├── .buildkite └── pipeline.yml ├── .github ├── CODEOWNERS ├── boomper.yml └── release-drafter.yml ├── CODE_OF_CONDUCT.md ├── LICENSE ├── README.md ├── examples ├── described-task-full.json ├── described-task-multiple.json ├── described-task.json ├── fargate │ ├── container-definition.json │ ├── service-definition.json │ └── task-definition.json ├── hello-world.json └── multiple-images.json ├── hooks └── command ├── lib └── plugin.bash ├── plugin.yml ├── renovate.json └── tests ├── command.bats ├── deprecated-options.bats ├── existing-data.bats ├── required-options.bats └── setup_suite.bash /.buildkite/pipeline.yml: -------------------------------------------------------------------------------- 1 | steps: 2 | - label: ":docker: :hammer:" 3 | plugins: 4 | - plugin-tester#v1.1.1: ~ 5 | 6 | - label: ":shell: Lint" 7 | plugins: 8 | plugin-linter#v3.3.0: 9 | id: ecs-deploy 10 | 11 | - label: ":shell: Shellcheck" 12 | plugins: 13 | shellcheck#v1.4.0: 14 | files: 15 | - hooks/** 16 | - lib/** 17 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @buildkite-plugins/plugin-engineering 2 | -------------------------------------------------------------------------------- /.github/boomper.yml: -------------------------------------------------------------------------------- 1 | # Config for https://github.com/apps/boomper-bot 2 | updates: 3 | - path: README.md 4 | pattern: 'ecr-deploy#(.*):' -------------------------------------------------------------------------------- /.github/release-drafter.yml: -------------------------------------------------------------------------------- 1 | # Config for https://github.com/apps/release-drafter 2 | template: | 3 | ## TODO: Added/Removed/Fixed/Changed 4 | 5 | $CHANGES 6 | 7 | ## Upgrading 8 | 9 | To upgrade, update your `pipeline.yml` files: 10 | 11 | ```diff 12 | steps: 13 | - plugins: 14 | - ecs-deploy#$PREVIOUS_TAG: 15 | + ecs-deploy#TODO: 16 | cluster: "my-ecs-cluster" 17 | ``` 18 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | We as members, contributors, and leaders pledge to make participation in our 6 | community a harassment-free experience for everyone, regardless of age, body 7 | size, visible or invisible disability, ethnicity, sex characteristics, gender 8 | identity and expression, level of experience, education, socio-economic status, 9 | nationality, personal appearance, race, caste, color, religion, or sexual 10 | identity and orientation. 11 | 12 | We pledge to act and interact in ways that contribute to an open, welcoming, 13 | diverse, inclusive, and healthy community. 14 | 15 | ## Our Standards 16 | 17 | Examples of behavior that contributes to a positive environment for our 18 | community include: 19 | 20 | * Demonstrating empathy and kindness toward other people 21 | * Being respectful of differing opinions, viewpoints, and experiences 22 | * Giving and gracefully accepting constructive feedback 23 | * Accepting responsibility and apologizing to those affected by our mistakes, 24 | and learning from the experience 25 | * Focusing on what is best not just for us as individuals, but for the overall 26 | community 27 | 28 | Examples of unacceptable behavior include: 29 | 30 | * The use of sexualized language or imagery, and sexual attention or advances of 31 | any kind 32 | * Trolling, insulting or derogatory comments, and personal or political attacks 33 | * Public or private harassment 34 | * Publishing others' private information, such as a physical or email address, 35 | without their explicit permission 36 | * Other conduct which could reasonably be considered inappropriate in a 37 | professional setting 38 | 39 | ## Enforcement Responsibilities 40 | 41 | Community leaders are responsible for clarifying and enforcing our standards of 42 | acceptable behavior and will take appropriate and fair corrective action in 43 | response to any behavior that they deem inappropriate, threatening, offensive, 44 | or harmful. 45 | 46 | Community leaders have the right and responsibility to remove, edit, or reject 47 | comments, commits, code, wiki edits, issues, and other contributions that are 48 | not aligned to this Code of Conduct, and will communicate reasons for moderation 49 | decisions when appropriate. 50 | 51 | ## Scope 52 | 53 | This Code of Conduct applies within all community spaces, and also applies when 54 | an individual is officially representing the community in public spaces. 55 | Examples of representing our community include using an official e-mail address, 56 | posting via an official social media account, or acting as an appointed 57 | representative at an online or offline event. 58 | 59 | ## Enforcement 60 | 61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 62 | reported to the community leaders responsible for enforcement at [coc@buildkite.com](mailto:coc@buildkite.com) 63 | All complaints will be reviewed and investigated promptly and fairly. 64 | 65 | All community leaders are obligated to respect the privacy and security of the 66 | reporter of any incident. 67 | 68 | ## Enforcement Guidelines 69 | 70 | Community leaders will follow these Community Impact Guidelines in determining 71 | the consequences for any action they deem in violation of this Code of Conduct: 72 | 73 | ### 1. Correction 74 | 75 | **Community Impact**: Use of inappropriate language or other behavior deemed 76 | unprofessional or unwelcome in the community. 77 | 78 | **Consequence**: A private, written warning from community leaders, providing 79 | clarity around the nature of the violation and an explanation of why the 80 | behavior was inappropriate. A public apology may be requested. 81 | 82 | ### 2. Warning 83 | 84 | **Community Impact**: A violation through a single incident or series of 85 | actions. 86 | 87 | **Consequence**: A warning with consequences for continued behavior. No 88 | interaction with the people involved, including unsolicited interaction with 89 | those enforcing the Code of Conduct, for a specified period of time. This 90 | includes avoiding interactions in community spaces as well as external channels 91 | like social media. Violating these terms may lead to a temporary or permanent 92 | ban. 93 | 94 | ### 3. Temporary Ban 95 | 96 | **Community Impact**: A serious violation of community standards, including 97 | sustained inappropriate behavior. 