Just been working on deploying an AWS Lambda function and having a bit of an issue regarding the aws_lambda_function argument source_code_hash.
When testing the Terraform from the CLI the base64-encode value remains the same providing the source Python hasn’t changed, but when attempting to use the same script in a Bitbucket pipeline - using a debian image - it appears to calculate a different value every run of the pipeline prompting the Lambda function to be updated.
While this is not, in itself, causing an issue I’m sure there must be a way of stopping Terraform from deploying the same Python Lambda function needlessly.
resource “aws_lambda_function” “deployment_group_api” {
function_name = “deployment_group_api”
role = aws_iam_role.deployment_group_api.arnfilename = “deployment_group_api.zip”
handler = “main.lambda_handler”
runtime = “python3.9”
source_code_hash = filebase64sha256(“deployment_group_api.zip”)
}
Note: The ZIP file is generated every time the pipeline runs via a Bash script.
The only thing I can think of that changes every time the pipeline runs is the date/timestamp, but the Terraform documentation says the filebase64sha256 reads the contents of a file so the date/timestamp shouldn’t make any difference.
Any help or explanation as to what is actually happening will be appreciated.