#pr-reviews (2020-07)

Pull Request Reviews for Cloud Posse Projects

2020-07-14

David avatar
David

I noticed that https://github.com/cloudposse/terraform-aws-ecr will only keep the latest 500 images around (the number being configurable). I opened https://github.com/cloudposse/terraform-aws-ecr/pull/56 to allow protecting specific tags like prod, but am curious:

How does cloudposse expect that the repo would be used. In continuous delivery (but not continuous deployment) environments, how could you be sure that the image you are using in production won’t be deleted before your next release starts?

cloudposse/terraform-aws-ecr

Terraform Module to manage Docker Container Registries on AWS ECR - cloudposse/terraform-aws-ecr

Allow protecting images with specified tags by dmattia · Pull Request #56 · cloudposse/terraform-aws-ecr

what Allow protecting images with a given set of tag names why At Transcend, we tag images with dev, staging, and prod for deployments in addition to their SHA tags. We want to expire images, bu…

PePe avatar

Well in continuos delivery situations you will be deploying all the time so it will be hard to believe you will need to deploy anything older than the last release? Most of what I have seen is that you roll forward not backwards

cloudposse/terraform-aws-ecr

Terraform Module to manage Docker Container Registries on AWS ECR - cloudposse/terraform-aws-ecr

Allow protecting images with specified tags by dmattia · Pull Request #56 · cloudposse/terraform-aws-ecr

what Allow protecting images with a given set of tag names why At Transcend, we tag images with dev, staging, and prod for deployments in addition to their SHA tags. We want to expire images, bu…

PePe avatar

In prod that is

PePe avatar

If you have to roll back 200 releases then your whole pipeline has a very bad testing process

PePe avatar

You could have 3 ecr repos for each stage/environment

David avatar
David

My understanding is that continuous deployment = deploying all the time, continuous delivery = ready to deploy all the time.

So in continuous delivery, you will not deploy on every build.

We push up docker images to run e2e tests on on every commit, and it’s not terribly uncommon for us to have 500+ commits pushed in a week (which is how often we deploy to prod)

David avatar
David

We have a single ECR repo in a “Commons” AWS account that our dev/staging/prod accounts all share in common. This way we can just promote any image to have the dev tag, then later promote that same image to staging, then prod.

So there can be quite a few images that get added, as it’s not a repo just for prod images

PePe avatar

we do something similar but we do not deploy as much at all

PePe avatar

I’m reviewing your pr

PePe avatar

new release tagged, thanks for the pr

2020-07-08

2020-07-07

Frank avatar
Frank

Can someone take a look at my (small) PR? https://github.com/cloudposse/terraform-aws-ses/pull/5 Thanks!

Add IAM secret output for usage with SES API by syphernl · Pull Request #5 · cloudposse/terraform-aws-ses

what Adds a user_secret output which contains the IAM Secret why This allows that the IAM User can (also) be used through the SES API and not just via SMTP references

1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@Marcin Brański

Add IAM secret output for usage with SES API by syphernl · Pull Request #5 · cloudposse/terraform-aws-ses

what Adds a user_secret output which contains the IAM Secret why This allows that the IAM User can (also) be used through the SES API and not just via SMTP references

Marcin Brański avatar
Marcin Brański

Thanks Frank. I have reviewed and released already your changes https://github.com/cloudposse/terraform-aws-ses/releases/tag/0.3.0

Release 0.3.0 Add IAM secret output for usage with SES API #5 · cloudposse/terraform-aws-ses

Thanks to @syphernl for work on this PR! what Adds a user_secret output which contains the IAM Secret why This allows that the IAM User can (also) be used through the SES API and not just via SMTP

Frank avatar
Frank

Awesome, thanks Marcin!

1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

One thng…

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
03:34:36 PM
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I see we are missing this in our “Best Practices”, so updating that now. https://docs.cloudposse.com/terraform/terraform-best-practices/

Marcin Brański avatar
Marcin Brański

Yeah, didn’t know that.

Marcin Brański avatar
Marcin Brański

I’m adding it to the backlog

    keyboard_arrow_up