98 | 99 | **Consequence**: A temporary ban from any sort of interaction or public 100 | communication with the community for a specified period of time. No public or 101 | private interaction with the people involved, including unsolicited interaction 102 | with those enforcing the Code of Conduct, is allowed during this period. 103 | Violating these terms may lead to a permanent ban. 104 | 105 | ### 4. Permanent Ban 106 | 107 | **Community Impact**: Demonstrating a pattern of violation of community 108 | standards, including sustained inappropriate behavior, harassment of an 109 | individual, or aggression toward or disparagement of classes of individuals. 110 | 111 | **Consequence**: A permanent ban from any sort of public interaction within the 112 | community. 113 | 114 | ## Attribution 115 | 116 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], 117 | version 2.1, available at 118 | [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1]. 119 | 120 | Community Impact Guidelines were inspired by 121 | [Mozilla's code of conduct enforcement ladder][Mozilla CoC]. 122 | 123 | For answers to common questions about this code of conduct, see the FAQ at 124 | [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at 125 | [https://www.contributor-covenant.org/translations][translations]. 126 | 127 | [homepage]: https://www.contributor-covenant.org 128 | [v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html 129 | [Mozilla CoC]: https://github.com/mozilla/diversity 130 | [FAQ]: https://www.contributor-covenant.org/faq 131 | [translations]: https://www.contributor-covenant.org/translations 132 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Buildkite 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ECS Deploy Buildkite Plugin [![Build status](https://badge.buildkite.com/02dd9bd7d4b4a6f3d80c198d7307e24bff9ae7e39ff1854bed.svg?branch=master)](https://buildkite.com/buildkite/plugins-ecs-deploy) 2 | 3 | A [Buildkite plugin](https://buildkite.com/docs/agent/v3/plugins) for deploying to [Amazon ECS](https://aws.amazon.com/ecs/). 4 | 5 | * Requires both `aws` and `jq` cli tools to be installed 6 | * Registers a new task definition based on a given JSON file ([`register-task-definition`](http://docs.aws.amazon.com/cli/latest/reference/ecs/register-task-definition.html)) 7 | * Updates the ECS service to use the new task definition ([`update-service`](http://docs.aws.amazon.com/cli/latest/reference/ecs/update-service.html)) 8 | * Waits for the service to stabilize ([`wait services-stable`](http://docs.aws.amazon.com/cli/latest/reference/ecs/wait/services-stable.html)) 9 | 10 | ## Example 11 | 12 | ```yml 13 | steps: 14 | - label: ":ecs: :rocket:" 15 | concurrency_group: "my-service-deploy" 16 | concurrency: 1 17 | plugins: 18 | - ecs-deploy#v3.1.0: 19 | cluster: "my-ecs-cluster" 20 | service: "my-service" 21 | container-definitions: "examples/hello-world.json" 22 | task-family: "hello-world" 23 | image: "${ECR_REPOSITORY}/hello-world:${BUILDKITE_BUILD_NUMBER}" 24 | ``` 25 | 26 | ## Options 27 | 28 | ### Required 29 | 30 | #### `cluster` 31 | 32 | The name of the ECS cluster. 33 | 34 | Example: `"my-cluster"` 35 | 36 | #### `container-definitions` 37 | 38 | _Experimental:_ Since version 3.0.0 you can skip this parameter and the container definitions will be obtained off the existing (latest) task definition. If this does not work for you, please open an issue in this repository. 39 | 40 | The file path to the ECS container definition JSON file. This JSON file must be an array of objects, each corresponding to one of the images you defined in the `image` parameter. 41 | 42 | Example: `"ecs/containers.json"` 43 | ```json 44 | [ 45 | { 46 | "essential": true, 47 | "image": "amazon/amazon-ecs-sample", 48 | "memory": 100, 49 | "name": "sample", 50 | "portMappings": [ 51 | { 52 | "containerPort": 80, 53 | "hostPort": 80 54 | } 55 | ] 56 | }, 57 | { 58 | "essential": true, 59 | "image": "amazon/amazon-ecs-sample", 60 | "memory": 100, 61 | "name": "sample", 62 | "portMappings": [ 63 | { 64 | "containerPort": 80, 65 | "hostPort": 80 66 | } 67 | ] 68 | } 69 | ] 70 | ``` 71 | 72 | #### `image` 73 | 74 | The Docker image to deploy. This can be an array to substitute multiple images in a single container definition. 75 | 76 | Examples: 77 | `"012345.dkr.ecr.us-east-1.amazonaws.com/my-service:123"` 78 | 79 | ```yaml 80 | image: 81 | - "012345.dkr.ecr.us-east-1.amazonaws.com/my-service:123" 82 | - "012345.dkr.ecr.us-east-1.amazonaws.com/nginx:123" 83 | ``` 84 | 85 | #### `service` 86 | 87 | The name of the ECS service. 88 | 89 | Example: `"my-service"` 90 | 91 | #### `task-family` 92 | 93 | The name of the task family. 94 | 95 | Example: `"my-task"` 96 | 97 | ### Optional 98 | 99 | #### `env` (array) 100 | 101 | An array of environment variables to add to *every* image's task definition in the `NAME=VALUE` format 102 | 103 | #### `execution-role` 104 | 105 | The Execution Role ARN used by ECS to pull container images and secrets. 106 | 107 | Example: `"arn:aws:iam::012345678910:role/execution-role"` 108 | 109 | Requires the `iam:PassRole` permission for the execution role. 110 | 111 | #### `region` 112 | 113 | The region we deploy the ECS Service to. 114 | 115 | #### `task-cpu` (integer) 116 | 117 | CPU Units to assign to the task (1024 constitutes a whole CPU). Example: `256` (1/4 of a CPU). 118 | 119 | #### `task-ephemeral-storage` (integer) 120 | 121 | Amount of GBs to assign in ephemeral storage to the task. Example: `25`. 122 | 123 | #### `task-ipc-mode` 124 | 125 | IPC resource namespace to use in the task. If specified, should be one of `host`, `task` or `none`. 126 | 127 | #### `task-memory` (integer) 128 | 129 | Amount of memory (in Mbs) to allocate for the task. Example: `1024` (1Gb). 130 | 131 | #### `task-network-mode` 132 | 133 | Docker networking mode for the containers running in the task. If specified, should be one of `bridge`, `host`, `awsvpc` or `none`. 