diff --git a/terraform/implementation/ecs/README.md b/terraform/implementation/ecs/README.md
index db96994..42c09a7 100644
--- a/terraform/implementation/ecs/README.md
+++ b/terraform/implementation/ecs/README.md
@@ -9,7 +9,7 @@
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 5.56.1 |
+| [aws](#provider\_aws) | =5.56.1 |
## Modules
@@ -28,16 +28,16 @@
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [availability\_zones](#input\_availability\_zones) | The availability zones to use | `list(string)` | [
"us-east-1a",
"us-east-1b",
"us-east-1c"
]
| no |
+| [availability\_zones](#input\_availability\_zones) | The availability zones to use | `list(string)` | [
"us-east-1a",
"us-east-1b",
"us-east-1c"
]
| no |
| [ecr\_viewer\_database\_schema](#input\_ecr\_viewer\_database\_schema) | The database schema used for the eCR data tables | `string` | `"core"` | no |
| [ecr\_viewer\_database\_type](#input\_ecr\_viewer\_database\_type) | The SQL variant used for the eCR data tables | `string` | `"postgres"` | no |
| [ecs\_alb\_sg](#input\_ecs\_alb\_sg) | The security group for the Application Load Balancer | `string` | `"ecs-albsg"` | no |
| [enable\_nat\_gateway](#input\_enable\_nat\_gateway) | Enable NAT Gateway | `bool` | `true` | no |
| [owner](#input\_owner) | The owner of the infrastructure | `string` | `"skylight"` | no |
| [phdi\_version](#input\_phdi\_version) | PHDI container image version | `string` | `"v1.4.4"` | no |
-| [private\_subnets](#input\_private\_subnets) | The private subnets | `list(string)` | [
"176.24.1.0/24",
"176.24.3.0/24"
]
| no |
+| [private\_subnets](#input\_private\_subnets) | The private subnets | `list(string)` | [
"176.24.1.0/24",
"176.24.3.0/24"
]
| no |
| [project](#input\_project) | The project name | `string` | `"dibbs-ce"` | no |
-| [public\_subnets](#input\_public\_subnets) | The public subnets | `list(string)` | [
"176.24.2.0/24",
"176.24.4.0/24"
]
| no |
+| [public\_subnets](#input\_public\_subnets) | The public subnets | `list(string)` | [
"176.24.2.0/24",
"176.24.4.0/24"
]
| no |
| [region](#input\_region) | AWS region | `string` | `"us-east-1"` | no |
| [single\_nat\_gateway](#input\_single\_nat\_gateway) | Single NAT Gateway | `bool` | `true` | no |
| [vpc](#input\_vpc) | The name of the VPC | `string` | `"ecs-vpc"` | no |
diff --git a/terraform/implementation/ecs/main.tf b/terraform/implementation/ecs/main.tf
index fb5d25a..254f717 100644
--- a/terraform/implementation/ecs/main.tf
+++ b/terraform/implementation/ecs/main.tf
@@ -23,7 +23,7 @@ module "ecs" {
owner = var.owner
project = var.project
tags = local.tags
-
+
# If intent is to pull from the phdi GHCR, set disable_ecr to true (default is false)
# disable_ecr = true
# If intent is to use the non-integrated viewer, set non_integrated_viewer to true (default is false)
diff --git a/terraform/implementation/setup/README.md b/terraform/implementation/setup/README.md
index 5837449..4c2655d 100644
--- a/terraform/implementation/setup/README.md
+++ b/terraform/implementation/setup/README.md
@@ -7,9 +7,9 @@ No requirements.
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 5.57.0 |
-| [local](#provider\_local) | 2.5.1 |
-| [random](#provider\_random) | 3.6.2 |
+| [aws](#provider\_aws) | n/a |
+| [local](#provider\_local) | n/a |
+| [random](#provider\_random) | n/a |
## Modules
diff --git a/terraform/modules/ecs/README.md b/terraform/modules/ecs/README.md
index f350f5c..996be1c 100644
--- a/terraform/modules/ecs/README.md
+++ b/terraform/modules/ecs/README.md
@@ -3,14 +3,14 @@
| Name | Version |
|------|---------|
-| [docker](#requirement\_docker) | 3.0.2 |
+| [dockerless](#requirement\_dockerless) | 0.1.1 |
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | n/a |
-| [docker](#provider\_docker) | 3.0.2 |
+| [dockerless](#provider\_dockerless) | 0.1.1 |
| [null](#provider\_null) | n/a |
| [random](#provider\_random) | n/a |
@@ -51,10 +51,7 @@ No modules.
