A Buildkite plugin for deploying Amazon ECS Scheduled Tasks.
- Requires the aws cli tool be installed
- Registers a new task definition based on a given JSON file (
register-task-definition
) - Creates a CloudWatch Events rule (
put-rule
) - Adds the newly-registered task definition as a target for the Events rule (
put-targets
)
steps:
- label: ":ecs: :rocket:"
concurrency_group: "my-scheduled-task"
concurrency: 1
plugins:
- envato/ecs-scheduled-tasks#v0.1.0:
task-family: "my-task-family"
task-definition: "examples/hello-world.json"
events-rule-name: "my-events-rule"
events-rule-role-arn: "arn:aws:iam::123456789012:role/my-events-rule-role"
events-target-definition: "examples/ecs-target.json"
The name of the task family.
Example: "my-task"
The file path to the ECS task definition JSON file.
Example: "examples/hello-world.json"
The file path to the Events rule target definition JSON file.
Example: "examples/ecs-target.json"
The name of the CloudWatch Events rule to create.
Example: "my-events-rule"
The IAM role used to invoke the targets of the Events rule.
At a minimum, this requires the ecs:RunTask
permission on your task definition resource, and must be able to be assumed by events.amazonaws.com
. An example policy for an ECS target can be found in the AWS documentation.
The AWS schedule expression to use in the Events rule.
Example: "cron(* * * ? * *)"
A text description for the Events rule.
An IAM ECS Task Role to assign to tasks.
Requires the iam:PassRole
permission for the ARN specified.
The Execution Role ARN used by ECS to pull container images and secrets.
Example: "arn:aws:iam::012345678910:role/execution-role"
Requires the iam:PassRole
permission for the execution role.
At a minimum this plugin requires the following AWS permissions to be granted to the agent running this step:
Policy:
Statement:
- Action:
- ecs:RegisterTaskDefinition
- events:DescribeRules
- events:PutRule
- events:PutTargets
Effect: Allow
Resource: '*'
To run the tests:
docker-compose run tests
MIT (see LICENSE)