From 4ae9351d89ec14edfa156105832462234418e870 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20W=C4=85do=C5=82owski?=
<6334715+jwadolowski@users.noreply.github.com>
Date: Tue, 26 Aug 2025 17:47:59 +0200
Subject: [PATCH 1/3] feat: Add docker_labels
Allow the user to define a list of Docker labels without providing the
entire task definition.
---
.gitignore | 3 +++
README.md | 1 +
main.tf | 1 +
variables.tf | 6 ++++++
4 files changed, 11 insertions(+)
diff --git a/.gitignore b/.gitignore
index 4e403ab5..e8abc4bb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,3 +12,6 @@
# Build Harness
.build-harness
build-harness/
+
+# Atmos
+.atmos
diff --git a/README.md b/README.md
index e3c1aee0..3d2fec55 100644
--- a/README.md
+++ b/README.md
@@ -246,6 +246,7 @@ module "default_backend_web_app" {
| [deployment\_minimum\_healthy\_percent](#input\_deployment\_minimum\_healthy\_percent) | The lower limit (as a percentage of `desired_count`) of the number of tasks that must remain running and healthy in a service during a deployment | `number` | `100` | no |
| [descriptor\_formats](#input\_descriptor\_formats) | Describe additional descriptors to be output in the `descriptors` output map.
Map of maps. Keys are names of descriptors. Values are maps of the form
`{
format = string
labels = list(string)
}`
(Type is `any` so the map values can later be enhanced to provide additional options.)
`format` is a Terraform format string to be passed to the `format()` function.
`labels` is a list of labels, in order, to pass to `format()` function.
Label values will be normalized before being passed to `format()` so they will be
identical to how they appear in `id`.
Default is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |
| [desired\_count](#input\_desired\_count) | The desired number of tasks to start with. Set this to 0 if using DAEMON Service type. (FARGATE does not suppoert DAEMON Service type) | `number` | `1` | no |
+| [docker\_labels](#input\_docker\_labels) | Map of Docker labels to assign to the container | `map(string)` | `null` | no |
| [ecr\_enabled](#input\_ecr\_enabled) | A boolean to enable/disable AWS ECR | `bool` | `true` | no |
| [ecr\_image\_tag\_mutability](#input\_ecr\_image\_tag\_mutability) | The tag mutability setting for the ecr repository. Must be one of: `MUTABLE` or `IMMUTABLE` | `string` | `"IMMUTABLE"` | no |
| [ecr\_scan\_images\_on\_push](#input\_ecr\_scan\_images\_on\_push) | Indicates whether images are scanned after being pushed to the repository (true) or not (false) | `bool` | `false` | no |
diff --git a/main.tf b/main.tf
index cc26d903..55150d31 100644
--- a/main.tf
+++ b/main.tf
@@ -81,6 +81,7 @@ module "container_definition" {
container_memory = var.container_memory
container_memory_reservation = var.container_memory_reservation
container_cpu = var.container_cpu
+ docker_labels = var.docker_labels
start_timeout = var.container_start_timeout
stop_timeout = var.container_stop_timeout
healthcheck = var.healthcheck
diff --git a/variables.tf b/variables.tf
index cba8d7f0..cef582d7 100644
--- a/variables.tf
+++ b/variables.tf
@@ -96,6 +96,12 @@ variable "container_memory" {
default = 512
}
+variable "docker_labels" {
+ type = map(string)
+ description = "Map of Docker labels to assign to the container"
+ default = null
+}
+
variable "container_start_timeout" {
type = number
description = "Time duration (in seconds) to wait before giving up on resolving dependencies for a container"
From 2956fcafb36379d17b972c5f781a67df3d19305c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20W=C4=85do=C5=82owski?=
