Fix CI (#215)

* chore: bump xcode from 13.3.1 to 13.4.1 * chore: replace cimg/base:stable with cimg/base:current * chore: bump orb aws-cli from 4.0 to 4.1 * chore: bump orb jq from 2.2 to 3.0 * chore: bump orb tools from 12.0 to 12.1 * Install using brew for macos * Add an option to authenticate with OIDC in test-deployment * Update tests to use ECS deployment controller * Update tests to use ECS deployment controller * Update deployment controller on terraform file * Update ports in terraform definition for fargate * Update ports in terraform definition for fargate * Test against the other listener * Use custom port to test * Go back to code deploy * remove update tests from fargate as that is not a possible thing to do with terraform * remove update tests from fargate as that is not a possible thing to do with terraform * Remove missing test * Fix port variable --------- Co-authored-by: Mateo Arboleda <mateo.arboleda@circleci.com>
CircleCI-Public · Aug 20, 2024 · d99f46f · d99f46f
1 parent 4f6a2db
commit d99f46f
Show file tree

Hide file tree

Showing 2 changed files with 113 additions and 87 deletions.
diff --git a/.circleci/test-deploy.yml b/.circleci/test-deploy.yml
@@ -1,8 +1,8 @@
 version: 2.1
 orbs:
-  orb-tools: circleci/orb-tools@12.0
-  aws-cli: circleci/aws-cli@4.0
-  jq: circleci/jq@2.2
+  orb-tools: circleci/orb-tools@12.1
+  aws-cli: circleci/aws-cli@4.1
+  jq: circleci/jq@3.0
   aws-ecs: {}
 filters: &filters
   tags:
@@ -39,7 +39,7 @@ jobs:
             - ~/.cache
   test-fargatespot:
     docker:
-      - image: cimg/base:stable
+      - image: cimg/base:current
     parameters:
       profile_name:
         type: string
@@ -491,6 +491,7 @@ workflows:
           context: [CPE-OIDC]
           post-steps:
             - test-deployment:
+                profile: "ECS_TEST_PROFILE"
                 service_name: "${AWS_RESOURCE_NAME_PREFIX_FARGATE}-service"
                 cluster: "${AWS_RESOURCE_NAME_PREFIX_FARGATE}-cluster"
       - aws-ecs/deploy_service_update:
@@ -613,6 +614,7 @@ workflows:
             - test-deployment:
                 service_name: "${AWS_RESOURCE_NAME_PREFIX_EC2}-service"
                 cluster: "${AWS_RESOURCE_NAME_PREFIX_EC2}-cluster"
+                profile: "ECS_TEST_PROFILE"
                 test-asterisk-expansion: true
       - tear-down-test-env:
           name: ec2_tear-down-test-env
@@ -652,83 +654,84 @@ workflows:
           terraform-config-dir: "tests/terraform_setup/fargate_codedeploy"
           context: [CPE-OIDC]
           role_arn: "arn:aws:iam::122211685980:role/CPE_ECS_OIDC_TEST"
-      - test-service-update:
-          name: codedeploy_fargate_test-update_service-command
-          filters: *filters
-          requires:
-            - codedeploy_fargate_set-up-test-env
-          aws-resource-name-prefix: ${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}
-          family_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-          service_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-          docker-image-namespace: "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com"
-          docker-image-name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}:${CIRCLE_SHA1}"
-          role_arn: "arn:aws:iam::122211685980:role/CPE_ECS_OIDC_TEST"
-          skip-service-update: true
-          context: [CPE-OIDC]
-      - aws-ecs/deploy_service_update:
-          name: codedeploy_fargate_test-update_service-job
-          auth:
-            - aws-cli/setup:
-                role_arn: "arn:aws:iam::122211685980:role/CPE_ECS_OIDC_TEST"
-          filters: *filters
-          requires:
-            - codedeploy_fargate_test-update_service-command
-          region: AWS_REGION
-          family: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-          cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
-          container_image_name_updates: "container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,image-and-tag=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}:${CIRCLE_SHA1}"
-          container_env_var_updates: 'container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,name=VERSION_INFO,value="${CIRCLE_SHA1}_${CIRCLE_BUILD_NUM}",container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,name=BUILD_DATE,value=$(date)'
-          deployment_controller: "CODE_DEPLOY"
-          codedeploy_application_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeployapp"
-          codedeploy_deployment_group_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeploygroup"
-          codedeploy_load_balanced_container_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-          codedeploy_load_balanced_container_port: 80
-          codedeploy_capacity_provider_name: "FARGATE"
-          codedeploy_capacity_provider_base: "1"
-          codedeploy_capacity_provider_weight: "2"
-          verify_revision_is_deployed: false
-          context: [CPE-OIDC]
-          post-steps:
-            - wait-for-codedeploy-deployment:
-                application-name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeployapp"
-                deployment-group-name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeploygroup"
-            - test-deployment:
-                service_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-                cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
-                delete-load-balancer: false
-      - aws-ecs/deploy_service_update:
-          name: codedeploy_fargate_test-update-and-wait-service-job
-          auth:
-            - aws-cli/setup:
-                role_arn: "arn:aws:iam::122211685980:role/CPE_ECS_OIDC_TEST"
-          context: [CPE-OIDC]
-          filters: *filters
-          requires:
-            - codedeploy_fargate_test-update_service-job
-          region: AWS_REGION
-          family: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-          cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
-          container_image_name_updates: "container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,image-and-tag=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}:${CIRCLE_SHA1}"
-          container_env_var_updates: 'container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,name=VERSION_INFO,value="${CIRCLE_SHA1}_${CIRCLE_BUILD_NUM}",container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,name=BUILD_DATE,value=$(date)'
-          deployment_controller: "CODE_DEPLOY"
-          codedeploy_application_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeployapp"
-          codedeploy_deployment_group_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeploygroup"
-          codedeploy_load_balanced_container_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-          codedeploy_load_balanced_container_port: 80
-          verify_revision_is_deployed: true
-          verification_timeout: "12m"
-          post-steps:
-            - test-deployment:
-                service_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-                cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
-                delete-load-balancer: true
-            - delete-service:
-                service_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
-                cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
+      # - test-service-update:
+      #     name: codedeploy_fargate_test-update_service-command
+      #     filters: *filters
+      #     requires:
+      #       - codedeploy_fargate_set-up-test-env
+      #     aws-resource-name-prefix: ${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}
+      #     family_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #     service_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #     docker-image-namespace: "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com"
+      #     docker-image-name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}:${CIRCLE_SHA1}"
+      #     role_arn: "arn:aws:iam::122211685980:role/CPE_ECS_OIDC_TEST"
+      #     skip-service-update: true
+      #     context: [CPE-OIDC]
+      # - aws-ecs/deploy_service_update:
+      #     name: codedeploy_fargate_test-update_service-job
+      #     auth:
+      #       - aws-cli/setup:
+      #           role_arn: "arn:aws:iam::122211685980:role/CPE_ECS_OIDC_TEST"
+      #     filters: *filters
+      #     requires:
+      #       - codedeploy_fargate_test-update_service-command
+      #     region: AWS_REGION
+      #     family: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #     cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
+      #     container_image_name_updates: "container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,image-and-tag=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}:${CIRCLE_SHA1}"
+      #     container_env_var_updates: 'container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,name=VERSION_INFO,value="${CIRCLE_SHA1}_${CIRCLE_BUILD_NUM}",container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,name=BUILD_DATE,value=$(date)'
+      #     deployment_controller: "ECS"
+      #     codedeploy_application_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeployapp"
+      #     codedeploy_deployment_group_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeploygroup"
+      #     codedeploy_load_balanced_container_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #     codedeploy_load_balanced_container_port: 80
+      #     codedeploy_capacity_provider_name: "FARGATE"
+      #     codedeploy_capacity_provider_base: "1"
+      #     codedeploy_capacity_provider_weight: "2"
+      #     verify_revision_is_deployed: false
+      #     context: [CPE-OIDC]
+      #     post-steps:
+      #       - wait-for-codedeploy-deployment:
+      #           application-name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeployapp"
+      #           deployment-group-name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeploygroup"
+      #       - test-deployment:
+      #           service_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #           cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
+      #           port: "8080"
+      #           delete-load-balancer: false
+      # - aws-ecs/deploy_service_update:
+      #     name: codedeploy_fargate_test-update-and-wait-service-job
+      #     auth:
+      #       - aws-cli/setup:
+      #           role_arn: "arn:aws:iam::122211685980:role/CPE_ECS_OIDC_TEST"
+      #     context: [CPE-OIDC]
+      #     filters: *filters
+      #     requires:
+      #       - codedeploy_fargate_test-update_service-job
+      #     region: AWS_REGION
+      #     family: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #     cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
+      #     container_image_name_updates: "container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,image-and-tag=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}:${CIRCLE_SHA1}"