134 | 135 | #### `task-pid-mode` 136 | 137 | Process namespace to use for containers in the task. If specified, should be one of `host` or `task`. 138 | 139 | #### `task-role-arn` 140 | 141 | An IAM ECS Task Role to assign to tasks. 142 | 143 | Requires the `iam:PassRole` permission for the ARN specified. 144 | 145 | ## AWS Roles 146 | 147 | At a minimum this plugin requires the following AWS permissions to be granted to the agent running this step: 148 | 149 | ```yml 150 | Policy: 151 | Statement: 152 | - Action: 153 | - ecr:DescribeImages 154 | - ecs:DescribeServices 155 | - ecs:DescribeTaskDefinition 156 | - ecs:RegisterTaskDefinition 157 | - ecs:UpdateService 158 | Effect: Allow 159 | Resource: '*' 160 | ``` 161 | 162 | ## Developing 163 | 164 | To run testing, shellchecks and plugin linting use use `bk run` with the [Buildkite CLI](https://github.com/buildkite/cli). 165 | 166 | ```bash 167 | bk run 168 | ``` 169 | 170 | Or if you want to run just the tests, you can use the docker [Plugin Tester](https://github.com/buildkite-plugins/buildkite-plugin-tester): 171 | 172 | ```bash 173 | docker run --rm -ti -v "${PWD}":/plugin buildkite/plugin-tester:latest 174 | ``` 175 | 176 | ## License 177 | 178 | MIT (see [LICENSE](LICENSE)) 179 | -------------------------------------------------------------------------------- /examples/described-task-full.json: -------------------------------------------------------------------------------- 1 | { 2 | "taskDefinitionArn": "TaskARN", 3 | "taskRoleArn": "RoleARN", 4 | "containerDefinitions": [ 5 | { 6 | "essential": true, 7 | "image": "amazon/amazon-ecs-sample", 8 | "memory": 100, 9 | "name": "sample", 10 | "portMappings": [ 11 | { 12 | "containerPort": 80, 13 | "hostPort": 80 14 | } 15 | ] 16 | } 17 | ], 18 | "family": "hello-world", 19 | "executionRoleArn": "ExecutionRoleARN", 20 | "networkMode": "awsvpc", 21 | "revision": 1, 22 | "volumes": [], 23 | "status": "ACTIVE", 24 | "compatibilities": [ 25 | "EC2", 26 | "FARGATE" 27 | ], 28 | "cpu": "10", 29 | "memory": "100" 30 | } -------------------------------------------------------------------------------- /examples/described-task-multiple.json: -------------------------------------------------------------------------------- 1 | { 2 | "taskDefinitionArn": "TaskARN", 3 | "containerDefinitions": [ 4 | { 5 | "essential": true, 6 | "image": "amazon/amazon-ecs-sample", 7 | "memory": 100, 8 | "name": "sample", 9 | "portMappings": [ 10 | { 11 | "containerPort": 80, 12 | "hostPort": 80 13 | } 14 | ] 15 | }, 16 | { 17 | "essential": true, 18 | "image": "amazon/amazon-ecs-sample", 19 | "memory": 100, 20 | "name": "sample", 21 | "portMappings": [ 22 | { 23 | "containerPort": 80, 24 | "hostPort": 80 25 | } 26 | ] 27 | } 28 | ], 29 | "family": "hello-world", 30 | "revision": 1, 31 | "status": "ACTIVE", 32 | "compatibilities": [ 33 | "EC2", 34 | "FARGATE" 35 | ] 36 | } -------------------------------------------------------------------------------- /examples/described-task.json: -------------------------------------------------------------------------------- 1 | { 2 | "taskDefinitionArn": "TaskARN", 3 | "containerDefinitions": [ 4 | { 5 | "essential": true, 6 | "image": "amazon/amazon-ecs-sample", 7 | "memory": 100, 8 | "name": "sample", 9 | "portMappings": [ 10 | { 11 | "containerPort": 80, 12 | "hostPort": 80 13 | } 14 | ] 15 | } 16 | ], 17 | "family": "hello-world", 18 | "revision": 1, 19 | "status": "ACTIVE", 20 | "compatibilities": [ 21 | "EC2", 22 | "FARGATE" 23 | ] 24 | } -------------------------------------------------------------------------------- /examples/fargate/container-definition.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "essential": true, 4 | "image": "amazon/amazon-ecs-sample", 5 | "name": "sample", 6 | "portMappings": [ 7 | { 8 | "containerPort": 80, 9 | "hostPort": 80 10 | } 11 | ] 12 | } 13 | ] 14 | -------------------------------------------------------------------------------- /examples/fargate/service-definition.json: -------------------------------------------------------------------------------- 1 | { 2 | "networkConfiguration": { 3 | "awsvpcConfiguration": { 4 | "subnets": [ 5 | "subnet-abc", 6 | "subnet-def", 7 | "subnet-ghi" 8 | ] 9 | } 10 | }, 11 | "launchType": "FARGATE" 12 | } 13 | -------------------------------------------------------------------------------- /examples/fargate/task-definition.json: -------------------------------------------------------------------------------- 1 | { 2 | "requiresCompatibilities": [ 3 | "FARGATE" 4 | ], 5 | "networkMode": "awsvpc", 6 | "cpu": "256", 7 | "memory": "512" 8 | } 9 | -------------------------------------------------------------------------------- /examples/hello-world.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "essential": true, 4 | "image": "amazon/amazon-ecs-sample", 5 | "memory": 100, 6 | "name": "sample", 7 | "portMappings": [ 8 | { 9 | "containerPort": 80, 10 | "hostPort": 80 11 | } 12 | ] 13 | } 14 | ] 15 | -------------------------------------------------------------------------------- /examples/multiple-images.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "essential": true, 4 | "image": "amazon/amazon-ecs-sample", 5 | "memory": 100, 6 | "name": "sample", 7 | "portMappings": [ 8 | { 9 | "containerPort": 80, 10 | "hostPort": 80 11 | } 12 | ] 13 | }, 14 | { 15 | "essential": true, 16 | "image": "amazon/amazon-ecs-sample", 17 | "memory": 100, 18 | "name": "sample", 19 | "portMappings": [ 20 | { 21 | "containerPort": 80, 22 | "hostPort": 80 23 | } 24 | ] 25 | } 26 | ] 27 | -------------------------------------------------------------------------------- /hooks/command: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -euo pipefail 3 | 4 | DIR="$(cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd)" 5 | 6 | # shellcheck source=lib/plugin.bash 7 | . "$DIR/../lib/plugin.bash" 8 | 9 | # mandatory configurations 10 | cluster=${BUILDKITE_PLUGIN_ECS_DEPLOY_CLUSTER?Missing cluster} 11 | task_family=${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_FAMILY?Missing task family} 12 | service_name=${BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE?Missing service name} 13 | 14 | # disable AWS