Environment-level settings are not reflected

[shgtkshruch]

I would like to override these configuration for each environments, but I could not it.

• http.alias
• http.allowed_source_ips
• network.vpc.security_groups

I looked at the cloudformation template generated by the copilot svc package command and confirmed that these configuration was not reflected.

$ copilot --version
copilot version: v1.8.0

My manifest file.

name: rails
type: Load Balanced Web Service

http:
  path: '/'
  healthcheck:
    path: '/healthcheck'
    healthy_threshold: 2
    unhealthy_threshold: 2
    interval: 5s
    timeout: 2s
  targetContainer: nginx

image:
  location: 123456789.dkr.ecr.ap-northeast-1.amazonaws.com/chronos/rails:latest
  port: 3000

cpu: 256
memory: 512
count: 1 

exec: true 

storage:
  volumes:
    rails_nginx:
      efs: true
      path: /app/public/maintenance
      read_only: false

sidecars:
  nginx:
    image: 123456789.dkr.ecr.ap-northeast-1.amazonaws.com/chronos/nginx:latest
    port: 80
    variables:
      RAILS_HOST: http://localhost:3000
    mount_points:
      - source_volume: rails_nginx
        path: /usr/share/nginx/html/maintenance

  datadog-agent:
    image: datadog/agent:latest
    port: 8126
    secrets:
      DD_API_KEY: /copilot/chronos/dev/secrets/DATADOG_API_KEY
    variables:
      ECS_FARGATE: true
      DD_LOGS_ENABLED: true
      DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL: true
      DD_APM_ENABLED: true
      DD_DOCKER_ENV_AS_TAGS: true
      DD_SERVICE: chronos-rails

logging:
  destination:
    Name: datadog
    Host: http-intake.logs.datadoghq.com
    TLS: 'on'
    dd_service: chronos-rails
    dd_source: ruby
    provider: ecs
  enableMetadata: true
  secretOptions:
    apikey: /copilot/chronos/dev/secrets/DATADOG_API_KEY

variables:
  RAILS_LOG_TO_STDOUT: true
  RAILS_SERVE_STATIC_FILES: true
  DD_SERVICE: chronos-rails
  DD_VERSION: 1.0.0

environments:
  dev:
    # These settings are not reflected
    http:
      allowed_source_ips: [10.23.45.67/32]
      alias: 'rails.exmaple.com'
    network:
      vpc:
        security_groups: ['sg-123456789']

[Lou1415926]

Hi shgtkshruch! This should be caused by the same bug as #2474. I am so sorry for the trouble!!

The bug exists for svc package, but svc deploy should be intact. I have sent out the fix for this bug #2476, and we will be releasing the patch as soon as possible.

For now, could you please keep using v1.7 until the patch's released? Alternatively, could you maintain separate manifest for each environment for the time being, as suggested here?

Again we will release the patch ASAP. I am so sorry for all the trouble!!

[perevernihata]

stumbled upon same issue, are you planning to release this as a 1.9 any time soon? Asking cause ETA is important

[efekarakus]

Hi @perevernihata ! We're planning to do a release for copilot v1.8.1 on Wednesday morning. Would that be acceptable for you?
Apologies for the inconvenience 🙇

[perevernihata]

Oh, that's amazing, thanks @efekarakus !

[efekarakus]

Hi @shgtkshruch and @perevernihata , we just release v1.8.1 that should fix this issue: https://github.com/aws/copilot-cli/releases/tag/v1.8.1

[shgtkshruch]

@efekarakus Thank you for quick fix!