From 6a9a07df2116aefb4cfca0ac7ab398ab4d199ecc Mon Sep 17 00:00:00 2001 From: nutrina <8137830+nutrina@users.noreply.github.com> Date: Fri, 25 Oct 2024 16:36:16 +0300 Subject: [PATCH] feat: move infra for v2 to the v2 folder, removing unused lambda handlers, fixing routing (#712) --- .../submit_passport/submit_passport.py | 35 -- .../tests/test_get_score_lambda.py | 450 ------------------ infra/aws/index.ts | 166 +++++-- infra/lib/scorer/new_service.ts | 26 +- infra/lib/v2/index.ts | 68 ++- 5 files changed, 183 insertions(+), 562 deletions(-) delete mode 100644 api/aws_lambdas/submit_passport/tests/test_get_score_lambda.py diff --git a/api/aws_lambdas/submit_passport/submit_passport.py b/api/aws_lambdas/submit_passport/submit_passport.py index 2cbec7a22..be239411c 100644 --- a/api/aws_lambdas/submit_passport/submit_passport.py +++ b/api/aws_lambdas/submit_passport/submit_passport.py @@ -35,38 +35,3 @@ def _handler(event, _context, request, user_account, body): def handler(*args, **kwargs): close_old_connections() return _handler(*args, **kwargs) - - -@with_api_request_exception_handling -def _handler_get_score(event, _context, request, user_account, body): - path = event.get("path", "").split("/") - - if len(path) != 6: - raise InvalidRequest(f"Invalid path: '{path}'") - - scorer_id = path[3] - address = path[5] - - logger.info(f"path: '%s', scorer_id: '%s', address: %s", path, scorer_id, address) - - # unquote(event.get("queryStringParameters", {}).get("model_list", "")) - - score = async_to_sync(ahandle_submit_passport)( - SubmitPassportPayload( - scorer_id=scorer_id, - address=address, - ), - user_account, - ) - - return score - - -def handler_get_score(*args, **kwargs): - """ - This handles the new GET request for the score, that also implies doing the same score - calculation as on the previous POST `submit-passport` request - """ - - close_old_connections() - return _handler_get_score(*args, **kwargs) diff --git a/api/aws_lambdas/submit_passport/tests/test_get_score_lambda.py b/api/aws_lambdas/submit_passport/tests/test_get_score_lambda.py deleted file mode 100644 index c83631ab2..000000000 --- a/api/aws_lambdas/submit_passport/tests/test_get_score_lambda.py +++ /dev/null @@ -1,450 +0,0 @@ -import base64 -import json -from copy import deepcopy - -import pytest - -from account.models import AccountAPIKeyAnalytics -from aws_lambdas.scorer_api_passport.tests.helpers import MockContext -from aws_lambdas.scorer_api_passport.utils import strip_event -from registry.test.test_passport_submission import mock_passport - -from ..submit_passport import _handler_get_score - -# Sample mock event -sample_event = { - "headers": {"x-api-key": "sample_key"}, - "body": '{"some_key": "some_value"}', -} - -pytestmark = pytest.mark.django_db - - -def make_test_event(api_key, address, community_id): - """ - Creates a mock event for testing purposes. - """ - return { - "requestContext": { - "elb": { - "targetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:515520736917:targetgroup/testTargetGroup-e050da0/c8f86571a77b9bc5" - } - }, - "httpMethod": "GET", - "path": f"/v2/stamps/{community_id}/score/{address}", - "queryStringParameters": {}, - "headers": { - "content-length": "73", - "content-type": "application/json", - "host": "api.staging.scorer.gitcoin.co", - "user-agent": "k6/0.46.0 (https://k6.io/)", - "x-amzn-trace-id": "Root=1-650373d8-19455f7f1bfd3c6f0fc3f323", - "x-api-key": api_key, - "x-forwarded-for": "164.90.200.92", - "x-forwarded-port": "443", - "x-forwarded-proto": "https", - }, - "body": "", - "isBase64Encoded": False, - } - - -def make_test_event_with_base64_encoded_body(api_key, address, community_id): - """ - Creates a mock event for testing purposes. - """ - return { - "requestContext": { - "elb": { - "targetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:515520736917:targetgroup/testTargetGroup-e050da0/c8f86571a77b9bc5" - } - }, - "httpMethod": "POST", - "path": f"/v2/stamps/{community_id}/score/{address}", - "queryStringParameters": {}, - "headers": { - "content-length": "73", - "content-type": "application/json", - "host": "api.staging.scorer.gitcoin.co", - "user-agent": "k6/0.46.0 (https://k6.io/)", - "x-amzn-trace-id": "Root=1-650373d8-19455f7f1bfd3c6f0fc3f323", - "x-api-key": api_key, - "x-forwarded-for": "164.90.200.92", - "x-forwarded-port": "443", - "x-forwarded-proto": "https", - }, - "body": "", - "isBase64Encoded": True, - } - - -def test_successful_authentication( - scorer_api_key, - scorer_community_with_binary_scorer, - passport_holder_addresses, - mocker, -): - """ - Tests that authentication is successful given correct credentials. - """ - - mocker.patch( - "registry.atasks.aget_passport", - return_value=mock_passport, - ) - mocker.patch("registry.atasks.validate_credential", side_effect=[[], [], []]) - address = passport_holder_addresses[0]["address"].lower() - event = make_test_event( - scorer_api_key, address, scorer_community_with_binary_scorer.id - ) - - response = _handler_get_score(event, MockContext()) - - assert response is not None - body = json.loads(response["body"]) - - assert body["address"] == address - assert body["score"] == "0" - assert body["status"] == "DONE" - - assert body["evidence"] == { - "type": "ThresholdScoreCheck", - "success": False, - "rawScore": 0.9329999999999999, - "threshold": 20.0, - } - assert body["error"] is None - assert body["stamp_scores"] == {"Ens": 0.408, "Google": 0.525} - # We just check that something != None was recorded for the last timestamp - assert body["last_score_timestamp"] is not None - - assert response["statusCode"] == 200 - - -def test_successful_authentication_and_base64_encoded_body( - scorer_api_key, - scorer_community_with_binary_scorer, - passport_holder_addresses, - mocker, -): - """ - Tests that authentication is successful given correct credentials. - Also this test uses a body payload that is base64 encoded. - """ - - mocker.patch( - "registry.atasks.aget_passport", - return_value=mock_passport, - ) - mocker.patch("registry.atasks.validate_credential", side_effect=[[], [], []]) - address = passport_holder_addresses[0]["address"].lower() - event = make_test_event_with_base64_encoded_body( - scorer_api_key, address, scorer_community_with_binary_scorer.id - ) - - response = _handler_get_score(event, MockContext()) - - assert response is not None - body = json.loads(response["body"]) - - assert body["address"] == address - assert body["score"] == "0" - assert body["status"] == "DONE" - assert body["evidence"] == { - "type": "ThresholdScoreCheck", - "success": False, - "rawScore": 0.9329999999999999, - "threshold": 20.0, - } - assert body["error"] is None - assert body["stamp_scores"] == {"Ens": 0.408, "Google": 0.525} - # We just check that something != None was recorded for the last timestamp - assert body["last_score_timestamp"] is not None - - assert response["statusCode"] == 200 - - -def test_unsucessfull_auth(scorer_account, scorer_community_with_binary_scorer): - """ - Tests that authentication fails given incorrect credentials. - """ - event = make_test_event( - "bad_key", scorer_account.address, scorer_community_with_binary_scorer.id - ) - - response = _handler_get_score(event, MockContext()) - - assert response is not None - assert response["statusCode"] == 401 - - -def test_strip_event(): - stripped_data, event = strip_event(sample_event) - - -def test_strip_event_strips_the_api_key( - scorer_api_key, - scorer_community_with_binary_scorer, - passport_holder_addresses, -): - """ - Tests that authentication is successful given correct credentials. - """ - - address = passport_holder_addresses[0]["address"].lower() - event = make_test_event( - scorer_api_key, address, scorer_community_with_binary_scorer.id - ) - initial_event = deepcopy(event) - sensitive_data, event = strip_event(event) - - assert sensitive_data["x-api-key"] == initial_event["headers"]["x-api-key"] - assert