feat: support cw alarms as deployment circuit breakers (#110)

* Support cw alarms as deployment circuit breakers * refactor: use dynamic block for alarms config --------- Co-authored-by: Moritz Zimmer <[email protected]>
stroeer · Feb 14, 2024 · ce31cbe · ce31cbe
1 parent 37b786f
commit ce31cbe
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -245,6 +245,7 @@ for example.
 | <a name="input_create_ecr_repository"></a> [create\_ecr\_repository](#input\_create\_ecr\_repository) | Create an ECR repository for this service. | `bool` | `true` | no |
 | <a name="input_create_ingress_security_group"></a> [create\_ingress\_security\_group](#input\_create\_ingress\_security\_group) | Create a security group allowing ingress from target groups to the application ports. Disable this for target groups attached to a Network Loadbalancer. | `bool` | `true` | no |
 | <a name="input_deployment_circuit_breaker"></a> [deployment\_circuit\_breaker](#input\_deployment\_circuit\_breaker) | Deployment circuit breaker configuration. | <pre>object({<br>    enable   = bool<br>    rollback = bool<br>  })</pre> | <pre>{<br>  "enable": false,<br>  "rollback": false<br>}</pre> | no |
+| <a name="input_deployment_failure_detection_alarms"></a> [deployment\_failure\_detection\_alarms](#input\_deployment\_failure\_detection\_alarms) | CloudWatch alarms used to detect deployment failures. | <pre>object({<br>    enable      = bool<br>    rollback    = bool<br>    alarm_names = list(string)<br>  })</pre> | <pre>{<br>  "alarm_names": [],<br>  "enable": false,<br>  "rollback": false<br>}</pre> | no |
 | <a name="input_deployment_maximum_percent"></a> [deployment\_maximum\_percent](#input\_deployment\_maximum\_percent) | Upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy. | `number` | `200` | no |
 | <a name="input_deployment_minimum_healthy_percent"></a> [deployment\_minimum\_healthy\_percent](#input\_deployment\_minimum\_healthy\_percent) | Lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment. | `number` | `100` | no |
 | <a name="input_desired_count"></a> [desired\_count](#input\_desired\_count) | Desired count of services to be started/running. | `number` | `0` | no |

diff --git a/main.tf b/main.tf
@@ -108,6 +108,16 @@ resource "aws_ecs_service" "this" {
     }
   }
 
+  dynamic "alarms" {
+    for_each = var.deployment_failure_detection_alarms.enable ? [true] : []
+
+    content {
+      enable      = var.deployment_failure_detection_alarms.enable
+      rollback    = var.deployment_failure_detection_alarms.rollback
+      alarm_names = var.deployment_failure_detection_alarms.alarm_names
+    }
+  }
+
   dynamic "load_balancer" {
     for_each = aws_alb_target_group.main
 

diff --git a/variables.tf b/variables.tf
@@ -91,6 +91,22 @@ variable "deployment_circuit_breaker" {
   })
 }
 
+variable "deployment_failure_detection_alarms" {
+  default = {
+    enable      = false
+    rollback    = false
+    alarm_names = []
+  }
+
+  description = "CloudWatch alarms used to detect deployment failures."
+  type = object({
+    enable      = bool
+    rollback    = bool
+    alarm_names = list(string)
+  })
+}
+
+
 variable "cloudwatch_logs" {
   description = "CloudWatch logs configuration for the containers of this service. CloudWatch logs will be used as the default log configuration if Firelens is disabled and for the fluentbit and otel containers."
   default     = {}