Add ECS Service redeploy command to Makefile

[cabutlermit]

Description

This adds three (3) make commands to easily redeploy the quepid Fargate service after a new container is pushed to ECR. There is one command for each environment (dev, stage, prod) and it is required that the developer authenticates to the appropriate AWS account before running the command.

Additionally, the Makefile was updated to include a help target and to include all the listed targets in the PHONY list.

Motivation and Context

This simplifies the effort for DiscoEng when then need to redeploy the Fargate service in ECS to pick up an updated environment variable.

How Has This Been Tested?

• I verified that make service-redeploy-dev redeployed the service in Dev1 if I was already authenticated to Dev1.
• I verified that make service-redeploy-stage failed when I was authenticated to Dev1
• I verified that make service redeploy-prod failed when I was authenticated to Dev1
• I verified that make service-redeploy-dev failed when I was authenticated to Stage

Screenshots or GIFs (if appropriate):

Types of changes

• [] Bug fix (non-breaking change which fixes an issue)
• Improvement (non-breaking change which improves existing functionality)
• [] New feature (non-breaking change which adds new functionality)
• [] Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• [] My code follows the code style of this project.
• [] My change requires a change to the documentation.
• [] I have updated the documentation accordingly.
• [] I have read the CONTRIBUTING document.
• [] I have added tests to cover my changes.
• [] All new and existing tests passed.

[JPrevost]

make service-redeploy-dev
aws ecs update-service
--cluster $(aws ecs list-clusters --output text | grep quepid-ecs-dev | cut -d'/' -f2)
--service $(aws ecs list-services --cluster $(aws ecs list-clusters --output text | grep quepid-ecs-dev | cut -d'/' -f2) --output text | grep quepid | cut -d'/' -f3)
--force-new-deployment

An error occurred (AccessDeniedException) when calling the UpdateService operation: User: arn:aws:sts::[REDACTED]:assumed-role/AWSReservedSSO_QuepidManagers_[REDACTED] is not authorized to perform: ecs:UpdateService on resource: arn:aws:ecs:us-east-1:REDACTED:service/quepid-ecs-dev-cluster/quepid-ecs-dev because no identity-based policy allows the ecs:UpdateService action

[cabutlermit]

make service-redeploy-dev aws ecs update-service --cluster $(aws ecs list-clusters --output text | grep quepid-ecs-dev | cut -d'/' -f2) --service ( a w s e c s l i s t − s e r v i c e s − − c l u s t e r (aws ecs list-clusters --output text | grep quepid-ecs-dev | cut -d'/' -f2) --output text | grep quepid | cut -d'/' -f3) --force-new-deployment

An error occurred (AccessDeniedException) when calling the UpdateService operation: User: arn:aws:sts::[REDACTED]:assumed-role/AWSReservedSSO_QuepidManagers_[REDACTED] is not authorized to perform: ecs:UpdateService on resource: arn:aws:ecs:us-east-1:REDACTED:service/quepid-ecs-dev-cluster/quepid-ecs-dev because no identity-based policy allows the ecs:UpdateService action

I updated the IAM policy for the QuepidManagers role to address this (and ran a quick test of my own). Can you retest the make command yourself?

If it all works, I'll need to push through this small policy change via the infrastructure repo before the make commands will work in Stage & Prod, but that won't block merging this PR...

See https://github.com/MITLibraries/mitlib-tf-workloads-quepid/pull/11

[JPrevost]

This works with the policy you now have in dev1.