Changelog: Explicit init parameters and logging for the scrubber lambda (#3309)

cotti · web-flow · commit 0b2d6e895328 · 2026-05-18T13:24:32.000-03:00
* Add tighter and explicit timeout to S3 Client acquisition

* Add intermediary logs
diff --git a/docs-builder.slnx b/docs-builder.slnx
@@ -65,7 +65,8 @@
     <Project Path="src/authoring/Elastic.Documentation.Refactor/Elastic.Documentation.Refactor.csproj" />
   </Folder>
   <Folder Name="/src/infra/">
-    <Project Path="src/infra/docs-lambda-index-publisher/docs-lambda-index-publisher.csproj" />
+	  <Project Path="src/infra/docs-lambda-index-publisher/docs-lambda-index-publisher.csproj" />
+	  <Project Path="src/infra/docs-lambda-changelog-scrubber/docs-lambda-changelog-scrubber.csproj" />
   </Folder>
   <Folder Name="/src/services/">
     <Project Path="src/services/Elastic.Changelog/Elastic.Changelog.csproj" />
diff --git a/src/infra/docs-lambda-changelog-scrubber/Program.cs b/src/infra/docs-lambda-changelog-scrubber/Program.cs
@@ -43,7 +43,17 @@ IReadOnlyList<string> BuildAllowlist()
 
 async Task<SQSBatchResponse> Handler(SQSEvent ev, ILambdaContext context)
 {
-	using var s3Client = new AmazonS3Client();
+	var region = Amazon.RegionEndpoint.GetBySystemName(
+		Environment.GetEnvironmentVariable("AWS_REGION") ?? "us-east-1");
+	var credentials = new Amazon.Runtime.EnvironmentVariablesAWSCredentials();
+
+	using var s3Client = new AmazonS3Client(credentials, new AmazonS3Config
+	{
+		RegionEndpoint = region,
+		Timeout = TimeSpan.FromSeconds(10),
+		MaxErrorRetry = 2
+	});
+
 	var batchItemFailures = new List<SQSBatchResponse.BatchItemFailure>();
 
 	foreach (var message in ev.Records)
@@ -91,6 +101,7 @@ async Task<SQSBatchResponse> Handler(SQSEvent ev, ILambdaContext context)
 
 async Task DeleteFromPublicBucket(IAmazonS3 s3Client, string key, ILambdaContext context)
 {
+	context.Logger.LogDebug($"Removing {key} from the public bucket", key);
 	try
 	{
 		_ = await s3Client.DeleteObjectAsync(new DeleteObjectRequest
@@ -108,6 +119,8 @@ async Task DeleteFromPublicBucket(IAmazonS3 s3Client, string key, ILambdaContext
 
 async Task ScrubAndCopyToPublicBucket(IAmazonS3 s3Client, string sourceBucket, string key, ILambdaContext context)
 {
+	context.Logger.LogDebug("Scrubbing {Key} to public bucket", key);
+
 	var fileName = Path.GetFileName(key);
 	if (string.Equals(fileName, "registry-index.json", StringComparison.OrdinalIgnoreCase))
 	{
@@ -128,6 +141,7 @@ async Task ScrubAndCopyToPublicBucket(IAmazonS3 s3Client, string sourceBucket, s
 		return;
 	}
 
+	context.Logger.LogInformation("Getting {Key} from private bucket", key);
 	var getResponse = await s3Client.GetObjectAsync(new GetObjectRequest
 	{
 		BucketName = sourceBucket,
@@ -138,8 +152,10 @@ async Task ScrubAndCopyToPublicBucket(IAmazonS3 s3Client, string sourceBucket, s
 	using (var reader = new StreamReader(getResponse.ResponseStream))
 		content = await reader.ReadToEndAsync();
 
+	context.Logger.LogInformation("Performing scrub pass for {Key}", key);
 	var scrubbed = await ScrubContent(key, content, context);
 
