ecs_deployer 2.0.0 → 2.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7c04f404f3247f1b7908c78f61d4a5139dd7a765
-  data.tar.gz: cc5867745048b07123f8f556e21c5ebd2f06e394
+  metadata.gz: 53c73ee2931e45cc8f3db8a292cef5f467d08895
+  data.tar.gz: e5e00d7575c48223a3f6952ba03338b2ed504c7e
 SHA512:
-  metadata.gz: 37a8a063edc9c3639a5fe6b8979628c676b44fe8954809da4557441a329fe256ba44e8734dd51cf4e0fc2661612e984ea99e8f2a047273b5c2463c2c80248eeb
-  data.tar.gz: 8f28ca6748a8a2783af87032ed03194dbe264374f23a37cf77bbf5abef461da15fd11127e81c7cf45144a487573fa7d51351d51528572473324b1681bde05a46
+  metadata.gz: f664e88c2e5dbe349f72cf2cbbb683496f9facba1a8b7592944c5c93cf9d0954ee6ea71ac2c540233f959783a16dd56c17e5bd1cfccfe2c85c8cc360d66b3dc0
+  data.tar.gz: ba609ad07fb2f6f4a1319fc6ba6592e3d6f18a5a4de0af96ad01216c3f987e322b31d3d28730b8d64280a097edf5e0bb1e23dbbeb9ac094da924d3bb34a0728b

data/.gitignore

@@ -7,6 +7,7 @@
 /spec/reports/
 /tmp/
 /vendor/
+.config.local.yml
 
 # rspec failure tracking
 .rspec_status

data/.rubocop.yml

@@ -1,6 +1,9 @@
 AllCops:
   Exclude:
   - 'tmp/**/*'
+  - 'vendor/**/*'
+Lint/RescueWithoutErrorClass:
+  Enabled: false
 Style/BlockComments:
   Enabled: false
 Style/Documentation:

data/README.md

@@ -1,25 +1,21 @@
-# EcsDeployer
+# ECS Deployer
 
 [![Gem Version](https://badge.fury.io/rb/ecs_deployer.svg)](https://badge.fury.io/rb/ecs_deployer)
 [![Test Coverage](https://codeclimate.com/github/naomichi-y/ecs_deployer/badges/coverage.svg)](https://codeclimate.com/github/naomichi-y/ecs_deployer/coverage)
 [![Code Climate](https://codeclimate.com/github/naomichi-y/ecs_deployer/badges/gpa.svg)](https://codeclimate.com/github/naomichi-y/ecs_deployer)
 [![CircleCI](https://circleci.com/gh/naomichi-y/ecs_deployer/tree/master.svg?style=shield)](https://circleci.com/gh/naomichi-y/ecs_deployer/tree/master)
 
-* [Description](#description)
-* [Installation](#installation)
-* [Task definition](#task-definition)
-  * [Encrypt of environment variables](#encrypt-of-environment-variables)
-* [Usage](#usage)
-  * [API](#api)
-  * [CLI](#cli)
-    * [Register new task](#register-new-task)
-    * [Encrypt environment value](#encrypt-environment-value)
-    * [Decrypt environment value](#decrypt-environment-value)
-    * [Update service](#update-service)
-    
 ## Description
 
-Deploy Docker container on AWS ECS..
+Deploy Docker container on AWS ECS.
+
+* Task
+  * Create
+* Service
+  * Update
+* scheduled task
+  * Create
+  * Update
 
 ## Installation
 
@@ -47,26 +43,15 @@ Write task definition in YAML format.
 For available parameters see [Task Definition Parameters](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html).
 
 ```yaml
+family: nginx
 container_definitions:
-- name: wordpress
-  links:
-  - mysql
-  image: wordpress
+- name: web
+  image: nginx:{{tag}}
   essential: true
   port_mappings:
   - container_port: 80
-    hostPort: 80
-  memory: 512
-  cpu: 10
-- environment:
-  - name: MYSQL_ROOT_PASSWORD
-    value: password
-  name: mysql
-  image: mysql
-  cpu: 10
-  memory: 512
-  essential: true
-family: hello_world
+    host_port: 80
+  memory: 256
 ```
 
 ### Encrypt of environment variables
@@ -86,21 +71,7 @@ Values are decrypted when task is created.
 
 ### API
 
-This sample file is in `spec/fixtures/task.yml`.
-
-```ruby
-deployer = EcsDeployer::Client.new
-deployer.register_task('development.yml')
-deployer.update_service('cluster', 'development')
-```
-
-`{{xxx}}` parameter is construed variable.
-
-```yaml
-container_definitions:
-- name: wordpress
-  image: wordpress:{{tag}}
-```
+Refer to [sample code](https://github.com/naomichi-y/ecs_deployer/tree/master/example).
 
 ```ruby
 deployer.register_task('development.yml', tag: 'latest')
@@ -108,11 +79,13 @@ deployer.register_task('development.yml', tag: 'latest')
 
 ### CLI
 
+Please create `.env` from `.env.default` file, before running.
+
 #### Register new task
 
