Search code examples
amazon-web-servicesterraformamazon-ecsterraform-provider-awsaws-fargate

terraform aws: ecs dosn't deploy newest taskdefinition

I'm facing a little problem with my terraform deployment.

A new task definition is created during deployment. I then also see this in the web console. ecs should now actually use this new task definition and update it. Instead, the most recent revision is deployed again.

My expectation would be that if I create a new task definition and pass the arn from that to ecs, that it will be deployed.

Unfortunately, I have no idea where to go from here.

I have created an ecs service with the following config:

resource "aws_ecs_service" "service" {
  name                               = "${var.appPrefix}-api-service-${var.envPrefix}"
  cluster                            = var.ecsClusterId
  task_definition                    = aws_ecs_task_definition.ecsTaskDefinition.arn
  platform_version                   = "1.3.0"
  desired_count                      = 1
  deployment_minimum_healthy_percent = 50
  deployment_maximum_percent         = 200
  launch_type                        = "FARGATE"
  scheduling_strategy                = "REPLICA"
  wait_for_steady_state              = true
  force_new_deployment               = true

  network_configuration {
    security_groups  = [var.ecsSecurityGroupId]
    subnets          = [var.privateSubnet1Id, var.privateSubnet2Id]
    assign_public_ip = false
  }

  load_balancer {
    target_group_arn = var.targetGroupId
    container_name   = var.containerName
    container_port   = var.httpPort
  }

  lifecycle {
    ignore_changes = [task_definition, desired_count]
  }
}

My task definition looks like this:

resource "aws_ecs_task_definition" "ecsTaskDefinition" {
  family                   = "${var.appPrefix}-api-ECSTaskDefinition"
  task_role_arn            = var.ecsTaskRoleArn
  execution_role_arn       = var.ecsTaskExecutionRoleArn
  network_mode             = "awsvpc"
  requires_compatibilities = ["FARGATE"]
  cpu                      = "512"
  memory                   = "1024"
  container_definitions    = <<DEFINITION
[...]
DEFINITION
}

~edit: this is the terraform log:

# module.ecs_api_module.aws_ecs_task_definition.ecsTaskDefinition must be replaced
-/+ resource "aws_ecs_task_definition" "ecsTaskDefinition" {
~ arn                      = "arn:aws:ecs:*****:********:task-definition/project-name-api-ECSTaskDefinition:507" -> (known after apply)
~ container_definitions    = (sensitive) # forces replacement
~ id                       = "project-name-api-ECSTaskDefinition" -> (known after apply)
- ipc_mode                 = "" -> null
- pid_mode                 = "" -> null
~ revision                 = 507 -> (known after apply)
- tags                     = {} -> null
~ tags_all                 = {} -> (known after apply)
# (8 unchanged attributes hidden)
}
Solution

  • Remove the ignore_changes attribute from the ecs_service resource or least remove the task_definition.

      lifecycle {
    ignore_changes = [desired_count]
  }