fix: Lambda RMU on LocalStack with DynamoDB Streams#783
Merged
Conversation
Add infrastructure for building and deploying the Read Model Updater as a Lambda function on LocalStack with DynamoDB Streams trigger.
- Enable LAMBDA_EXECUTOR=docker, MAIN_CONTAINER_NAME, LAMBDA_DOCKER_NETWORK for correct Lambda container networking on Docker Desktop - Add lambda and iam to LocalStack SERVICES - Add AWS_REGION to dynamodb-setup to fix region mismatch - Update E2E test script to build/deploy Lambda before running tests - Update verify-group-chat.sh with polling for read model availability
….x target - Support three DynamoDB B field formats: raw JSON (LocalStack), Base64 (AWS Lambda), and comma-separated numbers (local RMU) - Add rhel-openssl-1.0.x to Prisma binaryTargets for Amazon Linux 2 - Strip unnecessary Prisma native binaries from Lambda ZIP
|
Uplevel your code reviews with CodeRabbit ProCodeRabbit ProIf you like this project, please support us by purchasing the Pro version. The Pro version has advanced context, superior noise reduction and several proprietary improvements compared to the open source version. Moreover, CodeRabbit Pro is free for open source projects. |
…ipts All package.json files pointed main at src/index.ts which breaks esbuild bundling. Switch to dist/index.js with types field. Add build-read-model-updater-lambda and deploy-read-model-updater-localstack npm scripts to root package.json.
esbuild strips type-only imports so type-graphql cannot resolve the input class at runtime. Use value imports and explicit type function syntax @arg("input", () => Type) for all mutations.
… in compose-up CI needs aws-cli for LocalStack Lambda deploy. common.env holds local overrides and must not be committed. docker-compose-up.sh now builds the Lambda zip and deploys to LocalStack automatically.
Update READMEs to check off "Read Model Updater on AWS Lambda". Add LocalStack Lambda build/deploy instructions to BUILD_AND_TEST docs in both Japanese and English.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Files selected (29)
- .github/workflows/ci.yml (1)
- .gitignore (1)
- .gitmodules (1)
- README.ja.md (1)
- README.md (1)
- docs/BUILD_AND_TEST.ja.md (1)
- docs/BUILD_AND_TEST.md (1)
- mise.toml (1)
- package.json (1)
- packages/bootstrap/package.json (1)
- packages/bootstrap/src/lambda-rmu-handler.ts (1)
- packages/command/domain/package.json (1)
- packages/command/interface-adaptor-if/package.json (1)
- packages/command/interface-adaptor-impl/package.json (1)
- packages/command/interface-adaptor-impl/src/graphql/resolvers.ts (8)
- packages/command/processor/package.json (1)
- packages/infrastructure/package.json (1)
- packages/query/interface-adaptor/package.json (1)
- packages/rmu/package.json (1)
- packages/rmu/prisma/schema.prisma (1)
- packages/rmu/src/update-read-model.ts (1)
- tools/docker-compose/docker-compose-databases.yml (2)
- tools/docker-compose/docker-compose-e2e-test.yml (1)
- tools/e2e-test/verify-group-chat.sh (14)
- tools/scripts/build-read-model-updater-lambda.docker-inner.sh (1)
- tools/scripts/build-read-model-updater-lambda.sh (1)
- tools/scripts/deploy-read-model-updater-localstack.sh (1)
- tools/scripts/docker-compose-e2e-test.sh (2)
- tools/scripts/docker-compose-up.sh (2)
Files not summarized due to errors (29)
- .github/workflows/ci.yml (nothing obtained from openai)
- .gitignore (nothing obtained from openai)
- README.md (nothing obtained from openai)
- README.ja.md (nothing obtained from openai)
- .gitmodules (nothing obtained from openai)
- docs/BUILD_AND_TEST.ja.md (nothing obtained from openai)
- packages/bootstrap/package.json (nothing obtained from openai)
- packages/command/domain/package.json (nothing obtained from openai)
- docs/BUILD_AND_TEST.md (nothing obtained from openai)
- mise.toml (nothing obtained from openai)
- packages/bootstrap/src/lambda-rmu-handler.ts (nothing obtained from openai)
- package.json (nothing obtained from openai)
- packages/command/interface-adaptor-impl/package.json (nothing obtained from openai)
- packages/infrastructure/package.json (nothing obtained from openai)
- packages/query/interface-adaptor/package.json (nothing obtained from openai)
- packages/command/processor/package.json (nothing obtained from openai)
- packages/command/interface-adaptor-impl/src/graphql/resolvers.ts (nothing obtained from openai)
- packages/command/interface-adaptor-if/package.json (nothing obtained from openai)
- packages/rmu/package.json (nothing obtained from openai)
