Apply eoAPI updates

.dockerignore

@@ -0,0 +1,9 @@
+# Ignore cdk folder
+cdk.out/
+.history
+.tox
+.git
+.vscode
+node_modules/
+.mypy_cache
+.pytest_cache

app.py

@@ -9,22 +9,21 @@
 from stac_api.infrastructure.construct import StacApiLambdaConstruct
 from raster_api.infrastructure.construct import RasterApiLambdaConstruct
 
-identifier = os.getenv("IDENTIFIER").lower()
+stage = os.getenv("STAGE").lower()
 app_name = "delta-backend"
 
 app = App()
 
-
 class DeltaStack(Stack):
     def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
         super().__init__(scope, construct_id, **kwargs)
 
 
-delta_stack = DeltaStack(app, f"{app_name}-{identifier}")
+delta_stack = DeltaStack(app, f"{app_name}-{stage}")
 
 vpc = VpcConstruct(delta_stack, "network")
 
-database = RdsConstruct(delta_stack, "database", vpc.vpc)
+database = RdsConstruct(delta_stack, "database", vpc.vpc, stage=stage)
 
 raster_api = RasterApiLambdaConstruct(
     delta_stack, "raster-api", vpc=vpc.vpc, database=database
@@ -40,7 +39,7 @@ def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
 
 for key, value in {
     "Project": app_name,
-    "Stack": identifier,
+    "Stack": stage,
     "Client": "nasa-impact",
     "Owner": "ds",
 }.items():

cdk.json

@@ -1,6 +1,12 @@
 {
   "app": "python3 app.py",
   "context": {
-    "@aws-cdk/core:bootstrapQualifier": "toolkitv2"
+    "@aws-cdk/core:bootstrapQualifier": "toolkitv2",
+    "dev": {
+      "pgstac_version": "0.4.3"
+    },
+    "prod": {
+      "pgstac_version": "0.4.3"
+    }
   }
 }

database/infrastructure/construct.py

@@ -1,9 +1,11 @@
 import os
 import json
+from platform import node
 
 from aws_cdk import (
     aws_ec2,
     aws_lambda,
+    aws_logs,
     aws_rds,
     aws_secretsmanager,
     CfnOutput, 
@@ -26,21 +28,27 @@ def __init__(
         database: aws_rds.DatabaseInstance,
         new_dbname: str,
         new_username: str,
-        secrets_prefix: str
+        secrets_prefix: str,
+        stage: str,
     ) -> None:
         super().__init__(scope, construct_id)
 
+        # get pgstac version from context
+        pgstac_version = scope.node.try_get_context(stage)["pgstac_version"]
+
         handler = aws_lambda.Function(
             self,
             "lambda",
             handler="handler.handler",
             runtime=aws_lambda.Runtime.PYTHON_3_8,
             code=aws_lambda.Code.from_docker_build(
                 path=os.path.abspath("./"), 
-                file="database/runtime/Dockerfile"
+                file="database/runtime/Dockerfile",
+                build_args={"PGSTAC_VERSION": pgstac_version},
             ),
             timeout=Duration.minutes(2),
-            vpc=database.vpc
+            vpc=database.vpc,
+            log_retention=aws_logs.RetentionDays.ONE_WEEK,
         )
 
         self.secret = aws_secretsmanager.Secret(
@@ -58,7 +66,7 @@ def __init__(
                     }
                 ),
                 generate_string_key="password",
-                exclude_punctuation=True
+                exclude_punctuation=True,
             ),
             description=f"Pgstac database bootsrapped by {Stack.of(self).stack_name} stack"
         )
@@ -78,6 +86,9 @@ def __init__(
             id="bootstrapper",
             service_token=handler.function_arn,
             properties={
+                # By setting pgstac_version in the properties assures
+                # that Create/Update events will be passed to the service token
+                "pgstac_version": pgstac_version,
                 "conn_secret_arn": database.secret.secret_arn,
                 "new_user_secret_arn": self.secret.secret_arn
             },
@@ -94,6 +105,7 @@ def __init__(
         scope: Construct,
         construct_id: str, 
         vpc,
+        stage: str,
         **kwargs
     ) -> None:
         super().__init__(scope, construct_id, **kwargs)
@@ -117,10 +129,8 @@ def __init__(
             vpc_subnets=aws_ec2.SubnetSelection(
                 subnet_type=aws_ec2.SubnetType.PUBLIC
             ),
-            deletion_protection=False, # TODO we do want deletion protection
-            removal_policy=RemovalPolicy.DESTROY, # TODO we need a safe removal policy like snapshot
-            # deletion_protection=identifier=="prod" , # enables deletion protection for production databases
-            # removal_policy=RemovalPolicy.RETAIN if identifier == "prod" else RemovalPolicy.DESTROY, # TODO we need a safe removal policy like snapshot
+            deletion_protection=stage=="prod" , # enables deletion protection for production databases
+            removal_policy=RemovalPolicy.RETAIN if stage == "prod" else RemovalPolicy.DESTROY, 
             publicly_accessible=True,
         )
 
@@ -131,7 +141,8 @@ def __init__(
             database=database,
             new_dbname="postgis", # TODO this is config!
             new_username="delta", # TODO this is config!
-            secrets_prefix=stack_name
+            secrets_prefix=stack_name,
+            stage=stage,
         )
 
         CfnOutput(

database/runtime/Dockerfile

@@ -1,9 +1,16 @@
-FROM --platform=linux/amd64 lambci/lambda:build-python3.8
+FROM lambci/lambda:build-python3.8
+
+ARG PGSTAC_VERSION
+RUN echo "Using PGSTAC Version ${PGSTAC_VERSION}"
 
 WORKDIR /tmp
 
-RUN pip install "importlib_resources;python_version>='3.8'" requests psycopg2-binary pypgstac==0.3.4 -t /asset
+RUN pip install requests psycopg[binary] pypgstac==${PGSTAC_VERSION} -t /asset
 
 COPY database/runtime/handler.py /asset/handler.py
 
+# https://stackoverflow.com/a/61746719
+# Tip from eoAPI: turns out, asyncio is part of python
+RUN rm -rf /asset/asyncio*
+
 CMD ["echo", "hello world database"]