CBIIT · vdonkor · Apr 2, 2023 · Apr 4, 2023 · Apr 20, 2023 · May 4, 2023
diff --git a/ansible/collections/bento/common/roles/build_files/tasks/main.yml b/ansible/collections/bento/common/roles/build_files/tasks/main.yml
@@ -1,10 +1,14 @@
+- name: ensure we have all the submodules
+  shell: git submodule update --init --recursive
+  args:
+    chdir: "{{ container_build_path }}"
+
 - name: build {{ project_name }}-{{ container_name }} image
   community.docker.docker_image:
     build:
       args:
         ECR_REPO: "{{ container_registry_url }}"
       path: "{{ container_build_path }}"
-      dockerfile: "{{ dockerfile_path }}"
       pull: yes
       nocache: yes
     name: "{{ project_name }}-{{ container_name }}"

diff --git a/bento-frontend b/bento-frontend
diff --git a/docker/dockerfiles/backend-multistage-dockerfile b/docker/dockerfiles/backend-multistage-dockerfile
@@ -0,0 +1,11 @@
+# Build stage
+ARG ECR_REPO
+FROM maven:3.8.5-openjdk-17 as build
+WORKDIR /usr/src/app
+COPY . .
+RUN mvn package -DskipTests
+
+# Production stage
+FROM ${ECR_REPO}/base-images:backend-jdk17
+RUN rm -rf /usr/local/tomcat/webapps/ROOT
+COPY --from=build /usr/src/app/target/Bento-0.0.1.war /usr/local/tomcat/webapps/ROOT.war
diff --git a/docker/dockerfiles/files-multistage-dockerfile b/docker/dockerfiles/files-multistage-dockerfile
@@ -0,0 +1,10 @@
+FROM node:16.17.1-alpine3.15
+ENV PORT 8081
+ENV NODE_ENV production
+WORKDIR /usr/src/app
+COPY package*.json ./
+RUN npm ci --only=production
+USER node
+COPY  --chown=node:node . .
+EXPOSE 8081
+CMD [ "node", "./bin/www" ]
diff --git a/docker/dockerfiles/frontend-multistage-dockerfile b/docker/dockerfiles/frontend-multistage-dockerfile
@@ -0,0 +1,26 @@
+FROM node:16-bullseye  as build
+
+WORKDIR /usr/src/app
+
+COPY . .
+
+RUN NODE_OPTIONS="--max-old-space-size=4096" npm install
+
+RUN NODE_OPTIONS="--max-old-space-size=4096" npx lerna run build
+
+FROM nginx:1.23.3-alpine-slim
+
+COPY --from=build /usr/src/app/packages/bento-frontend/dist /usr/share/nginx/html
+COPY --from=build /usr/src/app/conf/inject.template.js /usr/share/nginx/html/dist/inject.template.js
+COPY --from=build /usr/src/app/conf/nginx.conf /etc/nginx/conf.d/configfile.template
+COPY --from=build /usr/src/app/conf/entrypoint.sh /
+
+ENV PORT 80
+
+ENV HOST 0.0.0.0
+
+RUN sh -c "envsubst '\$PORT'  < /etc/nginx/conf.d/configfile.template > /etc/nginx/conf.d/default.conf"
+
+EXPOSE 80
+
+ENTRYPOINT [ "sh", "/entrypoint.sh" ]
diff --git a/terraform/modules/ecr/README.md b/terraform/modules/ecr/README.md
@@ -31,13 +31,14 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_allow_ecr_replication"></a> [allow\_ecr\_replication](#input\_allow\_ecr\_replication) | allow ecr replication | `bool` | `false` | no |
-| <a name="input_resource_prefix"></a> [create\_env\_specific\_repo](#input\_resource\_prefix) | the prefix to add when creating resources | `string` | n/a | yes |
 | <a name="input_ecr_repo_names"></a> [ecr\_repo\_names](#input\_ecr\_repo\_names) | list of repo names | `list(string)` | n/a | yes |
 | <a name="input_enable_ecr_replication"></a> [enable\_ecr\_replication](#input\_enable\_ecr\_replication) | enable ecr replication | `bool` | `false` | no |
 | <a name="input_env"></a> [env](#input\_env) | name of the environment to provision | `string` | n/a | yes |
+| <a name="input_max_images_to_keep"></a> [max\_images\_to\_keep](#input\_max\_images\_to\_keep) | the maximum number of images to keep in the repository | `number` | `20` | no |
+| <a name="input_project"></a> [project](#input\_project) | the name of the project | `string` | n/a | yes |
 | <a name="input_replication_destination_registry_id"></a> [replication\_destination\_registry\_id](#input\_replication\_destination\_registry\_id) | registry id for destination image | `string` | `""` | no |
 | <a name="input_replication_source_registry_id"></a> [replication\_source\_registry\_id](#input\_replication\_source\_registry\_id) | registry id for source image | `string` | `""` | no |
-| <a name="input_project"></a> [stack\_name](#input\_stack\_name) | name of the project | `string` | n/a | yes |
+| <a name="input_resource_prefix"></a> [resource\_prefix](#input\_resource\_prefix) | the prefix to add when creating resources | `string` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | tags to associate with this instance | `map(string)` | n/a | yes |
 
