Running Git in an AWS Lambda Function
Last updated: February 19, 2020
The AWS Lambda execution environment, depending on the AWS Lambda runtime, is based on the
Amazon Linux AMI release 2018.03 or
Amazon Linux release 2 (Karoo). Git is not pre-installed in the AWS Lambda execution environment.
You can compile the latest sources of Git and include the binaries into the deployment package of your Lambda function. You must build the binaries for the matching version of Amazon Linux or link them statically. If you want to keep your deployment package small, you can include the binaries in an AWS Lambda layer and attach this layer to the execution environment of your Lambda function.
Alternatively, you can download the latest available Git RPM package from the official Yum repository.
For the runtimes running on
Amazon Linux AMI release 2018.03, you can download the Git RPM package in the Lambda function itself during its execution. In this case, you only need to add a few lines of source code to your Lambda function. The following procedure describes this approach.
How to Run Git in a Lambda Function
- This procedure applies only to the AWS Lambda runtimes running on
Amazon Linux AMI release 2018.03. The runtimes running on
Amazon Linux release 2 (Karoo)do not have the necessary
The repositories of the
Amazon Linux AMI release 2018.03 are defined in the configuration files in the
/etc/yum.repos.d directory. You can query the repositories using the
repoquery utility to get the download URLs of RPM packages.
The download URL of the latest available version of the Git RPM package for the
Amazon Linux AMI release 2018.03 is
$awsregion can have one of the following values:
To download and run Git in your Lambda function during its execution:
git-2.14.6-1.61.amzn1.x86_64.rpmpackage, verify its signature and extract the files from this package to
For example, if you invoke your Lambda function in the
US East (N. Virginia)region, execute in this function the following sequence of commands:
rm -fr /tmp/git-2.14.6 && \ mkdir /tmp/git-2.14.6 && \ cd /tmp/git-2.14.6 && \ curl -s -O http://packages.us-east-1.amazonaws.com/2018.03/updates/f446a21a0049/x86_64/Packages/git-2.14.6-1.61.amzn1.x86_64.rpm && \ rpm -K git-2.14.6-1.61.amzn1.x86_64.rpm && \ rpm2cpio git-2.14.6-1.61.amzn1.x86_64.rpm | cpio -id && \ rm git-2.14.6-1.61.amzn1.x86_64.rpm
- Run the Git client as follows:
cd /tmp/git-2.14.6 && \ HOME=/var/task \ GIT_TEMPLATE_DIR=/tmp/git-2.14.6/usr/share/git-core/templates \ GIT_EXEC_PATH=/tmp/git-2.14.6/usr/libexec/git-core \ /tmp/git-2.14.6/usr/bin/git --version
- For the Python implementation of this procedure, see Appendix A, How to Clone a Git Repository in a Lambda Function (Python).
Appendix A, How to Clone a Git Repository in a Lambda Function (Python)
The following Python code snippet shows how you can clone a public Git repository in your Lambda function. In this example, you create a shallow clone with a depth of 1 to the
/tmp/git-2.14.6 directory. The code is compatible with Python 2.7, Python 3.6, and Python 3.7.
The execution duration of this Lambda function depends on the size of the configured memory and can be as less as
# CloudBriefly.com from __future__ import print_function import os import subprocess def lambda_handler(event, context): # The Git repository to clone remote_repository = 'https://github.com/gohugoio/hugo.git' git_command = 'clone --depth 1' git_rpm_region = os.environ['AWS_REGION'] git_rpm_download_url = '/'.join([ 'http://packages.%s.amazonaws.com' % git_rpm_region, '2018.03/updates/f446a21a0049/x86_64/Packages', 'git-2.14.6-1.61.amzn1.x86_64.rpm']) git_rpm = git_rpm_download_url.split('/')[-1] # git-2.14.6-1.61.amzn1.x86_64.rpm tmp_dir = '/tmp/%s' % '-'.join(git_rpm.split('-')[0:2]) # /tmp/git-2.14.6 # Download, verify and unpack the Git RPM package print(subprocess.check_output( ' && '.join([ 'rm -fr %s' % tmp_dir, 'mkdir %s' % tmp_dir, 'cd %s' % tmp_dir, 'curl -s -O %s' % git_rpm_download_url, 'rpm -K %s' % git_rpm, # Check the GnuPG signature 'rpm2cpio %s | cpio -id' % git_rpm, 'rm %s' % git_rpm ]), stderr=subprocess.STDOUT, shell=True)) # Clone the remote Git repository print(subprocess.check_output( ' && '.join([ 'cd %s' % tmp_dir, ' '.join([ 'HOME=/var/task', 'GIT_TEMPLATE_DIR=%s/usr/share/git-core/templates' % tmp_dir, 'GIT_EXEC_PATH=%s/usr/libexec/git-core' % tmp_dir, '%s/usr/bin/git %s %s' % (tmp_dir, git_command, remote_repository) ]) ]), stderr=subprocess.STDOUT, shell=True))
- If you want to connect from this Lambda function to a CodeCommit repository using the IAM role credentials, you need to add to the deployment package of the function a Git configuration file (
.gitconfig) and a Git credential helper. For further details, see Connecting to AWS CodeCommit Repositories from an AWS Lambda Function.