feat: allow for progress_deadline_seconds to be set (#2963)

terraform/modules/happy-service-eks/README.md

@@ -82,6 +82,7 @@
 | <a name="input_memory_requests"></a> [memory\_requests](#input\_memory\_requests) | Memory requests per pod | `string` | `"10Mi"` | no |
 | <a name="input_period_seconds"></a> [period\_seconds](#input\_period\_seconds) | The period in seconds used for the liveness and readiness probes. | `number` | `3` | no |
 | <a name="input_platform_architecture"></a> [platform\_architecture](#input\_platform\_architecture) | The platform to deploy to (valid values: `amd64`, `arm64`). Defaults to `amd64`. | `string` | `"amd64"` | no |
+| <a name="input_progress_deadline_seconds"></a> [progress\_deadline\_seconds](#input\_progress\_deadline\_seconds) | The maximum time in seconds for a deployment to make progress before it is considered to be failed. Defaults to 600 seconds. | `number` | `600` | no |
 | <a name="input_readiness_timeout_seconds"></a> [readiness\_timeout\_seconds](#input\_readiness\_timeout\_seconds) | Readiness probe timeout seconds | `number` | `30` | no |
 | <a name="input_regional_wafv2_arn"></a> [regional\_wafv2\_arn](#input\_regional\_wafv2\_arn) | A WAF to protect the EKS Ingress if needed | `string` | `null` | no |
 | <a name="input_routing"></a> [routing](#input\_routing) | Routing configuration for the ingress | <pre>object({<br>    method : optional(string, "DOMAIN")<br>    host_match : string<br>    additional_hostnames : optional(set(string), [])<br>    group_name : string<br>    alb : optional(object({<br>      name : string,<br>      listener_port : number,<br>    }), null)<br>    priority : number<br>    path : optional(string, "/*")<br>    service_name : string<br>    port : number<br>    service_port : number<br>    alb_idle_timeout : optional(number, 60) // in seconds<br>    service_scheme : optional(string, "HTTP")<br>    scheme : optional(string, "HTTP")<br>    success_codes : optional(string, "200-499")<br>    service_type : string<br>    service_mesh : bool<br>    allow_mesh_services : optional(list(object({<br>      service : optional(string, null),<br>      stack : optional(string, null),<br>      service_account_name : optional(string, null),<br>    })), null)<br>    oidc_config : optional(object({<br>      issuer : string<br>      authorizationEndpoint : string<br>      tokenEndpoint : string<br>      userInfoEndpoint : string<br>      secretName : string<br>      }), {<br>      issuer                = ""<br>      authorizationEndpoint = ""<br>      tokenEndpoint         = ""<br>      userInfoEndpoint      = ""<br>      secretName            = ""<br>    })<br>    bypasses : optional(map(object({<br>      paths   = optional(set(string), [])<br>      methods = optional(set(string), [])<br>    })))<br>    sticky_sessions = optional(object({<br>      enabled          = optional(bool, false),<br>      duration_seconds = optional(number, 600),<br>      cookie_name      = optional(string, "happy_sticky_session"),<br>    }), {})<br>  })</pre> | n/a | yes |

terraform/modules/happy-service-eks/main.tf

@@ -69,8 +69,8 @@ resource "kubernetes_deployment_v1" "deployment" {
   wait_for_rollout = var.wait_for_steady_state
 
   spec {
-    replicas = var.desired_count
-
+    replicas                  = var.desired_count
+    progress_deadline_seconds = var.progress_deadline_seconds
     strategy {
       type = "RollingUpdate"
       rolling_update {

terraform/modules/happy-service-eks/variables.tf

@@ -252,6 +252,12 @@ variable "additional_volumes_from_config_maps" {
   description = "Additional volumes to add to the container from the following config maps"
 }
 
+variable "progress_deadline_seconds" {
+  type        = number
+  description = "The maximum time in seconds for a deployment to make progress before it is considered to be failed. Defaults to 600 seconds."
+  default     = 600
+}
+
 variable "routing" {
   type = object({
     method : optional(string, "DOMAIN")