 ```bash
 $ bundle exec ecs_deployer task-register --path=spec/fixtures/task.yml --replace-variables=tag:latest
-Registered task: arn:aws:ecs:ap-northeast-1:xxx:task-definition/hello_world:latest
+Registered task: arn:aws:ecs:ap-northeast-1:xxx:task-definition/nginx:latest
 ```
 
 #### Encrypt environment value
@@ -132,7 +105,7 @@ Decrypted value: xxx
 #### Update service
 
 ```bash
-$ bundle exec ecs_deployer update-service --cluster=xxx --service=xxx --wait --timeout=600
+$ bundle exec ecs_deployer update-service --cluster=xxx --service=xxx --wait --wait-timeout=600
 Start deploying...
 Deploying... [0/1] (20 seconds elapsed)
 New task: arn:aws:ecs:ap-northeast-1:xxxx:task-definition/sandbox-development:68

data/config.local.yml

@@ -0,0 +1,6 @@
+task_path: ~/Projects/nichigas-sandbox/config/deploy/development.yml
+scheduled_task_path: ~/Projects/nichigas-sandbox/config/deploy/development.yml
+cluster: sandbox
+service: development
+scheduled_task_rule: curl
+scheduled_task_target_id: worker

data/config.yml

@@ -0,0 +1,6 @@
+task_path: ./spec/fixtures/task.yml
+scheduled_task_path: ./spec/fixtures/task.yml
+cluster: default
+service: development
+scheduled_task_rule: curl
+scheduled_task_target_id: worker

data/ecs_deployer.gemspec

@@ -1,5 +1,3 @@
-# coding: utf-8
-
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'ecs_deployer/version'
@@ -31,15 +29,15 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
+  spec.add_dependency 'aws-sdk', '>= 2.9.0'
+  spec.add_dependency 'aws_config', '~> 0.1'
   spec.add_dependency 'oj', '~> 3.0'
   spec.add_dependency 'thor', '~> 0.19'
-  spec.add_dependency 'aws-sdk', '~> 2.9'
-  spec.add_dependency 'aws_config', '~> 0.1'
   spec.add_development_dependency 'bundler', '~> 1.13'
+  spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0'
+  spec.add_development_dependency 'config', '~> 1.5.1'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
-  spec.add_development_dependency 'json_spec', '~> 1.1'
   spec.add_development_dependency 'rubocop', '~> 0.48'
   spec.add_development_dependency 'simplecov', '~> 0.14'
-  spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0'
 end

data/example/register_task.rb

@@ -0,0 +1,11 @@
+require 'bundler/setup'
+require 'ecs_deployer'
+require 'config'
+
+Config.load_and_set_settings('config.yml', 'config.local.yml')
+
+task_path = File.expand_path(Settings.task_path)
+deployer = EcsDeployer::Client.new(Settings.cluster)
+task_definition = deployer.task.register(task_path, tag: 'latest')
+
+puts task_definition.task_definition_arn

data/example/update_scheduled_task.rb

@@ -0,0 +1,17 @@
+require 'bundler/setup'
+require 'ecs_deployer'
+require 'config'
+
+Config.load_and_set_settings('config.yml', 'config.local.yml')
+task_path = File.expand_path(Settings.scheduled_task_path)
+
+deployer = EcsDeployer::Client.new(Settings.cluster)
+task_definition = deployer.task.register(task_path, tag: 'latest')
+
+scheduled_task = deployer.scheduled_task
+target_builder = scheduled_task.target_builder(Settings.scheduled_task_target_id)
+target_builder.task_definition_arn = task_definition.task_definition_arn
+target_builder.override_container('rails', ['curl', 'http://153.122.13.159/'])
+
+task_definition = scheduled_task.update(Settings.scheduled_task_rule, 'cron(* * * * ? *)', [target_builder.to_hash])
+puts task_definition.rule_arn

data/example/update_service.rb

@@ -0,0 +1,13 @@
+require 'bundler/setup'
+require 'ecs_deployer'
+require 'config'
+
+Config.load_and_set_settings('config.yml', 'config.local.yml')
+
+task_path = File.expand_path(Settings.task_path)
+
+deployer = EcsDeployer::Client.new(Settings.cluster)
+task_definition = deployer.task.register(task_path, tag: 'latest')
+service = deployer.service.update(Settings.service, task_definition)
+
+puts service.service_arn