+	context.Logger.LogInformation("Putting scrubbed {Key} on public bucket", key);
 	_ = await s3Client.PutObjectAsync(new PutObjectRequest
 	{
 		BucketName = publicBucketName,

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,17 @@ IReadOnlyList<string> BuildAllowlist()`
`43`	`43`
`44`	`44`	`async Task<SQSBatchResponse> Handler(SQSEvent ev, ILambdaContext context)`
`45`	`45`	`{`
`46`		`- using var s3Client = new AmazonS3Client();`
	`46`	`+ var region = Amazon.RegionEndpoint.GetBySystemName(`
	`47`	`+ Environment.GetEnvironmentVariable("AWS_REGION") ?? "us-east-1");`
	`48`	`+ var credentials = new Amazon.Runtime.EnvironmentVariablesAWSCredentials();`
	`49`	`+`
	`50`	`+ using var s3Client = new AmazonS3Client(credentials, new AmazonS3Config`
	`51`	`+ {`
	`52`	`+ RegionEndpoint = region,`
	`53`	`+ Timeout = TimeSpan.FromSeconds(10),`
	`54`	`+ MaxErrorRetry = 2`
	`55`	`+ });`
	`56`	`+`
`47`	`57`	`var batchItemFailures = new List<SQSBatchResponse.BatchItemFailure>();`
`48`	`58`
`49`	`59`	`foreach (var message in ev.Records)`
`@@ -91,6 +101,7 @@ async Task<SQSBatchResponse> Handler(SQSEvent ev, ILambdaContext context)`
`91`	`101`
`92`	`102`	`async Task DeleteFromPublicBucket(IAmazonS3 s3Client, string key, ILambdaContext context)`
`93`	`103`	`{`
	`104`	`+ context.Logger.LogDebug($"Removing {key} from the public bucket", key);`
`94`	`105`	`try`
`95`	`106`	`{`
`96`	`107`	`_ = await s3Client.DeleteObjectAsync(new DeleteObjectRequest`
`@@ -108,6 +119,8 @@ async Task DeleteFromPublicBucket(IAmazonS3 s3Client, string key, ILambdaContext`
`108`	`119`
`109`	`120`	`async Task ScrubAndCopyToPublicBucket(IAmazonS3 s3Client, string sourceBucket, string key, ILambdaContext context)`
`110`	`121`	`{`
	`122`	`+ context.Logger.LogDebug("Scrubbing {Key} to public bucket", key);`
	`123`	`+`
`111`	`124`	`var fileName = Path.GetFileName(key);`
`112`	`125`	`if (string.Equals(fileName, "registry-index.json", StringComparison.OrdinalIgnoreCase))`
`113`	`126`	`{`
`@@ -128,6 +141,7 @@ async Task ScrubAndCopyToPublicBucket(IAmazonS3 s3Client, string sourceBucket, s`
`128`	`141`	`return;`
`129`	`142`	`}`
`130`	`143`
	`144`	`+ context.Logger.LogInformation("Getting {Key} from private bucket", key);`
`131`	`145`	`var getResponse = await s3Client.GetObjectAsync(new GetObjectRequest`
`132`	`146`	`{`
`133`	`147`	`BucketName = sourceBucket,`
`@@ -138,8 +152,10 @@ async Task ScrubAndCopyToPublicBucket(IAmazonS3 s3Client, string sourceBucket, s`
`138`	`152`	`using (var reader = new StreamReader(getResponse.ResponseStream))`
`139`	`153`	`content = await reader.ReadToEndAsync();`
`140`	`154`
	`155`	`+ context.Logger.LogInformation("Performing scrub pass for {Key}", key);`
`141`	`156`	`var scrubbed = await ScrubContent(key, content, context);`
`142`	`157`
	`158`	`+ context.Logger.LogInformation("Putting scrubbed {Key} on public bucket", key);`
`143`	`159`	`_ = await s3Client.PutObjectAsync(new PutObjectRequest`
`144`	`160`	`{`
`145`	`161`	`BucketName = publicBucketName,`