codeenigma · gregharvey · Jun 29, 2023 · Jun 22, 2023 · Jun 22, 2023 · Jun 22, 2023
diff --git a/docs/roles/deploy_container.md b/docs/roles/deploy_container.md
@@ -38,7 +38,7 @@ Naturally you can always create custom policies and roles to have tighter access
 ```yaml
 ---
 deploy_container:
-  container_name: example
+  container_name: example-container
   container_tag: latest # tag will take format container_name:container_tag
   container_force_build: true # force Docker to build and tag a new image
   docker_registry_name: index.docker.io/example # combines with container_name to make the full registry name, docker_registry_name/container_name
@@ -70,9 +70,10 @@ deploy_container:
       - example-dev-a
       - example-dev-b
     security_groups: [] # list of security groups, accepts names or IDs
-    cluster_name: example
-    family_name: example
+    cluster_name: example-cluster
+    family_name: example-task-definition
     task_definition_revision: "" # integer, but must be presented as a string for Jinja2
+    task_definition_force_create: false # creates a task definition revision every time if set to true
     task_count: 1
     task_minimum_count: 1
     task_maximum_count: 4
@@ -81,16 +82,29 @@ deploy_container:
     service_autoscale_up_cooldown: 120
     service_autoscale_down_cooldown: 120
     service_autoscale_target_value: 70 # the value to trigger a scaling event at
+    service_force_refresh: false # forces a refresh of all containers if set to true
     execution_role_arn: "arn:aws:iam::000000000000:role/ecsTaskExecutionRole" # ARN of the IAM role to run the task as, must have access to the ECR repository if applicable
-    containers: [] # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers
+    containers: # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers
+      - name: example-container
+        essential: true
+        image: index.docker.io/example:latest
+        portMappings:
+          - containerPort: 8080 # should match target_group_port
+            hostPort: 8080
+        logConfiguration:
+          logDriver: awslogs
+          options:
+            awslogs-group: /ecs/example-cluster
+            awslogs-region: eu-west-1
+            awslogs-stream-prefix: "ecs-example-task"
     cpu: 512 # these values can be set globally or per container
     memory: 1024
     launch_type: FARGATE
     network_mode: awsvpc
     #volumes: [] # list of additional volumes to attach
     target_group_name: example # 32 character limit
     target_group_protocol: http
-    target_group_port: 80
+    target_group_port: 8080 # ports lower than 1024 will require the app to be configured to run as a privileged user in the Dockerfile
     target_group_wait_timeout: 200 # how long to wait for target group events to complete
     targets: [] # typically we do not specify targets at this point, this will be handled automatically by the ECS service
       #- Id: 10.0.0.2

diff --git a/roles/deploy_container/README.md b/roles/deploy_container/README.md
@@ -38,7 +38,7 @@ Naturally you can always create custom policies and roles to have tighter access
 ```yaml
 ---
 deploy_container:
-  container_name: example
+  container_name: example-container
   container_tag: latest # tag will take format container_name:container_tag
   container_force_build: true # force Docker to build and tag a new image
   docker_registry_name: index.docker.io/example # combines with container_name to make the full registry name, docker_registry_name/container_name
@@ -70,9 +70,10 @@ deploy_container:
       - example-dev-a
       - example-dev-b
     security_groups: [] # list of security groups, accepts names or IDs
-    cluster_name: example
-    family_name: example
+    cluster_name: example-cluster
+    family_name: example-task-definition
     task_definition_revision: "" # integer, but must be presented as a string for Jinja2
+    task_definition_force_create: false # creates a task definition revision every time if set to true
     task_count: 1
     task_minimum_count: 1
     task_maximum_count: 4
@@ -81,16 +82,29 @@ deploy_container:
     service_autoscale_up_cooldown: 120
     service_autoscale_down_cooldown: 120
     service_autoscale_target_value: 70 # the value to trigger a scaling event at
+    service_force_refresh: false # forces a refresh of all containers if set to true
     execution_role_arn: "arn:aws:iam::000000000000:role/ecsTaskExecutionRole" # ARN of the IAM role to run the task as, must have access to the ECR repository if applicable
-    containers: [] # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers
+    containers: # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers
+      - name: example-container
+        essential: true
+        image: index.docker.io/example:latest
+        portMappings:
+          - containerPort: 8080 # should match target_group_port
+            hostPort: 8080
+        logConfiguration:
+          logDriver: awslogs
+          options:
+            awslogs-group: /ecs/example-cluster
+            awslogs-region: eu-west-1
+            awslogs-stream-prefix: "ecs-example-task"
     cpu: 512 # these values can be set globally or per container
     memory: 1024
     launch_type: FARGATE
     network_mode: awsvpc
     #volumes: [] # list of additional volumes to attach
     target_group_name: example # 32 character limit
     target_group_protocol: http
-    target_group_port: 80
+    target_group_port: 8080 # ports lower than 1024 will require the app to be configured to run as a privileged user in the Dockerfile
     target_group_wait_timeout: 200 # how long to wait for target group events to complete
     targets: [] # typically we do not specify targets at this point, this will be handled automatically by the ECS service
       #- Id: 10.0.0.2