<6334715+jwadolowski@users.noreply.github.com>
Date: Thu, 28 Aug 2025 11:07:21 +0200
Subject: [PATCH 2/3] fix(ci): Update `cloudposse/dynamic-subnets/aws` to the
most recent version
AWS provider v6 deprecated `vpc = true` for the EIP resource
---
examples/complete/main.tf | 2 +-
examples/with_cognito_authentication/main.tf | 2 +-
examples/with_google_oidc_authentication/main.tf | 2 +-
examples/without_authentication/main.tf | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index b0bade16..417f9442 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -18,7 +18,7 @@ module "vpc" {
module "subnets" {
source = "cloudposse/dynamic-subnets/aws"
- version = "2.3.0"
+ version = "2.4.2"
availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
igw_id = [module.vpc.igw_id]
diff --git a/examples/with_cognito_authentication/main.tf b/examples/with_cognito_authentication/main.tf
index a14c928b..4112a122 100644
--- a/examples/with_cognito_authentication/main.tf
+++ b/examples/with_cognito_authentication/main.tf
@@ -20,7 +20,7 @@ locals {
module "subnets" {
source = "cloudposse/dynamic-subnets/aws"
- version = "2.3.0"
+ version = "2.4.2"
availability_zones = local.availability_zones
vpc_id = module.vpc.vpc_id
igw_id = [module.vpc.igw_id]
diff --git a/examples/with_google_oidc_authentication/main.tf b/examples/with_google_oidc_authentication/main.tf
index 1b6dcc72..0f4966d5 100644
--- a/examples/with_google_oidc_authentication/main.tf
+++ b/examples/with_google_oidc_authentication/main.tf
@@ -20,7 +20,7 @@ locals {
module "subnets" {
source = "cloudposse/dynamic-subnets/aws"
- version = "2.3.0"
+ version = "2.4.2"
availability_zones = local.availability_zones
vpc_id = module.vpc.vpc_id
igw_id = [module.vpc.igw_id]
diff --git a/examples/without_authentication/main.tf b/examples/without_authentication/main.tf
index 06335e10..33d3203d 100644
--- a/examples/without_authentication/main.tf
+++ b/examples/without_authentication/main.tf
@@ -20,7 +20,7 @@ locals {
module "subnets" {
source = "cloudposse/dynamic-subnets/aws"
- version = "2.3.0"
+ version = "2.4.2"
availability_zones = local.availability_zones
vpc_id = module.vpc.vpc_id
igw_id = [module.vpc.igw_id]
From 2de7006b59440dd3a4c656953ed1b67aab1f2357 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20W=C4=85do=C5=82owski?=
<6334715+jwadolowski@users.noreply.github.com>
Date: Thu, 28 Aug 2025 15:13:44 +0200
Subject: [PATCH 3/3] fix(ci): Ensure unique S3 bucket names
1. Bucket names now include a timestamp (10 digits) to ensure they're
always unique (previously it was a random number between 0 and 999,
which increased the risk of a name collision)
2. `rand.Seed` is deprecated, so it was removed. As of Go 1.20, there is
no reason to call Seed with a random value
---
test/src/examples_complete_test.go | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/test/src/examples_complete_test.go b/test/src/examples_complete_test.go
index cdb28da7..e02ac746 100644
--- a/test/src/examples_complete_test.go
+++ b/test/src/examples_complete_test.go
@@ -2,10 +2,8 @@ package test
import (
"encoding/json"
+ "fmt"
"testing"
-
- "math/rand"
- "strconv"
"time"
"github.com/gruntwork-io/terratest/modules/terraform"
@@ -16,9 +14,7 @@ import (
func TestExamplesComplete(t *testing.T) {
t.Parallel()
- rand.Seed(time.Now().UnixNano())
-
- attributes := []string{strconv.Itoa(rand.Intn(1000))}
+ attributes := []string{fmt.Sprintf("%d", time.Now().Unix())}
// We need to create the ALB first because terraform does not wwait for it to be in the ready state before creating ECS target group
terraformOptions := &terraform.Options{