CLI V2 client-side pager as this is not executed in an interactive mode 15 | export AWS_PAGER="" 16 | 17 | if ! plugin_read_list_into_result "IMAGE"; then 18 | echo ":boom: Missing image to use" 19 | exit 1 20 | fi 21 | images=("${result[@]}") 22 | 23 | if [ -n "${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_DEFINITION:-""}" ]; then 24 | echo ":boom: The task-definition parameter has been deprecated" 25 | exit 1 26 | fi 27 | 28 | if [ -n "${BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE_DEFINITION:-""}" ]; then 29 | echo ":boom: The service-definition parameter has been deprecated" 30 | echo "Create the service outside of this plugin first (using CloudFormation or Terraform)" 31 | exit 1 32 | fi 33 | 34 | for DEPRECATED_CONFIG in deployment-config deployment-configuration desired-count load-balancer-name target-container-name target-container-port target-group; do 35 | VAR_NAME="BUILDKITE_PLUGIN_ECS_DEPLOY_$(echo "${DEPRECATED_CONFIG}" | tr 'a-z-' 'A-Z_')" 36 | 37 | if [ -n "${!VAR_NAME:-""}" ]; then 38 | echo ":warning: The ${DEPRECATED_CONFIG} parameter has been deprecated" 39 | echo "Please configure the service outside of this plugin" 40 | fi 41 | done 42 | 43 | aws_default_args=() 44 | if [ -n "${BUILDKITE_PLUGIN_ECS_DEPLOY_REGION:-}" ]; then 45 | aws_default_args+=(--region "${BUILDKITE_PLUGIN_ECS_DEPLOY_REGION}") 46 | fi 47 | 48 | task_file=$(mktemp) 49 | trap 'rm "${task_file}"' EXIT 50 | 51 | if ! aws ecs describe-task-definition "${aws_default_args[@]+"${aws_default_args[@]}"}" --task-definition "${task_family}" --query 'taskDefinition' >"${task_file}"; then 52 | echo "Could not obtain existing task definition" 53 | fi 54 | 55 | if [ -n "${BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS:-}" ]; then 56 | container_definitions="${BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS}" 57 | else 58 | container_definitions=$(mktemp) 59 | trap 'rm "${container_definitions}"' EXIT 60 | jq '.containerDefinitions' "${task_file}" >"${container_definitions}" 61 | fi 62 | 63 | if [ "$(jq -r '. | type' "${container_definitions}")" != "array" ]; then 64 | echo 'Invalid container definition (should be in the format of [{"image": "..."}] )' 65 | exit 1 66 | fi 67 | 68 | # necessary for compatibility with bash 4.3 69 | if plugin_read_list_into_result "ENV"; then 70 | env_vars=("${result[@]}") 71 | else 72 | env_vars=() 73 | fi 74 | 75 | # jq has no in-place edition https://github.com/jqlang/jq/issues/105 76 | container_definitions_json=$(cat "${container_definitions}") 77 | image_idx=0 78 | for image in "${images[@]}"; do 79 | container_definitions_json=$( 80 | echo "$container_definitions_json" \ 81 | | jq --arg IMAGE "$image" ".[${image_idx}].image=\$IMAGE" 82 | ) 83 | 84 | # this check is only necessary to be compatible with bash 4.3 (see issue #81) 85 | if [ "${#env_vars[@]}" -gt 0 ]; then 86 | for env_var in "${env_vars[@]}"; do 87 | IFS="=" read -r -a var_val <<< "${env_var}" 88 | container_definitions_json=$( 89 | echo "$container_definitions_json" \ 90 | | jq --arg ENVVAR "${var_val[0]}" --arg ENVVAL "${var_val[1]}" \ 91 | ".[${image_idx}].environment += [{\"name\": \$ENVVAR, \"value\": \$ENVVAL}]" 92 | ) 93 | done 94 | fi 95 | 96 | image_idx=$((image_idx+1)) 97 | done 98 | 99 | echo "--- :ecs: Registering new task definition for ${task_family}" 100 | register_command=(aws ecs register-task-definition 101 | ${aws_default_args[@]+"${aws_default_args[@]}"} 102 | --family "${task_family}" 103 | --container-definitions "${container_definitions_json}" 104 | ) 105 | 106 | execution_role=${BUILDKITE_PLUGIN_ECS_DEPLOY_EXECUTION_ROLE:-$(jq -r '.executionRoleArn // ""' "${task_file}")} 107 | if [ -n "${execution_role}" ]; then 108 | register_command+=(--execution-role-arn "${execution_role}") 109 | fi 110 | 111 | task_cpu=${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_CPU:-$(jq -r '.cpu // ""' "${task_file}")} 112 | if [ -n "${task_cpu}" ]; then 113 | register_command+=(--cpu "${task_cpu}") 114 | fi 115 | 116 | task_ephemeral=${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_EPHEMERAL_STORAGE:-$(jq -r '.ephemeralStorage.sizeInGiB // ""' "${task_file}")} 117 | if [ -n "${task_ephemeral}" ]; then 118 | register_command+=(--ephemeral-storage "sizeInGiB=${task_ephemeral}") 119 | fi 120 | 121 | task_ipc=${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_IPC_MODE:-$(jq -r '.ipcMode // ""' "${task_file}")} 122 | if [ -n "${task_ipc}" ]; then 123 | register_command+=(--ipc-mode "${task_ipc}") 124 | fi 125 | 126 | task_memory=${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_MEMORY:-$(jq -r '.memory // ""' "${task_file}")} 127 | if [ -n "${task_memory}" ]; then 128 | register_command+=(--memory "${task_memory}") 129 | fi 130 | 131 | task_network=${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_NETWORK_MODE:-$(jq -r '.networkMode // ""' "${task_file}")} 132 | if [ -n "${task_network}" ]; then 133 | register_command+=(--network-mode "${task_network}") 134 | fi 135 | 136 | task_pid=${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_PID_MODE:-$(jq -r '.pidMode // ""' "${task_file}")} 137 | if [ -n "${task_pid}" ]; then 138 | register_command+=(--pid-mode "${task_pid}") 139 | fi 140 | 141 | task_role_arn=${BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_ROLE_ARN:-$(jq -r '.taskRoleArn // ""' "${task_file}")} 142 | if [ -n "${task_role_arn}" ]; then 143 | register_command+=(--task-role-arn "${task_role_arn}") 144 | fi 145 | 146 | # Following options are to keep values (they are complex for plugin-based configurations) 147 | task_volumes=$(jq -r '.volumes // ""' "${task_file}") 148 | if [ -n "${task_volumes}" ]; then 149 | register_command+=(--volumes "${task_volumes}") 150 | fi 151 | 152 | task_placement=$(jq -r '.placementConstraints // ""' "${task_file}") 153 | if [ -n "${task_placement}" ]; then 154 | register_command+=(--placement-constraints "${task_placement}") 155 | fi 156 | 157 | task_compat_reqs=$(jq -r '.requiresCompatibilities // ""' "${task_file}") 158 | if [ -n "${task_compat_reqs}" ]; then 159 | register_command+=(--requires-compatibilities "${task_compat_reqs}") 160 | fi 161 | 162 | echo "--- :ecs: register command:" 163 | 164 | json_output=$("${register_command[@]}") 165 | register_exit_code=$? 