search

cloudposse / terraform-aws-ecs-container-definition

Terraform module to generate well-formed JSON documents (container definitions) that are passed to the aws_ecs_task_definition Terraform resource
https://cloudposse.com/accelerate
Apache License 2.0
339 stars 244 forks source link

Capabilities cannot be defined without defining other values #140

Closed jvosantos closed 3 years ago

jvosantos commented 3 years ago

Describe the Bug

Capabilities cannot be defined without defining shared memory and swap values, leading to specifying options that are optional and don't have an equivalent when specified. Unable for instance to add the capability SYS_BOOT to a container without specifying shared memory. Shared memory does not allow for a value of 0, so unable to add SYS_BOOT without giving shared memory to a container.

Expected Behavior

Capacity to specify capabilities without specifying other options inside linux_parameters.

Steps to Reproduce

Steps to reproduce the behavior: main.tf

module "container-definition" {
  source   = "cloudposse/ecs-container-definition/aws"
  version  = "~> 0.57.0"

  container_name = "hello"
  container_image = "some/image:latest"
  linux_parameters = {
    capabilities = {
      add = ["SYS_BOOT", "NET_ADMIN", "SYS_TIME", "KILL"]
      drop = []
    }
  }
  1. Run terraform plan
  2. Enter '....'
  3. See error │ Error: Invalid value for module argument │ │ on ops-steadybit-agent.tf line 135, in module "steadybit-agent": │ 135: container_linux_parameters = { │ 136: capabilities = { │ 137: add = ["SYS_BOOT", "NET_ADMIN", "SYS_TIME", "KILL"] │ 138: drop = [] │ 139: } │ 140: } │ │ The given value is not suitable for child module variable "container_linux_parameters" defined at modules/application/variables.tf:393,1-38: attributes "devices", "initProcessEnabled", "maxSwap", "sharedMemorySize", "swappiness", and "tmpfs" are required. ╵ make: *** [execute] Error 1
ashutoshrishi commented 3 years ago

Similarly with just trying to specify linux_parameters.tmpfs values

nitrocode commented 3 years ago

This is a restriction with terraform which exists in the latest 1.0. We'll be able to do it once the optional flag is no longer an experimental feature.

If the value is defined in the variable type, it has to be set. The only way around it is to find all the necessary inputs and set all the ones that you do not care about to null.

connorhsm commented 1 year ago

@nitrocode it appears this has now happened https://developer.hashicorp.com/terraform/language/expressions/type-constraints#optional-object-type-attributes

+1 to this