update our consumption of our service data object, remove some redund…

…ant variables

terraform/implementation/ecs/_local.tf

@@ -1,12 +1,71 @@
 locals {
-  ecs_container_port = 8080
-  ecr_repo_names = [
-    "ecr-viewer",
-    "fhir-converter",
-    "ingestion",
-    "orchestration",
-    "validation"
-  ]
+  service_data = {
+    ecr-viewer = {
+      fargate_cpu    = 1024,
+      fargate_memory = 2048,
+      app_image      = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.region}.amazonaws.com/ecr-viewer:${var.phdi_version}",
+      container_port = 8080,
+      host_port      = 8080,
+      env_vars       = []
+    },
+    fhir-converter = {
+      fargate_cpu    = 1024,
+      fargate_memory = 2048,
+      app_image      = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.region}.amazonaws.com/fhir-converter:${var.phdi_version}",
+      container_port = 8080,
+      host_port      = 8080,
+      env_vars       = []
+    },
+    ingestion = {
+      fargate_cpu    = 1024,
+      fargate_memory = 2048,
+      app_image      = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.region}.amazonaws.com/ingestion:${var.phdi_version}",
+      container_port = 8080,
+      host_port      = 8080,
+      env_vars       = []
+    },
+    validation = {
+      fargate_cpu    = 1024,
+      fargate_memory = 2048,
+      app_image      = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.region}.amazonaws.com/validation:${var.phdi_version}",
+      container_port = 8080,
+      host_port      = 8080,
+      env_vars       = []
+    },
+    orchestration = {
+      fargate_cpu    = 1024,
+      fargate_memory = 2048,
+      app_image      = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.region}.amazonaws.com/orchestration:${var.phdi_version}",
+      container_port = 8080,
+      host_port      = 8080,
+      env_vars = [
+        {
+          name  = "APPMESH_VIRTUAL_NODE_NAME",
+          value = "orchestration"
+        },
+        {
+          name  = "INGESTION_URL",
+          value = "http://ingestion:8080"
+        },
+        {
+          name  = "VALIDATION_URL",
+          value = "http://validation:8080"
+        },
+        {
+          name  = "FHIR_CONVERTER_URL",
+          value = "http://fhir-converter:8080"
+        },
+        {
+          name  = "ECR_VIEWER_URL",
+          value = "http://ecr-viewer:3000"
+        },
+        {
+          name  = "MESSAGE_PARSER_URL",
+          value = "http://message-parser-not-implemented:8080"
+        }
+      ]
+    }
+  }
 
   ecs_alb_sg                   = "${var.ecs_alb_sg}-${var.owner}-${terraform.workspace}"
   ecs_alb_name                 = "${var.ecs_alb_name}-${var.owner}-${terraform.workspace}"

terraform/implementation/ecs/_variable.tf

@@ -112,4 +112,11 @@ variable "tags" {
   description = "Tags to apply to resources"
   type        = map(string)
   default     = {}
+}
+
+# Manually update to set the version you want to run
+variable "phdi_version" {
+  type        = string
+  description = "PHDI container image version"
+  default     = "v1.4.4"
 }

terraform/implementation/ecs/ecs.sh

@@ -28,7 +28,7 @@ elif [ "$ENVIRONMENT" != "$PRODUCTION" ] && [ "$ENVIRONMENT" != "" ]; then
     #     -target=module.vpc -target=module.iam -target=module.ecr -target=module.s3 -target=module.ecs
     terraform apply \
         -var-file="$ENVIRONMENT.tfvars" \
-        -target=module.vpc -target=module.iam -target=module.ecr -target=module.s3 -target=module.ecs -target=module.ecs
+        -target=module.vpc -target=module.iam -target=module.ecr -target=module.s3 -target=module.ecs
 else
     echo "Please provide a valid environment: $PRODUCTION or another string"
     exit 1

terraform/implementation/ecs/main.tf

@@ -22,19 +22,20 @@ module "ecr" {
   source                  = "../../modules/ecr"
   aws_caller_identity     = data.aws_caller_identity.current.account_id
   ecs_task_execution_role = module.iam.ecs_task_execution_role.arn
-  ecr_repo_names               = local.ecr_repo_names
+  service_data            = local.service_data
+  phdi_version            = var.phdi_version
   ecs_cluster_name        = local.ecs_cluster_name
   tags                    = {}
   lifecycle_policy        = ""
   region                  = var.region
 }
 
 module "s3" {
-  source                 = "../../modules/s3"
-  ecs_assume_role_policy = module.iam.ecr_viewer_and_s3_assume_role_policy
-  region                 = var.region
-  s3_viewer_bucket_name  = local.s3_viewer_bucket_name
-  s3_viewer_bucket_role_name  = local.s3_viewer_bucket_role_name
+  source                       = "../../modules/s3"
+  ecs_assume_role_policy       = module.iam.ecr_viewer_and_s3_assume_role_policy
+  region                       = var.region
+  s3_viewer_bucket_name        = local.s3_viewer_bucket_name
+  s3_viewer_bucket_role_name   = local.s3_viewer_bucket_role_name
   s3_viewer_bucket_policy_name = local.s3_viewer_bucket_policy_name
 }
 
