Merge branch 'imprvd_interface'

.gitignore

@@ -16,3 +16,6 @@ templates/ts_index.html
 templates/monthly_index.html
 static/plots/*
 static/completed/*
+templates/on_map3.html
+awscodebuild/.aws/
+awscodebuild/imageDetail.json

Dockerfile

@@ -1,5 +1,5 @@
-# Use a minimal image
-FROM python:3.11.7
+# Update base image for KEV CVE-2024-36971  
+FROM python:3.11.10
 
 LABEL MAINTAINER="Dmitry Duplyakin <[email protected]>"
 
@@ -58,5 +58,4 @@ EXPOSE 80
 #CMD ["python", "proto.py", "--production"]
 
 # Version that allows following a file with out and err messages
-CMD ["/bin/bash", "-c", "python proto.py --production >> proto.out 2>&1"]
-
+CMD ["/bin/bash", "-c", "python proto.py --production 2>&1"]

README.md

@@ -38,6 +38,11 @@ docker build -t tap-api:latest .
 
 Run:
 ```shell
+docker run -p 8080:80 -it tap-api:latest python proto.py --production
+```
+
+For troubleshooting inside the container, run (and you will have the prompt change and try the following commands inside the container):
+```shell
 docker run -p 8080:80 -it tap-api:latest /bin/bash
 ```
 

apidoc.json

@@ -1,7 +1,7 @@
 {
-  "name": "DW-TAP API",
+  "name": "WindWatts API",
   "version": "1.0.0",
-  "description": "API for NREL's DW-TAP Project",
-  "title": "DW-TAP API",
-  "url" : "https://dw-tap.hpc.nrel.gov/v1"
+  "description": "API for NREL's WindWatts Tool",
+  "title": "WindWatts API",
+  "url" : "https://dw-tap.nrel.gov/api"
 }

awscodebuild/.env

@@ -0,0 +1,9 @@
+## PROJECT SETTINGS
+# PROJECT_HANDLE=tap
+# APP_NAME=api
+# MAKEFILE_PATH=./awscodebuild/Makefile
+# APPFLEET_RELEASE_NAME=dev
+# APPFLEET_DEPLOY_VERSION=0.0.12-1.0.0-alpine-3c676c3
+# BASE_IMAGE_TAG=3-alpine
+# DIFF_ONLY=False
+# SLEEP_ONLY=True

