A Buildkite plugin for deploying to Amazon ECS.
- Requires the aws cli tool be installed
- Registers a new task definition based on a given JSON file (
register-task-definition
) - Updates the ECS service to use the new task definition (
update-service
) - Waits for the service to stabilize (
wait services-stable
)
steps:
- label: ":ecs: :rocket:"
concurrency_group: "my-service-deploy"
concurrency: 1
plugins:
- ecs-deploy#v1.4.1:
cluster: "my-ecs-cluster"
service: "my-service"
task-definition: "examples/hello-world.json"
task-family: "hello-world"
image: "${ECR_REPOSITORY}/hello-world:${BUILDKITE_BUILD_NUMBER}"
steps:
- label: ":ecs: :rocket:"
concurrency_group: "my-service-deploy"
concurrency: 1
plugins:
- ecs-deploy#v1.4.1:
cluster: "my-ecs-cluster"
service: "my-service"
task-definition: "examples/mount-containers.json"
task-family: "hello-world"
volumes: "examples/mount-volumes.json"
image: "${ECR_REPOSITORY}/hello-world:${BUILDKITE_BUILD_NUMBER}"
The name of the ECS cluster.
Example: "my-cluster"
The name of the ECS service.
Example: "my-service"
The file path to the ECS task definition JSON file.
Example: "ecs/task.json"
The name of the task family.
Example: "my-task"
The Docker image to deploy. This can be an array to substitute multiple images in a single container definition.
Examples:
"012345.dkr.ecr.us-east-1.amazonaws.com/my-service:123"
image:
- "012345.dkr.ecr.us-east-1.amazonaws.com/my-service:123"
- "012345.dkr.ecr.us-east-1.amazonaws.com/nginx:123"
An IAM ECS Task Role to assign to tasks.
Requires the iam:PassRole
permission for the ARN specified.
The file path to the ECS volumes definition JSON file.
Example: "ecs/volumes.json"
The Target Group ARN to map the service to.
Example: "arn:aws:elasticloadbalancing:us-east-1:012345678910:targetgroup/alb/e987e1234cd12abc"
The Container Name to forward ALB requests to.
The Container Port to forward requests to.
The Execution Role ARN used by ECS to pull container images and secrets.
Example: "arn:aws:iam::012345678910:role/execution-role"
Requires the iam:PassRole
permission for the execution role.
The minimum and maximum percentage of tasks that should be maintained during a deployment. Defaults to 100/200
Example: "0/100"
The region we deploy the ECS Service to.
At a minimum this plugin requires the following AWS permissions to be granted to the agent running this step:
Policy:
Statement:
- Action:
- ecr:DescribeImages
- ecs:DescribeServices
- ecs:RegisterTaskDefinition
- ecs:UpdateService
Effect: Allow
Resource: '*'
This plugin will create the ECS Service if it does not already exist, which additionally requires the ecs:CreateService
permission.
To run the tests:
docker-compose run tests
MIT (see LICENSE)