update terraform to provision endpoints - change docker script

docker/Dockerfile

@@ -1,16 +1,7 @@
-FROM node:10
-LABEL org.opencontainers.image.source="https://github.com/podaac/hydrocron-api"
-RUN npm install forever -g
+FROM public.ecr.aws/lambda/python:3.8
 
-ENV project_dir /project
-ENV app_dir ${project_dir}/app
-ENV config_dir ${project_dir}/config
+COPY $SOURCE .
+RUN pip3 install -t /var/task --force ./$SOURCE
 
-RUN mkdir ${project_dir} ${app_dir} ${config_dir}
-WORKDIR ${app_dir}
-
-COPY package*.json ./
-#RUN npm install
-COPY . .
-
-CMD ${app_dir}/docker/docker-start-command
+# Run the lambda
+#CMD ["/var/task/hydrocronapi/controllers/hydrocron_controller.lambda_handler"]

docker/README.md

@@ -0,0 +1,48 @@
+# FTS API Docker Image
+
+This directory contains the `Dockerfile` used to build the Docker image capable of running FTS API as a lambda.
+
+It includes a number of helper scripts to be run by the CI/CD pipeline but can also be run locally to build the image.
+
+## Building
+
+Building the FTS API docker image depends on a tar file version of the project. This can be built using `poetry build` or by downloading a previously built version of the project as a tar. 
+
+### Building from tar
+
+`build-docker.sh` script can be used to build the docker image from the
+local tar file. There are two required arguments that must be set:
+
+1. service-name: The name of the service being built (from pyproject.toml)
+2. service-version: The version of the service being built (also from pyproject.toml)
+
+The docker tag of the built image will be returned from the script.
+
+Example:
+
+```shell script
+./docker/build-docker.sh -n podaac-fts -v 1.0.0-alpha.3
+```
+
+## Running
+
+The Docker image can be run directly using the `docker run` command.
+
+See [Testing Lambda container images locally](https://docs.aws.amazon.com/lambda/latest/dg/images-test.html) for details.
+
+## Pushing to ECR
+
+The `push-docker-ecr.sh` script can be used to push a docker image to AWS ECR. There are two required arguments:
+
+1. tf-venue: The target venue for uploading (sit, uat, or ops).
+2. docker-tag: The docker tage of the image being pushed
+
+The easiest way to use the `push-docker-ecr.sh` script is to first call `build-docker.sh` and save the output to the
+`docker_tag` environment variable. Then call `push-docker-ecr.sh`.
+
+Example:
+
+```shell script
+export docker_tag=$(./docker/build-docker.sh -n podaac-fts -v 1.0.0-alpha.3)
+./docker/push-docker-ecr.sh -v sit -t $docker_tag
+```

docker/build-docker.sh

@@ -1,11 +1,9 @@
 #!/usr/bin/env bash
 
-# This script is intended to be run by the CI/CD pipeline to build a specific version of this application.
+# This script is intended to be run by the CI/CD pipeline to build a specific version of the Hydrocron API.
 
 set -Eeo pipefail
 
-LOCAL_BUILD=false
-
 POSITIONAL=()
 while [[ $# -gt 0 ]]
 do
@@ -22,10 +20,6 @@ case $key in
     shift # past argument
     shift # past value
     ;;
-    --local)
-    LOCAL_BUILD=true
-    shift # past argument
-    ;;
     *)    # unknown option
     POSITIONAL+=("$1") # save it in an array for later
     shift # past argument
@@ -34,7 +28,7 @@ esac
 done
 set -- "${POSITIONAL[@]}" # restore positional parameters
 
-USAGE="USAGE: build-docker.sh -n|--service-name service_name -v|--service-version service_version [--local]"
+USAGE="USAGE: build-docker.sh -n|--service-name service_name -v|--service-version service_version"
 
 # shellcheck disable=SC2154
 if [[ -z "${service_name}" ]]; then
@@ -54,21 +48,13 @@ set -u
 
 SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )"
 PROJECT_DIR="$(dirname "${SCRIPTPATH}")"
-DIST_PATH="dist/"
 
-app_path=$( cd ${SCRIPTPATH}/..  && echo $(pwd) )
-
-repositoryName=ghcr.io/podaac/${service_name}
+repositoryName=podaac/podaac-cloud/${service_name}
 
 # Docker tags can't include '+' https://github.com/docker/distribution/issues/1201
 dockerTagVersion=$(echo "${service_version}" | tr "+" _)
 
