Comments (6)
jcarlson
commented on May 20, 2024
1
I filed a proper bug report with Terraform, as this issue does not appear to be related to this module or any providers. See: hashicorp/terraform#31894
from terraform-aws-ecs-container-definition.
evanstoddard23
commented on May 20, 2024
I'm running into this even when I don't specify a value for readOnly. Have you found any workarounds?
from terraform-aws-ecs-container-definition.
evanstoddard23
commented on May 20, 2024
I was able to get around this issue by overriding mountPoints in the container_definitions variable.
from terraform-aws-ecs-container-definition.
nitrocode
commented on May 20, 2024
I don't see this issue.
module "container" {
source = "cloudposse/ecs-container-definition/aws"
container_name = "hello"
container_image = "world"
mount_points = [
{
sourceVolume = "docker-socket"
containerPath = "/var/run/docker.sock"
readOnly = true
},
{
sourceVolume = "letsencrypt"
containerPath = "/letsencrypt"
}
]
}
output "json" {
value = module.container.json_map_encoded
}$ terraform apply
$ terraform output -raw json | jq -M .
{
"cpu": 0,
"essential": true,
"image": "world",
"mountPoints": [
{
"containerPath": "/var/run/docker.sock",
"readOnly": "true",
"sourceVolume": "docker-socket"
},
{
"containerPath": "/letsencrypt",
"readOnly": "false",
"sourceVolume": "letsencrypt"
}
],
"name": "hello",
"portMappings": [],
"readonlyRootFilesystem": false,
"volumesFrom": []
}Could either of you provide a MVRE ?
from terraform-aws-ecs-container-definition.
nitrocode
commented on May 20, 2024
I cannot reproduce this. Please feel free to reply if you can provide an MVRE.
from terraform-aws-ecs-container-definition.
jcarlson
commented on May 20, 2024
I am able to reproduce this with a minimal example:
variable "foo_volumes" {
type = list(object({
name = string
container_path = string
}))
default = []
}
variable "bar_volumes" {
type = list(object({
name = string
container_path = string
read_only = bool
}))
default = [
{
name = "docker_sock"
container_path = "/var/run/docker.sock"
read_only = false
}
]
}
locals {
container_definitions = [{
mountPoints = [for volume in concat(var.foo_volumes, var.bar_volumes) : {
containerPath = volume.container_path
sourceVolume = volume.name
readOnly = try(volume.read_only, false)
}]
}]
}
resource "local_file" "container_definitions" {
filename = "container-definitions.json"
content = jsonencode(local.container_definitions)
}
output "container_definitions" {
value = local.container_definitions
}
output "json" {
value = jsonencode(local.container_definitions)
}Under Terraform 0.14.11, the plan produced by this configuration is as follows:
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# local_file.container_definitions will be created
+ resource "local_file" "container_definitions" {
+ content = jsonencode(
[
+ {
+ mountPoints = [
+ {
+ containerPath = "/var/run/docker.sock"
+ readOnly = false
+ sourceVolume = "docker_sock"
},
]
},
]
)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "container-definitions.json"
+ id = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ container_definitions = [
+ {
+ mountPoints = [
+ {
+ containerPath = "/var/run/docker.sock"
+ readOnly = false
+ sourceVolume = "docker_sock"
},
]
},
]
+ json = jsonencode(
[
+ {
+ mountPoints = [
+ {
+ containerPath = "/var/run/docker.sock"
+ readOnly = false
+ sourceVolume = "docker_sock"
},
]
},
]
)
Using Terraform 0.15.5, the plan is different:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# local_file.container_definitions will be created
+ resource "local_file" "container_definitions" {
+ content = jsonencode(
[
+ {
+ mountPoints = [
+ {
+ containerPath = "/var/run/docker.sock"
+ readOnly = "false"
+ sourceVolume = "docker_sock"
},
]
},
]
)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "container-definitions.json"
+ id = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ container_definitions = [
+ {
+ mountPoints = [
+ {
+ containerPath = "/var/run/docker.sock"
+ readOnly = "false"
+ sourceVolume = "docker_sock"
},
]
},
]
+ json = jsonencode(
[
+ {
+ mountPoints = [
+ {
+ containerPath = "/var/run/docker.sock"
+ readOnly = "false"
+ sourceVolume = "docker_sock"
},
]
},
]
)
Note that the readOnly attribute in 0.14.11 is encoded as a boolean, while in 0.15.5 it is encoded as a string. Replacing concat(var.foo_volumes, var.bar_volumes) with var.bar_volumes in this example resolves this issue, so there appears to be some sort of regression in the way objects are iterated after concatenation.
Terraform v1.2.9 produces a similar plan to v0.15.5.
from terraform-aws-ecs-container-definition.
Related Issues (20)
- Terraform 0.15 error when specifying bool input HOT 4
- ecs_task_definition add support for ephemeral_storage HOT 4
- Capabilities cannot be defined without defining other values HOT 3
- Support initProcessEnabled on ECS Fargate HOT 2
- Add validation to `secrets` and `map_secrets`'s `valueFrom` to ensure it's an arn HOT 1
- Provide command as a string
- Dependency Dashboard
- Error when trying to use EFS volumes in task/container definition HOT 3
- CPU limit is not optional HOT 1
- Log Configuration Options should be options HOT 2
- Feature Request: Support for runtimePlatform HOT 1
- Remove unused dependencies
- Support adding tags HOT 2
- linux_parameters variable value should allow filling only the needed options HOT 1
- The port_mappings variable needs to include the "name" parameter to support Service Connect integration.
- Terraform producing unnecessarily noisy diffs due to omitted lists
- PortMappings variable definition has repeated name argument which fails to initialize HOT 2
- module.this.id not defined HOT 1
- This object does not have an attribute named "target_id".
- Support for `enable_execute_command` flag passed to ECS container-definition HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-aws-ecs-container-definition.