@@ -53,8 +54,7 @@ module "ecs" {
   app_task_name               = local.ecs_app_task_name
   alb_name                    = local.ecs_alb_name
   ecs_cloudwatch_log_group    = local.ecs_cloudwatch_log_group
-  container_port              = local.ecs_container_port
-  ecr_repo_names                   = local.ecr_repo_names
+  service_data                = local.service_data
   ecs_app_task_family         = local.ecs_app_task_family
   target_group_name           = local.ecs_target_group_name
   retention_in_days           = var.cw_retention_in_days

terraform/modules/ecr/_data.tf

@@ -1,6 +1,6 @@
 data "aws_iam_policy_document" "ecr_policy" {
 
-  for_each = var.ecr_repo_names
+  for_each = var.service_data
   statement {
     actions = [
       "ecr:GetAuthorizationToken",
@@ -9,13 +9,13 @@ data "aws_iam_policy_document" "ecr_policy" {
       "ecr:BatchGetImage",
     ]
 
-    resources = ["arn:aws:ecs:${var.region}:${var.aws_caller_identity}:cluster/${var.ecs_cluster_name}/${each.value}"]
+    resources = ["arn:aws:ecs:${var.region}:${var.aws_caller_identity}:cluster/${var.ecs_cluster_name}/${each.key}"]
   }
 }
 
 data "docker_registry_image" "ghcr_data" {
-  for_each = var.ecr_repo_names
-  name     = "ghcr.io/cdcgov/phdi/${each.key}:${local.phdi_version}"
+  for_each = var.service_data
+  name     = "ghcr.io/cdcgov/phdi/${each.key}:${var.phdi_version}"
 }
 
 data "aws_ecr_authorization_token" "container_registry_token" {}

terraform/modules/ecr/_local.tf

@@ -1,9 +1,6 @@
 locals {
   policy = var.lifecycle_policy == "" ? file("${path.module}/ecr-lifecycle-policy.json") : var.lifecycle_policy
-  repo_name = var.ecr_repo_names
   tags = {
     Automation = "Terraform"
   }
-  # NOTE: The version may need to be changed with updates
-  phdi_version = "v1.4.4"
 }

terraform/modules/ecr/_variable.tf

@@ -1,13 +1,4 @@
-variable "ecr_repo_names" {
-  type = set(string)
-  # default = [
-  #   "fhir-converter",
-  #   "ingestion",
-  #   "ecr-viewer",
-  #   "validation",
-  #   "orchestration"
-  # ]
-}
+variable "service_data" {}
 
 variable "ecs_task_execution_role" {
   type        = string
@@ -39,4 +30,9 @@ variable "aws_caller_identity" {
 variable "region" {
   type        = string
   description = "AWS region"
+}
+
+variable "phdi_version" {
+  type        = string
+  description = "PHDI container image version"
 }

terraform/modules/ecr/docker.tf

@@ -4,22 +4,22 @@ resource "time_static" "now" {}
 
 # NOTE: This pulls image down from the docker registry
 resource "docker_image" "ghcr_image" {
-  for_each      = var.ecr_repo_names
+  for_each      = var.service_data
   name          = data.docker_registry_image.ghcr_data[each.key].name
   keep_locally  = true
   pull_triggers = [data.docker_registry_image.ghcr_data[each.key].sha256_digest]
   force_remove  = true
 }
 
 resource "docker_tag" "tag_for_aws" {
-  for_each     = var.ecr_repo_names
+  for_each     = var.service_data
   source_image = docker_image.ghcr_image[each.key].name
-  target_image = "${aws_ecr_repository.repo[each.key].repository_url}:${local.phdi_version}"
+  target_image = "${aws_ecr_repository.repo[each.key].repository_url}:${var.phdi_version}"
 }
 
 resource "docker_registry_image" "my_docker_image" {
-  for_each      = var.ecr_repo_names
-  name          = "${aws_ecr_repository.repo[each.key].repository_url}:${local.phdi_version}"
+  for_each      = var.service_data
+  name          = "${aws_ecr_repository.repo[each.key].repository_url}:${var.phdi_version}"
   depends_on    = [docker_tag.tag_for_aws, aws_ecr_repository.repo]
   keep_remotely = true
 

terraform/modules/ecr/ecr.tf

@@ -1,4 +1,4 @@
 resource "aws_ecr_repository" "repo" {
-  for_each = var.ecr_repo_names
+  for_each = var.service_data
   name     = each.key
 }

terraform/modules/ecs/_variable.tf

@@ -6,7 +6,7 @@ variable "app_count" {
 
 variable "app_image" {
   description = "Docker image to run in the ECS cluster"
-  default     = "bradfordhamilton/crystal_blockchain:latest"
+  default     = "busybox:latest"
 }
 
 variable "app_port" {
@@ -35,11 +35,6 @@ variable "availability_zones" {
   type        = list(string)
 }
 
-variable "container_port" {
-  description = "Container Port"
-  type        = number
-}
-
 variable "ecs_task_execution_role_arn" {
   description = "ECS Task Execution Role ARN"
   type        = string
@@ -84,11 +79,6 @@ variable "ecr_repo_url" {
   description = "ECR repository urls"
 }
 
-variable "ecr_repo_names" {
-  type        = set(string)
-  description = "ECR repository name(s)"
-}
-
 variable "health_check_path" {
   default = "/fhir-converter"
 }
@@ -141,7 +131,7 @@ variable "private_subnet_ids" {
   description = "List of private subnet IDs"
 }
 
-# variable "env_vars" {
-#   type        = map(string)
-#   description = "Environment variables to pass to the container"
-# }
+variable "service_data" {
+  type        = map(any)
+  description = "Environment variables to pass to the container"
+}