data/lib/ecs_deployer.rb

@@ -1,9 +1,15 @@
-require 'ecs_deployer/version'
 require 'ecs_deployer/client'
-require 'ecs_deployer/error'
 require 'ecs_deployer/cli'
+require 'ecs_deployer/error'
+require 'ecs_deployer/service/client'
+require 'ecs_deployer/task/client'
+require 'ecs_deployer/scheduled_task/client'
+require 'ecs_deployer/scheduled_task/target'
+require 'ecs_deployer/util/cipher'
+require 'ecs_deployer/version'
 
 module EcsDeployer
+  class ClusterNotFoundError < EcsDeployer::Error; end
   class ServiceNotFoundError < EcsDeployer::Error; end
   class TaskRunningError < EcsDeployer::Error; end
   class TaskDefinitionValidateError < EcsDeployer::Error; end

data/lib/ecs_deployer/cli.rb

@@ -7,11 +7,9 @@ module EcsDeployer
 
     no_commands do
       def prepare
-        aws_options = {}
-        aws_options[:profile] = options[:profile] if options[:profile]
-        aws_options[:region] = options[:region] if options[:region]
-
-        @deployer = EcsDeployer::Client.new(aws_options)
+        @aws_options = {}
+        @aws_options[:profile] = options[:profile] if options[:profile]
+        @aws_options[:region] = options[:region] if options[:region]
 
         nil
       end
@@ -27,38 +25,39 @@ module EcsDeployer
     option :replace_variables, type: :hash, default: {}
     def task_register
       path = File.expand_path(options[:path], Dir.pwd)
-      result = @deployer.register_task(path, options[:replace_variables])
+      task_client = EcsDeployer::Task::Client.new(@aws_options)
+      result = task_client.register(path, options[:replace_variables])
 
-      puts "Registered task: #{result}"
+      puts "Registered task: #{result.task_definition_arn}"
     end
 
     desc 'update-service', 'Update service difinition.'
     option :cluster, required: true
     option :service, required: true
     option :wait, type: :boolean, default: true
-    option :timeout, type: :numeric, default: 600
+    option :wait_timeout, type: :numeric, default: 600
     def update_service
-      @deployer.timeout = options[:timeout]
-      result = @deployer.update_service(
-        options[:cluster],
-        options[:service],
-        options[:wait]
-      )
+      deploy_client = EcsDeployer::Client.new(options[:cluster], nil, @aws_options)
+      service_client = deploy_client.service
+      service_client.wait_timeout = options[:wait_timeout]
+      result = service_client.update(options[:service], nil, options[:wait])
 
-      puts "Update service: #{result}"
+      puts "Update service: #{result.service_arn}"
     end
 
     desc 'encrypt', 'Encrypt value of argument with KMS.'
     option :master_key, required: true
     option :value, required: true
     def encrypt
-      puts "Encrypted value: #{@deployer.encrypt(options[:master_key], options[:value])}"
+      cipher = EcsDeployer::Util::Cipher.new(@aws_options)
+      puts "Encrypted value: #{cipher.encrypt(options[:master_key], options[:value])}"
     end
 
     desc 'decrypt', 'Decrypt value of argument with KMS.'
     option :value, required: true
     def decrypt
-      puts "Decrypted value: #{@deployer.decrypt(options[:value])}"
+      cipher = EcsDeployer::Util::Cipher.new(@aws_options)
+      puts "Decrypted value: #{cipher.decrypt(options[:value])}"
     end
   end
 end

data/lib/ecs_deployer/client.rb

@@ -1,262 +1,30 @@
-require 'yaml'
-require 'oj'
-require 'aws-sdk'
-require 'base64'
 require 'logger'
 
