Update README.md and include module examples

jasonwalsh · jasonwalsh · commit 77ee65a46938 · 2019-03-07T12:48:43.000-05:00
- Include module inputs and outputs
- Include examples
- Update outputs to include `arn`, `family`, and `revision` of the task
definition
diff --git a/README.md b/README.md
@@ -1 +1,161 @@
 [![CircleCI](https://circleci.com/gh/mongodb/terraform-aws-ecs-task-definition.svg?style=svg)](https://circleci.com/gh/mongodb/terraform-aws-ecs-task-definition)
+
+> A Terraform module for creating Amazon [ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definitions.html)
+
+## Contents
+
+- [Motivation](#motivation)
+  - [Use Cases](#use-cases)
+- [Requirements](#requirements)
+- [Usage](#usage)
+- [Inputs](#inputs)
+- [Outputs](#outputs)
+- [Testing](#testing)
+
+## Motivation
+
+The purpose of this module is to generate a valid Amazon [ECS Task Definition](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definitions.html) dynamically. A task definition is required to run Docker containers in Amazon ECS. A task definition contains a list of [container definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions) received by the Docker daemon to create a container instance.
+
+### Use Cases
+
+- Have Terraform generate valid task definitions dynamically
+- Update the ECS task definition and trigger new [service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) deployments automatically (see [examples/ecs_update_service.tf](examples/ecs_update_service.tf))
+
+## Requirements
+
+- [Terraform](https://www.terraform.io/downloads.html)
+- [Go](https://golang.org/dl/) (for testing)
+
+## Usage
+
+This module uses the same parameters as the [`ContainerDefinition`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) object. Given the following Terraform configuration:
+
+```hcl
+provider "aws" {}
+
+module "mongo-task-definition" {
+  source = "github.com/mongodb/terraform-aws-ecs-task-definition"
+
+  family = "mongo"
+  image  = "mongo:3.6"
+  memory = 512
+  name   = "mongo"
+
+  portMappings = [
+    {
+      containerPort = 27017
+    },
+  ]
+}
+```
+
+Invoking the commands defined below creates an ECS task definition with the following [`containerDefinitions`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RegisterTaskDefinition.html#ECS-RegisterTaskDefinition-request-containerDefinitions):
+
+    $ terraform init
+    $ terraform apply
+
+```json
+[
+  {
+    "command": null,
+    "cpu": null,
+    "disableNetworking": false,
+    "dnsSearchDomains": null,
+    "dnsServers": null,
+    "dockerLabels": null,
+    "dockerSecurityOptions": null,
+    "entryPoint": null,
+    "environment": null,
+    "essential": true,
+    "extraHosts": null,
+    "healthCheck": null,
+    "hostname": null,
+    "image": "mongo:3.6",
+    "interactive": false,
+    "links": null,
+    "linuxParameters": null,
+    "logConfiguration": null,
+    "memory": 512,
+    "memoryReservation": null,
+    "mountPoints": null,
+    "name": "mongo",
+    "portMappings": [{"containerPort":27017}],
+    "privileged": false,
+    "pseudoTerminal": false,
+    "readonlyRootFilesystem": false,
+    "repositoryCredentials": null,
+    "resourceRequirements": null,
+    "secrets": null,
+    "systemControls": null,
+    "ulimits": null,
+    "user": null,
+    "volumesFrom": null,
+    "workingDirectory": null
+  }
+]
+```
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| command | The command that is passed to the container | list | `<list>` | no |
+| cpu | The number of cpu units reserved for the container | string | `"0"` | no |
+| disableNetworking | When this parameter is true, networking is disabled within the container | string | `"false"` | no |
+| dnsSearchDomains | A list of DNS search domains that are presented to the container | list | `<list>` | no |
+| dnsServers | A list of DNS servers that are presented to the container | list | `<list>` | no |
+| dockerLabels | A key/value map of labels to add to the container | map | `<map>` | no |
+| dockerSecurityOptions | A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems | list | `<list>` | no |
+| entryPoint | The entry point that is passed to the container | list | `<list>` | no |
+| environment | The environment variables to pass to a container | list | `<list>` | no |
+| essential | If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped | string | `"true"` | no |
+| execution\_role\_arn | The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume | string | `""` | no |
+| extraHosts | A list of hostnames and IP address mappings to append to the /etc/hosts file on the container | list | `<list>` | no |
+| family | You must specify a family for a task definition, which allows you to track multiple versions of the same task definition | string | n/a | yes |
+| healthCheck | The health check command and associated configuration parameters for the container | map | `<map>` | no |
+| hostname | The hostname to use for your container | string | `""` | no |
+| image | The image used to start a container | string | `""` | no |
+| interactive | When this parameter is true, this allows you to deploy containerized applications that require stdin or a tty to be allocated | string | `"false"` | no |
+| ipc\_mode | The IPC resource namespace to use for the containers in the task | string | `"host"` | no |
+| links | The link parameter allows containers to communicate with each other without the need for port mappings | list | `<list>` | no |
