[SOLVED] AWS CodePipeline with ECS Blue/Green deployment fails with internal error

AWS CodePipeline with ECS Blue/Green deployment fails with internal error | take 2

Firstly, I am aware that there is a similar question (AWS CodePipeline with ECS Blue/Green deployment fails with internal error), however the person that answered it, didn't provide sufficient detail.

As per this answer: https://superuser.com/questions/1388058/getting-internal-error-in-aws-code-pipeline-while-deploying-to-ecs .. I have gone through the aws guide: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#constraints... To ensure that all the "required" fields are in my taskdef.json (below)

As for my pipeline (build) buildSpec ...

    - printf '{"ImageURI":"%s"}' $ECR_REPO_URI:demo > imageDetail.json
          - echo Build completed on `date`

  artifacts:
    files:
      - imageDetail.json

The pipeline build stage setup is simple, I simply set BuildArtifact as the output. So I can ref the imageDetail.json from the pipeline deploy stage.

As for my pipeline (deploy) AppSpec ...

version: 0.0

Resources:
  - TargetService:
      Type: AWS::ECS::Service
      Properties:
        TaskDefinition: <TASK_DEFINITION>
        LoadBalancerInfo:
          ContainerName: "pipeline_demo"
          ContainerPort: 80
        PlatformVersion: "LATEST"

The pipeline deploy stage setup is as follows: Input artifacts: BuildArtifact, SourceArtifact; then:

Amazon ECS Task Definition: SourceArtifact "taskdef.json"
AWS CodeDeploy AppSpec file: SourceArtifact "taskdef.json"

Dynamically update task definition image: BuildArtifact

Placeholder text in the task definition: IMAGE1_NAME

(..some of which was sourced from this guide: https://medium.com/@shashank070/in-my-previous-blog-i-have-explained-how-to-do-initial-checks-like-code-review-code-build-cddcc21afd9f

.. and the taskdef:

{
  "family": "devops-platform-ecs-task-def",
  "type": "AWS::ECS::TaskDefinition",
  "properties": {
    "containerDefinitions": [
      {
        "name": "pipeline_demo",
        "image": "<IMAGE1_NAME>",
        "cpu": "1024",
        "memory": "1024",
        "essential": true,
        "portMappings": [
          {
            "hostPort": 0,
            "protocol": "tcp",
            "containerPort": 80
          }
        ]
      }
    ],
    "ExecutionRoleArn": "arn:aws:iam::xxxxxx:role/devops_codepipeline",

    "NetworkMode": "null",
    "PlacementConstraints": [
        "type": "memberOf",
        "expression": ""
    ],
    "ProxyConfiguration": {
      "type": "APPMESH",
      "containerName": "",
      "properties": [
          {
              "name": "",
              "value": ""
          }
      ]
    },
    "RequiresCompatibilities": [
      "EC2"
    ],
    "Tags": [
      {
        "key": "",
        "value": ""
      }
    ],
    "TaskRoleArn": "",
    "Volumes": [
        {
            "name": "",
            "host": {
                "sourcePath": ""
            },
            "dockerVolumeConfiguration": {
                "scope": "task",
                "autoprovision": true,
                "driver": "",
                "driverOpts": {
                    "KeyName": ""
                },
                "labels": {
                    "KeyName": ""
                }
            }
        }
    ]
  }
}

Nonetheless, I still get the error ...

Any help would be much appreciated!

Solution

I actually found that the inclusion of another policy AWSCodeDeployRoleForECS solved the issue. It referenced in the aws guide for CLI (we've been administering via the console thus far, hence I spotted this by chance alone) Create a Service Role (CLI). After including the policy, the pipeline has progressed past the issue listed issue, but has encountered another "Invalid Configuration Action; Container list cannot be empty." - which your answer may solve? Nonetheless, at least I have a more meaningful error to work with.