awscodebuild/Makefile

@@ -0,0 +1,146 @@
+-include env_make
+
+# Required environment variables check
+REQUIRED_VARS := PROJECT_HANDLE APP_NAME MAKEFILE_PATH APPFLEET_RELEASE_NAME APPFLEET_DEPLOY_VERSION BASE_IMAGE_TAG
+$(foreach var,$(REQUIRED_VARS),$(if $(value $(var)),,$(error Environment variable $(var) is not set)))
+
+# Environment variables (can be overridden by command-line arguments)
+PROJECT_NAME = $(PROJECT_HANDLE)-$(APP_NAME)
+WORKDIR ?= $(or $(dir $(MAKEFILE_PATH)), $(CURDIR))
+
+# Display the WORKDIR value
+$(info Using WORKDIR: $(WORKDIR))
+
+# Validate that WORKDIR is an existing directory
+ifeq ("$(wildcard $(WORKDIR))","")
+    $(error Error: WORKDIR '$(WORKDIR)' does not exist or is not accessible.)
+endif
+
+REGISTRY-IDS = 991404956194
+REPO = $(REGISTRY-IDS).dkr.ecr.us-west-2.amazonaws.com/nrel-$(PROJECT_NAME)
+NAME = $(PROJECT_NAME)
+
+ifdef RELEASE_SHA2
+  HEAD_VER=$(RELEASE_SHA2)
+else ifdef RELEASE_SHA1
+  HEAD_VER=$(RELEASE_SHA1)
+else
+	HEAD_VER=$(shell git log -1 --pretty=tformat:%h)
+endif
+
+$(info HEAD_VER="$(HEAD_VER)")
+
+ifdef BRANCH_NAME2
+	BRANCH_NAME=$(BRANCH_NAME2)
+else ifdef BRANCH_NAME1
+	BRANCH_NAME=$(BRANCH_NAME1)
+else
+	BRANCH_NAME ?= $(shell git rev-parse --abbrev-ref HEAD)
+endif
+
+# Normalize branch name for Docker tag compatibility
+BRANCH_NAME_SAFE = $(subst /,-,$(BRANCH_NAME))
+
+$(info BRANCH_NAME_SAFE="$(BRANCH_NAME_SAFE)")
+
+# Use CodeBuild build number if present, otherwise fallback to timestamp for uniqueness
+ifdef CODEBUILD_BUILD_NUMBER
+  UNIQUE_ID=$(CODEBUILD_BUILD_NUMBER)
+  $(info Using CODEBUILD_BUILD_NUMBER: $(CODEBUILD_BUILD_NUMBER))
+else
+  UNIQUE_ID=$(shell date +%Y%m%d%H%M%S)
+  $(info Using UNIQUE_ID generated from timestamp: $(UNIQUE_ID))
+endif
+
+$(info UNIQUE_ID="$(UNIQUE_ID)")
+
+# git release version - use for rollbacks
+TAG ?= $(BASE_IMAGE_TAG)-$(APPFLEET_RELEASE_NAME)-$(BRANCH_NAME_SAFE)-$(HEAD_VER)-$(UNIQUE_ID)
+
+$(info TAG="$(TAG)")
+
+default: release
+
+# Optional build targets
+TARGET_ARG := $(if $(BUILD_TARGET),--target $(BUILD_TARGET),)
+
+# Updated build target with optional BUILD_TARGET
+build:
+	$(info Running Docker build command:)
+	$(info docker build -t $(REPO):$(TAG) --platform linux/amd64 --build-arg BASE_IMAGE_TAG=$(BASE_IMAGE_TAG) $(TARGET_ARG) $(WORKDIR))
+	docker build -t $(REPO):$(TAG) \
+		--platform linux/amd64 \
+		--build-arg BASE_IMAGE_TAG=$(BASE_IMAGE_TAG) \
+		.
+	@echo "Writing image definitions file..."
+	@printf '{"ImageURI":"%s"}' "$(REPO):$(TAG)" > $(WORKDIR)/imageDetail.json
+	@echo "Image definitions file created: $(WORKDIR)/imageDetail.json"
+
+prebuild:
