[英]How to detect changes in ECR image when using sam deploy and CloudFormation
I have a CF template and ECR image referenced in this template我有此模板中引用的 CF 模板和 ECR 图像
Image: !Sub <registry_id>.dkr.ecr.eu-central-1.amazonaws.com/<repo_name>:${AWS::StackName}
If I update an image and then run如果我更新图像然后运行
sam deploy --template-file devops/templates/${CFFILENAME}.yml \
--capabilities CAPABILITY_NAMED_IAM --stack-name "${STACK_NAME}" \
--region ${AWS_DEFAULT_REGION} --no-fail-on-empty-changeset
It won't detect any changes and I have to run它不会检测到任何变化,我必须运行
aws ecs update-service --cluster Env-${STACK_NAME}-ClusterALB --service Env-Backend --force-new-deployment
To update ECS task later in the pipeline, but it is causing stack drift.稍后在管道中更新 ECS 任务,但它会导致堆栈漂移。 I would like to avoid it and do it all in one step in my CI pipeline and only using CF.
我想避免它,并在我的 CI 管道中一步完成所有操作,并且只使用 CF。 Is there any pretty way to do it?
有什么漂亮的方法吗?
After giving it a bit more thought - this is what I came up with.在给它更多的思考之后 - 这就是我想出的。 I introduced new parameter in my cloudformation file such as:
我在我的 cloudformation 文件中引入了新参数,例如:
Parameters:
ImageTag:
Description: "Image SHA"
Type: String
Then I referenced it in task definition然后我在任务定义中引用了它
ContainerDefinitions:
- Name: admin
Essential: true
Image: !Sub <repo_id>.dkr.ecr.eu-central-1.amazonaws.com/<repo_name>:${AWS::StackName}-${ImageTag}
And passed in the parameter to SAM using --parameter-overrides
as follows:并使用
--parameter-overrides
将参数传递给 SAM,如下所示:
sam deploy --template-file devops/templates/${CFFILENAME}.yml \
--capabilities CAPABILITY_NAMED_IAM --stack-name "${STACK_NAME}" \
--region ${AWS_DEFAULT_REGION} --no-fail-on-empty-changeset \
--parameter-overrides ImageTag=${IMAGE_TAG}
And the image tag is generated during the pipeline in GitLab CI using commit SHA as follows:并且图像标签是在 GitLab CI 的管道期间使用提交 SHA 生成的,如下所示:
- IMAGE_TAG="$(echo $CI_COMMIT_SHA | head -c 8)"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.