Merge pull request #11 from synapsestudios/add-container-def-variable-support

add container definition support

Author: dragonfleas

README.md

@@ -55,25 +55,29 @@ You can do this by commenting out the entire module, running a terraform apply,
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_alb_security_group_id"></a> [alb\_security\_group\_id](#input\_alb\_security\_group\_id) | Security Group ID for the ALB | `string` | n/a | yes |
+| <a name="input_assign_public_ip"></a> [assign\_public\_ip](#input\_assign\_public\_ip) | Whether or not to assign a public IP to the task | `bool` | `false` | no |
 | <a name="input_azs"></a> [azs](#input\_azs) | Availability zones | `list(string)` | n/a | yes |
 | <a name="input_cluster_arn"></a> [cluster\_arn](#input\_cluster\_arn) | ECS cluster to deploy into | `string` | n/a | yes |
-| <a name="input_command"></a> [command](#input\_command) | Container startup command | `list(string)` | n/a | yes |
-| <a name="input_container_image"></a> [container\_image](#input\_container\_image) | Image tag of the Docker container to use for this service | `string` | n/a | yes |
+| <a name="input_command"></a> [command](#input\_command) | Container startup command (Use null if container\_definitions is set) | `list(string)` | n/a | yes |
+| <a name="input_container_definitions"></a> [container\_definitions](#input\_container\_definitions) | A list of valid container definitions provided as a single valid JSON document. By default, this module will generate a container definition for you. If you need to provide your own or have multiple, you can do so here. | `string` | `null` | no |
+| <a name="input_container_image"></a> [container\_image](#input\_container\_image) | Image tag of the Docker container to use for this service (Use null if container\_definitions is set) | `string` | n/a | yes |
 | <a name="input_container_port"></a> [container\_port](#input\_container\_port) | Port exposed by the container | `number` | n/a | yes |
-| <a name="input_container_secrets"></a> [container\_secrets](#input\_container\_secrets) | The Secrets to Pass to the container. | <pre>list(object({<br>    name      = string<br>    valueFrom = string<br>  }))</pre> | `[]` | no |
+| <a name="input_container_secrets"></a> [container\_secrets](#input\_container\_secrets) | The Secrets to Pass to the container. (Do not use if container\_definitions is set) | <pre>list(object({<br>    name      = string<br>    valueFrom = string<br>  }))</pre> | `[]` | no |
 | <a name="input_db_instance_class"></a> [db\_instance\_class](#input\_db\_instance\_class) | Size of instances within the RDS cluster | `string` | `"db.t4g.medium"` | no |
 | <a name="input_db_instance_count"></a> [db\_instance\_count](#input\_db\_instance\_count) | How many RDS instances to create | `number` | `1` | no |
 | <a name="input_db_name"></a> [db\_name](#input\_db\_name) | Name of the postgres database to create, if creating an RDS cluster | `string` | `"main"` | no |
 | <a name="input_ecs_desired_count"></a> [ecs\_desired\_count](#input\_ecs\_desired\_count) | How many tasks to launch in ECS service | `number` | `1` | no |
-| <a name="input_environment_variables"></a> [environment\_variables](#input\_environment\_variables) | The environment variables to pass to the container. This is a list of maps. | <pre>list(object({<br>    name  = string<br>    value = string<br>  }))</pre> | `[]` | no |
+| <a name="input_environment_variables"></a> [environment\_variables](#input\_environment\_variables) | The environment variables to pass to the container. This is a list of maps. (Do not use if container\_definitions is set) | <pre>list(object({<br>    name  = string<br>    value = string<br>  }))</pre> | `[]` | no |
 | <a name="input_health_check_path"></a> [health\_check\_path](#input\_health\_check\_path) | Path to use for health checks | `string` | n/a | yes |
-| <a name="input_host_port"></a> [host\_port](#input\_host\_port) | Port exposed by the host | `number` | `null` | no |
+| <a name="input_host_port"></a> [host\_port](#input\_host\_port) | Port exposed by the host (Do not use if container\_definitions is set) | `number` | `null` | no |
 | <a name="input_hostname"></a> [hostname](#input\_hostname) | Hostname to use for listener rule | `string` | n/a | yes |
 | <a name="input_listener_arn"></a> [listener\_arn](#input\_listener\_arn) | ALB listener ARN to add listener rule to | `string` | n/a | yes |
+| <a name="input_load_balancer_container_name"></a> [load\_balancer\_container\_name](#input\_load\_balancer\_container\_name) | Container name to use for load balancer target group forwarder | `string` | n/a | yes |
 | <a name="input_service_name"></a> [service\_name](#input\_service\_name) | Service directory in the application git repo | `string` | n/a | yes |
 | <a name="input_subnets"></a> [subnets](#input\_subnets) | List of subnet names the service will reside on. | `list(string)` | n/a | yes |
+| <a name="input_task_cpu"></a> [task\_cpu](#input\_task\_cpu) | Task CPU | `number` | `1024` | no |
+| <a name="input_task_memory"></a> [task\_memory](#input\_task\_memory) | Task memory | `number` | `2048` | no |
 | <a name="input_use_database_cluster"></a> [use\_database\_cluster](#input\_use\_database\_cluster) | Whether or not we should create a DB cluster and inject the database connection string into the container | `bool` | n/a | yes |
-| <a name="input_use_hostname"></a> [use\_hostname](#input\_use\_hostname) | Whether or not we should create a target group and listener to attach this service to a load balancer | `bool` | n/a | yes |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | VPC to deploy into | `string` | n/a | yes |
 