| [aws_security_group_rule.ecs_all_egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_security_group_rule.ecs_ecs_ingress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_service_discovery_private_dns_namespace.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/service_discovery_private_dns_namespace) | resource |
-| [docker_image.dibbs](https://registry.terraform.io/providers/kreuzwerker/docker/3.0.2/docs/resources/image) | resource |
-| [docker_registry_image.this](https://registry.terraform.io/providers/kreuzwerker/docker/3.0.2/docs/resources/registry_image) | resource |
-| [docker_tag.this](https://registry.terraform.io/providers/kreuzwerker/docker/3.0.2/docs/resources/tag) | resource |
-| [null_resource.docker_tag](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
+| [dockerless_remote_image.dibbs](https://registry.terraform.io/providers/nullstone-io/dockerless/0.1.1/docs/resources/remote_image) | resource |
| [null_resource.target_groups](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [random_string.s3_viewer](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
@@ -63,7 +60,6 @@ No modules.
| [aws_iam_policy.ecs_task_execution](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source |
| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.ecr_viewer_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [docker_registry_image.dibbs](https://registry.terraform.io/providers/kreuzwerker/docker/3.0.2/docs/data-sources/registry_image) | data source |
## Inputs
@@ -75,6 +71,9 @@ No modules.
| [cloudmap\_service\_name](#input\_cloudmap\_service\_name) | Name of the AWS Cloud Map service | `string` | `""` | no |
| [cw\_retention\_in\_days](#input\_cw\_retention\_in\_days) | Retention period in days for CloudWatch logs | `number` | `30` | no |
| [disable\_ecr](#input\_disable\_ecr) | Flag to disable the aws ecr service for docker image storage, defaults to false | `bool` | `false` | no |
+| [ecr\_viewer\_app\_env](#input\_ecr\_viewer\_app\_env) | The current environment that is running. This may modify behavior of auth between dev and prod. | `string` | `"prod"` | no |
+| [ecr\_viewer\_auth\_pub\_key](#input\_ecr\_viewer\_auth\_pub\_key) | The public key used to validate the incoming authenication for the eCR Viewer. | `string` | `"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqjrH9PprQCB5dX15zYfd\nS6K2ezNi/ZOu8vKEhQuLqwHACy1iUt1Yyp2PZLIV7FVDgBHMMVWPVx3GJ2wEyaJw\nMHkv6XNpUpWLhbs0V1T7o/OZfEIqcNua07OEoBxX9vhKIHtaksWdoMyKRXQJz0js\noWpawfOWxETnLqGvybT4yvY2RJhquTXLcLu90L4LdvIkADIZshaOtAU/OwI5ATcb\nfE3ip15E6jIoUm7FAtfRiuncpI5l/LJPP6fvwf8QCbbUJBZklLqcUuf4qe/L/nIq\npIONb8KZFWPhnGeRZ9bwIcqYWt3LAAshQLSGEYl2PGXaqbkUD2XLETSKDjisxd0g\n9j8bIMPgBKi+dBYcmBZnR7DxJe+vEDDw8prHG/+HRy5fim/BcibTKnIl8PR5yqHa\nmWQo7N+xXhILdD9e33KLRgbg97+erHqvHlNMdwDhAfrBT+W6GCdPwp3cePPsbhsc\noGSHOUDhzyAujr0J8h5WmZDGUNWjGzWqubNZD8dBXB8x+9dDoWhfM82nw0pvAeKf\nwJodvn3Qo8/S5hxJ6HyGkUTANKN8IxWh/6R5biET5BuztZP6jfPEaOAnt6sq+C38\nhR9rUr59dP2BTlcJ19ZXobLwuJEa81S5BrcbDwYNOAzC8jl2EV1i4bQIwJJaY27X\nIynom6unaheZpS4DFIh2w9UCAwEAAQ==\n-----END PUBLIC KEY-----\n"` | no |
+| [ecr\_viewer\_basepath](#input\_ecr\_viewer\_basepath) | The basepath for the ecr-viewer | `string` | `"/ecr-viewer"` | no |
| [ecs\_alb\_name](#input\_ecs\_alb\_name) | Name of the Application Load Balancer (ALB) | `string` | `""` | no |
| [ecs\_alb\_sg](#input\_ecs\_alb\_sg) | Name of the ECS ALB Security Group | `string` | `""` | no |
| [ecs\_alb\_tg\_name](#input\_ecs\_alb\_tg\_name) | Name of the ALB Target Group | `string` | `""` | no |
@@ -84,14 +83,14 @@ No modules.
