0

I'm trying to use a lambda function to decrypt files coming to S3, I download the files without issues, but when I try to decrypt them the gpg can not be found. I;ve tried using both python-gnupg and gnupg but both failed mentioning that gnupg is not available on the OS. Below my code for isntantiating GPG in python It works well with python 3.7, but if I upgrade to 3.8, Lambda uses AMazon Linux 2, which doesn't come with gpg. How can I make it work with python 3.8 in Lambda?

gpg = gnupg.GPG(gnupghome='/tmp')

Error:

OSError: Unable to run gpg (gnupg) - it may not be available

All the examples I've found don't seem to do anything extra. I'm packaging the python-gnugp package and all other python packages for my function

is the gpg binary available in Lambda? how can I make this work?

dpaluy
  • 3,537
  • 1
  • 28
  • 42
Franklin Rivero
  • 581
  • 1
  • 3
  • 18

1 Answers1

0

You have to bundle the gpg binary and its dependencies and deliver them in your package. In my package i bundle them into a folder named 'gpg', then when I use gpg in my Lambda function, I do this:

def lambda_handler(event, context):
    old = os.environ.get("LD_LIBRARY_PATH")
    if old:
        os.environ["LD_LIBRARY_PATH"] = "./gpg" + ":" + old
    else:
        os.environ["LD_LIBRARY_PATH"] = "./gpg"
    
    gpg = gnupg.GPG(gnupghome='/tmp', gpgbinary='./gpg/gpg2', verbose=False)
regretoverflow
  • 2,093
  • 1
  • 23
  • 45
  • I ended up packaging the gog binaries with the Lambda, can you add an explanation on how to get the binaries? To get the binaries I launched an EC2 instance and got them form: 1. gpg file from '/usr/bin/gpg' 2. lib files from '/usr/lib64/' – Franklin Rivero Apr 29 '21 at 19:19