 module EcsDeployer
   class Client
-    LOG_SEPARATOR = '-' * 96
-    ENCRYPT_PATTERN = /^\${(.+)}$/
-
-    attr_reader :ecs
-    attr_accessor :wait_timeout, :pauling_interval
-
     # @param [String] cluster
     # @param [Logger] logger
+    # @param [Hash] aws_options
     # @return [EcsDeployer::Client]
     def initialize(cluster, logger = nil, aws_options = {})
       @cluster = cluster
-      @logger = logger.nil? ? Logger.new(STDOUT) : logger
-      @ecs = Aws::ECS::Client.new(aws_options)
-      @kms = Aws::KMS::Client.new(aws_options)
-      @wait_timeout = 900
-      @pauling_interval = 20
-    end
-
-    # @param [String] mater_key
-    # @param [String] value
-    # @return [String]
-    def encrypt(master_key, value)
-      encode = @kms.encrypt(key_id: "alias/#{master_key}", plaintext: value)
-      "${#{Base64.strict_encode64(encode.ciphertext_blob)}}"
-    rescue => e
-      raise KmsEncryptError, e.to_s
-    end
-
-    # @param [String] value
-    # @return [String]
-    def decrypt(value)
-      match = value.match(ENCRYPT_PATTERN)
-      raise KmsDecryptError, 'Encrypted string is invalid.' unless match
-
-      begin
-        @kms.decrypt(ciphertext_blob: Base64.strict_decode64(match[1])).plaintext
-      rescue => e
-        raise KmsDecryptError, e.to_s
-      end
-    end
-
-    # @param [String] path
-    # @param [Hash] replace_variables
-    # @return [String]
-    def register_task(path, replace_variables = {})
-      raise IOError, "File does not exist. [#{path}]" unless File.exist?(path)
-
-      register_task_hash(YAML.load(File.read(path)), replace_variables)
-    end
-
-    # @param [Hash] task_definition
-    # @param [Hash] replace_variables
-    # @return [Aws::ECS::Types::TaskDefinition]
-    def register_task_hash(task_definition, replace_variables = {})
-      task_definition = Oj.load(Oj.dump(task_definition), symbol_keys: true)
-
-      replace_parameter_variables!(task_definition, replace_variables)
-      decrypt_environment_variables!(task_definition)
-
-      result = @ecs.register_task_definition(
-        container_definitions: task_definition[:container_definitions],
-        family: task_definition[:family],
-        task_role_arn: task_definition[:task_role_arn],
-        volumes: task_definition[:volumes]
-      )
-
-      result[:task_definition]
+      @logger = logger.nil? ? Logger.new(nil) : logger
+      @aws_options = aws_options
     end
 
-    # @param [String] service
-    # @return [String]
-    def register_clone_task(service)
-      result = @ecs.describe_services(
-        cluster: @cluster,
-        services: [service]
-      )
-
-      result[:services].each do |svc|
-        next unless svc[:service_name] == service
-
-        result = @ecs.describe_task_definition(
-          task_definition: svc[:task_definition]
-        )
-
-        return register_task_hash(result[:task_definition].to_hash)
-      end
-
-      raise ServiceNotFoundError, "'#{service}' service is not found."
+    # @return [EcsDeployer::Task::Client]
+    def task
+      EcsDeployer::Task::Client.new(@aws_options)
     end
 
-    # @param [String] service
-    # @param [Aws::ECS::Types::TaskDefinition] task_definition
-    # @return [String]
-    def update_service(service, task_definition = nil, wait = true)
-      task_definition = register_clone_task(service) if task_definition.nil?
-      result = @ecs.update_service(
-        cluster: @cluster,
-        service: service,
-        task_definition: task_definition[:family] + ':' + task_definition[:revision].to_s
-      )
-
-      wait_for_deploy(service, result.service.task_definition) if wait
-      result.service.service_arn
-    end
-
-    private
-
-    # @param [Array, Hash] variables
-    # @param [Hash] replace_variables
-    def replace_parameter_variables!(variables, replace_variables = {})
-      for variable in variables do
-        if variable.class == Array || variable.class == Hash
-          replace_parameter_variables!(variable, replace_variables)
-        elsif variable.class == String
-          replace_variables.each do |replace_key, replace_value|
-            variable.gsub!("{{#{replace_key}}}", replace_value)
-          end
-        end
-      end
-    end
-
-    # @param [Hash] task_definition
-    def decrypt_environment_variables!(task_definition)
-      raise TaskDefinitionValidateError, '\'container_definition\' is undefined.' unless task_definition.key?(:container_definitions)
-      task_definition[:container_definitions].each do |container_definition|
-        next unless container_definition.key?(:environment)
-
-        container_definition[:environment].each do |environment|
-          if environment[:value].class == String
-            match = environment[:value].match(ENCRYPT_PATTERN)
-            environment[:value] = decrypt(match[0]) if match
-          else
-            # https://github.com/naomichi-y/ecs_deployer/issues/6
-            environment[:value] = environment[:value].to_s
-          end
-        end
-      end
+    # @return [EcsDeployer::ScheduledTask::Client]
+    def scheduled_task
+      EcsDeployer::ScheduledTask::Client.new(@cluster, @aws_options)
     end
 
