aws-actions
diff --git a/‎.gitignore‎
Lines changed: 0 additions & 1 deletion b/‎.gitignore‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎README.md‎
Lines changed: 110 additions & 107 deletions b/‎README.md‎
Lines changed: 110 additions & 107 deletions
diff --git a/‎__tests__ /code_artifacts.test.js‎
Lines changed: 20 additions & 0 deletions b/‎__tests__ /code_artifacts.test.js‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎__tests__/deep_equal.test.js‎ renamed to ‎__tests__ /deep_equal.test.js‎ b/‎__tests__/deep_equal.test.js‎ renamed to ‎__tests__ /deep_equal.test.js‎
diff --git a/‎__tests__ /dry_run_mode.test.js‎
Lines changed: 41 additions & 0 deletions b/‎__tests__ /dry_run_mode.test.js‎
Lines changed: 41 additions & 0 deletions
@@ -3,5 +3,4 @@ dist
 .DS_Store
 coverage
 repolinter
-deploy-lambda.yml
 Config
@@ -7,13 +7,13 @@ Updates the code and configuration of AWS Lambda functions
 <!-- toc -->
 
 - [Usage](#usage)
+  * [Update Function Configuration](#update-configuration-only)
   * [Using S3 Deployment Method](#using-s3-deployment-method)
-  * [Update Configuration Only](#update-configuration-only)
   * [Dry Run Mode](#dry-run-mode)
+- [Build from Source](#build-from-source)
 - [Inputs](#inputs)
 - [Outputs](#outputs)
 - [Credentials and Region](#credentials-and-region)
-  * [OpenID Connect (OIDC) - Recommended Approach](#openid-connect-oidc---recommended-approach)
 - [Permissions](#permissions)
 - [License Summary](#license-summary)
 - [Security Disclosures](#security-disclosures)
@@ -23,124 +23,142 @@ Updates the code and configuration of AWS Lambda functions
 ## Usage
 
 ```yaml
-name: Deploy Lambda Function
+name: Deploy to AWS Lambda
 
 on:
   push:
-    branches: [main, master]
+    branches: [ "main" ]
+
+permissions:
+  id-token: write   # This is required for OIDC authentication
+  contents: read    # This is required to checkout the repository
 
 jobs:
   deploy:
+    name: Deploy
     runs-on: ubuntu-latest
-    permissions:
-      id-token: write # Required for OIDC authentication
-      contents: read  # Required to check out the repository
+    environment: production
+
     steps:
-      - uses: actions/checkout@v3
-      
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          role-to-assume: arn:aws:iam::123456789012:role/GitHubActionRole      
-      - name: Deploy Lambda function
-        uses: aws-actions/amazon-lambda-deploy@v1
-        with:
-          function-name: my-lambda-function
-          code-artifacts-dir: ./dist
+    - name: Checkout
+      uses: actions/checkout@v4
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v3
+      with:
+        role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+        aws-region: ${{ env.AWS_REGION }}
+        # The role-to-assume should be the ARN of the IAM role you created for GitHub Actions OIDC
+
+    - name: Deploy Lambda Function
+      uses: aws-actions/aws-lambda-deploy@v1
+      with:
+        function-name: my-function-name
+        code-artifacts-dir: my-code-artifacts-dir
+        # handler: my-handler
+        # runtime: my-runtime
+        # Add any additional inputs your action supports
 ```
 
