courajs/lambda-zig
1
0
Fork 0
forked from lobo/lambda-zig
Code Issues Pull requests Projects Releases Packages Wiki Activity

proper profile support

Browse source
This commit is contained in:
Emil Lerch 2026-02-02 16:19:29 -08:00
parent ca110ec58d
commit dbea9b6205
Signed by untrusted user: lobo
GPG key ID: A7B62D657EF764F8
3 changed files with 10 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
build.zig.zon
View file

@ -9,6 +9,10 @@
.lambda_build = .{
.path = "tools/build",
},
.aws = .{
.url = "git+https://git.lerch.org/lobo/aws-sdk-for-zig#686b18d1f4329e80cf6d9b916eaa0c231333edb9",
.hash = "aws-0.0.1-SbsFcAc3CgCdWfayHWFazNfJBxkzLyU2wOJSj7h4W17-",
},
},
// Specifies the set of files and directories that are included in this package.
// Only files and directories listed here are included in the `hash` that

5
tools/build/src/deploy.zig
View file

@ -212,9 +212,6 @@ fn deployFunction(deploy_opts: DeployOptions, options: RunOptions) !void {
return error.InvalidArchitecture;
}
// Note: Profile is expected to be set via AWS_PROFILE env var before invoking this tool
// (e.g., via aws-vault exec)
// Get or create IAM role if not provided
const role_arn = if (deploy_opts.role_arn) |r|
try options.allocator.dupe(u8, r)
@ -244,6 +241,7 @@ fn deployFunction(deploy_opts: DeployOptions, options: RunOptions) !void {
const aws_options = aws.Options{
.client = client,
.region = region,
.credential_options = .{ .profile = .{ .profile_name = options.profile } },
};
// Convert arch string to Lambda format
@ -279,6 +277,7 @@ fn deployFunction(deploy_opts: DeployOptions, options: RunOptions) !void {
.client = client,
.region = region,
.diagnostics = &create_diagnostics,
.credential_options = .{ .profile = .{ .profile_name = options.profile } },
};
const create_result = aws.Request(services.lambda.create_function).call(.{

12
tools/build/src/iam.zig
View file

@ -58,9 +58,6 @@ fn printHelp(writer: *std.Io.Writer) void {
/// Get or create an IAM role for Lambda execution
/// Returns the role ARN
pub fn getOrCreateRole(role_name: []const u8, options: RunOptions) ![]const u8 {
// Note: Profile is expected to be set via AWS_PROFILE env var before invoking this tool
// (e.g., via aws-vault exec)
var client = aws.Client.init(options.allocator, .{});
defer client.deinit();
@ -73,12 +70,10 @@ pub fn getOrCreateRole(role_name: []const u8, options: RunOptions) ![]const u8 {
.allocator = options.allocator,
};
const region = options.region orelse "us-east-1"; // IAM is global, but needs a region for signing
_ = region;
const aws_options = aws.Options{
.client = client,
.diagnostics = &diagnostics,
.credential_options = .{ .profile = .{ .profile_name = options.profile } },
};
const get_result = aws.Request(services.iam.get_role).call(.{
@ -87,7 +82,7 @@ pub fn getOrCreateRole(role_name: []const u8, options: RunOptions) ![]const u8 {
defer diagnostics.deinit();
if (diagnostics.http_code == 404) {
// Role doesn't exist, create it
return try createRole(options.allocator, role_name, client);
return try createRole(options.allocator, role_name, client, options.profile);
}
std.log.err("IAM GetRole failed: {} (HTTP {})", .{ err, diagnostics.http_code });
return error.IamGetRoleFailed;
@ -98,11 +93,12 @@ pub fn getOrCreateRole(role_name: []const u8, options: RunOptions) ![]const u8 {
return try options.allocator.dupe(u8, get_result.response.role.arn);
}
fn createRole(allocator: std.mem.Allocator, role_name: []const u8, client: aws.Client) ![]const u8 {
fn createRole(allocator: std.mem.Allocator, role_name: []const u8, client: aws.Client, profile: ?[]const u8) ![]const u8 {
const services = aws.Services(.{.iam}){};
const aws_options = aws.Options{
.client = client,
.credential_options = .{ .profile = .{ .profile_name = profile } },
};
const assume_role_policy =