166 | 167 | if [[ $register_exit_code -ne 0 ]] ; then 168 | echo "+++ ^^^" 169 | echo "+++ Failed to register task defintion" 170 | exit "$register_exit_code" 171 | fi 172 | 173 | task_revision=$(jq '.taskDefinition.revision' <<< "$json_output") 174 | echo "Registered ${task_family}:${task_revision}" 175 | 176 | # Take advantage of the fact that ISO8601 format is sortable 177 | update_time=$(date +'%Y-%m-%dT%H:%M:%S') 178 | echo "--- :ecs: Updating service for ${service_name}" 179 | aws ecs update-service \ 180 | ${aws_default_args[@]+"${aws_default_args[@]}"} \ 181 | --cluster "${cluster}" \ 182 | --service "${service_name}" \ 183 | --task-definition "${task_family}:${task_revision}" 184 | 185 | ## Now we wait till it's stable 186 | echo "--- :ecs: Waiting for services to stabilize" 187 | deploy_exitcode=0 188 | aws ecs wait services-stable \ 189 | ${aws_default_args[@]+"${aws_default_args[@]}"} \ 190 | --cluster "${cluster}" \ 191 | --services "${service_name}" || deploy_exitcode=$? 192 | 193 | ## Get events since the time when we began the update, in ascending order 194 | service_events=$(aws ecs describe-services \ 195 | ${aws_default_args[@]+"${aws_default_args[@]}"} \ 196 | --cluster "${cluster}" \ 197 | --services "${service_name}" \ 198 | --query "services[].events[?createdAt >= '${update_time}']" --output text | sort) 199 | 200 | if [[ $deploy_exitcode -eq 0 ]]; then 201 | echo "--- :ecs: Service is up 🚀" 202 | echo "$service_events" 203 | else 204 | echo "+++ :ecs: Service failed to deploy ❌" 205 | echo "$service_events" 206 | exit $deploy_exitcode 207 | fi 208 | -------------------------------------------------------------------------------- /lib/plugin.bash: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -euo pipefail 3 | 4 | PLUGIN_PREFIX="ECS_DEPLOY" 5 | 6 | # Reads either a value or a list from the given env prefix 7 | function prefix_read_list() { 8 | local prefix="$1" 9 | local parameter="${prefix}_0" 10 | 11 | if [ -n "${!parameter:-}" ]; then 12 | local i=0 13 | local parameter="${prefix}_${i}" 14 | while [ -n "${!parameter:-}" ]; do 15 | echo "${!parameter}" 16 | i=$((i+1)) 17 | parameter="${prefix}_${i}" 18 | done 19 | elif [ -n "${!prefix:-}" ]; then 20 | echo "${!prefix}" 21 | fi 22 | } 23 | 24 | # Reads either a value or a list from plugin config 25 | function plugin_read_list() { 26 | prefix_read_list "BUILDKITE_PLUGIN_${PLUGIN_PREFIX}_${1}" 27 | } 28 | 29 | 30 | # Reads either a value or a list from plugin config into a global result array 31 | # Returns success if values were read 32 | function prefix_read_list_into_result() { 33 | local prefix="$1" 34 | local parameter="${prefix}_0" 35 | result=() 36 | 37 | if [ -n "${!parameter:-}" ]; then 38 | local i=0 39 | local parameter="${prefix}_${i}" 40 | while [ -n "${!parameter:-}" ]; do 41 | result+=("${!parameter}") 42 | i=$((i+1)) 43 | parameter="${prefix}_${i}" 44 | done 45 | elif [ -n "${!prefix:-}" ]; then 46 | result+=("${!prefix}") 47 | fi 48 | 49 | [ ${#result[@]} -gt 0 ] || return 1 50 | } 51 | 52 | # Reads either a value or a list from plugin config 53 | function plugin_read_list_into_result() { 54 | prefix_read_list_into_result "BUILDKITE_PLUGIN_${PLUGIN_PREFIX}_${1}" 55 | } 56 | -------------------------------------------------------------------------------- /plugin.yml: -------------------------------------------------------------------------------- 1 | name: ECS Deploy 2 | description: Deploy to ECS 3 | author: https://github.com/buildkite 4 | requirements: 5 | - aws 6 | - jq 7 | configuration: 8 | properties: 9 | cluster: 10 | type: string 11 | container-definitions: 12 | type: string 13 | env: 14 | type: array 15 | execution-role: 16 | type: string 17 | image: 18 | type: [ string, array ] 19 | region: 20 | type: string 21 | service: 22 | type: string 23 | task-cpu: 24 | type: integer 25 | task-ephemeral-storage: 26 | type: integer 27 | task-ipc-mode: 28 | type: string 29 | enum: [ "host", "none", "task"] 30 | task-family: 31 | type: string 32 | task-memory: 33 | type: integer 34 | task-network-mode: 35 | type: string 36 | enum: [ "awsvpc", "bridge", "host", "none" ] 37 | task-pid-mode: 38 | type: string 39 | enum: [ "host", "task" ] 40 | task-role-arn: 41 | type: string 42 | required: 43 | - cluster 44 | - service 45 | - task-family 46 | - image 47 | -------------------------------------------------------------------------------- /renovate.json: -------------------------------------------------------------------------------- 1 | { 2 | "extends": [ 3 | "config:base", 4 | ":disableDependencyDashboard" 5 | ] 6 | } 7 | -------------------------------------------------------------------------------- /tests/command.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load "${BATS_PLUGIN_PATH}/load.bash" 4 | 5 | # Uncomment to enable stub debug output: 6 | # export AWS_STUB_DEBUG=/dev/tty 7 | 8 | setup() { 9 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE=hello-world:llamas 10 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS=examples/hello-world.json 11 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CLUSTER=my-cluster 12 | export BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE=my-service 13 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_FAMILY=hello-world 14 | } 15 | 16 | @test "Run a deploy when service exists" { 17 | 18 | stub aws \ 19 | "ecs describe-task-definition --task-definition hello-world --query 'taskDefinition' : echo '{}'" \ 20 | "ecs register-task-definition --family hello-world --container-definitions \* : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 21 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 22 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 23 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 24 | 25 | run "$PWD/hooks/command" 26 | 27 | assert_success 28 | assert_output --partial "Service is up 🚀" 29 | 30 | unstub aws 31 | } 32 | 33 | @test "Run a deploy with multiple images" { 34 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS=examples/multiple-images.json 35 | unset BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE # we are providing an array 36 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE_0=hello-world:llamas 37 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE_1=hello-world:alpacas 38 | 39 | expected_multiple_container_definition='[\n {\n "essential": true,\n "image": "hello-world:llamas",\n "memory": 100,\n "name": "sample",\n "portMappings": [\n {\n "containerPort": 80,\n "hostPort": 80\n }\n ]\n },\n {\n "essential": true,\n "image": "hello-world:alpacas",\n "memory": 100,\n "name": "sample",\n "portMappings": [\n {\n "containerPort": 80,\n "hostPort": 80\n }\n ]\n }\n]' 40 | 41 | stub aws \ 42 | "ecs describe-task-definition --task-definition hello-world --query 'taskDefinition' : echo '{}'" \ 43 | "ecs register-task-definition --family hello-world --container-definitions $'$expected_multiple_container_definition' : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 44 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 45 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 46 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 47 | 48 | run "$PWD/hooks/command" 49 | 50 | assert_success 51 | assert_output --partial "Service is up 🚀" 52 | 53 | unstub aws 54 | } 55 | 56 | @test "Add env vars on multiple images" { 57 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS=examples/multiple-images.json 58 | unset BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE # we are providing an array 59 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE_0=hello-world:llamas 60 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE_1=hello-world:alpacas 61 | export BUILDKITE_PLUGIN_ECS_DEPLOY_ENV_0="FOO=bar" 62 | export BUILDKITE_PLUGIN_ECS_DEPLOY_ENV_1="BAZ=bing" 63 | 64 | # first command stubbed saves the container definition to ${TMP_DIR}/container_definition for later review and manipulation 65 | # we should be stubbing a lot more calls, but we don't care about those so let the stubbing fail 66 | stub aws \ 67 | "ecs describe-task-definition --task-definition hello-world --query 'taskDefinition' : echo '{}'" \ 68 | "ecs register-task-definition --family hello-world --container-definitions \* : echo \"\$6\" > ${_TMP_DIR}/container_definition ; echo '{\"taskDefinition\":{\"revision\":1}}'" \ 69 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 70 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 71 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 72 | 73 | run "$PWD/hooks/command" 74 | 75 | assert_success 76 | 77 | # check that the definition was updated accordingly 78 | assert_equal "$(jq -r '.[0].environment[0].name' "${_TMP_DIR}"/container_definition)" 'FOO' 79 | assert_equal "$(jq -r '.[0].environment[0].value' "${_TMP_DIR}"/container_definition)" 'bar' 80 | assert_equal "$(jq -r '.[1].environment[0].name' "${_TMP_DIR}"/container_definition)" 'FOO' 81 | assert_equal "$(jq -r '.[1].environment[0].value' "${_TMP_DIR}"/container_definition)" 'bar' 82 | assert_equal "$(jq -r '.[0].environment[1].name' "${_TMP_DIR}"/container_definition)" 'BAZ' 83 | assert_equal "$(jq -r '.[0].environment[1].value' "${_TMP_DIR}"/container_definition)" 'bing' 84 | assert_equal "$(jq -r '.[1].environment[1].name' "${_TMP_DIR}"/container_definition)" 'BAZ' 85 | assert_equal "$(jq -r '.[1].environment[1].value' "${_TMP_DIR}"/container_definition)" 'bing' 86 | 87 | unstub aws 88 | } 89 | 90 | @test "Run a deploy with task role" { 91 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_ROLE_ARN=arn:aws:iam::012345678910:role/world 92 | 93 | stub aws \ 94 | "ecs describe-task-definition --task-definition hello-world --query 'taskDefinition' : echo '{}'" \ 95 | "ecs register-task-definition --family hello-world --container-definitions \* --task-role-arn arn:aws:iam::012345678910:role/world : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 96 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 97 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 98 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 99 | 100 | run "$PWD/hooks/command" 101 | 102 | assert_success 103 | assert_output --partial "Service is up 🚀" 104 | 105 | unstub aws 106 | } 107 | 108 | @test "Run a deploy with execution role" { 109 | export BUILDKITE_PLUGIN_ECS_DEPLOY_EXECUTION_ROLE=arn:aws:iam::012345678910:role/world 110 | 111 | stub aws \ 112 | "ecs describe-task-definition --task-definition hello-world --query 'taskDefinition' : echo '{}'" \ 113 | "ecs register-task-definition --family hello-world --container-definitions \* --execution-role-arn arn:aws:iam::012345678910:role/world : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 114 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 115 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 116 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 117 | 118 | run "$PWD/hooks/command" 119 | 120 | assert_success 121 | assert_output --partial "Service is up 🚀" 122 | 123 | unstub aws 124 | } 125 | 126 | @test "Region parameter is applied to all AWS calls" { 127 | export BUILDKITE_PLUGIN_ECS_DEPLOY_REGION=custom-region 128 | 129 | stub aws \ 130 | "ecs describe-task-definition --region custom-region --task-definition hello-world --query 'taskDefinition' : echo '{}'" \ 131 | "ecs register-task-definition --region custom-region --family hello-world --container-definitions \* : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 132 | "ecs update-service --region custom-region --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 133 | "ecs wait services-stable --region custom-region --cluster my-cluster --services my-service : echo ok" \ 134 | "ecs describe-services --region custom-region --cluster my-cluster --services my-service --query \* --output text : echo ok" 135 | 136 | run "$PWD/hooks/command" 137 | 138 | assert_success 139 | assert_output --partial "Service is up 🚀" 140 | 141 | unstub aws 142 | } 143 | 144 | @test "Filters past events and sorts them" { 145 | current_date="2024-05-04T12:34:56.789000+08:00" 146 | stub date "+'%Y-%m-%dT%H:%M:%S' : echo $current_date" 147 | stub aws \ 148 | "ecs describe-task-definition \* \* \* \* : echo '{}'" \ 149 | "ecs register-task-definition \* \* \* \* : echo '{}'" \ 150 | "ecs update-service \* \* \* \* \* \* : echo ok" \ 151 | "ecs wait services-stable \* \* \* \* : echo ok" \ 152 | "ecs describe-services \* \* \* \* --query \"services[].events[?createdAt >= '$current_date']\" --output text : echo '2019-12-12T00:00:01.000Z\tnope\n$current_date\tok'" 153 | 154 | run "$PWD/hooks/command" 155 | 156 | assert_success 157 | assert_output --partial "ok" 158 | 159 | unstub aws 160 | unstub date 161 | } 162 | -------------------------------------------------------------------------------- /tests/deprecated-options.