- tools/docker-compose/docker-compose-databases.yml (nothing obtained from openai)
- packages/rmu/src/update-read-model.ts (nothing obtained from openai)
- tools/docker-compose/docker-compose-e2e-test.yml (nothing obtained from openai)
- tools/e2e-test/verify-group-chat.sh (nothing obtained from openai)
- packages/rmu/prisma/schema.prisma (nothing obtained from openai)
- tools/scripts/build-read-model-updater-lambda.docker-inner.sh (nothing obtained from openai)
- tools/scripts/build-read-model-updater-lambda.sh (nothing obtained from openai)
- tools/scripts/deploy-read-model-updater-localstack.sh (nothing obtained from openai)
- tools/scripts/docker-compose-e2e-test.sh (nothing obtained from openai)
- tools/scripts/docker-compose-up.sh (nothing obtained from openai)
Files not reviewed due to errors (29)
- docs/BUILD_AND_TEST.ja.md (no response)
- .github/workflows/ci.yml (no response)
- README.ja.md (no response)
- .gitignore (no response)
- .gitmodules (no response)
- README.md (no response)
- package.json (no response)
- docs/BUILD_AND_TEST.md (no response)
- packages/bootstrap/src/lambda-rmu-handler.ts (no response)
- packages/command/domain/package.json (no response)
- mise.toml (no response)
- packages/bootstrap/package.json (no response)
- packages/command/interface-adaptor-impl/package.json (no response)
- packages/command/interface-adaptor-if/package.json (no response)
- packages/command/processor/package.json (no response)
- packages/infrastructure/package.json (no response)
- packages/command/interface-adaptor-impl/src/graphql/resolvers.ts (no response)
- packages/query/interface-adaptor/package.json (no response)
- packages/rmu/prisma/schema.prisma (no response)
- tools/docker-compose/docker-compose-databases.yml (no response)
- packages/rmu/src/update-read-model.ts (no response)
- packages/rmu/package.json (no response)
- tools/docker-compose/docker-compose-e2e-test.yml (no response)
- tools/e2e-test/verify-group-chat.sh (no response)
- tools/scripts/build-read-model-updater-lambda.docker-inner.sh (no response)
- tools/scripts/build-read-model-updater-lambda.sh (no response)
- tools/scripts/docker-compose-e2e-test.sh (no response)
- tools/scripts/deploy-read-model-updater-localstack.sh (no response)
- tools/scripts/docker-compose-up.sh (no response)
Review comments generated (0)
- Review: 0
- LGTM: 0
Tips
Chat with 
CodeRabbit Bot (@coderabbitai)
- Reply on review comments left by this bot to ask follow-up questions. A review comment is a comment on a diff or a file.
- Invite the bot into a review comment chain by tagging
@coderabbitaiin a reply.
Code suggestions
- The bot may make code suggestions, but please review them carefully before committing since the line number ranges may be misaligned.
- You can edit the comment made by the bot and manually tweak the suggestion if it is slightly off.
Pausing incremental reviews
- Add
@coderabbitai: ignoreanywhere in the PR description to pause further reviews from the bot.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
…tion The inner build script was running pnpm install directly on the bind-mounted host workspace, overwriting macOS/Windows node_modules with Linux-specific Prisma binaries. Now rsync sources to /build inside the container and only copy the final zip back to the host.
There was a problem hiding this comment.
Files selected (1)
- tools/scripts/build-read-model-updater-lambda.docker-inner.sh (1)
Files not summarized due to errors (1)
- tools/scripts/build-read-model-updater-lambda.docker-inner.sh (nothing obtained from openai)
Files not reviewed due to errors (1)
- tools/scripts/build-read-model-updater-lambda.docker-inner.sh (no response)
Review comments generated (0)
- Review: 0
- LGTM: 0
Tips
Chat with CodeRabbit Bot (@coderabbitai)
- Reply on review comments left by this bot to ask follow-up questions. A review comment is a comment on a diff or a file.
- Invite the bot into a review comment chain by tagging
@coderabbitaiin a reply.
Code suggestions
- The bot may make code suggestions, but please review them carefully before committing since the line number ranges may be misaligned.
- You can edit the comment made by the bot and manually tweak the suggestion if it is slightly off.
Pausing incremental reviews
- Add
@coderabbitai: ignoreanywhere in the PR description to pause further reviews from the bot.
The file was referenced by documentation and shell scripts but never committed, so the auto-copy fallback in docker-compose-up.sh and docker-compose-e2e-test.sh could never trigger.
