fargate-nextjs-webapps

New image pushed to ecr upon changes detected in /src and subsequently deployed to ecs.

run dev locally

npm i
npm run build
npm run start

overview

/app is the frontend (client side) code /pages is the backend (server side) code

env vars

reference

AWS_REGION used to get ssm on server side

NEXT_PUBLIC_WOODLAND_CREATURE is exposed to browser

API_KEY_SSM_PARAM_NAME key to get value from ssm on refresh

STATIC_SECRET secret injected into container on startup

terraform

Required deployment iam privileges.

[
    "dynamodb:*", 
    "s3:*", 
    "ecr:*", 
    "iam:*", 
    "ecs:*",
    "ec2:*", 
    "elasticloadbalancing:*",
    "ssm:*",
    "logs:*"
]

ci

Commits to main will kick off a deployment.

Required github action variables.

• AWS_ACCOUNT_ID
• AWS_REGION
• AWS_ROLE role with deployment privileges
• AWS_ROLE_VALIDATE_ONLY role with readonly privileges (can be same as AWS_ROLE)

gotchas

• health checks failing trigging a rollback.
  • issue: ECS will override env vars. HOSTNAME is required to enable a container to hit localhost for health checks.
  • debug: local docker run health check simulation works fine.
  • fix:
    • add install for curl in dockerfile
    • add the HOSTNAME env var with value 0.0.0.0 to the ECS task definition
    • hit http://0.0.0.0:${container_port} in the task health check