Comments (7)
joshuabalduff
commented on August 22, 2024
15
Bump because passing in account id, arns as secrets seems like a needed feature.
from amazon-ecs-render-task-definition.
robbie1douglas
commented on August 22, 2024
6
Similarly, I want to pass account numbers in ARNs in as secrets to the task-definition.json to keep them out of the repo.
from amazon-ecs-render-task-definition.
adamhathcock
commented on August 22, 2024
5
Has any work been done this? Being able to merge in any value into the task definition or having environment variables exposed as a first class input would be great.
Thanks!
from amazon-ecs-render-task-definition.
clareliguori
commented on August 22, 2024
1
Do you have an example of how you would want to provide the task def setting and value you want to update?
I think part of the challenge today is that GitHub Actions inputs are fairly inflexible. In GH Actions, the input keys are typically fixed in the action.yml, and then the input value must be a string. For example, you can't provide a map of task def keys you want to update mapped to your desired value as an input. There are some workarounds here, but neither of them seem particular user-friendly.
https://github.community/t5/GitHub-Actions/Can-action-inputs-be-arrays/td-p/33776
Just brainstorming here, there are a couple other tools that might be useful for accomplishing what you're looking to do. Something like envsubst can evaluate environment variables in a file and replace them with the current env variable value. So for example, in your task def:
"secrets": [
{
"name": "username",
"valueFrom": "$USERNAME_SECRET_ARN"
}
],
There are a few envsubst GitHub Actions in the marketplace, though I haven't tried any of them.
https://github.com/marketplace?type=actions&query=envsubst
You could also merge multiple files together to enable having stage-specific settings. For example, have a task-def-base.json, task-def-dev.json, task-def-prod.json. task-def-base.json can have most of your settings that are common across stages, with task-def-prod.json just containing a CPU setting override.
{
"containerDefinitions": [
{
"name": "my-container",
"cpu": 1024,
}
]
}
A tool like yq can merge files together:
https://mikefarah.gitbook.io/yq/commands/merge
yq is mostly for yaml, but it should be able to merge json as well. It also has a GitHub Action:
https://github.com/mikefarah/yq/blob/master/action.yml
Please let me know if either of these work for you!
from amazon-ecs-render-task-definition.
michaelhelmick
commented on August 22, 2024
Hm, I can't get around to trying the suggestions for a bit, but they look usable.
Maybe providing a json file in the with: for key other_env_vars or something and this action could loop over each key value and update the task-definition.json that is provided?
ci.yml
name: Render Amazon ECS task definition
id: render-web-container
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
container-name: web
other-vars: other-vars.json
image: amazon/amazon-ecs-sample:latest
other-vars.json
{
"memoryReservation": 256,
"cpu": 1024,
"environment: [
"LOG_LEVEL": "info",
"OTHER_VAR": "abc123"
],
"secrets": [
"FACEBOOK_API_KEY": "arn:aws:secretsmanager:us-east-1:account_id:secret:project/FACEBOOK_API_KEY-abcDEF"}",
"STRIPE_API_KEY": "arn:aws:secretsmanager:us-east-1:account_id:secret:project/STRIPE_API_KEY-defGHI"}"
]
}After this action ran, task def would look like:
from amazon-ecs-render-task-definition.
michaelhelmick
commented on August 22, 2024
Okay, so as I wrote that, I kind of see that we'd prob want the task def to be separate for each, i.e.:
taskdefs
|_staging.json
|_production.json
|_other.json
and in the action, use
with:
task-definition: ./taskdefs/{{ env.ENVIRONMENT }}.json
or something similar?
Would prob be easier than envsubst everywhere. Would you agree with the above method?
from amazon-ecs-render-task-definition.
clareliguori
commented on August 22, 2024
Ah, I see so similar to how yq merge works, the render-task-definition action could merge in a task def "fragment"?
So I think you could do:
task-def.json
staging-vars.json
prod-vars.json
And then:
- name: Add image to Amazon ECS task definition
id: render-image-in-task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-def.json
container-name: web
image: amazon/amazon-ecs-sample:latest
- name: Render Amazon ECS task definition for staging
id: render-staging-task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: ${{ steps.render-image-in-task-def.outputs.task-definition }}
merge: staging-vars.json
- name: Render Amazon ECS task definition for prod
id: render-prod-task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: ${{ steps.render-image-in-task-def.outputs.task-definition }}
merge: prod-vars.json
- name: Deploy to Staging
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.render-staging-task-def.outputs.task-definition }}
service: my-staging-service
cluster: my-staging-cluster
- name: Deploy to Prod
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.render-prod-task-def.outputs.task-definition }}
service: my-prod-service
cluster: my-prod-cluster
from amazon-ecs-render-task-definition.
Related Issues (20)
- set-output command is deprecated HOT 6
- Add ability to set env vars from file or from AWS AppConfig
- dynamic image change HOT 2
- The `set-output` command is deprecated HOT 4
- Render for more than one container HOT 3
- Q: Error: Invalid task definition: Could not find container definition with matching name HOT 14
- How to create a new revision for an existing task definition? HOT 2
- Unable to use multi-line environment variables HOT 3
- Bug: Invalid task definition: Could not find container definition with matching name HOT 2
- current status HOT 3
- how to update the awslogs-group? HOT 2
- new dist creation workflow (package) failing
- ephemeralStorage value is not copied over
- Adding support for `dockerLabels` in task HOT 1
- How to pass environment variable file to the action? HOT 2
- dockers-labels not working HOT 4
- Node16 deprecation warning HOT 16
- I think `v1.3.0` not working with command starts with `NODE_ENV=` HOT 3
- The render action does not delete environment variables that are no longer passed to it HOT 1
- Need a way to remove Docker commands
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amazon-ecs-render-task-definition.