-    # @param [String] service
-    # @return [Aws::ECS::Types::Service]
-    def service_status(service)
-      status = nil
-      result = @ecs.describe_services(
-        cluster: @cluster,
-        services: [service]
-      )
-      result[:services].each do |svc|
-        next unless svc[:service_name] == service
-        status = svc
-        break
-      end
-
-      raise ServiceNotFoundError, "'#{service}' service is not found." if status.nil?
-
-      status
-    end
-
-    # @param [String] service
-    # @param [String] task_definition_arn
-    def detect_stopped_task(service, task_definition_arn)
-      stopped_tasks = @ecs.list_tasks(
-        cluster: @cluster,
-        service_name: service,
-        desired_status: 'STOPPED'
-      ).task_arns
-
-      return if stopped_tasks.size.zero?
-
-      description_tasks = @ecs.describe_tasks(
-        cluster: @cluster,
-        tasks: stopped_tasks
-      ).tasks
-
-      description_tasks.each do |task|
-        raise TaskStoppedError, task.stopped_reason if task.task_definition_arn == task_definition_arn
-      end
-    end
-
-    # @param [String] service
-    # @param [String] task_definition_arn
-    # @return [Hash]
-    def deploy_status(service, task_definition_arn)
-      detect_stopped_task(service, task_definition_arn)
-
-      # Get current tasks
-      result = @ecs.list_tasks(
-        cluster: @cluster,
-        service_name: service,
-        desired_status: 'RUNNING'
-      )
-
-      raise TaskRunningError, 'Running task not found.' if result[:task_arns].size.zero?
-
-      result = @ecs.describe_tasks(
-        cluster: @cluster,
-        tasks: result[:task_arns]
-      )
-
-      new_running_count = 0
-      task_status_logs = []
-
-      result[:tasks].each do |task|
-        new_running_count += 1 if task_definition_arn == task[:task_definition_arn] && task[:last_status] == 'RUNNING'
-        task_status_logs << "  #{task[:task_definition_arn]} [#{task[:last_status]}]"
-      end
-
-      {
-        current_running_count: result[:tasks].size,
-        new_running_count: new_running_count,
-        task_status_logs: task_status_logs
-      }
-    end
-
-    # @param [String] service
-    # @param [String] task_definition_arn
-    def wait_for_deploy(service, task_definition_arn)
-      service_status = service_status(service)
-
-      wait_time = 0
-      @logger.info 'Start deploying...'
-
-      loop do
-        sleep(@pauling_interval)
-        wait_time += @pauling_interval
-        result = deploy_status(service, task_definition_arn)
-
-        @logger.info "Deploying... [#{result[:new_running_count]}/#{result[:current_running_count]}] (#{wait_time} seconds elapsed)"
-        @logger.info "New task: #{task_definition_arn}"
-        @logger.info LOG_SEPARATOR
-
-        result[:task_status_logs].each do |log|
-          @logger.info log
-        end
-
-        @logger.info LOG_SEPARATOR
-
-        if result[:new_running_count] == result[:current_running_count]
-          @logger.info "Service update succeeded. [#{result[:new_running_count]}/#{result[:current_running_count]}]"
-          @logger.info "New task definition: #{task_definition_arn}"
-
-          break
-        else
-          @logger.info 'You can stop process with Ctrl+C. Deployment will continue.'
-
-          if wait_time > @wait_timeout
-            @logger.info "New task definition: #{task_definition_arn}"
-            raise DeployTimeoutError, 'Service is being updating, but process is timed out.'
-          end
-        end
-      end
+    # @return [EcsDeployer::Service::Client]
+    def service
+      EcsDeployer::Service::Client.new(@cluster, @logger, @aws_options)
     end
   end
 end

data/lib/ecs_deployer/scheduled_task/client.rb

@@ -0,0 +1,55 @@
+require 'aws-sdk'
+
+module EcsDeployer
+  module ScheduledTask
+    class Client
+      # @param [String] cluster
+      # @param [Hash] aws_options
+      # @return [EcsDeployer::ScheduledTask::Client]
+      def initialize(cluster, aws_options = {})
+        @cluster = cluster
+        @cloud_watch_events = Aws::CloudWatchEvents::Client.new(aws_options)
+        @aws_options = aws_options
+      end
+
+      # @param [String] rule
+      # @return [Bool]
+      def exist_rule?(rule)
+        @cloud_watch_events.describe_rule(name: rule)
+        true
+      rescue Aws::CloudWatchEvents::Errors::ResourceNotFoundException
+        false
+      end
+
+      # @param [String] id
+      # @param [String] role
+      # @return [EcsDeployer::ScheduledTask::Target]
+      def target_builder(id, role = 'ecsEventsRole')
+        EcsDeployer::ScheduledTask::Target.new(@cluster, id, role, @aws_options)
+      end
+
+      # @param [String] rule
+      # @param [String] schedule_expression
+      # @param [Array] targets
+      # @return [CloudWatchEvents::Types::PutRuleResponse]
+      def update(rule, schedule_expression, targets)
+        response = @cloud_watch_events.put_rule(
+          name: rule,
+          schedule_expression: schedule_expression,
+          state: 'ENABLED'
+        )
+        begin
+          @cloud_watch_events.put_targets(
+            rule: rule,
+            targets: targets
+          )
+
+          response
+        rescue => e
+          @cloud_watch_events.delete_rule(name: rule)
+          raise e
+        end
+      end
+    end
+  end
+end