terraform/modules/happy-stack-eks/README.md

@@ -60,7 +60,7 @@
 | <a name="input_image_tags"></a> [image\_tags](#input\_image\_tags) | Override image tag for each docker image | `map(string)` | `{}` | no |
 | <a name="input_k8s_namespace"></a> [k8s\_namespace](#input\_k8s\_namespace) | K8S namespace for this stack | `string` | n/a | yes |
 | <a name="input_routing_method"></a> [routing\_method](#input\_routing\_method) | Traffic routing method for this stack. Valid options are 'DOMAIN', when every service gets a unique domain name, or a 'CONTEXT' when all services share the same domain name, and routing is done by request path. | `string` | `"DOMAIN"` | no |
-| <a name="input_services"></a> [services](#input\_services) | The services you want to deploy as part of this stack. | <pre>map(object({<br>    name         = string,<br>    service_type = optional(string, "INTERNAL"),<br>    allow_mesh_services = optional(list(object({<br>      service              = optional(string, null),<br>      stack                = optional(string, null),<br>      service_account_name = optional(string, null)<br>    })), null),<br>    ingress_security_groups = optional(list(string), []), // Only used for VPC service_type<br>    alb = optional(object({<br>      name          = string,<br>      listener_port = number,<br>    }), null), // Only used for TARGET_GROUP_ONLY<br>    desired_count                    = optional(number, 2),<br>    max_count                        = optional(number, 5),<br>    max_unavailable_count            = optional(string, "1"),<br>    scaling_cpu_threshold_percentage = optional(number, 80),<br>    port                             = optional(number, 80),<br>    scheme                           = optional(string, "HTTP"),<br>    cmd                              = optional(list(string), []),<br>    args                             = optional(list(string), []),<br>    image_pull_policy                = optional(string, "IfNotPresent"), // Supported values= IfNotPresent, Always, Never<br>    tag_mutability                   = optional(bool, true),<br>    scan_on_push                     = optional(bool, false),<br>    service_port                     = optional(number, null),<br>    service_scheme                   = optional(string, "HTTP"),<br>    linkerd_additional_skip_ports    = optional(set(number), []),<br>    memory                           = optional(string, "500Mi"),<br>    memory_requests                  = optional(string, "200Mi"),<br>    cpu                              = optional(string, "1"),<br>    cpu_requests                     = optional(string, "500m"),<br>    gpu                              = optional(number, null), // Whole number of GPUs to request, 0 will schedule all available GPUs. Requires GPU-enabled nodes in the cluster, `k8s-device-plugin` installed, platform_architecture = "amd64", and additional_node_selectors = { "nvidia.com/gpu.present" = "true" } present.<br>    health_check_path                = optional(string, "/"),<br>    aws_iam = optional(object({<br>      policy_json          = optional(string, ""),<br>      service_account_name = optional(string, null),<br>    }), {}),<br>    path                      = optional(string, "/*"), // Only used for CONTEXT and TARGET_GROUP_ONLY routing<br>    priority                  = optional(number, 0),    // Only used for CONTEXT and TARGET_GROUP_ONLY routing<br>    success_codes             = optional(string, "200-499"),<br>    synthetics                = optional(bool, false),<br>    initial_delay_seconds     = optional(number, 30),<br>    alb_idle_timeout          = optional(number, 60) // in seconds<br>    period_seconds            = optional(number, 3),<br>    liveness_timeout_seconds  = optional(number, 30),<br>    readiness_timeout_seconds = optional(number, 30),<br>    platform_architecture     = optional(string, "amd64"), // Supported values= amd64, arm64; GPU nodes are amd64 only.<br>    additional_node_selectors = optional(map(string), {}), // For GPU use= { "nvidia.com/gpu.present" = "true" }<br>    bypasses = optional(map(object({                       // Only used for INTERNAL service_type<br>      paths   = optional(set(string), [])<br>      methods = optional(set(string), [])<br>    })), {})<br>    sticky_sessions = optional(object({<br>      enabled          = optional(bool, false),<br>      duration_seconds = optional(number, 600),<br>      cookie_name      = optional(string, "happy_sticky_session"),<br>    }), {})<br>    sidecars = optional(map(object({<br>      image                     = string<br>      tag                       = string<br>      cmd                       = optional(list(string), [])<br>      args                      = optional(list(string), [])<br>      port                      = optional(number, 80)<br>      scheme                    = optional(string, "HTTP")<br>      memory                    = optional(string, "200Mi")<br>      cpu                       = optional(string, "500m")<br>      image_pull_policy         = optional(string, "IfNotPresent") // Supported values= IfNotPresent, Always, Never<br>      health_check_path         = optional(string, "/")<br>      initial_delay_seconds     = optional(number, 30)<br>      period_seconds            = optional(number, 3)<br>      liveness_timeout_seconds  = optional(number, 30)<br>      readiness_timeout_seconds = optional(number, 30)<br>    })), {})<br>    init_containers = optional(map(object({<br>      image = string<br>      tag   = string<br>      cmd   = optional(list(string), []),<br>    })), {}),<br>    additional_env_vars = optional(map(string), {}),<br>  }))</pre> | n/a | yes |
