8 replies
β mapping-color-in-history git:(feature/manifest-creator) β copilot svc deploy --env dev --name webapp
β Failed to upgrade environment dev's template to version v1.9.0.
β execute "env upgrade --app mcih --name dev": upgrade environment dev from version v1.7.0 to version v1.9.0: upload manual/templates/mcih-dev/4975ac48f4d5a06ab41982b884e5f71e90a8abcf6681c78e2b16e81f2e4077d2.yml to bucket stackset-mcih-infrastruc-pipelinebuiltartifactbuc-1lyct64kwvokq: AccessDenied: Access Denied
status code: 403, request id: VCBW761675S9QF4C, host id: G21HOtXX7ILUEA3OgaPz3IT7my7iZlHx0/Kx9QNdjK3HGw/ACzNH6pf1/NZs0ccJ3aOUwpLx92s=
4 replies
Hi folks! We just released a patch version v1.18.1: https://github.com/aws/copilot-cli/releases/tag/v1.18.1
If you ran into the following error with v1.18: upgrade environment preview from version v1.8.0 to version v1.9.0 this patch release should hopefully fix it! Sorry for any inconvenience πββοΈ
ResourceInitializationError: unable to pull secrets or registry auth: execution resource retrieval failed: unable to retrieve secrets from ssm: service call has been retried 1 time(s): AccessDeniedException: User: arn:aws:sts::1111:assumed-role...
2 replies
Hi! I'm getting this error when deploying: deploy service ... to environment stage: deploy service: stack ... is currently being updated and cannot be deployed to: Resource handler returned message: "Error occurred during operation 'ECS Deployment Circuit Breaker was triggered'." (RequestToken: ..., HandlerErrorCode: GeneralServiceException). Right now, the service is properly running and is not rolling back.
The latest failed deployment was 4 days ago, which is when it failed. That time the pipeline timed out while doing the rollback. Is it possible that we need to manually clean up something to be able to deploy the service again?
6 replies
5 replies
^ Have not been able to get this working with a Copilot addons template yet. If I add the suggested Conditions block :
Conditions:
CreateDevResources: !Not [!Equals [!Ref Env, prod]]and add those conditions to all the Resources, then I get an error about the Outputs failing because of dependencies on some of the (not created) Resources:
β deploy service webapp to environment prod: deploy service: wait for creation of change set copilot-bc18bf0b-dafd-43e8-a49f-365bdc0d35d4 for stack mcih-prod-webapp: ResourceNotReady: failed waiting for successful resource state: Unresolved resource dependencies [mcihdevclusterAuroraSecret] in the Outputs block of the template: Embedded stack arn:aws:cloudformation:us-east-1:***:stack/mcih-prod-webapp-AddonsStack-THUTAGMZK6N5/f848ec10-d602-11ec-8c2c-129993b51b41 was not successfully created: The following resource(s) failed to create: [mcihdevclusterSecurityGroup, mcihdevclusterAuroraSecret, mcihdevclusterDBSubnetGroup, mcihdevclusterDBClusterParameterGroup]. Rollback requested by user.
I'm trying to implement the idea/theory outlined here:
https://github.com/aws/copilot-cli/issues/1982#issuecomment-1048144482
However, I'm running into the following error:
ResourceNotReady: failed waiting for successful resource state: Invalid template parameter property 'Fn::GetAtt'Which appears to be referencing the attempt to get the ListenerARN as an additional parameter:
Parameters:
ListenerARN: !GetAtt EnvControllerAction.HTTPListenerArn
${EnvName}.${AppName}.${DomainName} naming convention for my aliases? aka I can just create any sub-domain I want in Route 53 and import it? I always found the domain name restrictions annoying because at my company we've always created sub-domains with EnvName and AppName the other way around e.g. ${AppName}.${EnvName}.${DomainName}.
5 replies
3 replies
I have an environment with 2 services -- i created the env deployed 1 service and everything was fine but when i deployed the 2nd service I keep running into this issue:
write log events for service [my-service]: get task log events for log group /copilot/[my-app]-[my-env]-[my-service]: describe log streams of log group /copilot/[my-app]-[my-env]-[my-service]: ResourceNotFoundException: The specified log group does not exist.the funny thing is, i ran into this issue before and I think it was a resource configuration issue on set up. I deleted the environment and re-created it and things worked swimmingly
I think the log group is just missing (hopefully that's the only resource missing) -- is there a way for me to add it manually?
14 replies
!GetAtt) on EnvControllerAction? As indicated previously, I'm attempting to build on https://github.com/aws/copilot-cli/issues/1982#issuecomment-1048144482, but need a few different attributes and am currently making best guesses and while those guesses are frequently working, documentation would be preferred.
4 replies
5 replies
Have a workflow set up currently where:
- Tag a release and push to github, that triggers a GitHub action that builds an image that is pushed to ECR.
- Take that newly tagged ECR image and update the manifest to point to the new image. This is required as change of the image at the
:latesttag doesn't get detected when the pipeline is changed. - Then I push to the release branch which triggers the code pipeline.
Would it be possible to:
- Tag a release and push to github, that triggers a GitHub action builds an that is pushed to ECR.
- Trigger a pipeline redeploy from the Github Action, which makes use of the latest tag. Possibly something like
copilot pipeline deploy --force
11 replies
Hi there, I'm a bit stuck and hoping for some guidance.