data/lib/ecs_deployer/scheduled_task/target.rb

@@ -0,0 +1,64 @@
+module EcsDeployer
+  module ScheduledTask
+    class Target
+      attr_reader :id
+      attr_accessor :arn, :role_arn, :task_definition_arn, :task_count
+
+      # @param [String] cluster
+      # @param [String] id
+      # @param [String] role
+      # @param [Hash] aws_options
+      # @return EcsDeployer::ScheduledTask::Target]
+      def initialize(cluster, id, role = nil, aws_options = {})
+        ecs = Aws::ECS::Client.new(aws_options)
+        clusters = ecs.describe_clusters(clusters: [cluster]).clusters
+        raise ClusterNotFoundError, "Cluster does not eixst. [#{cluster}]" if clusters.count.zero?
+
+        @id = id
+        @arn = clusters[0].cluster_arn
+        @role_arn = Aws::IAM::Role.new(role, @aws_options).arn unless role.nil?
+        @task_count = 1
+        @container_overrides = []
+      end
+
+      # @param [String] name
+      # @param [Array] command
+      # @param [Hash] environments
+      def override_container(name, command = nil, environments = {})
+        override_environments = []
+        environments.each do |environment|
+          environment.each do |env_name, env_value|
+            override_environments << {
+              name: env_name,
+              value: env_value
+            }
+          end
+        end
+
+        container_override = {
+          name: name,
+          command: command
+        }
+        container_overrides[:environment] = override_environments if override_environments.count > 0
+
+        @container_overrides << container_override
+      end
+
+      # @return [Hash]
+      def to_hash
+        {
+          id: @id,
+          arn: @arn,
+          role_arn: @role_arn,
+          ecs_parameters: {
+            task_definition_arn: @task_definition_arn,
+            task_count: @task_count
+          },
+          input: {
+            containerOverrides: @container_overrides
+          }.to_json.to_s
+        }
+      end
+    end
+  end
+end

data/lib/ecs_deployer/service/client.rb

@@ -0,0 +1,155 @@
+require 'aws-sdk'
+
+module EcsDeployer
+  module Service
+    class Client
+      LOG_SEPARATOR = '-' * 96
+
+      attr_accessor :wait_timeout, :polling_interval
+
+      # @param [String] cluster
+      # @param [Logger] logger
+      # @param [Hash] aws_options
+      # @return [EcsDeployer::Service::Client]
+      def initialize(cluster, logger, aws_options = {})
+        @cluster = cluster
+        @logger = logger
+
+        @ecs = Aws::ECS::Client.new(aws_options)
+        @task = EcsDeployer::Task::Client.new(aws_options)
+
+        @wait_timeout = 900
+        @polling_interval = 20
+      end
+
+      # @param [String] service
+      # @param [Aws::ECS::Types::TaskDefinition] task_definition
+      # @return [Aws::ECS::Types::Service]
+      def update(service, task_definition = nil, wait = true)
+        task_definition = @task.register_clone(@cluster, service) if task_definition.nil?
+        result = @ecs.update_service(
+          cluster: @cluster,
+          service: service,
+          task_definition: task_definition[:family] + ':' + task_definition[:revision].to_s
+        )
+
+        wait_for_deploy(service, result.service.task_definition) if wait
+        result.service
+      end
+
+      private
+
+      # @param [String] service
+      # @return [Bool]
+      def exist?(service)
+        status = nil
+        result = @ecs.describe_services(
+          cluster: @cluster,
+          services: [service]
+        )
+        result[:services].each do |svc|
+          next unless svc[:service_name] == service
+          status = svc
+          break
+        end
+
+        status.nil? ? false : true
+      end
+
+      # @param [String] service
+      # @param [String] task_definition_arn
+      def detect_stopped_task(service, task_definition_arn)
+        stopped_tasks = @ecs.list_tasks(
+          cluster: @cluster,
+          service_name: service,
+          desired_status: 'STOPPED'
+        ).task_arns
+
+        return if stopped_tasks.size.zero?
+
+        description_tasks = @ecs.describe_tasks(
+          cluster: @cluster,
+          tasks: stopped_tasks
+        ).tasks
+
+        description_tasks.each do |task|
+          raise TaskStoppedError, task.stopped_reason if task.task_definition_arn == task_definition_arn
+        end
+      end
+
+      # @param [String] service
+      # @param [String] task_definition_arn
+      # @return [Hash]
+      def deploy_status(service, task_definition_arn)
+        detect_stopped_task(service, task_definition_arn)
+
+        # Get current tasks
+        result = @ecs.list_tasks(
+          cluster: @cluster,
+          service_name: service,
+          desired_status: 'RUNNING'
+        )
+
+        raise TaskRunningError, 'Running task not found.' if result[:task_arns].size.zero?
+
+        result = @ecs.describe_tasks(
+          cluster: @cluster,
+          tasks: result[:task_arns]
+        )
+
+        new_running_count = 0
+        task_status_logs = []
+
+        result[:tasks].each do |task|
+          new_running_count += 1 if task_definition_arn == task[:task_definition_arn] && task[:last_status] == 'RUNNING'
+          task_status_logs << "  #{task[:task_definition_arn]} [#{task[:last_status]}]"
+        end
+
+        {
+          current_running_count: result[:tasks].size,
+          new_running_count: new_running_count,
+          task_status_logs: task_status_logs
+        }
+      end
+
+      # @param [String] service
+      # @param [String] task_definition_arn
+      def wait_for_deploy(service, task_definition_arn)
+        raise ServiceNotFoundError, "'#{service}' service is not found." unless exist?(service)
+
+        wait_time = 0
+        @logger.info 'Start deploying...'
+
+        loop do
+          sleep(@polling_interval)
+          wait_time += @polling_interval
+          result = deploy_status(service, task_definition_arn)
+
+          @logger.info "Deploying... [#{result[:new_running_count]}/#{result[:current_running_count]}] (#{wait_time} seconds elapsed)"
+          @logger.info "New task: #{task_definition_arn}"
+          @logger.info LOG_SEPARATOR
+
+          result[:task_status_logs].each do |log|
+            @logger.info log
+          end
+
+          @logger.info LOG_SEPARATOR
+
+          if result[:new_running_count] == result[:current_running_count]
+            @logger.info "Service update succeeded. [#{result[:new_running_count]}/#{result[:current_running_count]}]"
+            @logger.info "New task definition: #{task_definition_arn}"
+
+            break
+          else
+            @logger.info 'You can stop process with Ctrl+C. Deployment will continue.'
+
+            if wait_time > @wait_timeout
+              @logger.info "New task definition: #{task_definition_arn}"
+              raise DeployTimeoutError, 'Service is being updating, but process is timed out.'
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ecs_deployer/task/client.rb