+| <a name="input_services"></a> [services](#input\_services) | The services you want to deploy as part of this stack. | <pre>map(object({<br>    name         = string,<br>    service_type = optional(string, "INTERNAL"),<br>    allow_mesh_services = optional(list(object({<br>      service              = optional(string, null),<br>      stack                = optional(string, null),<br>      service_account_name = optional(string, null)<br>    })), null),<br>    ingress_security_groups = optional(list(string), []), // Only used for VPC service_type<br>    alb = optional(object({<br>      name          = string,<br>      listener_port = number,<br>    }), null), // Only used for TARGET_GROUP_ONLY<br>    desired_count                    = optional(number, 2),<br>    max_count                        = optional(number, 5),<br>    max_unavailable_count            = optional(string, "1"),<br>    scaling_cpu_threshold_percentage = optional(number, 80),<br>    port                             = optional(number, 80),<br>    scheme                           = optional(string, "HTTP"),<br>    cmd                              = optional(list(string), []),<br>    args                             = optional(list(string), []),<br>    image_pull_policy                = optional(string, "IfNotPresent"), // Supported values= IfNotPresent, Always, Never<br>    tag_mutability                   = optional(bool, true),<br>    scan_on_push                     = optional(bool, false),<br>    service_port                     = optional(number, null),<br>    service_scheme                   = optional(string, "HTTP"),<br>    linkerd_additional_skip_ports    = optional(set(number), []),<br>    memory                           = optional(string, "500Mi"),<br>    memory_requests                  = optional(string, "200Mi"),<br>    cpu                              = optional(string, "1"),<br>    cpu_requests                     = optional(string, "500m"),<br>    gpu                              = optional(number, null), // Whole number of GPUs to request, 0 will schedule all available GPUs. Requires GPU-enabled nodes in the cluster, `k8s-device-plugin` installed, platform_architecture = "amd64", and additional_node_selectors = { "nvidia.com/gpu.present" = "true" } present.<br>    health_check_path                = optional(string, "/"),<br>    aws_iam = optional(object({<br>      policy_json          = optional(string, ""),<br>      service_account_name = optional(string, null),<br>    }), {}),<br>    path                      = optional(string, "/*"), // Only used for CONTEXT and TARGET_GROUP_ONLY routing<br>    priority                  = optional(number, 0),    // Only used for CONTEXT and TARGET_GROUP_ONLY routing<br>    success_codes             = optional(string, "200-499"),<br>    synthetics                = optional(bool, false),<br>    initial_delay_seconds     = optional(number, 30),<br>    alb_idle_timeout          = optional(number, 60) // in seconds<br>    period_seconds            = optional(number, 3),<br>    liveness_timeout_seconds  = optional(number, 30),<br>    readiness_timeout_seconds = optional(number, 30),<br>    progress_deadline_seconds = optional(number, 600),<br>    platform_architecture     = optional(string, "amd64"), // Supported values= amd64, arm64; GPU nodes are amd64 only.<br>    additional_node_selectors = optional(map(string), {}), // For GPU use= { "nvidia.com/gpu.present" = "true" }<br>    bypasses = optional(map(object({                       // Only used for INTERNAL service_type<br>      paths   = optional(set(string), [])<br>      methods = optional(set(string), [])<br>    })), {})<br>    sticky_sessions = optional(object({<br>      enabled          = optional(bool, false),<br>      duration_seconds = optional(number, 600),<br>      cookie_name      = optional(string, "happy_sticky_session"),<br>    }), {})<br>    sidecars = optional(map(object({<br>      image                     = string<br>      tag                       = string<br>      cmd                       = optional(list(string), [])<br>      args                      = optional(list(string), [])<br>      port                      = optional(number, 80)<br>      scheme                    = optional(string, "HTTP")<br>      memory                    = optional(string, "200Mi")<br>      cpu                       = optional(string, "500m")<br>      image_pull_policy         = optional(string, "IfNotPresent") // Supported values= IfNotPresent, Always, Never<br>      health_check_path         = optional(string, "/")<br>      initial_delay_seconds     = optional(number, 30)<br>      period_seconds            = optional(number, 3)<br>      liveness_timeout_seconds  = optional(number, 30)<br>      readiness_timeout_seconds = optional(number, 30)<br>    })), {})<br>    init_containers = optional(map(object({<br>      image = string<br>      tag   = string<br>      cmd   = optional(list(string), []),<br>    })), {}),<br>    additional_env_vars = optional(map(string), {}),<br>  }))</pre> | n/a | yes |
 | <a name="input_skip_config_injection"></a> [skip\_config\_injection](#input\_skip\_config\_injection) | Skip injecting app configs into the services / tasks | `bool` | `false` | no |
 | <a name="input_stack_name"></a> [stack\_name](#input\_stack\_name) | Happy Path stack name | `string` | n/a | yes |
 | <a name="input_stack_prefix"></a> [stack\_prefix](#input\_stack\_prefix) | Do bucket storage paths and db schemas need to be prefixed with the stack name? (Usually '/{stack\_name}' for dev stacks, and '' for staging/prod stacks) | `string` | `""` | no |

terraform/modules/happy-stack-eks/main.tf

@@ -194,6 +194,7 @@ module "services" {
   init_containers                  = each.value.init_containers
   ingress_security_groups          = each.value.ingress_security_groups
   linkerd_additional_skip_ports    = each.value.linkerd_additional_skip_ports
+  progress_deadline_seconds        = each.value.progress_deadline_seconds
 
   routing = {
     method               = var.routing_method

terraform/modules/happy-stack-eks/variables.tf

@@ -89,6 +89,7 @@ variable "services" {
     period_seconds            = optional(number, 3),
     liveness_timeout_seconds  = optional(number, 30),
     readiness_timeout_seconds = optional(number, 30),
+    progress_deadline_seconds = optional(number, 600),
     platform_architecture     = optional(string, "amd64"), // Supported values= amd64, arm64; GPU nodes are amd64 only.
     additional_node_selectors = optional(map(string), {}), // For GPU use= { "nvidia.com/gpu.present" = "true" }
     bypasses = optional(map(object({                       // Only used for INTERNAL service_type