| [ecs\_task\_role\_name](#input\_ecs\_task\_role\_name) | Name of the ECS Task Role | `string` | `""` | no |
| [non\_integrated\_viewer](#input\_non\_integrated\_viewer) | A flag to determine if the viewer is the non-integrated version | `string` | `"false"` | no |
| [owner](#input\_owner) | Owner of the resources | `string` | `"CDC"` | no |
-| [phdi\_version](#input\_phdi\_version) | Version of the PHDI application | `string` | `"v1.6.1"` | no |
+| [phdi\_version](#input\_phdi\_version) | Version of the PHDI application | `string` | `"v1.6.4"` | no |
| [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of private subnet IDs | `list(string)` | n/a | yes |
| [project](#input\_project) | The project name | `string` | `"dibbs"` | no |
| [public\_subnet\_ids](#input\_public\_subnet\_ids) | List of public subnet IDs | `list(string)` | n/a | yes |
| [region](#input\_region) | The AWS region where resources are created | `string` | n/a | yes |
| [s3\_viewer\_bucket\_name](#input\_s3\_viewer\_bucket\_name) | Name of the S3 bucket for the viewer | `string` | `""` | no |
| [s3\_viewer\_bucket\_role\_name](#input\_s3\_viewer\_bucket\_role\_name) | Name of the IAM role for the ecr-viewer bucket | `string` | `""` | no |
-| [service\_data](#input\_service\_data) | Data for the DIBBS services | map(object({
short_name = string
fargate_cpu = number
fargate_memory = number
app_count = number
app_image = string
app_version = string
container_port = number
host_port = number
public = bool
registry_url = string
env_vars = list(object({
name = string
value = string
}))
})) | `{}` | no |
+| [service\_data](#input\_service\_data) | Data for the DIBBS services | map(object({
short_name = string
fargate_cpu = number
fargate_memory = number
app_count = number
app_image = string
app_version = string
container_port = number
host_port = number
public = bool
registry_url = string
env_vars = list(object({
name = string
value = string
}))
})) | `{}` | no |
| [tags](#input\_tags) | Tags to apply to resources | `map(string)` | `{}` | no |
| [vpc\_id](#input\_vpc\_id) | ID of the VPC | `string` | n/a | yes |
diff --git a/terraform/modules/ecs/_local.tf b/terraform/modules/ecs/_local.tf
index fb15a61..af599ac 100644
--- a/terraform/modules/ecs/_local.tf
+++ b/terraform/modules/ecs/_local.tf
@@ -32,7 +32,7 @@ locals {
},
{
name = "HOSTNAME",
- value = "127.0.0.1"
+ value = "0.0.0.0"
},
{
name = "NEXT_PUBLIC_NON_INTEGRATED_VIEWER",
@@ -44,14 +44,14 @@ locals {
},
{
name = "APP_ENV",
- value = "test"
+ value = var.ecr_viewer_app_env
},
{
- name = "NODE_ENV",
- value = var.node_env
+ name = "NBS_PUB_KEY",
+ value = var.ecr_viewer_auth_pub_key
},
{
- name = "NEXT_PUBLIC_BASEPATH",
+ name = "NEXT_PUBLIC_BASEPATH",
value = var.ecr_viewer_basepath
}
]
diff --git a/terraform/modules/ecs/_variable.tf b/terraform/modules/ecs/_variable.tf
index 61663df..04f8834 100644
--- a/terraform/modules/ecs/_variable.tf
+++ b/terraform/modules/ecs/_variable.tf
@@ -99,7 +99,7 @@ variable "s3_viewer_bucket_role_name" {
variable "phdi_version" {
type = string
description = "Version of the PHDI application"
- default = "v1.6.4"
+ default = "v1.6.9"
}
variable "service_data" {
@@ -158,14 +158,35 @@ variable "non_integrated_viewer" {
default = "false"
}
-variable "node_env" {
- type = string
- description = "The app node environment"
- default = "production"
-}
-
variable "ecr_viewer_basepath" {
type = string
description = "The basepath for the ecr-viewer"
default = "/ecr-viewer"
-}
\ No newline at end of file
+}
+
+variable "ecr_viewer_app_env" {
+ type = string
+ description = "The current environment that is running. This may modify behavior of auth between dev and prod."
+ default = "prod"
+}
+
+variable "ecr_viewer_auth_pub_key" {
+ type = string
+ description = "The public key used to validate the incoming authenication for the eCR Viewer."
+ default = <