From 962e0dfe614b7b1fb75ce7462e1c280e9a359ef0 Mon Sep 17 00:00:00 2001
From: Greg Tyler <greg.tyler@digital.justice.gov.uk>
Date: Tue, 15 Oct 2024 13:29:03 +0100
Subject: [PATCH] Run fixtures on non-privileged port

But it will still be providing 443 at the load balancer.

#patch
---
 fixtures/Dockerfile                                 | 4 ++--
 terraform/modules/fixtures_service/ecs.tf           | 6 +++---
 terraform/modules/fixtures_service/load_balancer.tf | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/fixtures/Dockerfile b/fixtures/Dockerfile
index b49dbd06..10129a0f 100644
--- a/fixtures/Dockerfile
+++ b/fixtures/Dockerfile
@@ -24,9 +24,9 @@ COPY fixtures/static static
 COPY fixtures/templates templates
 COPY docs/schemas static/schemas
 
-EXPOSE 80
+EXPOSE 8080
 
 RUN addgroup -S app && adduser -S -g app app
 USER app
 
-CMD [ "flask", "run", "--host", "0.0.0.0", "--port", "80"]
+CMD [ "flask", "run", "--host", "0.0.0.0", "--port", "8080"]
diff --git a/terraform/modules/fixtures_service/ecs.tf b/terraform/modules/fixtures_service/ecs.tf
index f2e8ea02..e4326170 100644
--- a/terraform/modules/fixtures_service/ecs.tf
+++ b/terraform/modules/fixtures_service/ecs.tf
@@ -19,7 +19,7 @@ resource "aws_ecs_service" "fixtures" {
   load_balancer {
     target_group_arn = aws_lb_target_group.fixtures.arn
     container_name   = "fixtures"
-    container_port   = 80
+    container_port   = 8080
   }
 
   network_configuration {
@@ -60,8 +60,8 @@ locals {
       name                   = "fixtures",
       portMappings = [
         {
-          containerPort = 80,
-          hostPort      = 80,
+          containerPort = 8080,
+          hostPort      = 8080,
           protocol      = "tcp"
         }
       ],
diff --git a/terraform/modules/fixtures_service/load_balancer.tf b/terraform/modules/fixtures_service/load_balancer.tf
index 0632ca33..98329d3d 100644
--- a/terraform/modules/fixtures_service/load_balancer.tf
+++ b/terraform/modules/fixtures_service/load_balancer.tf
@@ -57,7 +57,7 @@ resource "aws_lb_listener_rule" "fixtures" {
 
 resource "aws_lb_target_group" "fixtures" {
   name                 = "fixtures-${var.environment_name}-http"
-  port                 = 80
+  port                 = 8080
   protocol             = "HTTP"
   target_type          = "ip"
   vpc_id               = var.vpc_id