@@ -0,0 +1,99 @@
+require 'aws-sdk'
+require 'yaml'
+require 'oj'
+
+module EcsDeployer
+  module Task
+    class Client
+      # @param [Hash] aws_options
+      # @return [EcsDeployer::Task::Client]
+      def initialize(aws_options = {})
+        @ecs = Aws::ECS::Client.new(aws_options)
+        @cipher = EcsDeployer::Util::Cipher.new(aws_options)
+      end
+
+      # @param [String] path
+      # @param [Hash] replace_variables
+      # @return [Aws::ECS::Types::TaskDefinition]
+      def register(path, replace_variables = {})
+        raise IOError, "File does not exist. [#{path}]" unless File.exist?(path)
+
+        register_hash(YAML.load(File.read(path)), replace_variables)
+      end
+
+      # @param [Hash] task_definition
+      # @param [Hash] replace_variables
+      # @return [Aws::ECS::Types::TaskDefinition]
+      def register_hash(task_definition, replace_variables = {})
+        task_definition = Oj.load(Oj.dump(task_definition), symbol_keys: true)
+
+        replace_parameter_variables!(task_definition, replace_variables)
+        decrypt_environment_variables!(task_definition)
+
+        result = @ecs.register_task_definition(
+          container_definitions: task_definition[:container_definitions],
+          family: task_definition[:family],
+          task_role_arn: task_definition[:task_role_arn],
+          volumes: task_definition[:volumes]
+        )
+
+        result[:task_definition]
+      end
+
+      # @param [String] cluster
+      # @param [String] service
+      # @return [String]
+      def register_clone(cluster, service)
+        result = @ecs.describe_services(
+          cluster: cluster,
+          services: [service]
+        )
+
+        result[:services].each do |svc|
+          next unless svc[:service_name] == service
+
+          result = @ecs.describe_task_definition(
+            task_definition: svc[:task_definition]
+          )
+
+          return register_hash(result[:task_definition].to_hash)
+        end
+
+        raise ServiceNotFoundError, "'#{service}' service is not found."
+      end
+
+      private
+
+      # @param [Array, Hash] variables
+      # @param [Hash] replace_variables
+      def replace_parameter_variables!(variables, replace_variables = {})
+        for variable in variables do
+          if variable.class == Array || variable.class == Hash
+            replace_parameter_variables!(variable, replace_variables)
+          elsif variable.class == String
+            replace_variables.each do |replace_key, replace_value|
+              variable.gsub!("{{#{replace_key}}}", replace_value)
+            end
+          end
+        end
+      end
+
+      # @param [Hash] task_definition
+      def decrypt_environment_variables!(task_definition)
+        raise TaskDefinitionValidateError, '\'container_definition\' is undefined.' unless task_definition.key?(:container_definitions)
+        task_definition[:container_definitions].each do |container_definition|
+          next unless container_definition.key?(:environment)
+
+          container_definition[:environment].each do |environment|
+            if environment[:value].class == String
+              environment[:value] = @cipher.decrypt(environment[:value]) if @cipher.encrypt_value?(environment[:value])
+            else
+              # https://github.com/naomichi-y/ecs_deployer/issues/6
+              environment[:value] = environment[:value].to_s
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ecs_deployer/util/cipher.rb