There was a problem hiding this comment.
Files selected (1)
- common.env.default (1)
Files not summarized due to errors (1)
- common.env.default (nothing obtained from openai)
Files not reviewed due to errors (1)
- common.env.default (no response)
Review comments generated (0)
- Review: 0
- LGTM: 0
Tips
Chat with CodeRabbit Bot (@coderabbitai)
- Reply on review comments left by this bot to ask follow-up questions. A review comment is a comment on a diff or a file.
- Invite the bot into a review comment chain by tagging
@coderabbitaiin a reply.
Code suggestions
- The bot may make code suggestions, but please review them carefully before committing since the line number ranges may be misaligned.
- You can edit the comment made by the bot and manually tweak the suggestion if it is slightly off.
Pausing incremental reviews
- Add
@coderabbitai: ignoreanywhere in the PR description to pause further reviews from the bot.
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| @@ -0,0 +1,3 @@ | |||
| [submodule "references/okite-ai"] | |||
| path = references/okite-ai | |||
| url = git@github.com:j5ik2o/okite-ai.git | |||
There was a problem hiding this comment.
Unrelated private git submodule accidentally committed
Medium Severity
A .gitmodules file referencing references/okite-ai via a private SSH URL (git@github.com:j5ik2o/okite-ai.git) is included in this PR but is entirely unrelated to the Lambda RMU / DynamoDB Streams changes. This will cause git clone --recursive (or git submodule update --init) to fail for anyone without SSH access to that private repository, breaking CI or onboarding flows.
| "STREAM_MAX_ITEM_COUNT": "${STREAM_MAX_ITEM_COUNT}", | ||
| } | ||
| })) | ||
| PY |
There was a problem hiding this comment.
Shell variable injection in Python heredoc breaks special characters
Low Severity
The <<PY heredoc performs shell variable expansion before passing content to python3. If any variable (e.g., DATABASE_URL_LAMBDA) contains double quotes, backslashes, or newlines, the generated Python string literals break, causing a syntax error and failing the deploy. Using a quoted heredoc (<<'PY') and passing values via environment variables or arguments to Python would be safer.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Changes
Lambda infrastructure
packages/bootstrap/src/lambda-rmu-handler.ts: Lambda handler entry pointtools/scripts/build-read-model-updater-lambda.sh: esbuild + Prisma native binaries をZIPにパッケージtools/scripts/build-read-model-updater-lambda.docker-inner.sh: linux/amd64 Docker内ビルド、不要なPrismaバイナリを除去tools/scripts/deploy-read-model-updater-localstack.sh: Lambda作成/更新、ESM作成、Active/Enabled待機LocalStack configuration
LAMBDA_EXECUTOR: docker,MAIN_CONTAINER_NAME,LAMBDA_DOCKER_NETWORKを追加(Docker Desktop上のLambdaコンテナネットワーク問題を解決)lambda,iamをSERVICESに追加AWS_REGIONを dynamodb-setup に追加(リージョン不一致を修正)RMU payload decoding fix
binaryTargetsにrhel-openssl-1.0.xを追加(Amazon Linux 2 Lambda runtime用)Test plan
docker-compose-e2e-test.sh -l)がLocalStack Lambda経由で全項目パスNote
Medium Risk
Touches the read-model projection path and adds LocalStack Lambda build/deploy automation, which can affect event decoding/projection correctness and CI reliability, but is scoped to LocalStack/dev workflows.
Overview
Enable Lambda-based RMU on LocalStack. Adds a dedicated Lambda handler (
lambda-rmu-handler.ts) plus newpnpmscripts and shell tooling to build a Linux/amd64 deployment zip (bundled with Prisma engines) and deploy it to LocalStack with IAM role + DynamoDB stream event-source mapping setup.Make LocalStack + E2E flow deterministic. Updates Docker Compose LocalStack config to run
lambda/iamwith Docker executor/network settings, adjusts E2E compose to run the test container via a profile after Lambda deploy, and hardensverify-group-chat.shwith API/read-model polling to wait for stream→Lambda→MySQL projection.Fix RMU stream payload decoding across environments.
update-read-model.tsnow handles threepayload.Bformats (raw JSON from LocalStack, base64 from AWS Lambda, and comma-separated bytes from local RMU), and PrismabinaryTargetsare expanded for Lambda compatibility. CI installs AWS CLI v2, andcommon.envis introduced (gitignored) with defaults documented in BUILD/TEST docs.Written by Cursor Bugbot for commit 8452498. This will update automatically on new commits. Configure here.