add listener lambda

.github/workflows/build-test.yaml

@@ -0,0 +1,43 @@
+name: build-and-test
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v4
+        with:
+          go-version-file: "go.mod"
+
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: latest
+
+      - name: Build and Test
+        run: |
+          make deps
+          make build-all
+          make test
+
+      - name: Test Summary
+        uses: test-summary/action@v2
+        with:
+          paths: "unit-tests.xml"
+        if: always()
+
+      - name: Upload listener-lambda.zip
+        uses: actions/upload-artifact@v3
+        with:
+          name: listener-lambda.zip
+          path: build/listener/listener-lambda.zip

Makefile

@@ -1,7 +1,7 @@
 TEST?=$$(go list ./... | grep -v 'vendor')
 SHELL := /bin/bash
 GOOS=linux
-GOARCH=amd64
+GOARCH=arm64
 VERSION=test
 
 # List of targets the `readme` target should call before generating the readme
@@ -13,21 +13,18 @@ export README_DEPS ?= docs/targets.md
 lint:
 	$(SELF) terraform/install terraform/get-modules terraform/get-plugins terraform/lint terraform/validate
 
-get:
-	go get
+build-all: build-listener
 
-build: get
-	env GOOS=${GOOS} GOARCH=${GOARCH} go build -o build/atmos -v -ldflags "-X 'github.com/cloudposse/atmos/cmd.Version=${VERSION}'"
-
-version: build
-	chmod +x ./build/atmos
-	./build/atmos version
+build-listener:
+	GOOS=${GOOS} GOARCH=${GOARCH} CGO_ENABLED=0 go build -v -o build/listener/bootstrap -tags lambda.norpc ./cmd/listener
+	cd build/listener/ && zip listener-lambda.zip bootstrap
 
 deps:
+	go get github.com/aws/aws-lambda-go/lambda
 	go mod download
 
 # Run acceptance tests
-testacc: get
-	go test $(TEST) -v $(TESTARGS) -timeout 2m
+test: deps
+	go run gotest.tools/gotestsum@latest --junitfile unit-tests.xml --format pkgname-and-test-fails -- -timeout 30m -tags=acceptance -parallel=1 -count=1 -v $(TEST)
 
-.PHONY: lint get build deps version testacc
+.PHONY: lint build-listener build-all deps version testacc

README.md

@@ -1,6 +1,6 @@
 
 <!-- markdownlint-disable -->
-# atmos [![Latest Release](https://img.shields.io/github/release/cloudposse/lambdas-ssm-sync.svg)](https://github.com/cloudposse/atmos/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)
+# atmos [![Test Status](https://github.com/cloudposse/lambdas-ssm-sync/actions/workflows/build-test.yaml/badge.svg?branch=main)](https://github.com/cloudposse/lambdas-ssm-sync/actions/workflows/build-test.yaml) [![Latest Release](https://img.shields.io/github/release/cloudposse/lambdas-ssm-sync.svg)](https://github.com/cloudposse/atmos/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)
 <!-- markdownlint-restore -->
 
 [![README Header][readme_header_img]][readme_header_link]

README.yaml

@@ -3,6 +3,9 @@ license: APACHE2
 github_repo: cloudposse/lambdas-ssm-sync
 
 badges:
+  - name: Test Status
+    image: https://github.com/cloudposse/lambdas-ssm-sync/actions/workflows/build-test.yaml/badge.svg?branch=main
+    url: https://github.com/cloudposse/lambdas-ssm-sync/actions/workflows/build-test.yaml
   - name: Latest Release
     image: https://img.shields.io/github/release/cloudposse/lambdas-ssm-sync.svg
     url: https://github.com/cloudposse/atmos/releases/latest