+| linuxParameters | Linux-specific modifications that are applied to the container, such as Linux KernelCapabilities | map | `<map>` | no |
+| logConfiguration | The log configuration specification for the container | map | `<map>` | no |
+| memory | The hard limit (in MiB) of memory to present to the container | string | `"0"` | no |
+| memoryReservation | The soft limit (in MiB) of memory to reserve for the container | string | `"0"` | no |
+| mountPoints | The mount points for data volumes in your container | list | `<list>` | no |
+| name | The name of a container | string | `""` | no |
+| network\_mode | The Docker networking mode to use for the containers in the task | string | `"bridge"` | no |
+| pid\_mode | The process namespace to use for the containers in the task | string | `"host"` | no |
+| placement\_constraints | An array of placement constraint objects to use for the task | list | `<list>` | no |
+| portMappings | The list of port mappings for the container | list | `<list>` | no |
+| privileged | When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user) | string | `"false"` | no |
+| pseudoTerminal | When this parameter is true, a TTY is allocated | string | `"false"` | no |
+| readonlyRootFilesystem | When this parameter is true, the container is given read-only access to its root file system | string | `"false"` | no |
+| repositoryCredentials | The private repository authentication credentials to use | map | `<map>` | no |
+| requires\_compatibilities | The launch type required by the task | list | `<list>` | no |
+| resourceRequirements | The type and amount of a resource to assign to a container | list | `<list>` | no |
+| secrets | The secrets to pass to the container | list | `<list>` | no |
+| systemControls | A list of namespaced kernel parameters to set in the container | list | `<list>` | no |
+| tags | The metadata that you apply to the task definition to help you categorize and organize them | map | `<map>` | no |
+| task\_role\_arn | The short name or full Amazon Resource Name (ARN) of the IAM role that containers in this task can assume | string | `""` | no |
+| ulimits | A list of ulimits to set in the container | list | `<list>` | no |
+| user | The user name to use inside the container | string | `""` | no |
+| volumes | A list of volume definitions in JSON format that containers in your task may use | list | `<list>` | no |
+| volumesFrom | Data volumes to mount from another container | list | `<list>` | no |
+| workingDirectory | The working directory in which to run commands inside the container | string | `""` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| arn | The full Amazon Resource Name (ARN) of the task definition |
+| container\_definitions | A list of container definitions in JSON format that describe the different containers that make up your task |
+| family | The family of your task definition, used as the definition name |
+| revision | The revision of the task in a particular family |
+
+## Testing
+
+This module uses [Terratest](https://github.com/gruntwork-io/terratest), a Go library maintained by [Gruntwork](https://gruntwork.io/), to write automated tests for your infrastructure code. To invoke tests, run the following commands:
+
+    $ dep ensure
+    $ go test -v ./...
diff --git a/examples/ecs_update_service.tf b/examples/ecs_update_service.tf
@@ -0,0 +1,42 @@
+# This configuration demonstrates forcing the new deployment of an ECS
+# service if there is a change to the ECS task definition. The
+# configuration uses the `null_resource` provider to invoke the
+# `local-exec` provisioner whenever the task definition ARN changes.
+#
+# To force a new deployment even if there are no changes made to the
+# task definition, `taint` the resource:
+#
+#  $ terraform taint null_resource.update-service
+
+provider "aws" {}
+
+module "mongo-task-definition" {
+  source = "github.com/mongodb/terraform-aws-ecs-task-definition"
+
+  family = "mongo"
+  image  = "mongo:3.6"
+  memory = 512
+  name   = "mongo"
+
+  portMappings = [
+    {
+      containerPort = 27017
+    },
+  ]
+}
+
+resource "aws_ecs_service" "mongo" {
+  cluster         = "mongo"
+  name            = "mongo"
+  task_definition = "${module.mongo-task-definition.arn}"
+}
+
+resource "null_resource" "update-service" {
+  triggers = {
+    arn = "${module.mongo-task-definition.arn}"
+  }
+
+  provisioner "local-exec" {
+    command = "aws ecs update-service --cluster ${aws_ecs_service.mongo.cluster} --service ${aws_ecs_service.mongo.name} --task-definition ${module.mongo-task-definition.arn} --force-new-deployment"
+  }
+}
diff --git a/outputs.tf b/outputs.tf
@@ -1,4 +1,19 @@
+output "arn" {
+  description = "The full Amazon Resource Name (ARN) of the task definition"
+  value       = "${aws_ecs_task_definition.ecs_task_definition.arn}"
+}
+
 output "container_definitions" {
   description = "A list of container definitions in JSON format that describe the different containers that make up your task"
   value       = "${local.container_definitions}"
 }
+
+output "family" {
+  description = "The family of your task definition, used as the definition name"
+  value       = "${aws_ecs_task_definition.ecs_task_definition.family}"
+}
+
+output "revision" {
+  description = "The revision of the task in a particular family"
+  value       = "${aws_ecs_task_definition.ecs_task_definition.revision}"
+}