+	aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin $(REGISTRY-IDS).dkr.ecr.us-west-2.amazonaws.com
+	docker buildx create --use --name mybuilder --driver docker-container
+
+buildx:
+	@echo "Starting Docker Buildx process..."
+	docker buildx build --builder mybuilder \
+			--cache-from type=registry,ref=$(REPO):cache \
+			--cache-to mode=max,image-manifest=true,oci-mediatypes=true,type=registry,ref=$(REPO):cache \
+			--platform linux/amd64 \
+			--build-arg BASE_IMAGE_TAG=$(BASE_IMAGE_TAG) \
+			--push --provenance=false \
+			$(TARGET_ARG) \
+			--tag $(REPO):$(TAG) \
+			$(WORKDIR)
+	@echo "Docker image built and pushed to ECR with tag: $(TAG)"
+	@echo "Writing image definitions file..."
+	@printf '{"ImageURI":"%s"}' "$(REPO):$(TAG)" > $(WORKDIR)/imageDetail.json
+	@echo "Image definitions file created: $(WORKDIR)/imageDetail.json"
+
+test:
+	echo "Reading IMAGE_URI from $(WORKDIR)/imageDetail.json..."
+	IMAGE_URI=$$(jq -r '.ImageURI' $(WORKDIR)/imageDetail.json); \
+	echo "Extracting TAG from IMAGE_URI..."; \
+	TAG=$$(echo $$IMAGE_URI | sed 's/.*://'); \
+	echo "Testing with TAG: $$TAG"; \
+	cd ./tests/basic && IMAGE=$(REPO):$$TAG ./run.sh
+
+push:
+	@echo "Reading image details from $(WORKDIR)/imageDetail.json..."
+	@IMAGE_URI=$$(jq -r '.ImageURI' $(WORKDIR)/imageDetail.json); \
+	if aws ecr describe-images --repository-name nrel-$(PROJECT_NAME) --image-ids imageTag=$$(basename $$IMAGE_URI) >/dev/null 2>&1; then \
+		echo "Image $$IMAGE_URI already exists in ECR. Skipping push."; \
+	else \
+		echo "Pushing Docker image $$IMAGE_URI..."; \
+		docker push $$IMAGE_URI; \
+	fi
+
+deploy:
+	echo "Reading IMAGE_URI from $(WORKDIR)/imageDetail.json..."
+	IMAGE_URI=$$(jq -r '.ImageURI' $(WORKDIR)/imageDetail.json); \
+	echo "Extracting TAG from IMAGE_URI..."; \
+	TAG=$$(echo $$IMAGE_URI | sed 's/.*://'); \
+	echo "Deploying with TAG: $$TAG"; \
+	echo "Running create-credentials script..."; \
+	WORKDIR=$(WORKDIR) $(WORKDIR)/create-credentials.sh; \
+	echo "Deploying containers for $(PROJECT_NAME)..."; \
+	echo "IMAGE_URI: $$IMAGE_URI"; \
+	echo "TAG: $$TAG"; \
+	echo "PROJECT_HANDLE: $(PROJECT_HANDLE)"; \
+	echo "SERVICE_HANDLE: $(APP_NAME)"; \
+	echo "DEPLOY_ENVIRONMENT: $(APPFLEET_RELEASE_NAME)"; \
+	DOCKER_TAG1=$$TAG \
+	PROJECT_HANDLE=$(PROJECT_HANDLE) \
+	SERVICE_HANDLE=$(APP_NAME) \
+	DEPLOY_ENVIRONMENT=$(APPFLEET_RELEASE_NAME) \
+	docker-compose -f $(WORKDIR)/docker-compose.deploy.yaml up --quiet-pull
+
+run:
+	docker run --rm --name $(PROJECT_NAME) $(PORTS) $(VOLUMES) $(ENV) $(REPO):$(TAG) $(CMD)
+
+clean:
+	-docker rm -f $(PROJECT_NAME)
+
+release: build push deploy
+
+SELF_DIR := $(dir $(lastword $(MAKEFILE_LIST)))
+include $(SELF_DIR)docker.mk

