β mapping-color-in-history git:(feature/manifest-creator) β copilot svc deploy --env dev --name webapp
β Failed to upgrade environment dev's template to version v1.9.0.
β execute "env upgrade --app mcih --name dev": upgrade environment dev from version v1.7.0 to version v1.9.0: upload manual/templates/mcih-dev/4975ac48f4d5a06ab41982b884e5f71e90a8abcf6681c78e2b16e81f2e4077d2.yml to bucket stackset-mcih-infrastruc-pipelinebuiltartifactbuc-1lyct64kwvokq: AccessDenied: Access Denied
status code: 403, request id: VCBW761675S9QF4C, host id: G21HOtXX7ILUEA3OgaPz3IT7my7iZlHx0/Kx9QNdjK3HGw/ACzNH6pf1/NZs0ccJ3aOUwpLx92s=
Hi folks! We just released a patch version v1.18.1: https://github.com/aws/copilot-cli/releases/tag/v1.18.1
If you ran into the following error with v1.18: upgrade environment preview from version v1.8.0 to version v1.9.0
this patch release should hopefully fix it! Sorry for any inconvenience πββοΈ
ResourceInitializationError: unable to pull secrets or registry auth: execution resource retrieval failed: unable to retrieve secrets from ssm: service call has been retried 1 time(s): AccessDeniedException: User: arn:aws:sts::1111:assumed-role...
Hi! I'm getting this error when deploying: deploy service ... to environment stage: deploy service: stack ... is currently being updated and cannot be deployed to: Resource handler returned message: "Error occurred during operation 'ECS Deployment Circuit Breaker was triggered'." (RequestToken: ..., HandlerErrorCode: GeneralServiceException)
. Right now, the service is properly running and is not rolling back.
The latest failed deployment was 4 days ago, which is when it failed. That time the pipeline timed out while doing the rollback. Is it possible that we need to manually clean up something to be able to deploy the service again?
^ Have not been able to get this working with a Copilot addons template yet. If I add the suggested Conditions
block :
Conditions:
CreateDevResources: !Not [!Equals [!Ref Env, prod]]
and add those conditions to all the Resources
, then I get an error about the Outputs failing because of dependencies on some of the (not created) Resources
:
β deploy service webapp to environment prod: deploy service: wait for creation of change set copilot-bc18bf0b-dafd-43e8-a49f-365bdc0d35d4 for stack mcih-prod-webapp: ResourceNotReady: failed waiting for successful resource state: Unresolved resource dependencies [mcihdevclusterAuroraSecret] in the Outputs block of the template: Embedded stack arn:aws:cloudformation:us-east-1:***:stack/mcih-prod-webapp-AddonsStack-THUTAGMZK6N5/f848ec10-d602-11ec-8c2c-129993b51b41 was not successfully created: The following resource(s) failed to create: [mcihdevclusterSecurityGroup, mcihdevclusterAuroraSecret, mcihdevclusterDBSubnetGroup, mcihdevclusterDBClusterParameterGroup]. Rollback requested by user.
I'm trying to implement the idea/theory outlined here:
https://github.com/aws/copilot-cli/issues/1982#issuecomment-1048144482
However, I'm running into the following error:
ResourceNotReady: failed waiting for successful resource state: Invalid template parameter property 'Fn::GetAtt'
Which appears to be referencing the attempt to get the ListenerARN
as an additional parameter:
Parameters:
ListenerARN: !GetAtt EnvControllerAction.HTTPListenerArn
${EnvName}.${AppName}.${DomainName}
naming convention for my aliases? aka I can just create any sub-domain I want in Route 53 and import it? I always found the domain name restrictions annoying because at my company we've always created sub-domains with EnvName and AppName the other way around e.g. ${AppName}.${EnvName}.${DomainName}
.
I have an environment with 2 services -- i created the env deployed 1 service and everything was fine but when i deployed the 2nd service I keep running into this issue:
write log events for service [my-service]: get task log events for log group /copilot/[my-app]-[my-env]-[my-service]: describe log streams of log group /copilot/[my-app]-[my-env]-[my-service]: ResourceNotFoundException: The specified log group does not exist.
the funny thing is, i ran into this issue before and I think it was a resource configuration issue on set up. I deleted the environment and re-created it and things worked swimmingly
I think the log group is just missing (hopefully that's the only resource missing) -- is there a way for me to add it manually?
!GetAtt
) on EnvControllerAction
? As indicated previously, I'm attempting to build on https://github.com/aws/copilot-cli/issues/1982#issuecomment-1048144482, but need a few different attributes and am currently making best guesses and while those guesses are frequently working, documentation would be preferred.