 ## Outputs

diff --git a/terraform/modules/ecs/README.md b/terraform/modules/ecs/README.md
@@ -82,7 +82,7 @@ No modules.
 | <a name="input_ecs_subnet_ids"></a> [ecs\_subnet\_ids](#input\_ecs\_subnet\_ids) | Provide list private subnets to use in this VPC. Example 10.0.10.0/24,10.0.11.0/24 | `list(string)` | n/a | yes |
 | <a name="input_env"></a> [env](#input\_env) | name of the environment to provision | `string` | n/a | yes |
 | <a name="input_iam_prefix"></a> [iam\_prefix](#input\_iam\_prefix) | The string prefix for IAM roles and policies to conform to NCI power-user compliance | `string` | `"power-user"` | no |
-| <a name="input_microservices"></a> [microservices](#input\_microservices) | n/a | <pre>map(object({<br>    name                      = string<br>    port                      = number<br>    health_check_path         = string<br>    priority_rule_number      = number<br>    image_url                 = string<br>    cpu                       = number<br>    memory                    = number<br>    path                      = list(string)<br>    number_container_replicas = number<br>  }))</pre> | n/a | yes |
+| <a name="input_microservices"></a> [microservices](#input\_microservices) | n/a | <pre>map(object({<br>    name                      = string<br>    port                      = number<br>    health_check_path         = string<br>    priority_rule_number      = number<br>    image_url                 = string<br>    cpu                       = number<br>    memory                    = number<br>    path                      = list(string)<br>    number_container_replicas = number<br>    task_definiton            = string<br>    use_service               = bool<br>  }))</pre> | n/a | yes |
 | <a name="input_stack_name"></a> [stack\_name](#input\_stack\_name) | name of the project | `string` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | tags to associate with this instance | `map(string)` | n/a | yes |
 | <a name="input_target_account_cloudone"></a> [target\_account\_cloudone](#input\_target\_account\_cloudone) | to add check conditions on whether the resources are brought up in cloudone or not | `bool` | n/a | yes |

diff --git a/terraform/modules/ecs/main.tf b/terraform/modules/ecs/main.tf
@@ -9,19 +9,7 @@ resource "aws_ecs_task_definition" "task" {
   execution_role_arn       = aws_iam_role.ecs_task_execution_role.arn
   task_role_arn            = aws_iam_role.ecs_task_role.arn
 
-  container_definitions = jsonencode([
-    {
-      name      = each.value.name
-      image     = each.value.image_url
-      essential = true
-      portMappings = [
-        {
-          protocol      = "tcp"
-          containerPort = each.value.port
-        }
-      ]
-    }
-  ])
+  container_definitions    = each.value.task_definition
 
   tags = merge(
     {
@@ -33,7 +21,7 @@ resource "aws_ecs_task_definition" "task" {
 
 #ecs service
 resource "aws_ecs_service" "service" {
-  for_each                           = var.microservices
+  for_each                           = var.microservice.use_service ? var.microservice : {}
   name                               = "${var.stack_name}-${var.env}-${each.value.name}"
   cluster                            = aws_ecs_cluster.ecs_cluster.id
   task_definition                    = aws_ecs_task_definition.task[each.key].arn

diff --git a/terraform/modules/ecs/variables.tf b/terraform/modules/ecs/variables.tf
@@ -68,6 +68,8 @@ variable "microservices" {
     memory                    = number
     path                      = list(string)
     number_container_replicas = number
+    task_definiton            = string
+    use_service               = bool
   }))
 }