From a6b33704248002fb461bcf4ded03f61bd94369f4 Mon Sep 17 00:00:00 2001 From: Brandon Date: Tue, 3 Dec 2024 13:55:58 -0800 Subject: [PATCH 1/2] feat(scan): Add support for specifying the scan function timeout. --- .pre-commit-config.yaml | 4 ++-- API.md | 15 +++++++++++++++ src/index.ts | 6 +++++- 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9fcc8673..280e3c87 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -8,13 +8,13 @@ repos: hooks: - id: flake8 - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v3.4.0 + rev: v5.0.0 hooks: - id: check-json - id: trailing-whitespace exclude: ^API.md||.github/$ - repo: https://github.com/pre-commit/mirrors-eslint - rev: v7.25.0 + rev: v8.56.0 hooks: - id: eslint files: \.[jt]sx?$ diff --git a/API.md b/API.md index 168d36b4..fdfc0a63 100644 --- a/API.md +++ b/API.md @@ -378,6 +378,7 @@ const serverlessClamscanProps: ServerlessClamscanProps = { ... } | onResult | aws-cdk-lib.aws_lambda.IDestination | The Lambda Destination for files marked 'CLEAN' or 'INFECTED' based on the ClamAV Virus scan or 'N/A' for scans triggered by S3 folder creation events marked (Default: Creates and publishes to a new Event Bridge Bus if unspecified). | | reservedConcurrency | number | Optionally set a reserved concurrency for the virus scanning Lambda. | | scanFunctionMemorySize | number | Optionally set the memory allocation for the scan function. | +| scanFunctionTimeout | aws-cdk-lib.Duration | Optionally set the timeout for the scan function. | --- @@ -540,5 +541,19 @@ Note that low memory allocations may cause errors. (Default: 10240). --- +##### `scanFunctionTimeout`Optional + +```typescript +public readonly scanFunctionTimeout: Duration; +``` + +- *Type:* aws-cdk-lib.Duration + +Optionally set the timeout for the scan function. + +(Default: 15 minutes). + +--- + diff --git a/src/index.ts b/src/index.ts index e68fa4b2..cb2e3bd3 100644 --- a/src/index.ts +++ b/src/index.ts @@ -70,6 +70,10 @@ export interface ServerlessClamscanProps { * @see https://docs.aws.amazon.com/lambda/latest/operatorguide/computing-power.html */ readonly scanFunctionMemorySize?: number; + /** + * Optionally set the timeout for the scan function. (Default: 15 minutes). + */ + readonly scanFunctionTimeout?: Duration; /** * The Lambda Destination for files marked 'CLEAN' or 'INFECTED' based on the ClamAV Virus scan or 'N/A' for scans triggered by S3 folder creation events marked (Default: Creates and publishes to a new Event Bridge Bus if unspecified). */ @@ -428,7 +432,7 @@ export class ServerlessClamscan extends Construct { vpc: vpc, vpcSubnets: { subnets: vpc.isolatedSubnets }, allowAllOutbound: false, - timeout: Duration.minutes(15), + timeout: props.scanFunctionTimeout ?? Duration.minutes(15), memorySize: props.scanFunctionMemorySize ?? 10240, reservedConcurrentExecutions: props.reservedConcurrency, environment: { From 470df838946a514b37e8ffed01adb8f301c133ee Mon Sep 17 00:00:00 2001 From: Brandon Date: Tue, 3 Dec 2024 14:03:15 -0800 Subject: [PATCH 2/2] feat(test): Add unit test for scan function timeout. --- test/ServerlessClamscan.test.ts | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/test/ServerlessClamscan.test.ts b/test/ServerlessClamscan.test.ts index c67b4d94..ced197f4 100644 --- a/test/ServerlessClamscan.test.ts +++ b/test/ServerlessClamscan.test.ts @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 import { ABSENT, anything, arrayWith, objectLike, stringLike } from '@aws-cdk/assert'; -import { Size, Stack } from 'aws-cdk-lib'; +import { Duration, Size, Stack } from 'aws-cdk-lib'; import { PerformanceMode, ThroughputMode } from 'aws-cdk-lib/aws-efs'; import { EventBus } from 'aws-cdk-lib/aws-events'; import { SqsDestination, EventBridgeDestination } from 'aws-cdk-lib/aws-lambda-destinations'; @@ -959,3 +959,20 @@ test('expect EFS throughput mode to be set as configured', () => { ThroughputMode: 'provisioned', }); }); + +test('expect scan function timeout default to be 15 minutes', () => { + const stack = new Stack(); + new ServerlessClamscan(stack, 'default', {}); + expect(stack).toHaveResourceLike('AWS::Lambda::Function', { + Timeout: 900, + }); +}); + +test('expect scan function timeout to be set as configured', () => { + const stack = new Stack(); + new ServerlessClamscan(stack, 'default', { scanFunctionTimeout: Duration.minutes(5) }); + expect(stack).toHaveResourceLike('AWS::Lambda::Function', { + Timeout: 300, + }); +}); +