Have a workflow set up currently where:
:latest
tag doesn't get detected when the pipeline is changed.Would it be possible to:
copilot pipeline deploy --force
Hi there, I'm a bit stuck and hoping for some guidance.
I'm moving my infra to another aws account and when I first ran copilot app init
I realized I had specified the wrong domain, so as it was creating the initial infrastructure I cmd+C'd out of the process. Now every time I try and run the command with the correct configuration I get the message:
Failed to create the infrastructure to manage services and jobs under application api.
stack api-infrastructure-roles is currently being updated and cannot be deployed to
The AWS account has no cloud formation stacks of any kind for me to inspect/cancel in the console. I've waited 12 hours and still the same result. Not sure how I can cancel/reset this process to proceed. Any ideas?
name: frontend
type: Load Balanced Web Service
http:
path: '/'
image:
build: Dockerfile
port: 3000
cpu: 256
memory: 512
count: 1
exec: true
environments:
prod:
http:
path: '/'
alias: app.example.com
test:
http:
path: '/'
alias: test.example.com
I have the above manifest file in my project but when I go to app.example.com I get This site canβt be reached
but when I remove the alias I get a copilot generated url that works. What am I doing wrong here?
Hi ! I have a question regarding storage init
. The docs state that "By default, only the service you specify during storage init
will have access to that storage resource.".
It seems to imply that there is indeed a way to make the storage resource accesible by more services. How is this accomplished?
My use case is a webapp running on django, and I'll also have a backend service running a celery worker which'll need access to the same database.
Hi! I'm trying to deploy a service in a multi-account setup. I'm running a load balanced service with a sidecar. I pushed the sidecar image before deploying the service, but the environment account can't pull the image when deploying.
The task fails with the following error:
"CannotPullContainerError: inspect image has been retried 1 time(s): failed to resolve ref "227269212688.dkr.ecr.us-east-1.amazonaws.com/pace/traefik:latest": pulling from host 227269212688.dkr.ecr.us-east-1.amazonaws.com failed with status code [manifests latest]: 403 Forbidden"
I've previously deployed these same containers but without a multi-account setup, so I think that might be the issue.
There must be something I'm missing. Any pointers greatly appreciated, thanks!
env init
. Would this be a good thing to add in aws/copilot-cli#3522 ?
Hi !
I'm wondering, what's the best practice to stop a deployment once you realize the container is failing to run? I sometimes set the desired count to 0, but I guess there must be a better way.
Or is there a way to make the deployment circuit breaker trigger sooner?
Hi Copilot!
In order to comply with some "security" requirements from another company, I need to have all requests sent to a service I interact with from a fixed and known IP.
I thought I might use a NAT Gateway with an Elastic IP attached. I tried setting placement: 'private'
for a backend service I'm running but that didn't set up a NAT Gateway for me as I expected.
Is there a way to set this up via the manifest ?
copilot svc deploy
if the ECS task fails to start it retries 10 times and I would like to specify a lower number -- thankssvc deploy --force
do? A few hours ago, I had to change some env vars for one of my Copilot services and deploy the changes. I assumed --force
would use the latest image in the ECR and create a new Task Definition with the new options in the manifest.yml
. The code hasn't changed, so why would it build a new image? I thought that's what this flag was for. But apparently I was wrong; it proceeded to re-build my project using the Dockerfile as usual.
copilot init
.copilot init -a test -d ./Dockerfile -n web --port 8080 -t "Load Balanced Web Service"
Has anyone seen this error? I'd like to understand what his happening under the hood. I'm using AWS SSO and am logged in to it. I'm on the latest copilot (1.19). I've set up an env in copilot using a profile from my SSO list, but it seems like it is not passing the role properly maybe?
execute svc deploy: execute "env upgrade --app redacted --name qa": get template redacted-qa: InvalidParameter: 1 validation error(s) found. minimum field size of 20, AssumeRoleInput.RoleArn.
Greetings. I've been trying to use copilot storage init
to create a postgresql db in eu-north-1. Unfortunately this doesn't seem to work, it errors on the database type
The engine mode serverless you requested is currently unavailable. (Se
rvice: AmazonRDS; Status Code: 400; Error Code: InvalidParameterValue;
Request ID: 95157b6a-94e7-4fdd-a277-83e14f568a46; Proxy: null)
I believe this is probably because Aurora serverless v1 is not available in eu-north-1...
Do you guys have any suggestion on how I should proceed? I can't switch region unfortunately. Also, I'd like as much as possible to be managed from within copilot, that's the point of our current project.
Any input is appreciated.