Update health check command port from 1234 to 8080

[dylanratcliffe]

No description provided.

[env0]

🚀  env0 had composed a PR Plan for environment Terraform Example / production :

Plan: 1 to add, 2 to change, 1 to destroy.

Plan Details

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
!   update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:


  # module.scenarios[0].aws_ecs_service.face will be updated in-place
!   resource "aws_ecs_service" "face" {
        id                                 = "arn:aws:ecs:eu-west-2:540044833068:service/example-terraform-example/facial-recognition"
        name                               = "facial-recognition"
        tags                               = {}
!       task_definition                    = "arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:9" -> (known after apply)
        # (15 unchanged attributes hidden)

        # (5 unchanged blocks hidden)
    }

  # module.scenarios[0].aws_ecs_task_definition.face must be replaced
-/+ resource "aws_ecs_task_definition" "face" {
!       arn                      = "arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:9" -> (known after apply)
!       arn_without_revision     = "arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example" -> (known after apply)
!       container_definitions    = jsonencode(
!           [
!               {
!                   healthCheck    = {
!                       command  = [
                            "CMD-SHELL",
-                           "wget -q --spider localhost:1234",
+                           "wget -q --spider localhost:8080",
                        ]
                        # (3 unchanged attributes hidden)
                    }
                    name           = "facial-recognition"
!                   portMappings   = [
!                       {
-                           hostPort      = 1234
-                           protocol      = "tcp"
                            # (2 unchanged attributes hidden)
                        },
                    ]
-                   systemControls = []
                    # (7 unchanged attributes hidden)
                },
            ] # forces replacement
        )
!       enable_fault_injection   = false -> (known after apply)
!       id                       = "facial-recognition-terraform-example" -> (known after apply)
!       revision                 = 9 -> (known after apply)
-       tags                     = {} -> null
!       tags_all                 = {} -> (known after apply)
        # (7 unchanged attributes hidden)
    }

  # module.scenarios[0].aws_rds_cluster.face_database will be updated in-place
!   resource "aws_rds_cluster" "face_database" {
        id                                    = "facial-recognition-terraform-example"
        tags                                  = {}
        # (46 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

Plan: 1 to add, 2 to change, 1 to destroy.

Failed to calculate cost estimation

Full PR Plan logs on env0

[github-actions]

Open in Overmind ↗

---

model|risks_v6

🔴 Change Signals

Routine 🔴 ▇▅▃▂▁ ECS task definitions showing first ever modifications across multiple attributes, which is unusual compared to typical patterns.

View signals ↗

---

🔥 Risks

Health check moved to 8080 while app and ALB remain on 1234 will cause ECS task churn and outage ‼️High Open Risk ↗
The task definition 540044833068.eu-west-2.ecs-task-definition.facial-recognition-terraform-example changes the container health check to probe localhost:8080 while the container’s portMappings still expose containerPort 1234 and the ALB target group 540044833068.eu-west-2.elbv2-target-group.facerec-terraform-example continues to route and health-check on port 1234. Current tasks are healthy on 1234, indicating the application is listening there.

When deployed, ECS will begin probing 8080 inside the container. If the application remains on 1234, containers will immediately fail health checks and be restarted, preventing task registration. Even if the application is changed to 8080, the load balancer will still target 1234 and mark all targets unhealthy. In both cases, the service will lose healthy tasks, causing traffic blackholes and outages.

---

🟣 Expected Changes

+/- ecs-task-definition › facial-recognition-terraform-example

--- current
+++ proposed
@@ -2,17 +2,23 @@
 id: github.com/overmindtech/terraform-example.ecs-task-definition.module.scenarios[0].aws_ecs_task_definition.face
 attributes:
-  arn: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:9
-  arn_without_revision: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example
-  container_definitions: '[{"cpu":1024,"environment":[{"name":"DATABASE_URL","value":"tf-20251117235257281600000001.cnx7xf6hwmba.eu-west-2.rds.amazonaws.com"}],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:1234"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234,"hostPort":1234,"protocol":"tcp"}],"systemControls":[],"volumesFrom":[]}]'
+  arn: (known after apply)
+  arn_without_revision: (known after apply)
+  container_definitions: '[{"cpu":1024,"environment":[{"name":"DATABASE_URL","value":"tf-20251117235257281600000001.cnx7xf6hwmba.eu-west-2.rds.amazonaws.com"}],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:8080"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234}],"volumesFrom":[]}]'
   cpu: "1024"
-  enable_fault_injection: false
+  enable_fault_injection: (known after apply)
+  execution_role_arn: null
   family: facial-recognition-terraform-example
-  id: facial-recognition-terraform-example
+  id: (known after apply)
+  ipc_mode: null
   memory: "2048"
   network_mode: awsvpc
+  pid_mode: null
   requires_compatibilities:
     - FARGATE
-  revision: 9
+  revision: (known after apply)
   skip_destroy: false
+  tags: null
+  tags_all: (known after apply)
+  task_role_arn: null
   terraform_address: module.scenarios[0].aws_ecs_task_definition.face
   terraform_name: module.scenarios[0].aws_ecs_task_definition.face

---

🟠 Unmapped Changes

~ aws_ecs_service › module.scenarios[0].aws_ecs_service.face

--- current
+++ proposed
@@ -38,5 +38,5 @@
   propagate_tags: NONE
   scheduling_strategy: REPLICA
-  task_definition: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:9
+  task_definition: (known after apply)
   terraform_address: module.scenarios[0].aws_ecs_service.face
   terraform_name: module.scenarios[0].aws_ecs_service.face

---

💥 Blast Radius

Items 20

Edges 97

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Found 1 high risk requiring review

---

📊 Signals Summary

Routine 🔴 -5

---

🔥 Risks Summary

High 1 · Medium 0 · Low 0

---

💥 Blast Radius

Items 20 · Edges 97

---

View full analysis in Overmind ↗