-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] ECS ContainerDefinition has broken Environment entries for Secrets #707
Comments
Hi @JohnPreston - I don't have a fix for this one, but if you are busy and can point me at the right files where the Environment substitution might be happening, I can sort it. |
@JohnPreston Hm, I sent a PR for a bit of a dirty hack - feel free to reject in favour of pointing out a better way to fix :-) |
Thanks for this again. The issue comes from your secret name Environment:
- Name: POSTGRES_DB
Value: foo
- Name: POSTGRES_PASSWORD_ARN
Value:
Fn::Sub:
- arn:${AWS::Partition}:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:${SecretName}
- SecretName:
Fn::FindInMap:
- secrets
- POSTGRESPASSWORD
- Name
Secrets:
- Name: POSTGRES_PASSWORD
ValueFrom:
Fn::Sub:
- 'arn:${AWS::Partition}:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:${SecretName}:POSTGRES_PASSWORD::'
- SecretName:
Fn::FindInMap:
- secrets
- POSTGRESPASSWORD
- Name
|
I have long been thinking of automatically updating the value for |
I don't have POSTGRES_PASSWORD environment set in my docker-compose.yml file at all - it's a duplicate being generated somehow during the ecs-composex render... |
As in, if there is an environment entry that's duplicated by a secrets entry, rename the Environment? I think it's probably a good idea, along with generating a warning message. |
@JohnPreston OK, Environment renaming fix pushed |
Thanks @thorfi |
ECS Task Definition has Environment variable and Secrets variable set.
CloudFormation crashes on the task sub-stack with:
To Reproduce
Steps to reproduce the behavior:
Note:
fred/barney
is the secretsmanager secret id for a JSON secretGenerated CloudFormation Sub Stack postgres.yaml
The
Environment:
list has entries for theSecrets:
entries which should not be there. They are strangely also different to theSecrets:
entries.Expected behavior
The ECS TaskDefinition should be created without Environment entries for the Secrets entries.
Logs
N/A
Desktop (please complete the following information):
The text was updated successfully, but these errors were encountered: