pg module not compatible with the latest version of python (python 3.8)

Question

pg module not compatible with the latest version of python (python 3.8)

adampblack opened this issue 4 years ago · comments

Compiler
Python3.8

Error from cloudwatch

[ERROR] Runtime.UserCodeSyntaxError: Syntax error in module 'lambda_function': invalid syntax (init.py, line 3)
Traceback (most recent call last):
File "/var/task/pg/init.py" Line 3
async,

Reason for error

Async a reserved word from python 3.7
https://docs.python.org/3/whatsnew/3.7.html

This is a very old package - should be replace with something newer which is compatible latest python version.
https://pypi.org/project/pg/#history

Even winding back to python 3.6 results in additional errors (_imaging module).

David Álvarez Quiroga · Answer 1 · Fri Jan 22 2021 18:46:04 GMT+0800 (China Standard Time)

+1 Yes, it looks like that all code was created in 2018, you can see in header of scripts. I don't know if it will be updated.

Adam B · Answer 2 · Fri Jan 22 2021 19:28:42 GMT+0800 (China Standard Time)

Got it working using psycopg2.

I will leave this open so that someone at AWS can update the sample.

smcoll · Answer 3 · Tue Mar 09 2021 10:03:45 GMT+0800 (China Standard Time)

Yeah... that pg package is for OpenGL and installs pillow?

JoeB · Answer 4 · Fri May 07 2021 01:16:36 GMT+0800 (China Standard Time)

Thank you for opening this issue - we are looking into it.

Christopher N. Frugé · Answer 5 · Fri May 07 2021 02:06:00 GMT+0800 (China Standard Time)

The code in this repo is ok as far as python 3.8 compatibility; the problem lies in the pg driver pygresql and how it is compiled. If you download it from the Lambda site, it is compiled in python 3.7. If you try to compile it yourself in python 3.8 and try to use the postgreSQL 12 or 13 client files, it gets really complicated as the dependencies required and what's available on the Lambda are not the same.

Chris Trawick · Answer 6 · Mon Aug 23 2021 09:38:55 GMT+0800 (China Standard Time)

Pillow happened to me when I tried to repackage lambda code from here into an independent layer using requirements.txt. DO NOT REFERENCE "PG" THERE. The proper name there is "PyGreSQL" which presents a "pg" module from PostgreSQL, not PIL/OpenGL. The default "pg" will break your lambdas.

I ran into this because I was forced to reimplement the public template using terraform because the serverlessrepo package for this does not allow the attachment of required permissions boundaries. If you want this fixed, please upvote #27

Daniel Caldeweyher · Answer 7 · Fri Aug 27 2021 14:50:14 GMT+0800 (China Standard Time)

Please get rid of pgdb and pg and just use psycopg2 or pg8000 as used by AWS Datawrangler.
Why are random libraries used in aws samples?

Reyansh Kharga · Answer 8 · Wed Sep 08 2021 02:51:44 GMT+0800 (China Standard Time)

Got it working using psycopg2.

I will leave this open so that someone at AWS can update the sample.

Could you please tell me the changes you made?

Sébastien MARCHAL · Answer 9 · Tue Oct 05 2021 15:22:42 GMT+0800 (China Standard Time)

Fixed it with psycopg2, if people are still interested : https://github.com/0xSeb/aws_secrets_manager_psql_rotation_lambda

KangSheng · Answer 10 · Thu Feb 17 2022 23:55:15 GMT+0800 (China Standard Time)

U can do it with psycopg2, where u can follow as below:
1st, build the docker image, where this will prepare for the linux environment, using pip to download the pre-compile lib.

FROM python:3.8 as py

ARG PSYCOPG2_VER

RUN apt-get update && \
        apt-get install bison flex build-essential libpq-dev -y 

WORKDIR /package/psycopg2
RUN python -m venv venv
RUN . venv/bin/activate && \
        pip install psycopg2-binary==$PSYCOPG2_VER --target /out_lib
WORKDIR /

then use docker cp to get the binary from container, repackage it with lambda "handler.py"

.PHONY: help


help: ## This help.
	@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)

.DEFAULT_GOAL := package
APP_NAME = postgres_env
PSYCOPG2_VER = 2.9.3

# DOCKER TASKS

# Build the container
build: clean
	docker build -t $(APP_NAME) .  --build-arg PSYCOPG2_VER=$(PSYCOPG2_VER)

## Build the container without caching
build-nc: clean
	docker build --no-cache -t $(APP_NAME) . --build-arg PSYCOPG2_VER=$(PSYCOPG2_VER)

clean: 
	rm -rf out
	rm -rf deployment.zip

clean-image: 
	docker rmi -f $(APP_NAME)

package: build
	mkdir -p out
	$(eval CONTAINER_ID=$(shell docker create $(APP_NAME) --name $(APP_NAME)))
	docker cp $(CONTAINER_ID):/out_lib/. ./out
	docker rm $(CONTAINER_ID)
	cd out && zip -r ../deployment.zip .
	zip -g deployment.zip handler.py

run make, and it will generate the "deployment.zip" and u can upload this to lambda

Joseph Jesse · Answer 11 · Sat Jul 09 2022 00:29:00 GMT+0800 (China Standard Time)

Thank you for opening this issue. Currently the rotation AWS Lambda functions we vend only officially support Python 3.7, as noted in our public documentation. This is in part due to the fact that we build and package all the necessary dependencies, along with the function itself, in the Lambda deployment package. As it pertains to PostgreSQL, the specific client library we use is PyGreSQL. We have a similar feature request to upgrade the officially supported Python runtime in our vended rotation Lambdas, and by association the versions of client libraries used as well.

biddster · Answer 12 · Thu Dec 08 2022 05:33:34 GMT+0800 (China Standard Time)

We got stung by this earlier this week.

We updated our cloudformation stack (with no changes to the PG password rotation lambdas) and it appears that our lambda functions were auto-updated to 3.9?

I've no idea why the lambda functions were updated yet as there was no change to them. Still looking into that. However, there's also no way in the serverless template to be able to insist on 3.7.

I guess I'll need a CustomResource with a bit of python/javascript to keep those lambda functions at 3.7?