@@ -0,0 +1,44 @@
+require 'base64'
+
+module EcsDeployer
+  module Util
+    class Cipher
+      ENCRYPT_VARIABLE_PATTERN = /^\${(.+)}$/
+
+      # @param [Hash] aws_options
+      # @return [EcsDeployer::Util::Cipher]
+      def initialize(aws_options = {})
+        @kms = Aws::KMS::Client.new(aws_options)
+      end
+
+      # @param [String] mater_key
+      # @param [String] value
+      # @return [String]
+      def encrypt(master_key, value)
+        encode = @kms.encrypt(key_id: "alias/#{master_key}", plaintext: value)
+        "${#{Base64.strict_encode64(encode.ciphertext_blob)}}"
+      rescue => e
+        raise KmsEncryptError, e.to_s
+      end
+
+      # @param [String] value
+      # @return [String]
+      def decrypt(value)
+        match = value.match(ENCRYPT_VARIABLE_PATTERN)
+        raise KmsDecryptError, 'Encrypted string is invalid.' unless match
+
+        begin
+          @kms.decrypt(ciphertext_blob: Base64.strict_decode64(match[1])).plaintext
+        rescue => e
+          raise KmsDecryptError, e.to_s
+        end
+      end
+
+      # @param [String] value
+      # @return [Bool]
+      def encrypt_value?(value)
+        value.to_s.match(ENCRYPT_VARIABLE_PATTERN) ? true : false
+      end
+    end
+  end
+end

data/lib/ecs_deployer/version.rb

@@ -1,3 +1,3 @@
 module EcsDeployer
-  VERSION = '2.0.0'.freeze
+  VERSION = '2.1.5'.freeze
 end

metadata

@@ -1,71 +1,71 @@
 --- !ruby/object:Gem::Specification
 name: ecs_deployer
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.1.5
 platform: ruby
 authors:
 - naomichi-y
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-10-20 00:00:00.000000000 Z
+date: 2017-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: oj
+  name: aws-sdk
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 2.9.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 2.9.0
 - !ruby/object:Gem::Dependency
-  name: thor
+  name: aws_config
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.19'
+        version: '0.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.19'
+        version: '0.1'
 - !ruby/object:Gem::Dependency
-  name: aws-sdk
+  name: oj
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: aws_config
+  name: thor
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: '0.19'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: '0.19'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -81,89 +81,89 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.13'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: config
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 1.5.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 1.5.1
 - !ruby/object:Gem::Dependency
-  name: json_spec
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.48'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.48'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.14'
+        version: '0.48'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.14'
+        version: '0.48'
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0.14'
 description: Deploy Docker container on AWS ECS.
 email:
 - n.yamakita@gmail.com
@@ -182,13 +182,22 @@ files:
 - bin/console
 - bin/setup
 - circle.yml
+- config.local.yml
+- config.yml
 - ecs_deployer.gemspec
-- example/sample.rb
+- example/register_task.rb
+- example/update_scheduled_task.rb
+- example/update_service.rb
 - exe/ecs_deployer
 - lib/ecs_deployer.rb
 - lib/ecs_deployer/cli.rb
 - lib/ecs_deployer/client.rb
 - lib/ecs_deployer/error.rb
+- lib/ecs_deployer/scheduled_task/client.rb
+- lib/ecs_deployer/scheduled_task/target.rb
+- lib/ecs_deployer/service/client.rb
+- lib/ecs_deployer/task/client.rb
+- lib/ecs_deployer/util/cipher.rb
 - lib/ecs_deployer/version.rb
 homepage: https://github.com/naomichi-y/ecs_deployer
 licenses:

data/example/sample.rb

@@ -1,8 +0,0 @@
-require 'bundler/setup'
-require 'ecs_deployer'
-
-path = File.expand_path('../spec/fixtures/task.yml', File.dirname(File.realpath(__FILE__)))
-
-deployer = EcsDeployer::Client.new('sandbox')
-task_definition = deployer.register_task(path, tag: 'latest')
-deployer.update_service('production', task_definition)