-### Using S3 Deployment Method
+The required parameters to deploy are function name, code artifacts directory, handler, and runtime. The function name and code artifacts directory need to be provided by the user. However, the handler and runtime do not and will default to index.handler and nodejs20.x if not provided.
+
+### Update Function Configuration
 
 ```yaml
-name: Deploy Lambda Function with S3
+      - name: Update Lambda configuration
+        uses: aws-actions/aws-lambda-deploy@v1
+        with:
+          function-name: my-function-name
+          code-artifacts-dir: my-code-artifacts-dir
+          memory-size: 512
+          timeout: 60
+          environment: '{"ENV":"production","DEBUG":"true"}'
+```
 
-on:
-  push:
-    branches: [main, master]
+### Using S3 Deployment Method
 
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    permissions:
-      id-token: write # Required for OIDC authentication
-      contents: read  # Required to check out the repository
-    steps:
-      - uses: actions/checkout@v3
-      
-      - name: Configure AWS credentials with OIDC
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          role-to-assume: arn:aws:iam::123456789012:role/GitHubActionRole
-      
+```yaml
       - name: Deploy Lambda function via S3
-        uses: aws-actions/amazon-lambda-deploy@v1
+        uses: aws-actions/aws-lambda-deploy@v1
         with:
-          function-name: my-lambda-function
-          code-artifacts-dir: ./dist
-          s3-bucket: my-lambda-deployment-bucket
+          function-name: my-function-name
+          code-artifacts-dir: my-code-artifacts-dir
+          s3-bucket: my-s3-bucket
           # s3-key is optional - a key will be auto-generated if not specified
 ```
 
-### Update Configuration Only
+### Dry Run Mode
 
 ```yaml
-name: Update Lambda Configuration
+      - name: Deploy on dry run mode
+        uses: aws-actions/aws-lambda-deploy@v1
+        with:
+          function-name: my-function-name
+          code-artifacts-dir: my-code-artifacts-dir
+          dry-run: true
+```
+## Build from Source
 
-on:
-  push:
-    branches: [main, master]
+To automate building your source code, add the step that corresponds to your runtime:
 
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    permissions:
-      id-token: write # Required for OIDC authentication
-      contents: read  # Required to check out the repository
-    steps:
-      - uses: actions/checkout@v3
-      
-      - name: Configure AWS credentials with OIDC
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          role-to-assume: arn:aws:iam::123456789012:role/GitHubActionRole      
-      - name: Update Lambda configuration
-        uses: aws-actions/amazon-lambda-deploy@v1
-        with:
-          function-name: my-lambda-function
-          code-artifacts-dir: ./dist
-          memory-size: 512
-          timeout: 60
-          environment: '{"ENV":"production","DEBUG":"true"}'
+### Node.js
+
+```yaml
+      - name: Build source code
+        run: |
+          # Install dependencies
+          npm ci
+
+          # Build 
+          npm run build
 ```
+### Python
 
-### Dry Run Mode
+```yaml
+      - name: Build source code using setup tools
+        run: |
+          # Install dependencies
+          pip install -r requirement.txt
+          
+          # Build
+          python -m build
+```
+
+### Ruby
 
 ```yaml
-name: Validate Lambda Deployment
+      - name: Build source code using Rake
+        run: |
+          # Install dependencies
+          bundle install
+          
+          # Build
+          bundle exec rake [task_name]
+```
 
-on:
-  pull_request:
-    branches: [main, master]
+### Java
+
+```yaml
+      - name: Build source code using Maven
+        run: |
+          # Install dependencies
+          mvn dependency:resolve clean install -DskipTests
+          
+          # Build
+          mvn clean package
+
+```
+### .NET
+
+```yaml
+      - name: Build source code
+        run: |
+          # Install dependencies
+          dotnet restore
+          
+          # Build
+          dotnet build
 
-jobs:
-  validate:
-    runs-on: ubuntu-latest
-    permissions:
-      id-token: write # Required for OIDC authentication
-      contents: read  # Required to check out the repository
-    steps:
-      - uses: actions/checkout@v3
-      
-      - name: Configure AWS credentials with OIDC
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          role-to-assume: arn:aws:iam::123456789012:role/GitHubActionRole      
-      - name: Validate Lambda deployment (no changes)
-        uses: aws-actions/amazon-lambda-deploy@v1
-        with:
-          function-name: my-lambda-function
-          code-artifacts-dir: ./dist
-          dry-run: true
 ```
 
 ## Inputs
@@ -187,32 +205,17 @@ jobs:
 
 This action relies on the [default behavior of the AWS SDK for JavaScript](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/setting-credentials-node.html) to determine AWS credentials and region. Use the [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) action to configure the GitHub Actions environment for AWS authentication.
 