I'm moving my infra to another aws account and when I first ran copilot app init I realized I had specified the wrong domain, so as it was creating the initial infrastructure I cmd+C'd out of the process. Now every time I try and run the command with the correct configuration I get the message:
Failed to create the infrastructure to manage services and jobs under application api.
stack api-infrastructure-roles is currently being updated and cannot be deployed to
The AWS account has no cloud formation stacks of any kind for me to inspect/cancel in the console. I've waited 12 hours and still the same result. Not sure how I can cancel/reset this process to proceed. Any ideas?
4 replies
name: frontend
type: Load Balanced Web Service
http:
path: '/'
image:
build: Dockerfile
port: 3000
cpu: 256
memory: 512
count: 1
exec: true
environments:
prod:
http:
path: '/'
alias: app.example.com
test:
http:
path: '/'
alias: test.example.comThis site canβt be reached but when I remove the alias I get a copilot generated url that works. What am I doing wrong here?
8 replies
Hi ! I have a question regarding storage init. The docs state that "By default, only the service you specify during storage init will have access to that storage resource.".
It seems to imply that there is indeed a way to make the storage resource accesible by more services. How is this accomplished?
My use case is a webapp running on django, and I'll also have a backend service running a celery worker which'll need access to the same database.
10 replies
Hi! I'm trying to deploy a service in a multi-account setup. I'm running a load balanced service with a sidecar. I pushed the sidecar image before deploying the service, but the environment account can't pull the image when deploying.
The task fails with the following error:
"CannotPullContainerError: inspect image has been retried 1 time(s): failed to resolve ref "227269212688.dkr.ecr.us-east-1.amazonaws.com/pace/traefik:latest": pulling from host 227269212688.dkr.ecr.us-east-1.amazonaws.com failed with status code [manifests latest]: 403 Forbidden"
I've previously deployed these same containers but without a multi-account setup, so I think that might be the issue.
There must be something I'm missing. Any pointers greatly appreciated, thanks!
6 replies
Regarding aws/copilot-cli#3609
If service is deployed for first time, and its trying to create gateway VPC endpoints for private subnets, this approach will fail. Because copilot creates private route tables if at-least one svc is deployed in private subnets, and addOns depend on these being in output of env stack. Kind of circular dependency here.
A hack would be to deploy a temporary service to fresh env in private subnets.
A good solution would be to make the option to create private routing tables and NATs configurable in
env init. Would this be a good thing to add in aws/copilot-cli#3522 ?
3 replies
Hi !
I'm wondering, what's the best practice to stop a deployment once you realize the container is failing to run? I sometimes set the desired count to 0, but I guess there must be a better way.
Or is there a way to make the deployment circuit breaker trigger sooner?
4 replies
Hi Copilot!
In order to comply with some "security" requirements from another company, I need to have all requests sent to a service I interact with from a fixed and known IP.
I thought I might use a NAT Gateway with an Elastic IP attached. I tried setting placement: 'private' for a backend service I'm running but that didn't set up a NAT Gateway for me as I expected.
Is there a way to set this up via the manifest ?
10 replies
To avoid wasted effort, I want to ensure approach is approved before I contribute.
Based on process I observed, I created design proposal aws/copilot-cli#3664. Kindly let me know if this is not the correct approach to start contrbuting. If it is, please review my proposal :)
1 reply
AWS Copilot v1.19.0 is now released! https://github.com/aws/copilot-cli/releases/tag/v1.19.0 ππ
1 reply
2 replies
2 replies
2 replies
I am deploying a "Load Balanced Web Service" (a Ruby on Rails app) and on
copilot svc deploy if the ECS task fails to start it retries 10 times and I would like to specify a lower number -- thanks(also: if there is any rails-specific write up for copilot I would be grateful for a link , thanks)
3 replies
svc deploy --force do? A few hours ago, I had to change some env vars for one of my Copilot services and deploy the changes. I assumed --force would use the latest image in the ECR and create a new Task Definition with the new options in the manifest.yml. The code hasn't changed, so why would it build a new image? I thought that's what this flag was for. But apparently I was wrong; it proceeded to re-build my project using the Dockerfile as usual.
1 reply
1 reply
copilot init .copilot init -a test -d ./Dockerfile -n web --port 8080 -t "Load Balanced Web Service"I am trying something like this and it will ask me if I want to deploy it in a test environment, what's the parameter to pass so I could answer or skip that question?
2 replies
3 replies
2 replies
Has anyone seen this error? I'd like to understand what his happening under the hood. I'm using AWS SSO and am logged in to it. I'm on the latest copilot (1.19). I've set up an env in copilot using a profile from my SSO list, but it seems like it is not passing the role properly maybe?
execute svc deploy: execute "env upgrade --app redacted --name qa": get template redacted-qa: InvalidParameter: 1 validation error(s) found. minimum field size of 20, AssumeRoleInput.RoleArn.
3 replies
Greetings. I've been trying to use copilot storage init to create a postgresql db in eu-north-1. Unfortunately this doesn't seem to work, it errors on the database type
The engine mode serverless you requested is currently unavailable. (Se
rvice: AmazonRDS; Status Code: 400; Error Code: InvalidParameterValue;
Request ID: 95157b6a-94e7-4fdd-a277-83e14f568a46; Proxy: null)I believe this is probably because Aurora serverless v1 is not available in eu-north-1...
Do you guys have any suggestion on how I should proceed? I can't switch region unfortunately. Also, I'd like as much as possible to be managed from within copilot, that's the point of our current project.
Any input is appreciated.
1 reply