Github Action Rollback Strategy

Question

I am trying to create a rollback strategy for ecs task that managed with github action. What i am trying to do is:

• if previous task definition's image is not found on ecr, set revision number-=1 and check one more previous task definition image, until it is found a valid image (imagetag actually but it doesnt matter.)

• If previous task definition revision number is not found check previous (previous revision number -1 like above) revision until found a valid one.

According to that target: when id:tag-checker step is hit on else block i need to repeat all the step below from id:previous-revision-image-tag until my if else blocks pass with true fields.

So how can i achieve this purpose with github action?

Basically i want to repeat all the steps and below steps from a step that i pick.

    name: AWS Rollback
    on:
      workflow_dispatch:
    env:
      AWS_REGION: "region"
      ECR_REPOSITORY: "nodejs-1"
      ECS_SERVICE: "nodejs-service"
      ECS_CLUSTER: "test-1"
      ECS_TASK_DEFINITION: ".aws/staging.paris.json"
      CONTAINER_NAME: "nodejs-test"
      
    
    jobs:
      Rollback:
        name: "Rollback"
        runs-on: ubuntu-latest
        environment: production
        steps:
          - name: Configure AWS credentials
            uses: aws-actions/configure-aws-credentials@v1
            with:
              aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
              aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
              aws-region: ${{ env.AWS_REGION }}
            
          - name: Login to Amazon ECR
            id: login-ecr
            uses: aws-actions/amazon-ecr-login@v1
            
          - name: Set Current Task Revision
            id: current-revision
            env:
              ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
              IMAGE_TAG: ${{ steps.date.outputs.date }}-${{ steps.vars.outputs.sha_short }}
            run: |
              echo "REVISION_NUMBER=$(aws ecs describe-services --cluster ${{ env.ECS_CLUSTER }} --query "services[].taskDefinition" --services ${{ env.ECS_SERVICE }} --output text | cut -d: -f7)" >> $GITHUB_ENV
              echo "REVISION_NAME=$(aws ecs describe-services --cluster ${{ env.ECS_CLUSTER }} --query "services[].taskDefinition" --services ${{ env.ECS_SERVICE }} --output text | cut -d: -f1-6)" >> $GITHUB_ENV
    
          - name: Set Previous Task Revision Number
            id: previous-revision-number
            run: |
              echo "PREVIOUS_REVISION_NUMBER"=$((${{ env.REVISION_NUMBER }}-1)) >> $GITHUB_ENV
    
          - name: Set Previous Task Revision Image Tag
            id: previous-revision-image-tag
            env:
              PREVIOUS_REVISION_NUMBER: ${{ env.PREVIOUS_REVISION_NUMBER }}
            run: |
              echo "IMAGE_TAG"=$(aws ecs describe-task-definition --task-definition "${{ env.ECR_REPOSITORY }}:$PREVIOUS_REVISION_NUMBER" --query "taskDefinition.containerDefinitions[0].image" --output text |cut -d: -f2) >> $GITHUB_ENV
    
          - name: Check if previous revision image is exist or not
            id: tag-checker
            env:
              IMAGE_TAG: ${{ env.IMAGE_TAG }}
            run: |
              if (aws ecr describe-images --repository-name=${{ env.ECR_REPOSITORY }} --image-ids=imageTag=$IMAGE_TAG &> /dev/null); then
                echo "Image Found"
              else
                echo 'Image is Not Found'
              fi
              
          - name: Check if previous task revision exist or not
            id: revision-checker
            env:
              PREVIOUS_REVISION_NUMBER: ${{ env.PREVIOUS_REVISION_NUMBER }}
            run: |
              if (aws ecs describe-task-definition --task-definition "${{ env.ECR_REPOSITORY }}:$PREVIOUS_REVISION_NUMBER" --output text &> /dev/null); then
                echo "Task definition Found"
              else
                echo 'Task definition not Found'
              fi
    
          # - name: Rollback to previous version
          #   id: rollback
          #   run: |
          #     aws ecs update-service --cluster ${{ env.ECS_CLUSTER }} --service ${{ env.ECS_SERVICE }} --task-definition ${{ env.REVISION_NAME }}:${{ env.PREVIOUS_REVISION_NUMBER }}

Answer 1

I have a solution for you without updating revision and task.

Lets think you have a ecr repo with tags

• latest
• v1.0.2
• v1.0.1
• v1.0.0

latest point to your latest version (v1.0.2)

You need to update your ecs task definition you use latest version always.

When you want to rollback. You can do a hack on ECR point latest version to v1.0.1 then just invoke ecs to force re-deploy services.

IMAGE_TAG_YOU_WANT_TO_DEPLOY="v1.0.1"
# fetch v1.0.1 manifest
MANIFEST=$(aws ecr batch-get-image --repository-name ${ECR_REPOSITORY} --image-ids imageTag=${IMAGE_TAG_YOU_WANT_TO_DEPLOY} --output json | jq --raw-output --join-output '.images[0].imageManifest')
# move latest tag pointer to v1.0.1
aws ecr put-image --repository-name ${ECR_REPOSITORY} --image-tag latest --image-manifest "$MANIFEST"


aws ecs update-service --cluster ${ECS_CLUSTER} --service ${ECS_SERVICE}  --force-new-deployment --region us-east-2

For new deployment you will create a image tag (v1.0.3 and latest) together and push both images to ECR. then just invoke update-service only. (new latest is v1.0.3)

aws ecs update-service --cluster ${ECS_CLUSTER} --service ${ECS_SERVICE}  --force-new-deployment --region us-east-2