diff --git a/roles/deploy_container/defaults/main.yml b/roles/deploy_container/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 deploy_container:
-  container_name: example
+  container_name: example-container
   container_tag: latest # tag will take format container_name:container_tag
   container_force_build: true # force Docker to build and tag a new image
   docker_registry_name: index.docker.io/example # combines with container_name to make the full registry name, docker_registry_name/container_name
@@ -32,9 +32,10 @@ deploy_container:
       - example-dev-a
       - example-dev-b
     security_groups: [] # list of security groups, accepts names or IDs
-    cluster_name: example
-    family_name: example
+    cluster_name: example-cluster
+    family_name: example-task-definition
     task_definition_revision: "" # integer, but must be presented as a string for Jinja2
+    task_definition_force_create: false # creates a task definition revision every time if set to true
     task_count: 1
     task_minimum_count: 1
     task_maximum_count: 4
@@ -43,16 +44,29 @@ deploy_container:
     service_autoscale_up_cooldown: 120
     service_autoscale_down_cooldown: 120
     service_autoscale_target_value: 70 # the value to trigger a scaling event at
+    service_force_refresh: false # forces a refresh of all containers if set to true
     execution_role_arn: "arn:aws:iam::000000000000:role/ecsTaskExecutionRole" # ARN of the IAM role to run the task as, must have access to the ECR repository if applicable
-    containers: [] # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers
+    containers: # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers
+      - name: example-container
+        essential: true
+        image: index.docker.io/example:latest
+        portMappings:
+          - containerPort: 8080 # should match target_group_port
+            hostPort: 8080
+        logConfiguration:
+          logDriver: awslogs
+          options:
+            awslogs-group: /ecs/example-cluster
+            awslogs-region: eu-west-1
+            awslogs-stream-prefix: "ecs-example-task"
     cpu: 512 # these values can be set globally or per container
     memory: 1024
     launch_type: FARGATE
     network_mode: awsvpc
     #volumes: [] # list of additional volumes to attach
     target_group_name: example # 32 character limit
     target_group_protocol: http
-    target_group_port: 80
+    target_group_port: 8080 # ports lower than 1024 will require the app to be configured to run as a privileged user in the Dockerfile
     target_group_wait_timeout: 200 # how long to wait for target group events to complete
     targets: [] # typically we do not specify targets at this point, this will be handled automatically by the ECS service
       #- Id: 10.0.0.2

diff --git a/roles/deploy_container/tasks/main.yml b/roles/deploy_container/tasks/main.yml
@@ -138,6 +138,7 @@
     state: present
     network_mode: "{{ deploy_container.aws_ecs.network_mode }}"
     volumes: "{{ deploy_container.aws_ecs.volumes | default(omit) }}"
+    force_create: "{{ deploy_container.aws_ecs.task_definition_force_create }}"
   delegate_to: localhost
   when: deploy_container.aws_ecs.enabled
 
@@ -294,6 +295,7 @@
       security_groups: "{{ deploy_container.aws_ecs.security_groups }}"
       assign_public_ip: true # must be true for now - details: https://stackoverflow.com/a/66802973
     tags: "{{ deploy_container.aws_ecs.tags }}"
+    force_new_deployment: "{{ deploy_container.aws_ecs.service_force_refresh }}"
     wait: true
   delegate_to: localhost
   when: deploy_container.aws_ecs.enabled