Merge pull request #212 from NASA-IMPACT/develop

Release base infrastructure and dashboard postgres schema fixes

README.md

@@ -47,12 +47,27 @@ To retrieve the variables for a stage that has been previously deployed, the sec
 
 ### Deploying to the cloud
 
-#### Install pre-requisites
+#### Install deployment pre-requisites
+- [Node](https://nodejs.org/)
+- [NVM](https://github.com/nvm-sh/nvm#node-version-manager---)
+- [jq](https://jqlang.github.io/jq/) (used for exporting environment variable secrets to `.env` in [scripts/sync-env-local.sh](/scripts/sync-env-local.sh))
 
+These can be installed with [homebrew](https://brew.sh/) on MacOS
+```
+brew install node
+brew install nvm
+brew install jq
+```
+
+#### Virtual environment example
+```
+python3 -m venv .venv
+source .venv/bin/activate
+```
+
+#### Install requirements
 ```bash
-nvm install 17
-nvm use 17
-node --version
+nvm use --lts
 npm install --location=global aws-cdk
 python3 -m pip install --upgrade pip
 python3 -m pip install -e ".[dev,deploy,test]"

database/runtime/handler.py

@@ -252,7 +252,7 @@ def create_collection_search_functions(cursor) -> None:
 
 def create_collection_summaries_functions(cursor) -> None:
     """
-    Functions to summarize datetimes and raster statistics for 'default' collections of items with single band COG assets
+    Functions to summarize datetimes and raster statistics for 'default' collections of items
     """
 
     periodic_datetime_summary_sql = """
@@ -264,7 +264,7 @@ def create_collection_summaries_functions(cursor) -> None:
         SELECT to_jsonb(
             array[
                 to_char(min(datetime) at time zone 'Z', 'YYYY-MM-DD"T"HH24:MI:SS"Z"'),
-                to_char(max(datetime) at time zone 'Z', 'YYYY-MM-DD"T"HH24:MI:SS"Z"')
+                to_char(max(end_datetime) at time zone 'Z', 'YYYY-MM-DD"T"HH24:MI:SS"Z"')
             ])​
         FROM items WHERE collection=$1;
     ;
@@ -287,23 +287,6 @@ def create_collection_summaries_functions(cursor) -> None:
     """
     cursor.execute(sql.SQL(distinct_datetime_summary_sql))
 
-    cog_default_summary_sql = """
-    CREATE OR REPLACE FUNCTION dashboard.cog_default_summary(id text) RETURNS jsonb
-    LANGUAGE sql
-    IMMUTABLE PARALLEL SAFE
-    SET search_path TO 'pgstac', 'public'
-    AS $function$
-        SELECT jsonb_build_object(
-            'min', min((items."content"->'assets'->'cog_default'->'raster:bands'-> 0 ->'statistics'->>'minimum')::float),
-            'max', max((items."content"->'assets'->'cog_default'->'raster:bands'-> 0 ->'statistics'->>'maximum')::float)
-        )
-        FROM items WHERE collection=$1;
-    ;
-    $function$
-    ;
-    """
-    cursor.execute(sql.SQL(cog_default_summary_sql))
-
     update_collection_default_summaries_sql = """
     CREATE OR REPLACE FUNCTION dashboard.update_collection_default_summaries(id text)
     RETURNS void
@@ -320,13 +303,6 @@ def create_collection_summaries_functions(cursor) -> None:
                     THEN dashboard.periodic_datetime_summary(collections.id)
                     ELSE dashboard.discrete_datetime_summary(collections.id)
                     END
-                ),
-                'cog_default', (
-                    CASE
-                    WHEN collections."content"->'item_assets' ? 'cog_default'
-                    THEN dashboard.cog_default_summary(collections.id)
-                    ELSE NULL
-                    END
                 )
             )
         )
@@ -343,27 +319,9 @@ def create_collection_summaries_functions(cursor) -> None:
     LANGUAGE sql
     SET search_path TO 'pgstac', 'public'
     AS $function$
-    UPDATE collections SET
-        "content" = "content" ||
-        jsonb_build_object(
-            'summaries', jsonb_build_object(
-                'datetime', (
-                    CASE
-                    WHEN (collections."content"->>'dashboard:is_periodic')::boolean
-                    THEN dashboard.periodic_datetime_summary(collections.id)
-                    ELSE dashboard.discrete_datetime_summary(collections.id)
-                    END
-                ),
-                'cog_default', (
-                    CASE
-                    WHEN collections."content"->'item_assets' ? 'cog_default'
-                    THEN dashboard.cog_default_summary(collections.id)
-                    ELSE NULL
-                    END
-                )
-            )
-        )
-        WHERE collections."content" ?| array['item_assets', 'dashboard:is_periodic']
+    SELECT dashboard.update_collection_default_summaries(collections.id)
+    FROM collections
+    WHERE collections."content" ?| array['dashboard:is_periodic']
     ;
     $function$
     ;

docker-compose.yml

@@ -97,7 +97,7 @@ services:
   database:
     container_name: veda.db
     platform: linux/amd64
-    image: ghcr.io/stac-utils/pgstac:v0.7.6
+    image: ghcr.io/stac-utils/pgstac:v0.7.10
     environment:
       - POSTGRES_USER=username
       - POSTGRES_PASSWORD=password

standalone_base_infrastructure/network_construct.py

@@ -27,7 +27,7 @@ def __init__(
         )
 
         nat_provider_instance = aws_ec2.NatProvider.instance(
-            instance_type=aws_ec2.InstanceType("t3.nano")
+            instance_type=aws_ec2.InstanceType("t3.nano"),
         )
 
         vpc = aws_ec2.Vpc(
@@ -40,6 +40,22 @@ def __init__(
             nat_gateways=base_settings.vpc_nat_gateways,
         )
 
+        nat_sg = nat_provider_instance.security_group
+
+        # Allow all outbound traffic
+        nat_sg.add_egress_rule(
+            aws_ec2.Peer.any_ipv4(),
+            aws_ec2.Port.all_traffic(),
+            "Allow all outbound traffic",
+        )
+
+        # Allow inbound traffic from the VPC's CIDR
+        nat_sg.add_ingress_rule(
+            aws_ec2.Peer.ipv4(vpc.vpc_cidr_block),
+            aws_ec2.Port.all_traffic(),
+            "Allow inbound traffic from the VPCs CIDR block",
+        )
+
         vpc_endpoints = {
             "secretsmanager": aws_ec2.InterfaceVpcEndpointAwsService.SECRETS_MANAGER,
             "cloudwatch-logs": aws_ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_LOGS,