AWS SQS¶
Parameters¶
This notification service is capable of sending simple messages to AWS SQS queue.
queue
- name of the queue you are intending to send messages to. Can be overridden with target destination annotation.region
- region of the sqs queue can be provided via env variable AWS_DEFAULT_REGIONkey
- optional, aws access key must be either referenced from a secret via variable or via env variable AWS_ACCESS_KEY_IDsecret
- optional, aws access secret must be either referenced from a secret via variable or via env variable AWS_SECRET_ACCESS_KEYaccount
optional, external accountId of the queueendpointUrl
optional, useful for development with localstack
Example¶
Using Secret for credential retrieval:¶
Resource Annotation:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
annotations:
notifications.argoproj.io/subscribe.on-deployment-ready.awssqs: "overwrite-myqueue"
- ConfigMap
Secret
apiVersion: v1 kind: ConfigMap metadata: name: argo-rollouts-notification-configmap data: service.awssqs: | region: "us-east-2" queue: "myqueue" account: "1234567" key: "$awsaccess_key" secret: "$awsaccess_secret" template.deployment-ready: | message: | Deployment {{.obj.metadata.name}} is ready! trigger.on-deployment-ready: | - when: any(obj.status.conditions, {.type == 'Available' && .status == 'True'}) send: [deployment-ready] - oncePer: obj.metadata.annotations["generation"]
apiVersion: v1 kind: Secret metadata: name: <secret-name> stringData: awsaccess_key: test awsaccess_secret: test
Minimal configuration using AWS Env variables¶
Ensure the following list of environment variables are injected via OIDC, or another method. And assuming SQS is local to the account. You may skip usage of secret for sensitive data and omit other parameters. (Setting parameters via ConfigMap takes precedent.)
Variables:
export AWS_ACCESS_KEY_ID="test"
export AWS_SECRET_ACCESS_KEY="test"
export AWS_DEFAULT_REGION="us-east-1"
Resource Annotation:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
annotations:
notifications.argoproj.io/subscribe.on-deployment-ready.awssqs: ""
- ConfigMap
apiVersion: v1 kind: ConfigMap metadata: name: argo-rollouts-notification-configmap data: service.awssqs: | queue: "myqueue" template.deployment-ready: | message: | Deployment {{.obj.metadata.name}} is ready! trigger.on-deployment-ready: | - when: any(obj.status.conditions, {.type == 'Available' && .status == 'True'}) send: [deployment-ready] - oncePer: obj.metadata.annotations["generation"]
FIFO SQS Queues¶
FIFO queues require a MessageGroupId to be sent along with every message, every message with a matching MessageGroupId will be processed one by one in order.
To send to a FIFO SQS Queue you must include a messageGroupId
in the template such as in the example below:
template.deployment-ready: |
message: |
Deployment {{.obj.metadata.name}} is ready!
messageGroupId: {{.obj.metadata.name}}-deployment