A Buildkite plugin for deploying Amazon ECS Scheduled Tasks.
- Requires the aws cli tool be installed
- Registers a new task definition based on a given JSON file (
register-task-definition) - Creates a CloudWatch Events rule (
put-rule) - Adds the newly-registered task definition as a target for the Events rule (
put-targets)
steps:
- label: ":ecs: :rocket:"
concurrency_group: "my-scheduled-task"
concurrency: 1
plugins:
- envato/ecs-scheduled-tasks#v0.1.0:
task-family: "my-task-family"
task-definition: "examples/hello-world.json"
events-rule-name: "my-events-rule"
events-rule-role-arn: "arn:aws:iam::123456789012:role/my-events-rule-role"
events-target-definition: "examples/ecs-target.json"The name of the task family.
Example: "my-task"
The file path to the ECS task definition JSON file.
Example: "examples/hello-world.json"
The file path to the Events rule target definition JSON file.
Example: "examples/ecs-target.json"
The name of the CloudWatch Events rule to create.
Example: "my-events-rule"
The IAM role used to invoke the targets of the Events rule.
At a minimum, this requires the ecs:RunTask permission on your task definition resource, and must be able to be assumed by events.amazonaws.com. An example policy for an ECS target can be found in the AWS documentation.
The AWS schedule expression to use in the Events rule.
Example: "cron(* * * ? * *)"
A text description for the Events rule.
An IAM ECS Task Role to assign to tasks.
Requires the iam:PassRole permission for the ARN specified.
The Execution Role ARN used by ECS to pull container images and secrets.
Example: "arn:aws:iam::012345678910:role/execution-role"
Requires the iam:PassRole permission for the execution role.
At a minimum this plugin requires the following AWS permissions to be granted to the agent running this step:
Policy:
Statement:
- Action:
- ecs:RegisterTaskDefinition
- events:DescribeRules
- events:PutRule
- events:PutTargets
Effect: Allow
Resource: '*'To run the tests:
docker-compose run testsMIT (see LICENSE)