir is not presented, adjusting uri /. relative to /var/folders/mz/6vr2tg_95p5b101hqn5wly380000gn/T/tmp84b9ezc7
2022-07-28 18:38:06,375 | --base-dir is not presented, adjusting uri . relative to /var/folders/mz/6vr2tg_95p5b101hqn5wly380000gn/T/tmp84b9ezc7
2022-07-28 18:38:08,032 | File with same data already exists at athena-schedule-builder/7d5c7b224680899aeefb70b88aec2152.template, skipping upload

Waiting for changeset to be created..
2022-07-28 18:38:13,902 | Sending Telemetry: {'metrics': [{'commandRun': {'requestId': '1112e03a-a7b7-4060-ab46-12f52868b1cf', 'installationId': 'c14e9aeb-ae9c-47b2-804c-9834c5c17ccd', 'sessionId': 'e557040c-f2ee-494b-94d1-30aaa33b52d6', 'executionEnvironment': 'CLI', 'ci': False, 'pyversion': '3.8.9', 'samcliVersion': '1.53.0', 'awsProfileProvided': True, 'debugFlagProvided': True, 'region': 'us-east-1', 'commandName': 'sam deploy', 'metricSpecificAttributes': {'projectType': 'CFN'}, 'duration': 8275, 'exitReason': 'ChangeSetError', 'exitCode': 1}}]}
2022-07-28 18:38:14,836 | HTTPSConnectionPool(host='aws-serverless-tools-telemetry.us-west-2.amazonaws.com', port=443): Read timed out. (read timeout=0.1)
Error: Failed to create changeset for the stack: athena-schedule-builder2, ex: Waiter ChangeSetCreateComplete failed: Waiter encountered a terminal failure state: For expression "Status" we matched expected path: "FAILED" Status: FAILED. Reason: Transform AWS::Serverless-2016-10-31 failed with: Invalid Serverless Application Specification document. Number of errors found: 1. Resource with id [TestUpdateSchedule] is invalid. Runtime, Handler, Layers cannot be present when PackageType is of type `Image`

Expected result: I can't find anything wrong with the packaged template, so I would expect it to deploy successfully

Additional environment details: OS: MacOs Monterey 12.4 (with Apple Mi Pro chip) sam --version: 1.53.0

Solution

  • When using the ImageUri, can't have the Handler, Runtime, or Layers in the template.

    Remove these two 👇 from your template

    Handler: redox_etls.test.test.lambda_handler
Runtime: python3.8

    Error message with relative details

    Resource with id [TestUpdateSchedule] is invalid. Runtime, Handler, Layers cannot be present when PackageType is of type `Image`