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load "${BATS_PLUGIN_PATH}/load.bash" 4 | 5 | # Uncomment to enable stub debug output: 6 | # export AWS_STUB_DEBUG=/dev/tty 7 | 8 | setup() { 9 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE=hello-world:llamas 10 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS=examples/hello-world.json 11 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CLUSTER=my-cluster 12 | export BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE=my-service 13 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_FAMILY=hello-world 14 | } 15 | 16 | @test "Fail with task-definition" { 17 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_DEFINITION=examples/task-definition.json 18 | 19 | run "$PWD/hooks/command" 20 | 21 | assert_failure 22 | assert_output --partial "The task-definition parameter has been deprecated" 23 | } 24 | 25 | @test "Fail with service definition" { 26 | export BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE_DEFINITION=examples/service-definition.json 27 | 28 | run "$PWD/hooks/command" 29 | 30 | assert_failure 31 | assert_output --partial "service-definition parameter has been deprecated" 32 | } 33 | 34 | @test "Warn with other options" { 35 | export BUILDKITE_PLUGIN_ECS_DEPLOY_DEPLOYMENT_CONFIG='100/200' 36 | export BUILDKITE_PLUGIN_ECS_DEPLOY_DEPLOYMENT_CONFIGURATION='100/200' 37 | export BUILDKITE_PLUGIN_ECS_DEPLOY_DESIRED_COUNT='2' 38 | export BUILDKITE_PLUGIN_ECS_DEPLOY_LOAD_BALANCER_NAME='test-elb' 39 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TARGET_CONTAINER_NAME='mycontainer' 40 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TARGET_CONTAINER_PORT=8000 41 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TARGET_GROUP='mygroup' 42 | 43 | stub aws \ 44 | "ecs describe-task-definition --task-definition hello-world --query 'taskDefinition' : echo '{}'" \ 45 | "ecs register-task-definition --family hello-world --container-definitions \* : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 46 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 47 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 48 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 49 | 50 | run "$PWD/hooks/command" 51 | 52 | assert_success 53 | assert_output --partial "deployment-config parameter has been deprecated" 54 | assert_output --partial "deployment-configuration parameter has been deprecated" 55 | assert_output --partial "load-balancer-name parameter has been deprecated" 56 | assert_output --partial "target-container-name parameter has been deprecated" 57 | assert_output --partial "target-container-port parameter has been deprecated" 58 | assert_output --partial "target-group parameter has been deprecated" 59 | 60 | unstub aws 61 | } 62 | -------------------------------------------------------------------------------- /tests/existing-data.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load "${BATS_PLUGIN_PATH}/load.bash" 4 | 5 | # Uncomment to enable stub debug output: 6 | # export AWS_STUB_DEBUG=/dev/tty 7 | 8 | setup() { 9 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CLUSTER=my-cluster 10 | export BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE=my-service 11 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_FAMILY=hello-world 12 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE=hello-world:llamas 13 | } 14 | 15 | @test "Run a deploy when service exists" { 16 | 17 | stub aws \ 18 | "ecs describe-task-definition --task-definition hello-world --query taskDefinition : cat examples/described-task.json" \ 19 | "ecs register-task-definition --family hello-world --container-definitions \* : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 20 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 21 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 22 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 23 | 24 | run "$PWD/hooks/command" 25 | 26 | assert_success 27 | assert_output --partial "Service is up 🚀" 28 | 29 | unstub aws 30 | } 31 | 32 | @test "Run a deploy with multiple images" { 33 | unset BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE 34 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE_0=hello-world:llamas 35 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE_1=hello-world:alpacas 36 | 37 | stub aws \ 38 | "ecs describe-task-definition --task-definition hello-world --query taskDefinition : cat examples/described-task-multiple.json" \ 39 | "ecs register-task-definition --family hello-world --container-definitions \* : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 40 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 41 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 42 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 43 | 44 | run "$PWD/hooks/command" 45 | 46 | assert_success 47 | assert_output --partial "Service is up 🚀" 48 | 49 | unstub aws 50 | } 51 | 52 | @test "Add env vars on multiple images" { 53 | unset BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE 54 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE_0=hello-world:llamas 55 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE_1=hello-world:alpacas 56 | export BUILDKITE_PLUGIN_ECS_DEPLOY_ENV_0="FOO=bar" 57 | export BUILDKITE_PLUGIN_ECS_DEPLOY_ENV_1="BAZ=bing" 58 | 59 | # first command stubbed saves the container definition to ${TMP_DIR}/container_definition for later review and manipulation 60 | # we should be stubbing a lot more calls, but we don't care about those so let the stubbing fail 61 | stub aws \ 62 | "ecs describe-task-definition --task-definition hello-world --query taskDefinition : cat examples/described-task-multiple.json" \ 63 | "ecs register-task-definition --family hello-world --container-definitions \* : echo \"\$6\" > ${_TMP_DIR}/container_definition ; echo '{\"taskDefinition\":{\"revision\":1}}'" \ 64 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 65 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 66 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 67 | 68 | run "$PWD/hooks/command" 69 | 70 | assert_success 71 | 72 | # check that the definition was updated accordingly 73 | assert_equal "$(jq -r '.