Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AWS::ECS::Service] - [BUG] - Drift for Task Definition version with CODE_DEPLOY DeploymentController #2234

Open
eylon-commit opened this issue Jan 13, 2025 · 0 comments
Open

[AWS::ECS::Service] - [BUG] - Drift for Task Definition version with CODE_DEPLOY DeploymentController #2234

eylon-commit opened this issue Jan 13, 2025 · 0 comments
Labels
bug

Comments

@eylon-commit
Copy link

Name of the resource

AWS::ECS::Service

Resource Name

No response

Issue Description

There is an issue while using the DeploymentController of type CODE_DEPLOY which update the task definition revision number outside of CloudFormation.

The drift looks like this:
Expected: "TaskDefinition": "arn:aws:ecs:eu-west-1:xxxxxxxxx:task-definition/taskdef-qa-demo:2"
Actual: "TaskDefinition": "arn:aws:ecs:eu-west-1:xxxxxxxxxxxx:task-definition/taskdef-qa-demo:23"

Example code looks like this:
ECSServiceDemo:
Type: AWS::ECS::Service
Properties:
Cluster: !Sub cluster-${environment}-01
DeploymentController:
Type: CODE_DEPLOY
DesiredCount: 1
LaunchType: FARGATE
LoadBalancers:
- TargetGroupArn: !Ref TGDemo01
ContainerName: !Sub dkr-${environment}-demo
ContainerPort: 5022
NetworkConfiguration:
AwsvpcConfiguration:
AssignPublicIp: DISABLED
SecurityGroups:
- !Sub "{{resolve:ssm:/${environment}/security-group/id/sgr-${environment}-demo}}"
Subnets:
- !Sub "{{resolve:ssm:/${environment}/subnet/net-${environment}-app-01}}"
- !Sub "{{resolve:ssm:/${environment}/subnet/net-${environment}-app-02}}"
ServiceName: !Sub svc-${environment}-demo
TaskDefinition: !Ref TaskDefenitionDemo

The task definition was created by CloudFormation in the same stack, however, because the b/g deployment happens by CodeDeploy outside of CloudFormation, CloudFormation is probably not aware of the current revision number and it causes drift.

The Task Definition name in CloudFormation does NOT contain a revision number.

Expected Behavior

Either remove the TaskDefinition property from drift detection while the DeploymentController is of type CODE_DEPLOY, or make sure CloudFormation can update internally the revision number when DeploymentController is of type CODE_DEPLOY.

Observed Behavior

The revision number differs from the revision number configured in the stack, even though it's not specified in the template.

Test Cases

Create a Task Definition and ECS Service with DeploymentController type of CODE_DEPLOY and configure CodePipeline for CI/CD to trigger CodeDeploy, or do it manually.

Other Details

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eylon-commit