I've been trying to figure this out for a little while. Thanks to helpful previous answers from others, I've been able to make some progress in this, but I'm unfortunately a little stuck in the deploy step.
Summary: Does Drone have a way of sharing parameter expanded variables between steps? Or, is there a simple way to add ECR commands into the fabfuel/ecs-deploy plugin, or other ecs-deploy step?
The Story: We have a Ruby image getting pushed to ECR via Drone as part of another repo deployment, which is used in this repo's Drone deployment. Previously we'd been using ruby-latest tags, which had worked fine to effectively hard-code the image name, which made it easy to push from one repo, and use in the other. This makes it difficult to do rollbacks or change-overs using task definitions though, since each container's image only uses ruby-latest (instead of the Drone commit hash). I'd like to update this process to using the Drone commit hash, but need a way to communicate that back to the other repo that needs to deploy the Ruby image as well.
What I've tried: I'm able to get the newest proper image name and commit hash using the aws-cli in another step
export IMAGE_NAME=123456789.dkr.ecr.us-east-1.amazonaws.com/service:`aws ecr describe-images --repository-name service --output text --region us-east-1 --query 'sort_by(imageDetails,& imagePushedAt)[*].imageTags[0]' | tr '\t' '\n' | grep ruby | head -3 | tail -1`
echoing IMAGE_NAME shows the proper name is being set in the aws-cli step. The problem is when doing the actual deploy in another step (using fabfuel/ecs-deploy image), this IMAGE_NAME variable is not available (because the variables are scoped between pipeline steps).
- name: ecs-deploy
image: fabfuel/ecs-deploy
pull: if-not-exists
privileged: true
commands:
- ecs deploy prod service --region us-east-1 -i service $IMAGE_NAME --timeout 1500
I've tried adding the above, export IMAGE_NAME=... into the commands section, right above the ecs-deploy step, but unfortunately the aws cli (including ecr commands) is not available in the fabfuel/ecs-deploy plugin image.
Just wondering if I'm missing something obvious, any help would be much appreciated! Thank you!
This may not be the best solution, but it turned out to be the simplest solution that didn't require editing the image and maintaining a separate version of said public image.
# Install AWS CLI, so we can query ECR, since it's not present in the image
- apk update && apk upgrade && apk add aws-cli
This then allows using the aws ecr command above to query for the most recently pushed image that matches the specified tag. Hopefully this helps someone else that's struggling with a similar issue!