-# Build the image
-if [ "$LOCAL_BUILD" = true ] ; then
-  wheel_filename="$(echo "${service_name}" | tr "-" _)-${service_version}-py3-none-any.whl"
-  docker build -t "${repositoryName}":"${dockerTagVersion}" --build-arg DIST_PATH="${DIST_PATH}" --build-arg SOURCE="${DIST_PATH}${wheel_filename}" -f "$SCRIPTPATH"/Dockerfile "$PROJECT_DIR" 1>&2
-else
-  docker build -t "${repositoryName}":"${dockerTagVersion}" --build-arg SOURCE="${service_name}==${service_version}" -f "$SCRIPTPATH"/Dockerfile "$app_path" 1>&2
-fi
+tar_filename="${service_name}-${service_version}.tar.gz"
+docker build -t "${repositoryName}":"${dockerTagVersion}" --build-arg SOURCE="dist/${tar_filename}" -f "$SCRIPTPATH"/Dockerfile "$PROJECT_DIR" 1>&2
 
 echo "${repositoryName}":"${dockerTagVersion}"

docker/push-docker-ecr.sh

@@ -18,7 +18,7 @@ case $key in
     -v|--tf-venue)
     tf_venue="$2"
     case $tf_venue in
-     ngap-service-sit|ngap-service-uat|ngap-service-ops|ngap-cumulus-swot-sit|ngap-cumulus-sit|ngap-cumulus-swot-uat|ngap-cumulus-uat|ngap-cumulus-ops|ngap-cumulus-sndbx) ;;
+     sit|uat|ops) ;;
      *)
         echo "tf_venue must be sit, uat, or ops"
         exit 1;;
@@ -53,7 +53,7 @@ fi
 set -u
 
 repositoryName=$(echo "${docker_tag}" | awk -F':' '{print $1}')
-tf_profile="${tf_venue}"
+tf_profile="ngap-service-${tf_venue}"
 
 # Get the AWS Account ID for this venue/profile
 # shellcheck disable=SC2154
@@ -63,16 +63,14 @@ aws_acct=$(aws sts get-caller-identity --profile "$tf_profile" | python -c "impo
 aws ecr create-repository --repository-name "${repositoryName}" --profile "$tf_profile" || echo "No need to create, repository ${repositoryName} already exists"
 
 # Login to ECR
+echo "aws ecr get-login-password --region us-west-2 --profile \"$tf_profile\" | docker login --username AWS --password-stdin \"$aws_acct\".dkr.ecr.us-west-2.amazonaws.com"
 set +x
 $(aws ecr get-login --no-include-email --region us-west-2 --profile "$tf_profile" 2> /dev/null) || \
-docker login --username AWS --password "$(aws ecr get-login-password --region us-west-2 --profile "$tf_profile")" "$aws_acct".dkr.ecr.us-west-2.amazonaws.com
+  docker login --username AWS --password "$(aws ecr get-login-password --region us-west-2 --profile "$tf_profile")" "$aws_acct".dkr.ecr.us-west-2.amazonaws.com
 set -x
 
 # Tag the image for this venue's ECR
 docker tag "${docker_tag}" "$aws_acct".dkr.ecr.us-west-2.amazonaws.com/"${docker_tag}"
 
 # Push the tag
 docker push "$aws_acct".dkr.ecr.us-west-2.amazonaws.com/"${docker_tag}"
-
-# Clean up docker
-docker rmi "$aws_acct".dkr.ecr.us-west-2.amazonaws.com/"${docker_tag}" || true

terraform/README.md

@@ -37,17 +37,7 @@ Follow the instructions in the [docker README](../docker/README.md) to build the
 ## Build and deploy the application
 We use a pre-built docker container to do the deployment (Please do not use local terraform!)
 
-From the project root directory:
-```
-export tf_venue=sit
-docker run -v ~/.aws:/home/dockeruser/.aws:ro -v ${PWD}:/home/dockeruser -w /home/dockeruser/terraform cae-artifactory.jpl.nasa.gov:16003/podaac/service/deploy-terraform-1.0.3:latest bash bin/deploy.sh -v ${tf_venue} -t ${docker_tag}
-```
-
 ## Destroying the Application
 Similarly, use the pre-built docker container to do the destroy (Please do not use local terraform!)
 
-From the project root directory:
-```
-docker run -v ~/.aws:/home/dockeruser/.aws:ro -v ${PWD}:/home/dockeruser cae-artifactory.jpl.nasa.gov:16003/podaac/service/deploy-terraform-1.0.3:latest bash bin/destroy.sh -v ${tf_venue} -t ${docker_tag}
-```
-This will take anywhere from 3-10 minutes.
+