[DevOps] Create Airflow DAG to update credential server version

[johnclary]

Based on discussion here, we should create a DAG which re-deploys our credential server on the latest version.

Roughly, the work involves:

• Find out what this process looks like by hand
• Updating our ECS task definition to pin the service's image version to a major release.
• Author the DAG that uses aws ecs update-service --force-new-deployment to re-deploy the server at some regular interval

Per the AWS CLI docs:

--force-new-deployment Determines whether to force a new deployment of the service. By default, deployments aren’t forced. You can use this option to start a new deployment with no service definition changes. For example, you can update a service’s tasks to use a newer Docker image with the same image/tag combination (my_image:latest ) or to roll Fargate tasks onto a newer platform version.

[johnclary]

Here's what I would like to propose:

• we add the 1pass connect server ECS config to the atd-airflow repo, so that it's version controlled
• we add a todo in the repo's PR template, and ask that anyone who opens a PR also check to see we are running the latest 1password version. If not, they should update it.