 ## Outputs

ecs_service.tf

@@ -7,7 +7,7 @@ resource "aws_ecs_service" "this" {
 
   load_balancer {
     target_group_arn = aws_lb_target_group.this.arn
-    container_name   = var.service_name
+    container_name   = var.load_balancer_container_name != null ? var.load_balancer_container_name : var.service_name
     container_port   = var.container_port
   }
 
@@ -16,7 +16,7 @@ resource "aws_ecs_service" "this" {
     security_groups = [aws_security_group.ecs_task.id]
     # If you are using Fargate tasks, in order for the task to pull the container image it must either use a public subnet and be assigned a
     # public IP address or a private subnet that has a route to the internet or a NAT gateway that can route requests to the internet.
-    assign_public_ip = false
+    assign_public_ip = var.assign_public_ip
   }
 
   # This allows dynamic scaling and external deployments

ecs_task_definitions.tf

@@ -1,13 +1,19 @@
 
 resource "aws_ecs_task_definition" "service" {
   family                   = var.service_name
-  container_definitions    = "[${module.service_container_definition.json_map_encoded}]"
+  container_definitions    = var.container_definitions != null ? var.container_definitions : "[${module.service_container_definition.json_map_encoded}]"
   execution_role_arn       = aws_iam_role.ecs_task_execution_role.arn
   task_role_arn            = aws_iam_role.ecs_task_role.arn
   network_mode             = "awsvpc"
-  memory                   = 2048
-  cpu                      = 1024
+  memory                   = var.task_memory
+  cpu                      = var.task_cpu
   requires_compatibilities = ["FARGATE"]
+
+  runtime_platform {
+    # Required if using Fargate launch type
+    operating_system_family = "LINUX"
+  }
+
 }
 
 #tfsec:ignore:aws-cloudwatch-log-group-customer-key
@@ -16,6 +22,8 @@ resource "aws_cloudwatch_log_group" "service" {
 }
 
 module "service_container_definition" {
+  count = var.container_definitions != null ? 0 : 1
+
   source  = "cloudposse/ecs-container-definition/aws"
   version = "0.58.1"
 

ecs_task_execution_role.tf

@@ -26,4 +26,4 @@ resource "aws_iam_role_policy_attachment" "ecs_task_execution_role" {
 resource "aws_iam_role_policy_attachment" "secrets_manager" {
   role       = aws_iam_role.ecs_task_execution_role.name
   policy_arn = "arn:aws:iam::aws:policy/SecretsManagerReadWrite"
-}
+}

variables.tf

@@ -15,7 +15,7 @@ variable "subnets" {
 
 variable "container_image" {
   type        = string
-  description = "Image tag of the Docker container to use for this service"
+  description = "Image tag of the Docker container to use for this service (Use null if container_definitions is set)"
 }
 
 variable "azs" {
@@ -28,7 +28,7 @@ variable "environment_variables" {
     name  = string
     value = string
   }))
-  description = "The environment variables to pass to the container. This is a list of maps."
+  description = "The environment variables to pass to the container. This is a list of maps. (Do not use if container_definitions is set)"
   default     = []
 }
 
@@ -37,7 +37,7 @@ variable "container_secrets" {
     name      = string
     valueFrom = string
   }))
-  description = "The Secrets to Pass to the container."
+  description = "The Secrets to Pass to the container. (Do not use if container_definitions is set)"
   default     = []
 }
 
@@ -53,7 +53,7 @@ variable "alb_security_group_id" {
 
 variable "command" {
   type        = list(string)
-  description = "Container startup command"
+  description = "Container startup command (Use null if container_definitions is set)"
 }
 
 variable "hostname" {
@@ -73,7 +73,7 @@ variable "container_port" {
 
 variable "host_port" {
   type        = number
-  description = "Port exposed by the host"
+  description = "Port exposed by the host (Do not use if container_definitions is set)"
   default     = null
 }
 
@@ -87,11 +87,6 @@ variable "use_database_cluster" {
   description = "Whether or not we should create a DB cluster and inject the database connection string into the container"
 }
 
-variable "use_hostname" {
-  type        = bool
-  description = "Whether or not we should create a target group and listener to attach this service to a load balancer"
-}
-
 variable "ecs_desired_count" {
   type        = number
   default     = 1
@@ -115,3 +110,32 @@ variable "db_instance_count" {
   default     = 1
   description = "How many RDS instances to create"
 }
+
+variable "container_definitions" {
+  type        = string
+  description = "A list of valid container definitions provided as a single valid JSON document. By default, this module will generate a container definition for you. If you need to provide your own or have multiple, you can do so here."
+  default     = null
+}
+
+variable "task_memory" {
+  type        = number
+  description = "Task memory"
+  default     = 2048
+}
+
+variable "task_cpu" {
+  type        = number
+  description = "Task CPU"
+  default     = 1024
+}
+
+variable "load_balancer_container_name" {
+  type        = string
+  description = "Container name to use for load balancer target group forwarder"
+}
+
+variable "assign_public_ip" {
+  type        = bool
+  description = "Whether or not to assign a public IP to the task"
+  default     = false
+}