-### OpenID Connect (OIDC) - Recommended Approach
+### OpenID Connect (OIDC) 
 
 We **highly recommend** using OpenID Connect (OIDC) to authenticate with AWS. OIDC allows your GitHub Actions workflows to access AWS resources without storing AWS credentials as long-lived GitHub secrets.
 
 Here's an example of using OIDC with the aws-actions/configure-aws-credentials action:
 
 ```yaml
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    permissions:
-      id-token: write # Required for OIDC authentication
-      contents: read  # Required to check out the repository
-    steps:
-      - uses: actions/checkout@v3
-      
       - name: Configure AWS credentials with OIDC
         uses: aws-actions/configure-aws-credentials@v2
         with:
           role-to-assume: arn:aws:iam::123456789012:role/GitHubActionRole
-      
-      - name: Deploy Lambda function
-        uses: aws-actions/amazon-lambda-deploy@v1
-        with:
-          function-name: my-lambda-function
-          code-artifacts-dir: ./dist
 ```
 
 To use OIDC authentication, you must configure a trust policy in AWS IAM that allows GitHub Actions to assume an IAM role. Here's an example trust policy:
 
@@ -0,0 +1,20 @@
+const { packageCodeArtifacts } = require('../index');
+
+jest.mock('@actions/core');
+jest.mock('fs/promises');
+jest.mock('adm-zip');
+jest.mock('path');
+
+describe('Code Artifacts Tests', () => {
+  test('should throw error when artifactsDir is not provided', async () => {
+    await expect(packageCodeArtifacts()).rejects.toThrow('Code artifacts directory path must be provided');
+  });
+
+  test('should throw error when artifactsDir is null', async () => {
+    await expect(packageCodeArtifacts(null)).rejects.toThrow('Code artifacts directory path must be provided');
+  });
+
+  test('should throw error when artifactsDir is empty string', async () => {
+    await expect(packageCodeArtifacts('')).rejects.toThrow('Code artifacts directory path must be provided');
+  });
+});
@@ -0,0 +1,41 @@
+const core = require('@actions/core');
+const { LambdaClient } = require('@aws-sdk/client-lambda');
+const mainModule = require('../index');
+const validations = require('../validations');
+
+jest.mock('@actions/core');
+jest.mock('@aws-sdk/client-lambda');
+jest.mock('@aws-sdk/client-s3');
+jest.mock('@aws-sdk/client-sts');
+jest.mock('fs/promises');
+jest.mock('adm-zip');
+jest.mock('path');
+
+describe('Dry Run Mode Tests', () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+    process.env.AWS_REGION = 'us-east-1';
+  });
+
+  test('should skip configuration updates in dry run mode when config changed', async () => {
+    const mockClient = {
+      send: jest.fn().mockResolvedValue({ Runtime: 'nodejs18.x', MemorySize: 256 })
+    };
+    LambdaClient.mockImplementation(() => mockClient);
+
+    validations.validateAllInputs = jest.fn().mockReturnValue({
+      valid: true,
+      functionName: 'test-function',
+      parsedEnvironment: {},
+      dryRun: true,
+      role: 'arn:aws:iam::123456789012:role/lambda-role'
+    });
+
+    jest.spyOn(mainModule, 'checkFunctionExists').mockResolvedValue(true);
+    jest.spyOn(mainModule, 'packageCodeArtifacts').mockResolvedValue('/tmp/test.zip');
+    jest.spyOn(mainModule, 'createFunction').mockResolvedValue();
+    jest.spyOn(mainModule, 'hasConfigurationChanged').mockReturnValue(true);
+
+    await mainModule.run();
+  });
+});