feat: ✨ added restart policies

docs/terraform.md

@@ -24,7 +24,7 @@ No resources.
 |------|-------------|------|---------|:--------:|
 | <a name="input_command"></a> [command](#input\_command) | The command that is passed to the container | `list(string)` | `null` | no |
 | <a name="input_container_cpu"></a> [container\_cpu](#input\_container\_cpu) | The number of cpu units to reserve for the container. This is optional for tasks using Fargate launch type and the total amount of container\_cpu of all containers in a task will need to be lower than the task-level cpu value | `number` | `0` | no |
-| <a name="input_container_definition"></a> [container\_definition](#input\_container\_definition) | Container definition overrides which allows for extra keys or overriding existing keys. | <pre>object({<br> command = optional(list(string))<br> cpu = optional(number)<br> dependsOn = optional(list(object({<br> condition = string<br> containerName = string<br> })))<br> disableNetworking = optional(bool)<br> dnsSearchDomains = optional(list(string))<br> dnsServers = optional(list(string))<br> dockerLabels = optional(map(string))<br> dockerSecurityOptions = optional(list(string))<br> entryPoint = optional(list(string))<br> environment = optional(list(object({<br> name = string<br> value = string<br> })))<br> environmentFiles = optional(list(object({<br> type = string<br> value = string<br> })))<br> essential = optional(bool)<br> extraHosts = optional(list(object({<br> hostname = string<br> ipAddress = string<br> })))<br> firelensConfiguration = optional(object({<br> options = optional(map(string))<br> type = string<br> }))<br> healthCheck = optional(object({<br> command = list(string)<br> interval = optional(number)<br> retries = optional(number)<br> startPeriod = optional(number)<br> timeout = optional(number)<br> }))<br> hostname = optional(string)<br> image = optional(string)<br> interactive = optional(bool)<br> links = optional(list(string))<br> linuxParameters = optional(object({<br> capabilities = optional(object({<br> add = optional(list(string))<br> drop = optional(list(string))<br> }))<br> devices = optional(list(object({<br> containerPath = string<br> hostPath = string<br> permissions = optional(list(string))<br> })))<br> initProcessEnabled = optional(bool)<br> maxSwap = optional(number)<br> sharedMemorySize = optional(number)<br> swappiness = optional(number)<br> tmpfs = optional(list(object({<br> containerPath = string<br> mountOptions = optional(list(string))<br> size = number<br> })))<br> }))<br> logConfiguration = optional(object({<br> logDriver = string<br> options = optional(map(string))<br> secretOptions = optional(list(object({<br> name = string<br> valueFrom = string<br> })))<br> }))<br> memory = optional(number)<br> memoryReservation = optional(number)<br> mountPoints = optional(list(object({<br> containerPath = optional(string)<br> readOnly = optional(bool)<br> sourceVolume = optional(string)<br> })))<br> name = optional(string)<br> portMappings = optional(list(object({<br> containerPort = number<br> hostPort = optional(number)<br> protocol = optional(string)<br> name = optional(string)<br> appProtocol = optional(string)<br> })))<br> privileged = optional(bool)<br> pseudoTerminal = optional(bool)<br> readonlyRootFilesystem = optional(bool)<br> repositoryCredentials = optional(object({<br> credentialsParameter = string<br> }))<br> resourceRequirements = optional(list(object({<br> type = string<br> value = string<br> })))<br> secrets = optional(list(object({<br> name = string<br> valueFrom = string<br> })))<br> startTimeout = optional(number)<br> stopTimeout = optional(number)<br> systemControls = optional(list(object({<br> namespace = string<br> value = string<br> })))<br> ulimits = optional(list(object({<br> hardLimit = number<br> name = string<br> softLimit = number<br> })))<br> user = optional(string)<br> volumesFrom = optional(list(object({<br> readOnly = optional(bool)<br> sourceContainer = string<br> })))<br> workingDirectory = optional(string)<br> })</pre> | `{}` | no |
+| <a name="input_container_definition"></a> [container\_definition](#input\_container\_definition) | Container definition overrides which allows for extra keys or overriding existing keys. | <pre>object({<br> command = optional(list(string))<br> cpu = optional(number)<br> dependsOn = optional(list(object({<br> condition = string<br> containerName = string<br> })))<br> disableNetworking = optional(bool)<br> dnsSearchDomains = optional(list(string))<br> dnsServers = optional(list(string))<br> dockerLabels = optional(map(string))<br> dockerSecurityOptions = optional(list(string))<br> entryPoint = optional(list(string))<br> environment = optional(list(object({<br> name = string<br> value = string<br> })))<br> environmentFiles = optional(list(object({<br> type = string<br> value = string<br> })))<br> essential = optional(bool)<br> extraHosts = optional(list(object({<br> hostname = string<br> ipAddress = string<br> })))<br> firelensConfiguration = optional(object({<br> options = optional(map(string))<br> type = string<br> }))<br> healthCheck = optional(object({<br> command = list(string)<br> interval = optional(number)<br> retries = optional(number)<br> startPeriod = optional(number)<br> timeout = optional(number)<br> }))<br> hostname = optional(string)<br> image = optional(string)<br> interactive = optional(bool)<br> links = optional(list(string))<br> linuxParameters = optional(object({<br> capabilities = optional(object({<br> add = optional(list(string))<br> drop = optional(list(string))<br> }))<br> devices = optional(list(object({<br> containerPath = string<br> hostPath = string<br> permissions = optional(list(string))<br> })))<br> initProcessEnabled = optional(bool)<br> maxSwap = optional(number)<br> sharedMemorySize = optional(number)<br> swappiness = optional(number)<br> tmpfs = optional(list(object({<br> containerPath = string<br> mountOptions = optional(list(string))<br> size = number<br> })))<br> }))<br> logConfiguration = optional(object({<br> logDriver = string<br> options = optional(map(string))<br> secretOptions = optional(list(object({<br> name = string<br> valueFrom = string<br> })))<br> }))<br> memory = optional(number)<br> memoryReservation = optional(number)<br> mountPoints = optional(list(object({<br> containerPath = optional(string)<br> readOnly = optional(bool)<br> sourceVolume = optional(string)<br> })))<br> name = optional(string)<br> portMappings = optional(list(object({<br> containerPort = number<br> hostPort = optional(number)<br> protocol = optional(string)<br> name = optional(string)<br> appProtocol = optional(string)<br> })))<br> privileged = optional(bool)<br> pseudoTerminal = optional(bool)<br> readonlyRootFilesystem = optional(bool)<br> repositoryCredentials = optional(object({<br> credentialsParameter = string<br> }))<br> resourceRequirements = optional(list(object({<br> type = string<br> value = string<br> })))<br> secrets = optional(list(object({<br> name = string<br> valueFrom = string<br> })))<br> startTimeout = optional(number)<br> stopTimeout = optional(number)<br> systemControls = optional(list(object({<br> namespace = string<br> value = string<br> })))<br> ulimits = optional(list(object({<br> hardLimit = number<br> name = string<br> softLimit = number<br> })))<br> user = optional(string)<br> volumesFrom = optional(list(object({<br> readOnly = optional(bool)<br> sourceContainer = string<br> })))<br> workingDirectory = optional(string)<br> restartPolicy = optional(object({<br> enabled = optional(bool)<br> ignoredExitCodes = optional(list(number))<br> restartAttemptPeriod = optional(number)<br> }))<br> })</pre> | `{}` | no |
 | <a name="input_container_depends_on"></a> [container\_depends\_on](#input\_container\_depends\_on) | The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. The condition can be one of START, COMPLETE, SUCCESS or HEALTHY | <pre>list(object({<br> condition = string<br> containerName = string<br> }))</pre> | `null` | no |
 | <a name="input_container_image"></a> [container\_image](#input\_container\_image) | The image used to start the container. Images in the Docker Hub registry available by default | `string` | n/a | yes |
 | <a name="input_container_memory"></a> [container\_memory](#input\_container\_memory) | The amount of memory (in MiB) to allow the container to use. This is a hard limit, if the container attempts to exceed the container\_memory, the container is killed. This field is optional for Fargate launch type and the total amount of container\_memory of all containers in a task will need to be lower than the task memory value | `number` | `null` | no |
@@ -56,6 +56,7 @@ No resources.
 | <a name="input_readonly_root_filesystem"></a> [readonly\_root\_filesystem](#input\_readonly\_root\_filesystem) | Determines whether a container is given read-only access to its root filesystem. Due to how Terraform type casts booleans in json it is required to double quote this value | `bool` | `false` | no |
 | <a name="input_repository_credentials"></a> [repository\_credentials](#input\_repository\_credentials) | Container repository credentials; required when using a private repo. This map currently supports a single key; "credentialsParameter", which should be the ARN of a Secrets Manager's secret holding the credentials | <pre>object({<br> credentialsParameter = string<br> })</pre> | `null` | no |
 | <a name="input_resource_requirements"></a> [resource\_requirements](#input\_resource\_requirements) | The type and amount of a resource to assign to a container. The only supported resource is a GPU. | <pre>list(object({<br> type = string<br> value = string<br> }))</pre> | `null` | no |
+| <a name="input_restart_policy"></a> [restart\_policy](#input\_restart\_policy) | Container restart policy. Used to restart (rather than reprovision) a container when it exits unexpectedly | <pre>object({<br> enabled = optional(bool)<br> ignoredExitCodes = optional(list(number))<br> restartAttemptPeriod = optional(number)<br> })</pre> | `null` | no |
 | <a name="input_secrets"></a> [secrets](#input\_secrets) | The secrets to pass to the container. This is a list of maps | <pre>list(object({<br> name = string<br> valueFrom = string<br> }))</pre> | `null` | no |
 | <a name="input_start_timeout"></a> [start\_timeout](#input\_start\_timeout) | Time duration (in seconds) to wait before giving up on resolving dependencies for a container | `number` | `null` | no |
 | <a name="input_stop_timeout"></a> [stop\_timeout](#input\_stop\_timeout) | Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own | `number` | `null` | no |

