Update HC

[dylanratcliffe]

No description provided.

[env0]

🚀  env0 had composed a PR Plan for environment Terraform Example / production :

Plan: 1 to add, 2 to change, 1 to destroy.

Plan Details

! update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # module.scenarios[0].aws_ecs_service.face will be updated in-place
!   resource "aws_ecs_service" "face" {
        id                                 = "arn:aws:ecs:eu-west-2:540044833068:service/example-terraform-example/facial-recognition"
        name                               = "facial-recognition"
        tags                               = {}
!       task_definition                    = "arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:9" -> (known after apply)
        # (15 unchanged attributes hidden)

        # (5 unchanged blocks hidden)
    }

  # module.scenarios[0].aws_ecs_task_definition.face must be replaced
-/+ resource "aws_ecs_task_definition" "face" {
!       arn                      = "arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:9" -> (known after apply)
!       arn_without_revision     = "arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example" -> (known after apply)
!       container_definitions    = jsonencode(
!           [
!               {
!                   healthCheck    = {
!                       command  = [
                            "CMD-SHELL",
-                           "wget -q --spider localhost:1234",
+                           "wget -q --spider localhost:8080",
                        ]
                        # (3 unchanged attributes hidden)
                    }
                    name           = "facial-recognition"
!                   portMappings   = [
!                       {
-                           hostPort      = 1234
-                           protocol      = "tcp"
                            # (2 unchanged attributes hidden)
                        },
                    ]
-                   systemControls = []
                    # (7 unchanged attributes hidden)
                },
            ] # forces replacement
        )
!       enable_fault_injection   = false -> (known after apply)
!       id                       = "facial-recognition-terraform-example" -> (known after apply)
!       revision                 = 9 -> (known after apply)
-       tags                     = {} -> null
!       tags_all                 = {} -> (known after apply)
        # (7 unchanged attributes hidden)
    }

  # module.scenarios[0].aws_rds_cluster.face_database will be updated in-place
!   resource "aws_rds_cluster" "face_database" {
        id                                    = "facial-recognition-terraform-example"
        tags                                  = {}
        # (46 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

Plan: 1 to add, 2 to change, 1 to destroy.

Failed to calculate cost estimation

Full PR Plan logs on env0

[github-actions]

Open in Overmind ↗

---

model|risks_v6

🔴 Change Signals

Routine 🔴 ▇▅▃▂▁ ECS task definitions showing first ever modifications across multiple attributes, which is unusual compared to typical patterns.

View signals ↗

---

🔥 Risks

Health check moved to port 8080 while container remains on 1234 will cause tasks to be unhealthy ‼️High Open Risk ↗
The task definition 540044833068.eu-west-2.ecs-task-definition.facial-recognition-terraform-example changes the container health check to probe localhost:8080 while the container still exposes containerPort 1234. Because the application is configured for 1234, the health check will never succeed after the update.

When this revision is deployed, ECS will mark the essential container unhealthy and stop/replace tasks repeatedly, preventing new tasks from becoming healthy and reducing or eliminating available service capacity during the rollout.

---

🟣 Expected Changes

+/- ecs-task-definition › facial-recognition-terraform-example

--- current
+++ proposed
@@ -2,17 +2,23 @@
 id: github.com/overmindtech/terraform-example.ecs-task-definition.module.scenarios[0].aws_ecs_task_definition.face
 attributes:
-  arn: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:9
-  arn_without_revision: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example
-  container_definitions: '[{"cpu":1024,"environment":[{"name":"DATABASE_URL","value":"tf-20251117235257281600000001.cnx7xf6hwmba.eu-west-2.rds.amazonaws.com"}],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:1234"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234,"hostPort":1234,"protocol":"tcp"}],"systemControls":[],"volumesFrom":[]}]'
+  arn: (known after apply)
+  arn_without_revision: (known after apply)
+  container_definitions: '[{"cpu":1024,"environment":[{"name":"DATABASE_URL","value":"tf-20251117235257281600000001.cnx7xf6hwmba.eu-west-2.rds.amazonaws.com"}],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:8080"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234}],"volumesFrom":[]}]'
   cpu: "1024"
-  enable_fault_injection: false
+  enable_fault_injection: (known after apply)
+  execution_role_arn: null
   family: facial-recognition-terraform-example
-  id: facial-recognition-terraform-example
+  id: (known after apply)
+  ipc_mode: null
   memory: "2048"
   network_mode: awsvpc
+  pid_mode: null
   requires_compatibilities:
     - FARGATE
-  revision: 9
+  revision: (known after apply)
   skip_destroy: false
+  tags: null
+  tags_all: (known after apply)
+  task_role_arn: null
   terraform_address: module.scenarios[0].aws_ecs_task_definition.face
   terraform_name: module.scenarios[0].aws_ecs_task_definition.face

---

🟠 Unmapped Changes

~ aws_ecs_service › module.scenarios[0].aws_ecs_service.face

--- current
+++ proposed
@@ -38,5 +38,5 @@
   propagate_tags: NONE
   scheduling_strategy: REPLICA
-  task_definition: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:9
+  task_definition: (known after apply)
   terraform_address: module.scenarios[0].aws_ecs_service.face
   terraform_name: module.scenarios[0].aws_ecs_service.face

---

💥 Blast Radius

Items 1

Edges 1

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Found 1 high risk requiring review

---

📊 Signals Summary

Routine 🔴 -5

---

🔥 Risks Summary

High 1 · Medium 0 · Low 0

---

💥 Blast Radius

Items 1 · Edges 1

---

View full analysis in Overmind ↗