Refactoring to purely use Terraform

.circleci/config.yml

@@ -1,19 +1,21 @@
 version: 2.1
 orbs:
-  aws-ecr: circleci/aws-ecr@0.0.2
+  aws-ecr: circleci/aws-ecr@3.1.0
   aws-ecs: circleci/aws-ecs@0.0.8
 workflows:
   build-and-deploy:
     jobs:
       - aws-ecr/build_and_push_image:
-          account-url: "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com"
+          account-url: AWS_ECR_ACCOUNT_URL # 662490392829.dkr.ecr.us-east-1.amazonaws.com
+          aws-access-key-id: AWS_ACCESS_KEY_ID
+          aws-secret-access-key: AWS_SECRET_ACCESS_KEY
           repo: "${AWS_RESOURCE_NAME_PREFIX}"
-          region: ${AWS_DEFAULT_REGION}
+          region: AWS_DEFAULT_REGION
           tag: "${CIRCLE_SHA1}"
       - aws-ecs/deploy-service-update:
           requires:
             - aws-ecr/build_and_push_image
-          aws-region: ${AWS_DEFAULT_REGION}
+          aws-region: AWS_DEFAULT_REGION
           family: "${AWS_RESOURCE_NAME_PREFIX}-service"
           cluster-name: "${AWS_RESOURCE_NAME_PREFIX}-cluster"
           container-image-name-updates: "container=${AWS_RESOURCE_NAME_PREFIX}-service,image-and-tag=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/${AWS_RESOURCE_NAME_PREFIX}:${CIRCLE_SHA1}"

.gitignore

@@ -1,2 +1,8 @@
 # terraform
 **/.terraform/*
+*.tfstate.lock.info
+*.tfstate
+*.tfstate.backup
+*/terraform.tfvars
+
+.DS_Store

README.md

@@ -1,4 +1,4 @@
-# CircleCI Demo: AWS ECS ECR [![CircleCI status](https://circleci.com/gh/CircleCI-Public/circleci-demo-aws-ecs-ecr.svg "CircleCI status")](https://circleci.com/gh/CircleCI-Public/circleci-demo-aws-ecs-ecr)
+# CircleCI Demo: AWS ECS ECR [![CircleCI status](https://circleci.com/gh/ozooxo/circleci-demo-aws-ecs-ecr.svg "CircleCI status")](https://circleci.com/gh/ozooxo/circleci-demo-aws-ecs-ecr)
 
 ## Deploy to AWS ECS from ECR via CircleCI 2.0 using Orbs (Example Project)
 This project provides an example of how to use orbs to conveniently build a Docker image on [CircleCI](https://circleci.com), push the Docker image to an Amazon Elastic Container Registry (ECR), and then deploy to Amazon Elastic Container Service (ECS) using AWS Fargate. Specifically, the [aws-ecr](https://circleci.com/orbs/registry/orb/circleci/aws-ecr) and the [aws-ecs](https://circleci.com/orbs/registry/orb/circleci/aws-ecs) Orbs will be used in this project.

terraform_setup/alb.tf

@@ -0,0 +1,86 @@
+resource "aws_alb" "main" {
+  name               = "terraform-ecs"
+  internal           = false
+  load_balancer_type = "application"
+  security_groups    = ["${aws_security_group.lb.id}"]
+  subnets            = ["${aws_subnet.public.*.id}"]
+
+  idle_timeout       = 30
+
+  # TODO:
+  # Change to `true` for production
+  enable_deletion_protection = false
+}
+
+# A dummy target group is used to setup the ALB to just drop traffic
+# initially, before any real service target groups have been added.
+resource "aws_alb_target_group" "dummy" {
+  port        = 80
+  protocol    = "HTTP"
+  vpc_id      = "${aws_vpc.main.id}"
+  target_type = "ip"
+
+  health_check {
+    interval = 6
+    path = "/"
+    protocol = "HTTP"
+    timeout = 4
+    healthy_threshold = 2
+    unhealthy_threshold = 2
+  }
+}
+
+# A target group. This is used for keeping track of all the tasks, and
+# what IP addresses / port numbers they have. You can query it yourself,
+# to use the addresses yourself, but most often this target group is just
+# connected to an application load balancer, or network load balancer, so
+# it can automatically distribute traffic across all the targets.
+resource "aws_alb_target_group" "app" {
+  name        = "${local.aws_ecs_service_name}"
+  port        = "${var.container_port}"
+  protocol    = "HTTP"
+  vpc_id      = "${aws_vpc.main.id}"
+  target_type = "ip"
+  deregistration_delay = 20
+
+  health_check {
+    interval = 6
+    path = "/"
+    protocol = "HTTP"
+    timeout = 5
+    healthy_threshold = 2
+    unhealthy_threshold = 2
+  }
+}
+
+# Redirect all traffic from the ALB to the target group
+resource "aws_alb_listener" "front_end" {
+  load_balancer_arn = "${aws_alb.main.id}"
+  port              = "80"
+  protocol          = "HTTP"
+
+  default_action {
+    target_group_arn = "${aws_alb_target_group.dummy.id}"
+    type             = "forward"
+  }
+}
+
+# Create a rule on the load balancer for routing traffic to the target group
+resource "aws_lb_listener_rule" "all" {
+  listener_arn = "${aws_alb_listener.front_end.arn}"
+  priority     = 1
+
+  action {
+    type             = "forward"
+    target_group_arn = "${aws_alb_target_group.app.arn}"
+  }
+
+  condition {
+    field  = "path-pattern"
+    values = ["*"]
+  }
+}
+
+output "alb_hostname" {
+  value = "${aws_alb.main.dns_name}"
+}