add codedeploy resources

kayac · May 7, 2023 · f0cafa9 · f0cafa9
1 parent 854996c
commit f0cafa9
Show file tree

Hide file tree

Showing 4 changed files with 134 additions and 8 deletions.
diff --git a/tests/terraform/README.md b/tests/terraform/README.md
@@ -1,10 +1,10 @@
-## An example of ecspresso deployment with terraform
+## An example of deployments by ecspresso and terraform
 
-This example shows how to deploy an ECS service by ecspresso with terraform.
+This example shows how to deploy an ECS service by ecspresso and terraform.
 
 ### Prerequisites
 
-- [Terraform](https://www.terraform.io/) >= v1.0.0
+- [Terraform](https://www.terraform.io/) >= v1.4.0
 - [ecspresso](https://github.com/kayac/ecspresso) >= v2.0.0
 
 #### Environment variables
@@ -27,6 +27,47 @@ After completing the deployment, you can access the service via ALB.
 $ curl -s "http://$(terraform output -raw alb_dns_name)/"
 ```
 
+### Usage with AWS CodeDeploy
+
+At first, you must delete an ECS service that having "ECS" deployment controller.
+
+```console
+$ ecspresso delete --force --terminate
+```
+
+Remove `deploymentCircuitBreaker` block and change `deployment_controller` in `ecs-service-def.jsonnet` to `CODE_DEPLOY`.
+
+```diff
+{
+   deploymentConfiguration: {
+-    deploymentCircuitBreaker: {
+-      enable: false,
+-      rollback: false,
+-    },
+     maximumPercent: 200,
+     minimumHealthyPercent: 100,
+   },
+   deploymentController: {
+-    type: 'ECS',
++    type: 'CODE_DEPLOY',
+   },
+```
+
+Then deploy the service again.
+
+```console
+$ ecspresso deploy
+```
+
+After completing the deployment, you have to create a CodeDeploy application and deployment group.
+Uncomment [codedeploy.tf](./codedeploy.tf) and run `terraform apply` again.
+
+Finally, now you can deploy the service by ecspresso using CodeDeploy.
+
+```console
+$ ecspresso deploy
+```
+
 ### Cleanup
 
 ```console

diff --git a/tests/terraform/alb.tf b/tests/terraform/alb.tf
@@ -17,7 +17,8 @@ resource "aws_lb" "main" {
 }
 
 resource "aws_lb_target_group" "http" {
-  name                 = "${var.project}-http"
+  for_each             = toset(["alpha", "beta"])
+  name                 = "${var.project}-${each.key}"
   port                 = 80
   target_type          = "ip"
   vpc_id               = aws_vpc.main.id
@@ -34,7 +35,11 @@ resource "aws_lb_target_group" "http" {
     interval            = 6
   }
   tags = {
-    Name = "${var.project}-http"
+    Name = "${var.project}-${each.key}"
+  }
+
+  lifecycle {
+    create_before_destroy = true
   }
 }
 
@@ -45,7 +50,7 @@ resource "aws_lb_listener" "http" {
 
   default_action {
     type             = "forward"
-    target_group_arn = aws_lb_target_group.http.arn
+    target_group_arn = aws_lb_target_group.http["alpha"].arn
   }
 
   tags = {

diff --git a/tests/terraform/codedeploy.tf b/tests/terraform/codedeploy.tf
@@ -0,0 +1,79 @@
+/*
+
+resource "aws_codedeploy_app" "main" {
+  name             = var.project
+  compute_platform = "ECS"
+}
+
+resource "aws_codedeploy_deployment_group" "main" {
+  app_name               = aws_codedeploy_app.main.name
+  deployment_config_name = "CodeDeployDefault.ECSAllAtOnce"
+  deployment_group_name  = var.project
+  service_role_arn       = aws_iam_role.codedeploy.arn
+
+  auto_rollback_configuration {
+    enabled = true
+    events  = ["DEPLOYMENT_FAILURE"]
+  }
+
+  blue_green_deployment_config {
+    deployment_ready_option {
+      action_on_timeout = "CONTINUE_DEPLOYMENT"
+    }
+    terminate_blue_instances_on_deployment_success {
+      action = "TERMINATE"
+    }
+  }
+
+  deployment_style {
+    deployment_option = "WITH_TRAFFIC_CONTROL"
+    deployment_type   = "BLUE_GREEN"
+  }
+
+  ecs_service {
+    cluster_name = aws_ecs_cluster.main.name
+    service_name = var.project
+  }
+
+  load_balancer_info {
+    target_group_pair_info {
+      prod_traffic_route {
+        listener_arns = [aws_lb_listener.http.arn]
+      }
+      target_group {
+        name = aws_lb_target_group.http["alpha"].name
+      }
+      target_group {
+        name = aws_lb_target_group.http["beta"].name
+      }
+    }
+  }
+}
+
+resource "aws_iam_role" "codedeploy" {
+  name = "${var.project}-codedeploy"
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = "sts:AssumeRole"
+        Principal = {
+          Service = "codedeploy.amazonaws.com"
+        }
+        Effect = "Allow"
+        Sid    = ""
+      }
+    ]
+  })
+}
+
+data "aws_iam_policy" "codedeploy" {
+  arn = "arn:aws:iam::aws:policy/AWSCodeDeployRoleForECS"
+}
+
+resource "aws_iam_role_policy_attachment" "codedeploy" {
+  policy_arn = data.aws_iam_policy.codedeploy.arn
+  role       = aws_iam_role.codedeploy.name
+}
+
+*/
diff --git a/tests/terraform/ecs-service-def.jsonnet b/tests/terraform/ecs-service-def.jsonnet
@@ -1,5 +1,6 @@
 {
   deploymentConfiguration: {
+    // remove deploymentCircuitBreaker when deployment controller is CODE_DEPLOY
     deploymentCircuitBreaker: {
       enable: false,
       rollback: false,
@@ -8,7 +9,7 @@
     minimumHealthyPercent: 100,
   },
   deploymentController: {
-    type: 'ECS',
+    type: 'ECS', // ECS or CODE_DEPLOY
   },
   desiredCount: 1,
   enableECSManagedTags: false,
@@ -36,7 +37,7 @@
     },
   },
   platformFamily: 'Linux',
-  platformVersion: 'LATEST',
+  platformVersion: '1.4.0',
   propagateTags: 'SERVICE',
   schedulingStrategy: 'REPLICA',
   tags: [