feat: prune lambda versions (#5)

chrispsheehan · web-flow · commit 2c8e2c10a956 · 2025-09-23T16:32:35.000+01:00
* feat: add lambda-prune script

* fix: depends_on = [aws_lambda_alias.live]

* feat: delete older x versions

* chore: ci input lambda_keep
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -17,6 +17,10 @@ on:
         description: "Valid lambda version"
         required: true
         type: string
+      lambda_keep:
+        description: "Number of lambda versions to keep"
+        default: '5'
+        type: string
 
 
 concurrency: # only run one instance of workflow at any one time
@@ -121,3 +125,13 @@ jobs:
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
           just_action: lambda-deploy
+
+      - name: prune lambda
+        uses: chrispsheehan/just-aws-oidc-action@0.1.3
+        env:
+          KEEP: ${{ inputs.lambda_keep }}
+          FUNCTION_NAME: ${{ steps.get-api-vars.outputs.lambda_function_name }}
+          ALIAS_NAME: ${{ steps.get-api-vars.outputs.lambda_alias_name }}
+        with:
+          aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
+          just_action: lambda-prune
diff --git a/infra/modules/aws/lambda/main.tf b/infra/modules/aws/lambda/main.tf
@@ -116,6 +116,8 @@ resource "aws_appautoscaling_target" "pc_target" {
   resource_id        = "function:${local.lambda_name}:${var.environment}"
   scalable_dimension = "lambda:function:ProvisionedConcurrency"
   service_namespace  = "lambda"
+
+  depends_on = [aws_lambda_alias.live]
 }
 
 resource "aws_appautoscaling_policy" "pc_policy" {
diff --git a/justfile b/justfile
@@ -230,3 +230,32 @@ lambda-deploy:
     echo "❌ Deployment $DEPLOYMENT_ID did not complete within expected time."
     exit 1
 
+
+lambda-prune:
+    #!/usr/bin/env bash
+    live_version=$(aws lambda get-alias \
+        --function-name "$FUNCTION_NAME" \
+        --name "$ALIAS_NAME" \
+        --region "$AWS_REGION" \
+        | jq -r '.FunctionVersion')
+
+    echo "Alias '$ALIAS_NAME' points to: ${live_version:-<none>}"
+    versions=$(aws lambda list-versions-by-function \
+        --function-name "$FUNCTION_NAME" \
+        --region "$AWS_REGION" \
+        | jq -r '.Versions[] | select(.Version != "$LATEST") | .Version' \
+        | sort -nr)
+
+    keep_newest=$(echo "$versions" | head -n "$KEEP")
+    keep_set=$(printf "%s\n%s\n" "$keep_newest" "$live_version" | sort -u)
+    to_delete=$(comm -23 <(echo "$versions" | sort -u) <(echo "$keep_set" | sort -u))
+
+    echo "Keeping version(s):  $(echo "$keep_set" | tr '\n' ' ')"
+    if [[ -z "${to_delete// }" ]]; then
+        echo "Nothing to delete."
+        exit 0
+    fi
+    for v in $to_delete; do
+        echo "Deleting $FUNCTION_NAME:$v"
+        aws lambda delete-function --function-name "$FUNCTION_NAME" --qualifier "$v" --region "$REGION"
+    done

Original file line number	Diff line number	Diff line change
`@@ -116,6 +116,8 @@ resource "aws_appautoscaling_target" "pc_target" {`
`116`	`116`	`resource_id = "function:${local.lambda_name}:${var.environment}"`
`117`	`117`	`scalable_dimension = "lambda:function:ProvisionedConcurrency"`
`118`	`118`	`service_namespace = "lambda"`
	`119`	`+`
	`120`	`+ depends_on = [aws_lambda_alias.live]`
`119`	`121`	`}`
`120`	`122`
`121`	`123`	`resource "aws_appautoscaling_policy" "pc_policy" {`