[0].environment[0].name' "${_TMP_DIR}"/container_definition)" 'FOO' 74 | assert_equal "$(jq -r '.[0].environment[0].value' "${_TMP_DIR}"/container_definition)" 'bar' 75 | assert_equal "$(jq -r '.[1].environment[0].name' "${_TMP_DIR}"/container_definition)" 'FOO' 76 | assert_equal "$(jq -r '.[1].environment[0].value' "${_TMP_DIR}"/container_definition)" 'bar' 77 | assert_equal "$(jq -r '.[0].environment[1].name' "${_TMP_DIR}"/container_definition)" 'BAZ' 78 | assert_equal "$(jq -r '.[0].environment[1].value' "${_TMP_DIR}"/container_definition)" 'bing' 79 | assert_equal "$(jq -r '.[1].environment[1].name' "${_TMP_DIR}"/container_definition)" 'BAZ' 80 | assert_equal "$(jq -r '.[1].environment[1].value' "${_TMP_DIR}"/container_definition)" 'bing' 81 | 82 | unstub aws 83 | } 84 | 85 | @test "Run a deploy with task role" { 86 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_ROLE_ARN=arn:aws:iam::012345678910:role/world 87 | 88 | stub aws \ 89 | "ecs describe-task-definition --task-definition hello-world --query taskDefinition : cat examples/described-task.json" \ 90 | "ecs register-task-definition --family hello-world --container-definitions \* --task-role-arn arn:aws:iam::012345678910:role/world : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 91 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 92 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 93 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 94 | 95 | run "$PWD/hooks/command" 96 | 97 | assert_success 98 | assert_output --partial "Service is up 🚀" 99 | 100 | unstub aws 101 | } 102 | 103 | @test "Run a deploy with execution role" { 104 | export BUILDKITE_PLUGIN_ECS_DEPLOY_EXECUTION_ROLE=arn:aws:iam::012345678910:role/world 105 | 106 | stub aws \ 107 | "ecs describe-task-definition --task-definition hello-world --query taskDefinition : cat examples/described-task.json" \ 108 | "ecs register-task-definition --family hello-world --container-definitions \* --execution-role-arn arn:aws:iam::012345678910:role/world : echo '{\"taskDefinition\":{\"revision\":1}}'" \ 109 | "ecs update-service --cluster my-cluster --service my-service --task-definition hello-world:1 : echo ok" \ 110 | "ecs wait services-stable --cluster my-cluster --services my-service : echo ok" \ 111 | "ecs describe-services --cluster my-cluster --services my-service --query \* --output text : echo ok" 112 | 113 | run "$PWD/hooks/command" 114 | 115 | assert_success 116 | assert_output --partial "Service is up 🚀" 117 | 118 | unstub aws 119 | } 120 | 121 | @test "Run a deploy when the container definition is incorrect" { 122 | 123 | stub aws \ 124 | "ecs describe-task-definition --task-definition hello-world --query taskDefinition : echo '{}'" 125 | 126 | run "$PWD/hooks/command" 127 | 128 | assert_failure 129 | assert_output --partial 'Invalid container definition (should be in the format of [{"image": "..."}] )' 130 | 131 | unstub aws 132 | } 133 | 134 | @test "Fail with missing container definition and aws failure" { 135 | stub aws 'exit 1' # whatever we receive, fail 136 | 137 | run "$PWD/hooks/command" 138 | 139 | assert_failure 140 | assert_output --partial "Could not obtain existing task definition" 141 | 142 | unstub aws 143 | } 144 | -------------------------------------------------------------------------------- /tests/required-options.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load "${BATS_PLUGIN_PATH}/load.bash" 4 | 5 | @test "Fail with missing cluster" { 6 | export BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE=my-service 7 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_FAMILY=hello-world 8 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE=hello-world:llamas 9 | 10 | run "$PWD/hooks/command" 11 | 12 | assert_failure 13 | assert_output --partial "Missing cluster" 14 | } 15 | 16 | @test "Fail with missing service" { 17 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CLUSTER=my-cluster 18 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_FAMILY=hello-world 19 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE=hello-world:llamas 20 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS=examples/hello-world.json 21 | 22 | run "$PWD/hooks/command" 23 | 24 | assert_failure 25 | assert_output --partial "Missing service name" 26 | } 27 | 28 | @test "Fail with missing task family" { 29 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CLUSTER=my-cluster 30 | export BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE=my-service 31 | export BUILDKITE_PLUGIN_ECS_DEPLOY_IMAGE=hello-world:llamas 32 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS=examples/hello-world.json 33 | 34 | run "$PWD/hooks/command" 35 | 36 | assert_failure 37 | assert_output --partial "Missing task family" 38 | } 39 | 40 | @test "Fail with missing deploy image" { 41 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CLUSTER=my-cluster 42 | export BUILDKITE_PLUGIN_ECS_DEPLOY_SERVICE=my-service 43 | export BUILDKITE_PLUGIN_ECS_DEPLOY_TASK_FAMILY=hello-world 44 | export BUILDKITE_PLUGIN_ECS_DEPLOY_CONTAINER_DEFINITIONS=examples/hello-world.json 45 | 46 | run "$PWD/hooks/command" 47 | 48 | assert_failure 49 | assert_output --partial "Missing image to use" 50 | } -------------------------------------------------------------------------------- /tests/setup_suite.bash: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | setup_suite() { 4 | echo '# Installing jq' >&2 5 | apk --no-cache add jq | sed -e 's/^/# /' >&2 6 | } 7 | --------------------------------------------------------------------------------