+      #     container_env_var_updates: 'container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,name=VERSION_INFO,value="${CIRCLE_SHA1}_${CIRCLE_BUILD_NUM}",container=${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service,name=BUILD_DATE,value=$(date)'
+      #     deployment_controller: "CODE_DEPLOY"
+      #     codedeploy_application_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeployapp"
+      #     codedeploy_deployment_group_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-codedeploygroup"
+      #     codedeploy_load_balanced_container_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #     codedeploy_load_balanced_container_port: 80
+      #     verify_revision_is_deployed: true
+      #     verification_timeout: "12m"
+      #     post-steps:
+      #       - test-deployment:
+      #           service_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #           cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
+      #           delete-load-balancer: true
+      #       - delete-service:
+      #           service_name: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-service"
+      #           cluster: "${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}-cluster"
       - tear-down-test-env:
           name: codedeploy_fargate_tear-down-test-env
           requires:
-            - codedeploy_fargate_test-update-and-wait-service-job
+            - codedeploy_fargate_set-up-test-env
           terraform-image: "hashicorp/terraform:1.4.0"
           aws-resource-name-prefix: ${AWS_RESOURCE_NAME_PREFIX_CODEDEPLOY_FARGATE}
           terraform-config-dir: "tests/terraform_setup/fargate_codedeploy"
@@ -801,26 +804,45 @@ commands:
         description: "Whether to delete the load balancer after the test"
         type: boolean
         default: false
+      profile:
+        description: "The profile used to authenticate when OIDC was used"
+        type: string
+        default: ""
+      port:
+        description: "Port to test against"
+        type: string
+        default: "80"
     steps:
       - run:
           name: Test deployment (for orb testing and is not part of the orb)
           command: |-
+            if [ "<< parameters.profile >>" = "" ]; then
+              PROFILE=""
+            else
+              PROFILE="--profile << parameters.profile >>"
+            fi
+            if [ "<< parameters.port >>" = "" ]; then
+              PORT="80"
+            else
+              PORT="<< parameters.port >>"
+            fi
+            
             set -x
-            TARGET_GROUP_ARN=$(aws ecs describe-services --cluster << parameters.cluster >> --services << parameters.service_name >> | jq -r '.services[0].loadBalancers[0].targetGroupArn')
-            ELB_ARN=$(aws elbv2 describe-target-groups --target-group-arns $TARGET_GROUP_ARN | jq -r '.TargetGroups[0].LoadBalancerArns[0]')
-            ELB_DNS_NAME=$(aws elbv2 describe-load-balancers --load-balancer-arns $ELB_ARN | jq -r '.LoadBalancers[0].DNSName')
+            TARGET_GROUP_ARN=$(aws ecs describe-services --cluster << parameters.cluster >> --services << parameters.service_name >> $PROFILE | jq -r '.services[0].loadBalancers[0].targetGroupArn')
+            ELB_ARN=$(aws elbv2 describe-target-groups --target-group-arns $TARGET_GROUP_ARN $PROFILE | jq -r '.TargetGroups[0].LoadBalancerArns[0]')
+            ELB_DNS_NAME=$(aws elbv2 describe-load-balancers --load-balancer-arns $ELB_ARN $PROFILE | jq -r '.LoadBalancers[0].DNSName')
             echo "ELB DNS NAME: $ELB_DNS_NAME"
             echo "Sleeping for one minute while waiting for AWS to come online."
             sleep 160s
             echo "Done sleeping"
-            curl --retry 10 http://$ELB_DNS_NAME
+            curl --retry 10 http://$ELB_DNS_NAME:$PORT
             run_with_retry() {
               MAX_RETRY=6
               n=0
               until [ $n -ge $MAX_RETRY ]
               do
                 # retry many times in case it takes a while for the new task definition to take effect
-                curl -s --retry 10 http://$ELB_DNS_NAME \
+                curl -s --retry 10 http://$ELB_DNS_NAME:$PORT \
                   | grep -E "Hello World\!.*${CIRCLE_SHA1}_${CIRCLE_BUILD_NUM}" <<#parameters.test-asterisk-expansion>> | grep "Asterisk \* expansion test"<</parameters.test-asterisk-expansion>> && break
                 n=$[$n+1]
                 sleep 60s
@@ -832,12 +854,12 @@ commands:
             }
             run_with_retry
             if [ "<< parameters.delete-load-balancer >>" == "1" ]; then
-              aws elbv2 delete-load-balancer --load-balancer-arn $ELB_ARN
+              aws elbv2 delete-load-balancer --load-balancer-arn $ELB_ARN $PROFILE
             fi
 executors:
   mac:
     macos:
-      xcode: 13.3.1
+      xcode: 13.4.1
   linux:
     docker:
       - image: cimg/base:current
diff --git a/src/scripts/install_ecs_cli.sh b/src/scripts/install_ecs_cli.sh
@@ -24,8 +24,12 @@ else
 fi
 
 Install_ECS_CLI(){
-    $SUDO curl -Lo "${ORB_EVAL_INSTALL_DIR}" "https://amazon-ecs-cli.s3.amazonaws.com/ecs-cli-${SYS_ENV_PLATFORM}-amd64-$1"
-    $SUDO chmod +x "${ORB_EVAL_INSTALL_DIR}"
+    if [ "$SYS_ENV_PLATFORM" != "darwin" ]; then
+        $SUDO curl -Lo "${ORB_EVAL_INSTALL_DIR}" "https://amazon-ecs-cli.s3.amazonaws.com/ecs-cli-${SYS_ENV_PLATFORM}-amd64-$1"
+        $SUDO chmod +x "${ORB_EVAL_INSTALL_DIR}"
+    else
+        brew install amazon-ecs-cli
+    fi
 }
 
 Uninstall_ECS_CLI(){