blinkist/terraform-aws-airship-ecs-service

… correctly but caused an exception with an empty error message, when scale downs were attempted. (#78)

* health check port as variable for alb_handling

* health port as variable

Scheduled task name

Co-Authored-By: Mads Hvelplund <mhvelplund@users.noreply.github.com>

Co-Authored-By: Mads Hvelplund <mhvelplund@users.noreply.github.com>

)

* Added example of headless service

If wanting to create an ECS task that does not have an ALB e.g. a 
scheduled task of some kind that doesn’t need an ALB, because we try and
do a lookup on a data source, I am currently getting [1]

If load_balancing_type is set to none, take it that we do *not* want to
create any resources in the ALB module.

[1] 
```
* module.ecs_service.module.alb_handling.data.aws_lb.main: 1 error occurred:
* module.ecs_service.module.alb_handling.data.aws_lb.main: data.aws_lb.main: Search returned 0 results, please revise so only one is returned
```

* Lock versions of examples to < 0.12

* Fixed bug when load balancing type & route53_record_type are "none"

* Added support for ECS scheduled tasks.

* Added documentation

* Documented EFS mount points.
* Documented scheduled ECS tasks.

* Allow pulling images from private Docker registry

As per the documentation for Fargate using private docker registries[1]
this commit introduces a new variable
`repository_credentials_secret_arn` used to pass in the AWS Secrets
Manager path to your credentials secret. Note that this also requires
the Lambda function execution task role to have access to this secret.

[1] https://aws.amazon.com/blogs/compute/introducing-private-registry-authentication-support-for-aws-fargate/

* Output the ECS task execution role name

We need the role name rather than the ARN of the role to attach policies
to it later. Yes we could infer the name from the ARN using split etc
but meh, just output it.

* Add `initProcessEnabled` to container def

Enable running container definitions with the —init flag to ensure a
proper supervisor runs our command.

…70)

this change, I am getting the below error [1]. As per the docs [2] when
using an ECS condition like ArnEquals, we need to ensure the value is
an actual valid ARN of the cluster, and not just the cluster id (name)

[1] `MalformedPolicyDocument: The policy failed legacy parsing`
[2] https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazonelasticcontainerservice.html

This reverts commit cab1a3a.

It seems like AWS maybe doing some extra validation here but without 
this change, I am getting the below error [1]. As per the docs [2] when
using an ECS condition like ArnEquals, we need to ensure the value is
an actual valid ARN of the cluster, and not just the cluster id (name)

[1] `MalformedPolicyDocument: The policy failed legacy parsing`
[2] https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazonelasticcontainerservice.html

* Added support for secrets

The module now supports an extra parameter `container_secrets`, similar to
`container_envvars`.

Values in this map will be treated as SSM keys and the actual value
injected into the environment of the container will be pulled from SSM.
To work, the SSM keys must also be added to `ssm_paths`.

Example:

```
container_secrets = {
  DB_PASSWORD = "myapp/dev/db.password"
}c
ssm_paths         = ["myapp/dev"]
```

The example above injects the (decrypted) contents of
`/myapp/dev/db.password` into the env. variable `DB_PASSWORD`.

* Renamed the toggle to enable container secrets

* Dynamically generate the Lambda ZIP file.

* Fix support for docker labels

* Added a hash of secret keys as a Docker label

* Fix whitespace

* Updated example to work with the newest version of Airship (and Windows)

* Updated NLB example to serve as a reusable module in other examples

As part of that, I removed the security group rules, since they only
replicated the default behaviour of the default SG, but added some
brittleness in the step that discovers the NLB's ip addresses.

* Added an example of a service with secrets

* Added documentation

* Fixed bug in custom exception and error reporting

* Added stack to custom error. Without it, error origin is lost.
* Changed Python string building to JS concatenation.
  string modulo string gives a NaN result every time.

* Cleanup.

* Respect the health check grace period variable

* Statement actions MUST be lists in Terraform.

* Travis install + proper config

* Install travis gem only within the condition branch=master

* Moved variable comments to description tags

* #46 resolving incorrect example in variable comment

* fmt

* Added an example of create = false
* Load balancer map removal

* Add a new variable: 'command'

* Add Deployment Type

* remove controller type map

* remove default value, clean up description

* Use deployment_controller_type variable everywhere for consistency, cleanup descirption

* More outputs