CircleCI deployment to AWS ECS

CircleCI job steps

devops

aws circleci cicd

IAM permissions needed by CircleCI

  • EC2 Container Registry Full Access to repo arn resource
  • EC2 Container Service : RegisterTaskDefinition
  • EC2 Container Service : UpdateService

Environment variables

  • AWS_ACCOUNT_ID
  • AWS_REGION
  • AWS_ECS_CLUSTER
  • AWS_ECS_SERVICE
  • AWS_ECS_TASK_NAME

CircleCI Screenshot

CircleCI job

docker:
- image: circleci/python:3.6.1
steps:
- checkout
- setup_remote_docker
- run:
name: Install AWScli
command: pip install awscli --upgrade --user
- run:
name: Build Docker image
command: docker build -t $CIRCLE_PROJECT_REPONAME:$CIRCLE_SHA1 .
- run:
name: Push Docker image to ECR
command: |
eval $(python -m awscli ecr get-login --region us-west-2)
docker tag $CIRCLE_PROJECT_REPONAME:$CIRCLE_SHA1 $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$CIRCLE_PROJECT_REPONAME:$CIRCLE_SHA1
docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$CIRCLE_PROJECT_REPONAME:$CIRCLE_SHA1
- run:
name: Update task definition and service in ECS
command: |
containers=$(printf '[
{
"name": "web",
"image": "%s.dkr.ecr.%s.amazonaws.com/%s:%s",
"portMappings": [
{
"protocol": "tcp",
"containerPort": 5000,
"hostPort": 0
}
],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-region": "%s",
"awslogs-stream-prefix": "ecs",
"awslogs-group": "/ecs/%s"
}
},
"memory": 128,
"essential": true
}
]' $AWS_ACCOUNT_ID $AWS_REGION $CIRCLE_PROJECT_REPONAME $CIRCLE_SHA1 $AWS_REGION $AWS_ECS_TASK_NAME)
echo "$containers"
task_definition=$(python -m awscli ecs register-task-definition --container-definitions "$containers" --family $AWS_ECS_TASK_NAME --region $AWS_REGION)
revision=$(echo $task_definition | jq '.["taskDefinition"]["revision"]')
python -m awscli ecs update-service --cluster "$AWS_ECS_CLUSTER" --service "$AWS_ECS_SERVICE" --task-definition "$AWS_ECS_TASK_NAME":"$revision" --region $AWS_REGION
view raw circleci-deploy-to-aws-ecs.yml hosted with ❤ by GitHub