event["headers"]["x-api-key"] == "***" - - # Events hould equal the initial event after adding back the stripped data - event["headers"]["x-api-key"] = sensitive_data["x-api-key"] - assert event == initial_event - - -def test_strip_event_handle_missing_api_key( - scorer_api_key, - scorer_community_with_binary_scorer, - passport_holder_addresses, -): - """ - Tests that authentication is successful given correct credentials. - """ - - address = passport_holder_addresses[0]["address"].lower() - event = make_test_event( - scorer_api_key, address, scorer_community_with_binary_scorer.id - ) - - # Delete the "x-api-key" we want to assume our event does not have it at the beginning - del event["headers"]["x-api-key"] - assert "x-api-key" not in event["headers"] - - initial_event = deepcopy(event) - - sensitive_data, event = strip_event(event) - - assert len(sensitive_data) == 0 - assert event == initial_event - - -def test_successful_authentication_and_analytics_logging( - scorer_api_key, - scorer_community_with_binary_scorer, - passport_holder_addresses, - mocker, -): - """ - Tests that proper analytics entry is registered in the DB - """ - - mocker.patch( - "registry.atasks.aget_passport", - return_value=mock_passport, - ) - mocker.patch("registry.atasks.validate_credential", side_effect=[[], [], []]) - address = passport_holder_addresses[0]["address"].lower() - event = { - "requestContext": { - "elb": { - "targetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:515520736917:targetgroup/testTargetGroup-e050da0/c8f86571a77b9bc5" - } - }, - "httpMethod": "POST", - "path": f"/v2/stamps/{scorer_community_with_binary_scorer.id}/score/{address}", - "queryStringParameters": {"a": "b"}, - "headers": { - "content-length": "73", - "content-type": "application/json", - "host": "api.staging.scorer.gitcoin.co", - "user-agent": "k6/0.46.0 (https://k6.io/)", - "x-amzn-trace-id": "Root=1-650373d8-19455f7f1bfd3c6f0fc3f323", - "x-api-key": scorer_api_key, - "x-forwarded-for": "164.90.200.92", - "x-forwarded-port": "443", - "x-forwarded-proto": "https", - }, - "body": "", - "isBase64Encoded": False, - } - - response = _handler_get_score(event, MockContext()) - - assert response is not None - assert response["statusCode"] == 200 - - # Check for the proper analytics entry - analytics_entry = AccountAPIKeyAnalytics.objects.order_by("-created_at")[0] - assert analytics_entry.path == event["path"] - assert analytics_entry.path_segments == [ - "v2", - "stamps", - str(scorer_community_with_binary_scorer.id), - "score", - address, - ] - assert analytics_entry.payload == {} - assert analytics_entry.query_params == {"a": "b"} - assert analytics_entry.headers == { # header without api key - "content-length": "73", - "content-type": "application/json", - "host": "api.staging.scorer.gitcoin.co", - "user-agent": "k6/0.46.0 (https://k6.io/)", - "x-amzn-trace-id": "Root=1-650373d8-19455f7f1bfd3c6f0fc3f323", - "x-forwarded-for": "164.90.200.92", - "x-forwarded-port": "443", - "x-forwarded-proto": "https", - "x-api-key": "***", - } - - assert analytics_entry.error is None - - -def test_failed_authentication_and_analytics_logging( - scorer_api_key, - scorer_community_with_binary_scorer, - passport_holder_addresses, - mocker, -): - """ - Tests that proper analytics entry is registered in the DB - """ - - mocker.patch( - "registry.atasks.aget_passport", - return_value=mock_passport, - ) - mocker.patch("registry.atasks.validate_credential", side_effect=[[], [], []]) - address = passport_holder_addresses[0]["address"].lower() - event = { - "requestContext": { - "elb": { - "targetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:515520736917:targetgroup/testTargetGroup-e050da0/c8f86571a77b9bc5" - } - }, - "httpMethod": "POST", - "path": f"/v2/stamps/{scorer_community_with_binary_scorer.id}/score/{address}", - "queryStringParameters": {"a": "b"}, - "headers": { - "content-length": "73", - "content-type": "application/json", - "host": "api.staging.scorer.gitcoin.co", - "user-agent": "k6/0.46.0 (https://k6.io/)", - "x-amzn-trace-id": "Root=1-650373d8-19455f7f1bfd3c6f0fc3f323", - "x-api-key": scorer_api_key + "-BAD", - "x-forwarded-for": "164.90.200.92", - "x-forwarded-port": "443", - "x-forwarded-proto": "https", - }, - "body": "", - "isBase64Encoded": False, - } - - response = _handler_get_score(event, MockContext()) - - assert response is not None - assert response["statusCode"] == 401 - - # Check for the proper analytics entry - analytics_entry_count = AccountAPIKeyAnalytics.objects.order_by( - "-created_at" - ).count() - - # because of the bad API key with expect no logs - assert analytics_entry_count == 0 - - -def test_bad_scorer_id_and_analytics_logging( - scorer_api_key, - scorer_community_with_binary_scorer, - passport_holder_addresses, - mocker, -): - """ - Tests that proper analytics entry is registered in the DB - """ - - mocker.patch( - "registry.atasks.aget_passport", - return_value=mock_passport, - ) - mocker.patch("registry.atasks.validate_credential", side_effect=[[], [], []]) - address = passport_holder_addresses[0]["address"].lower() - event = { - "requestContext": { - "elb": { - "targetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:515520736917:targetgroup/testTargetGroup-e050da0/c8f86571a77b9bc5" - } - }, - "httpMethod": "POST", - "path": f"/v2/stamps/123123/score/{address}", - "queryStringParameters": {"a": "b"}, - "headers": { - "content-length": "73", - "content-type": "application/json", - "host": "api.staging.scorer.gitcoin.co", - "user-agent": "k6/0.46.0 (https://k6.io/)", - "x-amzn-trace-id": "Root=1-650373d8-19455f7f1bfd3c6f0fc3f323", - "x-api-key": scorer_api_key, - "x-forwarded-for": "164.90.200.92", - "x-forwarded-port": "443", - "x-forwarded-proto": "https", - }, - "body": "", - "isBase64Encoded": False, - } - - response = _handler_get_score(event, MockContext()) - - assert response is not None - assert response["statusCode"] == 404 - # Check for the proper analytics entry - analytics_entry = AccountAPIKeyAnalytics.objects.order_by("-created_at")[0] - assert analytics_entry.path == event["path"] - assert analytics_entry.path_segments == ["v2", "stamps", "123123", "score", address] - assert analytics_entry.payload == {} - assert analytics_entry.query_params == {"a": "b"} - assert analytics_entry.headers == { # header without api key - "content-length": "73", - "content-type": "application/json", - "host": "api.staging.scorer.gitcoin.co", - "user-agent": "k6/0.46.0 (https://k6.io/)", - "x-amzn-trace-id": "Root=1-650373d8-19455f7f1bfd3c6f0fc3f323", - "x-forwarded-for": "164.90.200.92", - "x-forwarded-port": "443", - "x-forwarded-proto": "https", - "x-api-key": "***", - } - - assert analytics_entry.error == "No scorer matches the given criteria." - - -# Conflicting with other rate limiting tests -# @override_settings(RATELIMIT_ENABLE=True) -# def test_rate_limiting( -# scorer_api_key, scorer_account, scorer_community_with_binary_scorer -# ): -# """ -# Tests that rate limiting works as expected. -# """ -# (_, secret) = AccountAPIKey.objects.create_key( -# account=scorer_account, -# name="Token for user 1", -# rate_limit="3/30seconds", -# ) -# event = make_test_event( -# secret, scorer_account.address, scorer_community_with_binary_scorer.id -# ) - -# for _ in range(3): -# response = handler(event, None) -# assert response is not None -# assert response["statusCode"] == 200 - -# rate_limit = handler(event, None) -# assert rate_limit is not None -# assert rate_limit["statusCode"] == 429 diff --git a/infra/aws/index.ts b/infra/aws/index.ts index 4065f6367..fdfb962ac 100644 --- a/infra/aws/index.ts +++ b/infra/aws/index.ts @@ -1785,8 +1785,18 @@ buildHttpLambdaFn( name: "submit-passport-0", memorySize: 1024, dockerCmd: ["aws_lambdas.submit_passport.submit_passport.handler"], - pathPatterns: ["/registry/submit-passport"], - httpRequestMethods: ["POST"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/registry/submit-passport"], + }, + }, + { + httpRequestMethod: { + values: ["POST"], + }, + }, + ], listenerPriority: 1001, }, alarmConfigurations @@ -1798,8 +1808,18 @@ buildHttpLambdaFn( name: "cc-v1-st-bulk-POST-0", memorySize: 512, dockerCmd: ["aws_lambdas.scorer_api_passport.v1.stamps.bulk_POST.handler"], - pathPatterns: ["/ceramic-cache/stamps/bulk"], - httpRequestMethods: ["POST"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/ceramic-cache/stamps/bulk"], + }, + }, + { + httpRequestMethod: { + values: ["POST"], + }, + }, + ], listenerPriority: 1002, }, alarmConfigurations @@ -1811,8 +1831,18 @@ buildHttpLambdaFn( name: "cc-v1-st-bulk-PATCH-0", memorySize: 512, dockerCmd: ["aws_lambdas.scorer_api_passport.v1.stamps.bulk_PATCH.handler"], - pathPatterns: ["/ceramic-cache/stamps/bulk"], - httpRequestMethods: ["PATCH"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/ceramic-cache/stamps/bulk"], + }, + }, + { + httpRequestMethod: { + values: ["PATCH"], + }, + }, + ], listenerPriority: 1003, }, alarmConfigurations @@ -1826,8 +1856,18 @@ buildHttpLambdaFn( dockerCmd: [ "aws_lambdas.scorer_api_passport.v1.stamps.bulk_DELETE.handler", ], - pathPatterns: ["/ceramic-cache/stamps/bulk"], - httpRequestMethods: ["DELETE"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/ceramic-cache/stamps/bulk"], + }, + }, + { + httpRequestMethod: { + values: ["DELETE"], + }, + }, + ], listenerPriority: 1004, }, alarmConfigurations @@ -1839,8 +1879,18 @@ buildHttpLambdaFn( name: "cc-auhenticate-0", memorySize: 512, dockerCmd: ["aws_lambdas.scorer_api_passport.v1.authenticate_POST.handler"], - pathPatterns: ["/ceramic-cache/authenticate"], - httpRequestMethods: ["POST"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/ceramic-cache/authenticate"], + }, + }, + { + httpRequestMethod: { + values: ["POST"], + }, + }, + ], listenerPriority: 1005, }, alarmConfigurations @@ -1852,8 +1902,18 @@ buildHttpLambdaFn( name: "cc-v1-score-POST-0", memorySize: 512, dockerCmd: ["aws_lambdas.scorer_api_passport.v1.score_POST.handler"], - pathPatterns: ["/ceramic-cache/score/*"], - httpRequestMethods: ["POST"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/ceramic-cache/score/*"], + }, + }, + { + httpRequestMethod: { + values: ["POST"], + }, + }, + ], listenerPriority: 1006, }, alarmConfigurations @@ -1865,8 +1925,18 @@ buildHttpLambdaFn( name: "cc-v1-score-GET-0", memorySize: 512, dockerCmd: ["aws_lambdas.scorer_api_passport.v1.score_GET.handler"], - pathPatterns: ["/ceramic-cache/score/0x*"], - httpRequestMethods: ["GET"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/ceramic-cache/score/0x*"], + }, + }, + { + httpRequestMethod: { + values: ["GET"], + }, + }, + ], listenerPriority: 1007, }, alarmConfigurations @@ -1878,8 +1948,18 @@ buildHttpLambdaFn( name: "cc-weights-GET-0", memorySize: 512, dockerCmd: ["aws_lambdas.scorer_api_passport.v1.weights_GET.handler"], - pathPatterns: ["/ceramic-cache/weights"], - httpRequestMethods: ["GET"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/ceramic-cache/weights"], + }, + }, + { + httpRequestMethod: { + values: ["GET"], + }, + }, + ], listenerPriority: 1015, }, alarmConfigurations @@ -1891,8 +1971,18 @@ buildHttpLambdaFn( name: "cc-v1-st-GET-0", memorySize: 512, dockerCmd: ["aws_lambdas.scorer_api_passport.v1.stamp_GET.handler"], - pathPatterns: ["/ceramic-cache/stamp"], - httpRequestMethods: ["GET"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/ceramic-cache/stamp"], + }, + }, + { + httpRequestMethod: { + values: ["GET"], + }, + }, + ], listenerPriority: 1010, }, alarmConfigurations @@ -1904,39 +1994,23 @@ buildHttpLambdaFn( name: "passport-analysis-GET-0", memorySize: 256, dockerCmd: ["aws_lambdas.passport.analysis_GET.handler"], - pathPatterns: ["/passport/analysis/*"], - httpRequestMethods: ["GET"], - listenerPriority: 1012, - }, - alarmConfigurations -); - -buildHttpLambdaFn( - { - ...lambdaSettings, - name: "passport-v2-model-score", - memorySize: 256, - dockerCmd: ["v2.aws_lambdas.models_score_GET.handler"], - pathPatterns: ["/v2/models/score/*"], - httpRequestMethods: ["GET"], + httpListenerRulePaths: [ + { + pathPattern: { + values: ["/passport/analysis/*"], + }, + }, + { + httpRequestMethod: { + values: ["GET"], + }, + }, + ], listenerPriority: 1012, }, alarmConfigurations ); -buildHttpLambdaFn( - { - ...lambdaSettings, - name: "passport-stamp-score-GET-0", - memorySize: 256, - dockerCmd: ["v2.aws_lambdas.stamp_score_GET.handler"], - pathPatterns: ["/v2/stamps/*/score/*"], - httpRequestMethods: ["GET"], - listenerPriority: 1013, - }, - alarmConfigurations -); - buildQueueLambdaFn({ ...lambdaSettings, name: "rescore-0", diff --git a/infra/lib/scorer/new_service.ts b/infra/lib/scorer/new_service.ts index c4606b78e..6b1d94f65 100644 --- a/infra/lib/scorer/new_service.ts +++ b/infra/lib/scorer/new_service.ts @@ -884,8 +884,9 @@ export function buildHttpLambdaFn( args: BuildLambdaFnBaseParams & { httpsListener: Output; listenerPriority: number; - pathPatterns: string[]; - httpRequestMethods?: string[]; + httpListenerRulePaths?: Input< + Input[] + >; }, loadBalancerAlarmThresholds: AlarmConfigurations ) { @@ -894,8 +895,7 @@ export function buildHttpLambdaFn( const { httpsListener, listenerPriority, - pathPatterns, - httpRequestMethods, + httpListenerRulePaths, name, alertTopic, alb, @@ -925,22 +925,6 @@ export function buildHttpLambdaFn( } ); - const conditions: any = [ - { - pathPattern: { - values: pathPatterns, - }, - }, - ]; - - if (httpRequestMethods) { - conditions.push({ - httpRequestMethod: { - values: httpRequestMethods, - }, - }); - } - const targetPassportRule = new ListenerRule(`lrule-lambda-${name}`, { tags: { ...defaultTags, Name: `lrule-lambda-${name}` }, listenerArn: httpsListener.arn, @@ -951,7 +935,7 @@ export function buildHttpLambdaFn( targetGroupArn: lambdaTargetGroup.arn, }, ], - conditions, + conditions: httpListenerRulePaths || [], }); if (alertTopic) { diff --git a/infra/lib/v2/index.ts b/infra/lib/v2/index.ts index a79ede070..89e245df6 100644 --- a/infra/lib/v2/index.ts +++ b/infra/lib/v2/index.ts @@ -83,22 +83,65 @@ export function createV2Api({ alertTopic: pagerdutyTopic, alb: alb, }; - // Manage Lamba services + + buildHttpLambdaFn( + { + ...lambdaSettings, + name: "passport-v2-model-score", + memorySize: 256, + dockerCmd: ["v2.aws_lambdas.models_score_GET.handler"], + httpListenerRulePaths: [ + { + hostHeader: { + values: ["*.passport.xyz"], + }, + }, + { + pathPattern: { + values: ["/v2/models/score/*"], + }, + }, + { + httpRequestMethod: { + values: ["GET"], + }, + }, + ], + listenerPriority: 2021, + }, + alarmConfigurations + ); + buildHttpLambdaFn( { ...lambdaSettings, - name: "v2-get-score", - memorySize: 1024, - dockerCmd: [ - "aws_lambdas.submit_passport.submit_passport.handler_get_score", + name: "passport-v2-stamp-score", + memorySize: 256, + dockerCmd: ["v2.aws_lambdas.stamp_score_GET.handler"], + httpListenerRulePaths: [ + { + hostHeader: { + values: ["*.passport.xyz"], + }, + }, + { + pathPattern: { + values: ["/v2/stamps/*/score/*"], + }, + }, + { + httpRequestMethod: { + values: ["GET"], + }, + }, ], - pathPatterns: ["/v2/stamps/*/score/*"], - listenerPriority: 2020, + listenerPriority: 2022, }, alarmConfigurations ); - const targetPassportRule = new ListenerRule(`lrule-v2`, { - tags: { ...defaultTags, Name: "lrule-v2" }, + + const targetPassportRule = new ListenerRule(`passport-v2-lrule`, { + tags: { ...defaultTags, Name: "passport-v2-lrule" }, listenerArn: httpsListener.arn, priority: 2060, actions: [ @@ -123,7 +166,7 @@ export function createV2Api({ const targetOnlyPassportDomainRule = new ListenerRule(`lrule-no-gitcoin-v2`, { tags: { ...defaultTags, Name: `lrule-no-gitcoin-v2` }, listenerArn: httpsListener.arn, - priority: 2100, + priority: 2000, actions: [ { type: "fixed-response", @@ -137,6 +180,11 @@ export function createV2Api({ }, ], conditions: [ + { + hostHeader: { + values: ["*.gitcoin.co"], + }, + }, { pathPattern: { values: ["/v2/*"],