cmd/listener/main.go

@@ -0,0 +1,42 @@
+package main
+
+import (
+	"context"
+
+	"github.com/aws/aws-lambda-go/events"
+	"github.com/aws/aws-lambda-go/lambda"
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/cloudposse/ssm-syncronizer/internal/model"
+	"github.com/cloudposse/ssm-syncronizer/internal/service"
+	awssvc "github.com/cloudposse/ssm-syncronizer/internal/service/aws"
+	awsutil "github.com/cloudposse/ssm-syncronizer/internal/util/aws"
+)
+
+func handler(context context.Context, event events.SQSEvent) ([]byte, error) {
+
+	// Instantiate concrete dependencies
+	session := session.Must(session.NewSession())
+	ec2Client := awssvc.NewEC2Client(session)
+	stsClient := awssvc.NewSTSClient(session)
+	accountService := awssvc.NewAccountService(*session.Config.Region, ec2Client, stsClient)
+	ssmService := awssvc.NewSSMService()
+
+	currentAccountSyncService := service.NewCurrentAccountSyncService(accountService, ssmService)
+
+	for _, record := range event.Records {
+		ssmEvent, err := awsutil.UnmarshalSQSEvent[model.ParameterStoreChangeEvent](record)
+		if err != nil {
+			return nil, err
+		}
+
+		err = currentAccountSyncService.Sync(ssmEvent)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return nil, nil
+}
+
+func main() {
+	lambda.Start(handler)
+}

docs/targets.md

@@ -0,0 +1,12 @@
+<!-- markdownlint-disable -->
+## Makefile Targets
+```text
+Available targets:
+
+  help                                Help screen
+  help/all                            Display help for all targets
+  help/short                          This help short screen
+  lint                                Lint terraform code
+
+```
+<!-- markdownlint-restore -->

fixtures/enabled-regions.json

@@ -0,0 +1,19 @@
+[
+  "ap-south-1",
+  "eu-north-1",
+  "eu-west-3",
+  "eu-west-2",
+  "eu-west-1",
+  "ap-northeast-3",
+  "ap-northeast-2",
+  "ap-northeast-1",
+  "ca-central-1",
+  "sa-east-1",
+  "ap-southeast-1",
+  "ap-southeast-2",
+  "eu-central-1",
+  "us-east-1",
+  "us-east-2",
+  "us-west-1",
+  "us-west-2"
+]

fixtures/get-parameter-output.json

@@ -0,0 +1,11 @@
+{
+  "Parameter": {
+    "Name": "/terraform/shared-state/123456789012/us-east-2/MyExampleParameter",
+    "Type": "String",
+    "Value": "MyExampleParameterValue",
+    "Version": 1,
+    "LastModifiedDate": "2023-12-08T23:59:13.856000-05:00",
+    "ARN": "arn:aws:ssm:us-east-2:112233445566:parameter/terraform/shared-state/123456789012/us-east-2/MyExampleParameter",
+    "DataType": "text"
+  }
+}

fixtures/param-store-event-different-account.json

@@ -0,0 +1,18 @@
+{
+  "version": "0",
+  "id": "6a7e4feb-b491-4cf7-a9f1-bf3703497718",
+  "detail-type": "Parameter Store Change",
+  "source": "aws.ssm",
+  "account": "112233445566",
+  "time": "2017-05-22T16:43:48Z",
+  "region": "us-east-2",
+  "resources": [
+    "arn:aws:ssm:us-east-2:112233445566:parameter/terraform/shared-state/123456789012/us-east-2/MyExampleParameter"
+  ],
+  "detail": {
+    "operation": "Create",
+    "name": "MyExampleParameter",
+    "type": "String",
+    "description": "Sample Parameter"
+  }
+}

fixtures/param-store-event-same-account-and-region.json

@@ -0,0 +1,18 @@
+{
+  "version": "0",
+  "id": "6a7e4feb-b491-4cf7-a9f1-bf3703497718",
+  "detail-type": "Parameter Store Change",
+  "source": "aws.ssm",
+  "account": "123456789012",
+  "time": "2017-05-22T16:43:48Z",
+  "region": "us-east-2",
+  "resources": [
+    "arn:aws:ssm:us-east-2:123456789012:parameter/terraform/shared-state/123456789012/us-east-2/MyExampleParameter"
+  ],
+  "detail": {
+    "operation": "Create",
+    "name": "MyExampleParameter",
+    "type": "String",
+    "description": "Sample Parameter"
+  }
+}

