はじめに
GitHub ActionsからECS タスク定義(aws ecs register-task-definition)を登録する際に、jsonファイルを事前に用意する必要があります。
マネジメントコンソール上からjsonデータを取得できますが、そのままの利用はできないです。
そのため、AWS CLIを使って取得する方法について、後述します。
タスク定義ファイルの取得方法
タスク定義の最新版の情報を取得します。
TASK_DEFINITION=$(aws ecs describe-task-definition --task-definition "${タスク定義名}" --query taskDefinition)
echo $TASK_DEFINITION
{
"taskDefinitionArn": "${タスク定義 ARN}",
"containerDefinitions": [
{
"name": "${コンテナ名}",
"image": "${アカウントID}.dkr.ecr.ap-northeast-1.amazonaws.com/${タグ名}",
"cpu": 0,
"portMappings": [
{
"containerPort": 3000,
"hostPort": 3000,
"protocol": "tcp"
}
],
"essential": true,
"environment": [],
"mountPoints": [],
"volumesFrom": [],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "${ロググループ名}",
"awslogs-region": "ap-northeast-1",
"awslogs-stream-prefix": "ecs"
〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜省略〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜
タスク定義登録時に不要な箇所を削除し、成形します。
NEW_TASK_DEFINITION=$(echo $TASK_DEFINITION | jq --arg IMAGE "${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ secrets.PROJECT }}-private-repository-${{ inputs.env_var }}:${{ github.sha }}" '
del(.taskDefinitionArn, .revision, .status, .requiresAttributes, .compatibilities, .registeredAt, .registeredBy) |
.containerDefinitions[0].image = $IMAGE')
echo $NEW_TASK_DEFINITION > task.json
cat task.json
{
"containerDefinitions": [
{
"name": "${コンテナ名}",
"image": "${アカウントID}.dkr.ecr.ap-northeast-1.amazonaws.com/${タグ名}",
"cpu": 0,
"portMappings": [
{
"containerPort": 3000,
"hostPort": 3000,
"protocol": "tcp"
}
],
"essential": true,
"environment": [],
"mountPoints": [],
"volumesFrom": [],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "${ロググループ名}",
"awslogs-region": "ap-northeast-1",
"awslogs-stream-prefix": "ecs"
〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜省略〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜
タスク定義の登録(aws ecs register-task-definition)
タスク定義の登録を行い、完了です。
aws ecs register-task-definition --cli-input-json fileb://task.json
{
"taskDefinition": {
"taskDefinitionArn": "${タスク定義 ARN}",
"containerDefinitions": [
{
"name": "${コンテナ名}",
"image": "${アカウントID}.dkr.ecr.ap-northeast-1.amazonaws.com/${タグ名}",
"cpu": 0,
"portMappings": [
{
"containerPort": 3000,
"hostPort": 3000,
"protocol": "tcp"
}
],
"essential": true,
"environment": [],
"mountPoints": [],
"volumesFrom": [],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "${ロググループ名}",
"awslogs-region": "ap-northeast-1",
"awslogs-stream-prefix": "ecs"
〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜省略〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜
jsonデータの成形を行わずに登録した場合
下記エラーが出ます。こちらを参考に、成形を行いました
aws ecs register-task-definition --cli-input-json fileb://task.json
Parameter validation failed:
Unknown parameter in input: "taskDefinitionArn", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory, tags, pidMode, ipcMode, proxyConfiguration, inferenceAccelerators, ephemeralStorage, runtimePlatform
Unknown parameter in input: "revision", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory, tags, pidMode, ipcMode, proxyConfiguration, inferenceAccelerators, ephemeralStorage, runtimePlatform
Unknown parameter in input: "status", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory, tags, pidMode, ipcMode, proxyConfiguration, inferenceAccelerators, ephemeralStorage, runtimePlatform
Unknown parameter in input: "requiresAttributes", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory, tags, pidMode, ipcMode, proxyConfiguration, inferenceAccelerators, ephemeralStorage, runtimePlatform
Unknown parameter in input: "compatibilities", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory, tags, pidMode, ipcMode, proxyConfiguration, inferenceAccelerators, ephemeralStorage, runtimePlatform
Unknown parameter in input: "registeredAt", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory, tags, pidMode, ipcMode, proxyConfiguration, inferenceAccelerators, ephemeralStorage, runtimePlatform
Unknown parameter in input: "registeredBy", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory, tags, pidMode, ipcMode, proxyConfiguration, inferenceAccelerators, ephemeralStorage, runtimePlatform
GitHub Actionsからタスク定義を登録する時の実装
GitHub Actionsからの実装の場合は、ECRのURIを更新する場合がほとんどかと思います。
下記が更新例のため、ご参考程度に載せておきます。
# タスク定義ファイルを読み込む
TASK_DEFINITION=$(cat ${{ github.workspace }}/.github/workflows/ecs_task_definition/task_definition.json)
# イメージを更新
NEW_TASK_DEFINITION=$(echo "$TASK_DEFINITION" | jq --arg IMAGE "${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ secrets.PROJECT }}-private-repository-${{ inputs.env_var }}:${{ github.sha }}" '
.containerDefinitions[0].image = $IMAGE
')
# 新しいタスク定義を登録
NEW_TASK_DEFINITION_ARN=$(aws ecs register-task-definition --cli-input-json "$NEW_TASK_DEFINITION" --query 'taskDefinition.taskDefinitionArn' --output text)
echo "NEW_TASK_DEFINITION_ARN=$NEW_TASK_DEFINITION_ARN" >> "$GITHUB_ENV"