add codecommit -> ddb lambda function
This commit is contained in:
parent
811730b737
commit
e63f3617b0
74
trigger/authorized_keys.py
Normal file
74
trigger/authorized_keys.py
Normal file
|
@ -0,0 +1,74 @@
|
|||
import json
|
||||
import boto3
|
||||
|
||||
ddb = boto3.client('dynamodb')
|
||||
codecommit = boto3.client('codecommit')
|
||||
targetarn = 'arn:aws:codecommit:us-west-2:932028523435:authorized_keys'
|
||||
|
||||
|
||||
def lambda_handler(event, context):
|
||||
# {
|
||||
# "Records": [
|
||||
# {
|
||||
# "awsRegion": "us-west-2",
|
||||
# "codecommit": {
|
||||
# "references": [
|
||||
# {
|
||||
# "commit": "5c4ef1049f1d27deadbeeff313e0730018be182b",
|
||||
# "ref": "refs/heads/master"
|
||||
# }
|
||||
# ]
|
||||
# },
|
||||
# "customData": "this is custom data",
|
||||
# "eventId": "5a824061-17ca-46a9-bbf9-114edeadbeef",
|
||||
# "eventName": "TriggerEventTest",
|
||||
# "eventPartNumber": 1,
|
||||
# "eventSource": "aws:codecommit",
|
||||
# "eventSourceARN": "arn:aws:codecommit:us-west-2:123456789012:repo",
|
||||
# "eventTime": "2016-01-01T23:59:59.000+0000",
|
||||
# "eventTotalParts": 1,
|
||||
# "eventTriggerConfigId": "5a824061-17ca-46a9-bbf9-114edeadbeef",
|
||||
# "eventTriggerName": "my-trigger",
|
||||
# "eventVersion": "1.0",
|
||||
# "userIdentityARN": "arn:aws:iam::123456789012:root"
|
||||
# }
|
||||
# ]
|
||||
# }
|
||||
print(json.dumps(event))
|
||||
records = event["Records"]
|
||||
if records is None or len(records) == 0:
|
||||
raise RuntimeError('No records property in event')
|
||||
print(records)
|
||||
for record in records:
|
||||
repoArn = record['eventSourceARN']
|
||||
if repoArn is None:
|
||||
print('no eventSourceARN on record')
|
||||
continue
|
||||
print('Record from ARN' + repoArn)
|
||||
if repoArn != targetarn:
|
||||
print('Not target ARN. Continuting')
|
||||
continue
|
||||
resp = codecommit.get_file(repositoryName='authorized_keys',
|
||||
filePath='authorized_keys')
|
||||
data = resp['fileContent'].decode("utf-8")
|
||||
ddbitem = ddb.scan(TableName='key') # ddbitem['Items']...
|
||||
found = False
|
||||
for item in ddbitem['Items']: # should be only one anyway - whatever
|
||||
if item['key']['S'] == data:
|
||||
found = True
|
||||
break
|
||||
if found:
|
||||
print('no change to keys. continuing')
|
||||
continue
|
||||
# Something's changed - let's make the update in DDB
|
||||
ddb.put_item(TableName='key', Item={'key': {'S': data}})
|
||||
for item in ddbitem['Items']: # should be only one anyway - whatever
|
||||
print('deleting old item')
|
||||
ddb.delete_item(TableName='key', Key=item)
|
||||
|
||||
print('All records processed')
|
||||
|
||||
return {
|
||||
'statusCode': 200,
|
||||
'body': json.dumps('Processing complete')
|
||||
}
|
Loading…
Reference in New Issue
Block a user