go.mod

@@ -0,0 +1,25 @@
+module github.com/cloudposse/ssm-syncronizer
+
+go 1.20
+
+require (
+	github.com/aws/aws-lambda-go v1.43.0
+	github.com/aws/aws-sdk-go v1.49.5
+	github.com/docker/docker v24.0.7+incompatible
+	github.com/golang/mock v1.6.0
+	github.com/magiconair/properties v1.8.7
+	github.com/stretchr/testify v1.8.4
+	golang.org/x/sys v0.1.0
+)
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/moby/term v0.5.0 // indirect
+	github.com/morikuni/aec v1.0.0 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

go.sum

@@ -0,0 +1,66 @@
+github.com/aws/aws-lambda-go v1.42.0 h1:U4QKkxLp/il15RJGAANxiT9VumQzimsUER7gokqA0+c=
+github.com/aws/aws-lambda-go v1.42.0/go.mod h1:dpMpZgvWx5vuQJfBt0zqBha60q7Dd7RfgJv23DymV8A=
+github.com/aws/aws-lambda-go v1.43.0 h1:Tdu7SnMB5bD+CbdnSq1Dg4sM68vEuGIDcQFZ+IjUfx0=
+github.com/aws/aws-lambda-go v1.43.0/go.mod h1:dpMpZgvWx5vuQJfBt0zqBha60q7Dd7RfgJv23DymV8A=
+github.com/aws/aws-sdk-go v1.49.5 h1:y2yfBlwjPDi3/sBVKeznYEdDy6wIhjA2L5NCBMLUIYA=
+github.com/aws/aws-sdk-go v1.49.5/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/docker/docker v24.0.7+incompatible h1:Wo6l37AuwP3JaMnZa226lzVXGA3F9Ig1seQen0cKYlM=
+github.com/docker/docker v24.0.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
+github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
+github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
+github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
+github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
+github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
+github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
+github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
+github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
+github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
+github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
+github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007 h1:gG67DSER+11cZvqIMb8S8bt0vZtiN6xWYARwirrOSfE=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
+golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

internal/model/event_bridge_event.go

@@ -0,0 +1,15 @@
+package model
+
+import "time"
+
+type EventBridgeEvent[T any] struct {
+	Detail     T         `json:"detail"`
+	DetailType string    `json:"detail-type"`
+	Resources  []string  `json:"resources"`
+	Id         string    `json:"id"`
+	Source     string    `json:"source"`
+	Time       time.Time `json:"time"`
+	Region     string    `json:"region"`
+	Version    string    `json:"version"`
+	Account    string    `json:"account"`
+}

internal/model/parameter_store_changed_event.go

@@ -0,0 +1,43 @@
+package model
+
+import (
+	"time"
+)
+
+type ParameterStoreChangeEvent EventBridgeEvent[*ParameterStoreChangeDetail]
+
+func (a *ParameterStoreChangeEvent) SetDetail(detail ParameterStoreChangeDetail) {
+	a.Detail = &detail
+}
+
+func (a *ParameterStoreChangeEvent) SetDetailType(detailType string) {
+	a.DetailType = detailType
+}
+
+func (a *ParameterStoreChangeEvent) SetResources(resources []string) {
+	a.Resources = resources
+}
+
+func (a *ParameterStoreChangeEvent) SetId(id string) {
+	a.Id = id
+}
+
+func (a *ParameterStoreChangeEvent) SetSource(source string) {
+	a.Source = source
+}
+
+func (a *ParameterStoreChangeEvent) SetTime(time time.Time) {
+	a.Time = time
+}
+
+func (a *ParameterStoreChangeEvent) SetRegion(region string) {
+	a.Region = region
+}
+
+func (a *ParameterStoreChangeEvent) SetVersion(version string) {
+	a.Version = version
+}
+
+func (a *ParameterStoreChangeEvent) SetAccount(account string) {
+	a.Account = account
+}