CodeCommit Event

[mindrunner]

Description:

I am writing a lambda function which is supposed to be triggered by CodeCommit. However, I cannot figure out how to add the permissions for CodeCommit. If I configure it via GUI (screenshot), it works without a problem.

I saw, that there has been discussions about that.

#60
#920

I do not see a reason, why we should use workarounds like SNS (I haven't even seen a full example for this), if there is direct support for CodeCommit Events.

Observed result:

CodeCommit has no permission to invoke Lambda.

Expected result:

SAM accepts something like the following in template.yaml

Resources:
  CodePipelineTriggerFunction:
    Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
    Properties:
      CodeUri: src/
      Handler: app.lambda_handler
      Runtime: python3.7
      Tracing: "Active"
      Policies:
        - AWSCodePipelineFullAccess
      Events:
        CodeCommitTrigger:
          Type: CodeCommit
          Properties:
            RepositoryName: back-end
            TriggerName: back-end-trigger

[keetonian]

I found the docs that talk about adding a code commit trigger to lambda manually.

I think that the implementation would be similar to the Cloudwatch Log event, which can be found here: https://github.com/awslabs/serverless-application-model/blob/master/samtranslator/model/eventsources/cloudwatchlogs.py

[mindrunner]

Yeah, I added the thing manually for now. However, I actually only need that because of another weird restriction in AWS. I want to build/test every pushed branch in a repo with amazons integrated CI CodePipeline/CodeBuild. This seems impossible without adding additional functionality. (Which is super odd in my opinion.) Thus, I am registering a post push trigger which fires up a Lambda to create a pipeline on demand....

[sivarosh]

Hi @keetonian, can I work on implementing this feature?

[jlhood]

@sivarosh Absolutely! Looking forward to your PR. 😊

[eduardovra]

Hi @sivarosh, I would like to submit a PR on this issue. Please let me know if you're still working on it.
Thanks

[sivarosh]

Hi @eduardovra, please go ahead! I've been caught up with work and haven't been able to work on it so far :( Looking forward to it!

[eduardovra]

I did a little bit of research, and found 2 ways of setting up this trigger:

1 - If the repository is being created by the same cfn template as the function, it's possible to use the RepositoryTrigger resource (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codecommit-repository-repositorytrigger.html). In this case I belive there is nothing to be done by SAM.

2 - If the repository is created outside the function's template, we could use EventBridge to set up the trigger between the two (https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-trigger-source-repo-changes-cfn.html)

Is there any other options that I'm missing ?

[mindrunner]

Just checking in, the project I was working for does not exist anymore, so my personal interest in this vanished for now. Happy to see progress happening here, though! :)