Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
cargo-lambda-cdk
Advanced tools
This library provides constructs for Rust Lambda functions built with Cargo Lambda
To use this module you will either need to have Cargo Lambda installed (0.12.0
or later), or Docker
installed.
See Local Bundling/Docker Bundling for more information.
You can add the npm package to your program as follows,
npm i cargo-lambda-cdk
Or using any other compatible package manager
Add the following to your imports,
github.com/cargo-lambda/cargo-lambda-cdk/cargolambdacdk
You can add the Python package using pip
, or any other package manager compatible with PyPI,
pip install cargo-lambda-cdk
Define a RustFunction
:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(stack, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
});
The layout for this Rust project could look like this:
lambda-project
├── Cargo.toml
└── src
└── main.rs
The RustFunction
uses the provided.al2023
runtime. If you want to change it, you can use the property runtime
. The only other valid option is provided.al2
:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(stack, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
runtime: 'provided.al2',
});
Define a RustExtension
that get's deployed as a layer to use it with any other function later.
import { RustExtension, RustFunction } from 'cargo-lambda-cdk';
const extensionLayer = new RustExtension(this, 'Rust extension', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
});
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
layers: [
extensionLayer
],
});
Both RustFunction
and RustExtension
support cloning a git repository to get the source code for the function or extension.
To download the source code from a remote git repository, specify the gitRemote
. This option can be a valid git remote url, such as https://github.com/your_user/your_repo
, or a valid ssh url, such as git@github.com:your_user/your_repo.git
.
By default, the latest commit from the HEAD
branch will be downloaded. To download a different git reference, specify the gitReference
option. This can be a branch name, tag, or commit hash.
If you want to always clone the repository even if it has already been cloned to the temporary directory, set the gitForceClone
option to true
.
If you specify a manifestPath
, it will be relative to the root of the git repository once it has been cloned.
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(stack, 'Rust function', {
gitRemote: 'https://github.com/your_user/your_repo',
gitReference: 'branch',
gitForceClone: true,
});
Bundling is the process by which cargo lambda
gets called to build, package, and deliver the Rust
binary for CDK. This construct provides two methods of bundling:
If Cargo Lambda
is installed locally then it will be used to bundle your code in your environment. Otherwise, bundling will happen in a Lambda compatible Docker container with the Docker platform based on the target architecture of the Lambda function.
Use the environment
prop to define additional environment variables when Cargo Lambda runs:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
environment: {
HELLO: 'WORLD',
},
},
});
Use the profile
option if you want to build with a different Cargo profile that's not release
:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
profile: 'dev'
},
});
Use the cargoLambdaFlags
option to add additional flags to the cargo lambda build
command that's executed to bundle your function. You don't need to use this flag to set options like the target architecture or the binary to compile, since the construct infers those from other props.
If these flags include a --target
flag, it will override the architecture
option. If these flags include a --release
or --profile
flag, it will override the release or any other profile specified.
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
cargoLambdaFlags: [
'--target',
'x86_64-unknown-linux-musl',
'--debug',
'--disable-optimizations',
],
},
});
To force bundling in a docker container even if Cargo Lambda
is available in your environment, set the forcedDockerBundling
prop to true
. This is useful if you want to make sure that your function is built in a consistent Lambda compatible environment.
By default, these constructs use ghcr.io/cargo-lambda/cargo-lambda
as the image to build with. Use the bundling.dockerImage
prop to use a custom bundling image:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
dockerImage: DockerImage.fromBuild('/path/to/Dockerfile'),
},
});
Additional docker options such as the user, file access, working directory or volumes can be configured by using the bundling.dockerOptions
prop:
import * as cdk from 'aws-cdk-lib';
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
dockerOptions: {
bundlingFileAccess: cdk.BundlingFileAccess.VOLUME_COPY,
},
},
});
This property mirrors values from the cdk.BundlingOptions
and is passed into Code.fromAsset
.
It is possible to run additional commands by specifying the commandHooks
prop:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
commandHooks: {
// run tests
beforeBundling(inputDir: string, _outputDir: string): string[] {
return ['cargo test'];
},
},
},
});
The following hooks are available:
beforeBundling
: runs before all bundling commandsafterBundling
: runs after all bundling commandsThey all receive the directory containing the Cargo.toml
file (inputDir
) and the
directory where the bundled asset will be output (outputDir
). They must return
an array of commands to run. Commands are chained with &&
.
The commands will run in the environment in which bundling occurs: inside the container for Docker bundling or on the host OS for local bundling.
Depending on how you structure your Rust application, you may want to change the assetHashType
parameter.
By default this parameter is set to AssetHashType.OUTPUT
which means that the CDK will calculate the asset hash
(and determine whether or not your code has changed) based on the Rust executable that is created.
If you specify AssetHashType.SOURCE
, the CDK will calculate the asset hash by looking at the folder
that contains your Cargo.toml
file. If you are deploying a single Lambda function, or you want to redeploy
all of your functions if anything changes, then AssetHashType.SOURCE
will probaby work.
This software is released under MIT license.
FAQs
CDK Construct to build Rust functions with Cargo Lambda
The npm package cargo-lambda-cdk receives a total of 1,518 weekly downloads. As such, cargo-lambda-cdk popularity was classified as popular.
We found that cargo-lambda-cdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.