Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@cumulus/cumulus-ecs-task
Advanced tools
Use this Docker image to run a Node.js Lambda function in AWS ECS.
cumulus-ecs-task is a Docker image that can run Lambda functions as ECS services.
When included in a Cumulus workflow and deployed to AWS, it will download a specified Lambda function, and act as an activity in a Step Functions workflow.
This only works with Node.js Lambda functions, and requires that the Lambda function it is running has a dependency of at least v1.0.1 of cumulus-message-adapter-js.
Like other Cumulus libraries, cumulus-ecs-task is designed to be deployed to AWS using kes to manage Cloudformation config. This documentation assumes you're working with a Cumulus deployment and that you have files and directory structure similar to what's found in the cumulus template repository.
This library has two options:
activityArn
required
lambdaArn
required
For examples of how to integrate this image with Cumulus, please see the documentation and our example workflow in source.
To run locally:
npm start -- --activityArn <your-activity-arn> --lambdaArn <your-lambda-arn>
To build the docker image:
npm run build
To run in Docker locally:
docker run -e AWS_ACCESS_KEY_ID='<aws-access-key>' \
-e AWS_SECRET_ACCESS_KEY='<aws-secret-key>' \
cumuluss/cumulus-ecs-task \
--activityArn <your-activity-arn> \
--lambdaArn <your-lambda-arn>
You can execute workflows on AWS that test the version of cumulus-ecs-task that you're developing on locally.
First, make sure that the ECS cluster for your deployment has zero tasks running that might respond to a workflow's requests.
That way only your local version will respond to your workflow.
Next, start ecs-cumulus-task locally.
Either with node:
npm start -- --activityArn <your-activity-arn> --lambdaArn <your-lambda-arn>
Or with docker:
# build the image
npm run build
# run the image
docker run -e AWS_ACCESS_KEY_ID='<aws-access-key>' \
-e AWS_SECRET_ACCESS_KEY='<aws-secret-key>' \
cumuluss/cumulus-ecs-task \
--activityArn <your-activity-arn> \
--lambdaArn <your-lambda-arn>
Finally, trigger a workflow. You can do this from the Cumulus dashboard, the Cumulus API, or with the AWS Console.
SSH into the ECS container instance.
Make sure the EC2 instance has internet access and is able to pull the image from docker hub by doing:
docker pull cumuluss/cumulus-ecs-task:1.1.1
cat
the ecs config file to make sure credentials are correct:
cat /etc/ecs/ecs.config
Check if there's multiple entries of the config.
If there is, there are two things to try:
sudo stop ecs
source /etc/ecs/ecs.config
sudo start ecs
To create a release, first make sure the CHANGELOG.md file is updated with all the changes made.
Next, bump the version and the changes will automatically be released upon merge to master.
npm version <major|minor|patch|specific version>
Create the build
npm run build
Release to Docker Hub
npm run release
See the CONTRIBUTING.md file.
[v1.4.0]
CUMULUS-1626
FAQs
Run lambda functions in ECS
The npm package @cumulus/cumulus-ecs-task receives a total of 5 weekly downloads. As such, @cumulus/cumulus-ecs-task popularity was classified as not popular.
We found that @cumulus/cumulus-ecs-task demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.