examples/complete/fixtures.us-east-2.tfvars

@@ -13,6 +13,10 @@ container_memory_reservation = 128
 container_cpu = 256
 essential = true
 readonly_root_filesystem = false
+restart_policy = {
+ enabled = true
+ ignoredExitCodes = [0]
+}
 
 container_environment = [
  {
@@ -70,4 +74,4 @@ extra_hosts = [
 
 hostname = "hostname"
 pseudo_terminal = true
-interactive = true
+interactive = true

examples/complete/main.tf

@@ -19,6 +19,7 @@ module "container" {
  hostname = var.hostname
  pseudo_terminal = var.pseudo_terminal
  interactive = var.interactive
+ restart_policy = var.restart_policy
 }
 
 resource "aws_ecs_task_definition" "task" {

examples/complete/variables.tf

@@ -1,5 +1,6 @@
 variable "region" {
  type = string
+ description = "The AWS Region used by the Terraform Provider"
 }
 
 variable "container_name" {
@@ -147,3 +148,13 @@ variable "docker_security_options" {
  description = "A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems."
  default = null
 }
+
+variable "restart_policy" {
+ type = object({
+ enabled = optional(bool)
+ ignoredExitCodes = optional(list(number))
+ restartAttemptPeriod = optional(number)
+ })
+ description = "Container restart policy. Used to restart (rather than reprovision) a container when it exits unexpectedly"
+ default = null
+}

main.tf

@@ -66,6 +66,7 @@ locals {
  pseudoTerminal = var.pseudo_terminal
  dockerSecurityOptions = var.docker_security_options
  resourceRequirements = var.resource_requirements
+ restartPolicy = var.restart_policy
  }
 
  container_definition_without_null = {

variables.tf

@@ -137,6 +137,11 @@ variable "container_definition" {
  sourceContainer = string
  })))
  workingDirectory = optional(string)
+ restartPolicy = optional(object({
+ enabled = optional(bool)
+ ignoredExitCodes = optional(list(number))
+ restartAttemptPeriod = optional(number)
+ }))
  })
  description = "Container definition overrides which allows for extra keys or overriding existing keys."
  default = {}
@@ -453,3 +458,13 @@ variable "resource_requirements" {
  description = "The type and amount of a resource to assign to a container. The only supported resource is a GPU."
  default = null
 }
+
+variable "restart_policy" {
+ type = object({
+ enabled = optional(bool)
+ ignoredExitCodes = optional(list(number))
+ restartAttemptPeriod = optional(number)
+ })
+ description = "Container restart policy. Used to restart (rather than reprovision) a container when it exits unexpectedly"
+ default = null
+}