awscodebuild/buildspec.yml

@@ -1,28 +1,65 @@
 version: 0.2
 
 env:
-  variables:
-    MAKEFILE_PATH: "Makefile"   # Default Makefile path, you can change this as needed
-    ENVIRONMENT: "dev"  # You'll set this dynamically based on the build environment in AWS CodeBuild
+  parameter-store:
+    NGINX_VER: /nrel/split/split_nginx_version_stable
+    APPFLEET_DEPLOY_VERSION: /nrel/split/appfleet_docker_version_legacy
+  exported-variables:
+    - CODEBUILD_SOURCE_VERSION
+    - CODEBUILD_BUILD_ID
+    - CODEBUILD_SOURCE_VERSION_SHORT
+    - CODEBUILD_BUILD_NUMBER
+    - PROJECT_HANDLE
+    - APP_NAME
+    - APPFLEET_RELEASE_NAME
+    - APPFLEET_DEPLOY_VERSION
+    - MAKEFILE_PATH
+    - BASE_IMAGE_TAG
+    - CONFIG_FILE_URL
+    - DIFF_ONLY
+
 phases:
-  pre_build:
+  install:
     commands:
-      - echo Logging in to Amazon ECR...
+      - echo "Logging in to Amazon ECR..."
       - aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com
-      - RELEASE_SHA=$(echo $CODEBUILD_SOURCE_VERSION | head -c 7)
-      - BRANCH_NAME=$(echo $CODEBUILD_WEBHOOK_HEAD_REF | cut -d'/' -f 3)
-  build:
+      - echo "Build started on `date`"
+      - echo "Checking Docker version..."
+      - docker --version
+      - DOCKER_VERSION=$(docker --version | grep -oP '\d+\.\d+\.\d+')
+      - MIN_VERSION=25.0.0
+      - |
+        if [ "$(printf '%s\n' "$MIN_VERSION" "$DOCKER_VERSION" | sort -V | head -n1)" != "$MIN_VERSION" ]; then
+          echo "Error: Docker version must be 25.0.0 or higher. Current version: $DOCKER_VERSION"
+          exit 1
+        fi
+      - echo "Caching Docker images..."
+      - if [ -d /root/.cache/docker ]; then echo "Docker cache exists"; else echo "Docker cache does not exist"; fi
+
+  pre_build:
     commands:
-      - echo Build started on `date`
-      - echo Building the Docker image...
-      - make build
-  post_build:
+      - CODEBUILD_SOURCE_VERSION_SHORT=$(echo $CODEBUILD_SOURCE_VERSION | head -c 7)
+      # - echo "Running prebuild step..."
+      # - make V=1 prebuild
+
+  build:
     commands:
-      - echo Build completed on `date`
-      - echo Pushing the Docker image...
-      - make push
-      - echo Writing image definitions file...
-      - printf '{"ImageURI":"%s"}' > imageDetail.json
+      - echo "Build started on `date`"
+      - echo Deploying Docker image to ECS...
+      - |
+        if [ -f "$MAKEFILE_PATH" ]; then
+          make -f "$MAKEFILE_PATH" V=1 \
+             release
+        else
+          echo "Error: Makefile not found at $MAKEFILE_PATH."
+          exit 1
+        fi
+
 artifacts:
   files:
     - imageDetail.json
+
+cache:
+  paths:
+    - '/root/.cache/docker/**/*'
+    - '/root/.docker'

awscodebuild/create-credentials.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+
+# Display the WORKDIR location
+echo "Using WORKDIR: ${WORKDIR}"
+
+# Check if WORKDIR is set and accessible
+if [[ -n "${WORKDIR}" && ! -d "${WORKDIR}" ]]; then
+    echo "Error: WORKDIR '${WORKDIR}' does not exist or is not accessible."
+    exit 1
+fi
+
+# Determine the output directory for AWS files
+aws_dir="${WORKDIR:-.}/.aws"
+
+# Ensure the output directory exists
+mkdir -p "${aws_dir}"
+
+# Run the aws configure export-credentials command without the --profile option if AWS_PROFILE is not set
+if [[ -z "${AWS_PROFILE}" ]]; then
+    export_credentials=$(aws configure export-credentials)
+else
+    export_credentials=$(aws configure export-credentials --profile "${AWS_PROFILE}")
+fi
+
+# Check if export_credentials variable is populated with values
+if [[ -z "${export_credentials}" ]]; then
+    echo "Error: Unable to retrieve AWS credentials."
+    exit 1
+fi
+
+# Extract access key ID, secret access key, and session token using jq
+access_key_id=$(echo "$export_credentials" | jq -r '.AccessKeyId')
+secret_access_key=$(echo "$export_credentials" | jq -r '.SecretAccessKey')
+session_token=$(echo "$export_credentials" | jq -r '.SessionToken')
+
+# Check if any of the variables are empty and exit if so
+if [[ -z "$access_key_id" || -z "$secret_access_key" || -z "$session_token" ]]; then
+    echo "Error: One or more AWS credential variables are empty."
+    exit 1
+fi
+
+# Write the credentials to the specified credentials file
+cat << EOF > "${aws_dir}/credentials"
+[default]
+aws_access_key_id = $access_key_id
+aws_secret_access_key = $secret_access_key
+aws_session_token = $session_token
+EOF
+
+# Write the default region to the config file in the specified directory
+cat << EOF > "${aws_dir}/config"
+[default]
+region = us-west-2
+EOF
+
+echo "AWS credentials file created at ${aws_dir}/credentials"
+echo "AWS config file created at ${aws_dir}/config"