'Custom Lambda image - getting aws-lambda-ric error when trying to run Lambda

I've build a NodeJS project, which I need to run on a custom Docker image.

This is my Dockerfile:

FROM public.ecr.aws/lambda/nodejs:14-x86_64

# Create app directory
WORKDIR /usr/src/

RUN yum update && yum install -y git openssh-client vim python py-pip pip jq
RUN yum update && yum install -y automake autoconf libtool dpkg pkgconfig nasm libpng cmake
RUN pip install awscli
# RUN apk --purge -v del py-pip

# RUN rm /var/cache/apk/*

RUN npm install -g yarn

RUN yarn install --frozen-lockfile

# Bundle app source
COPY . .

RUN yarn build
ENTRYPOINT ["npx", "aws-lambda-ric"]
CMD [ "src/executionHandler.runner" ]

But when I call docker run <imagename>

I get the following errors:

tar: curl-7.78.0/tests/data/test1131: Cannot open: No such file or directory

tar: curl-7.78.0: Cannot mkdir: Permission denied

tar: curl-7.78.0/tests/data/test971: Cannot open: No such file or directory

tar: curl-7.78.0: Cannot mkdir: Permission denied

tar: Exiting with failure status due to previous errors

./scripts/preinstall.sh: line 28: cd: curl-7.78.0: No such file or directory

npm ERR! code ELIFECYCLE

npm ERR! errno 1

npm ERR! [email protected] preinstall: `./scripts/preinstall.sh`

npm ERR! Exit status 1

npm ERR! 

npm ERR! Failed at the [email protected] preinstall script.

npm ERR! This is probably not a problem with npm. There is likely additional logging output above.


npm ERR! A complete log of this run can be found in:

npm ERR!     /root/.npm/_logs/2021-10-13T09_11_31_626Z-debug.log

Install for [ 'aws-lambda-ric@latest' ] failed with code 1

The base image I use was taken from official AWS images repository.

How can I resolve this permissions issue?

dockeraws-lambda


Solution 1:[1]

This isn't really a permissions issue.

According to https://gallery.ecr.aws/lambda/nodejs the base image you're using public.ecr.aws/lambda/nodejs should come with the entire runtime pre-installed. I think the issue is that your entrypoint uses npx, which is a tool for running local npm packages, and the base image can only have the packages installed globally. npx, if it can't find the package in local package.json, tries to install the package. This is both unnecessary, since it's already installed globally, and not possible in the stripped down public image in to which you have installed some of the prereqs like cmake, autoconf, etc, but not libcurl.

I suspect

ENTRYPOINT ["aws-lambda-ric"]

without npx and without all the extraneous development packages will work fine with this image.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Johnny C

Related Questions

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Amazon AWS S3 to Force Download Mp3 File instead of Stream It

How to enable terraform module only with a specific workspace

AWS RDS Postgres: WAL_LEVEL not set to 'logical' after changing rds.logical_replication = 1

Use terraform to set up a lambda function triggered by a scheduled event source

Use terraform to set up a lambda function triggered by a scheduled event source

Self stopping EC2 once task complete?

AWS - SWF - Asynchronous method

Why my cloudformation template is over 1 MB?

AWS elastic beanstalk - WARN install EACCES: permission denied, access '/tmp/.npm'

Aws step functions - Resume from failed step function activity instead of starting a new execution

Redirect Elastic Beanstalk URL to domain name

node-lambda - TypeError: handler is not a function