Merge pull request #413 from NASA-IMPACT/fix/local-dev-setup

chore: local dev setup fixes

Makefile

@@ -155,7 +155,7 @@ plan-%: install
 ## pre-deploy-setup: Setup resources prior to initial deployment (idempotent)
 pre-deploy-setup: all-init
 	# Ensure buckets exist, grab the name of the "internal" bucket, and copy launchpad.pfx there.
-	$(DOCKER_RUN) --interactive $(IMAGE) -ic "bin/ensure-buckets-exist.sh 2>/dev/null
+	$(DOCKER_RUN) --interactive $(IMAGE) -ic "bin/ensure-buckets-exist.sh 2>/dev/null"
 
 ## terraform-doctor-STACK: Fixes "duplicate resource" errors for specified STACK
 terraform-doctor-%: docker
@@ -190,4 +190,5 @@ validate-%: docker
 
 ## Zip any lambda functions to prepare for deployment
 zip_lambdas:
+	DOTENV=$(DOTENV) \
 	sh app/stacks/post-deploy-mods/resources/lambdas/pre-filter-DistributionApiEndpoints/zip_lambda.sh

app/stacks/post-deploy-mods/main.tf

@@ -7,30 +7,30 @@ resource "aws_lambda_function" "pre_filter_DistApiEndpoints" {
   filename      = "${path.module}/resources/lambdas/pre-filter-DistributionApiEndpoints/distro/lambda.zip"
   role          = aws_iam_role.lambda_exec_pre_filter_DistApiEndpoints.arn
   handler       = "lambda_function.lambda_handler" #"index.preFilterDistApiEndpoints"
-  runtime       = "python3.10" #local.lambda_runtime
+  runtime       = "python3.10"                     #local.lambda_runtime
   timeout       = 300
   memory_size   = 3008
 
   source_code_hash = filebase64sha256("${path.module}/resources/lambdas/pre-filter-DistributionApiEndpoints/distro/lambda.zip")
 
   lifecycle {
     create_before_destroy = true
-    prevent_destroy = true
+    prevent_destroy       = true
   }
 }
 
 # Define the Execution Role and Policy
 resource "aws_iam_role" "lambda_exec_pre_filter_DistApiEndpoints" {
   #name = "lambda_exec_role_pre_filter_DistributionApiEndpoints"
-  name = "${var.prefix}-lamb_exe_role_pf_DistApiEndpoints"  # Must be 64 chars or less
+  name = "${var.prefix}-lamb_exe_role_pf_DistApiEndpoints" # Must be 64 chars or less
 
   assume_role_policy = jsonencode({
     Version = "2012-10-17"
     Statement = [
       {
         Action = "sts:AssumeRole"
         Effect = "Allow"
-        Sid = ""
+        Sid    = ""
         Principal = {
           Service = "lambda.amazonaws.com"
         }
@@ -45,7 +45,7 @@ resource "aws_iam_role" "lambda_exec_pre_filter_DistApiEndpoints" {
 
 # Define an attachment to the aws_iam_role above
 resource "aws_iam_role_policy_attachment" "lambda_exec_policy" {
-  role = aws_iam_role.lambda_exec_pre_filter_DistApiEndpoints.name
+  role       = aws_iam_role.lambda_exec_pre_filter_DistApiEndpoints.name
   policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
 }
 
@@ -54,7 +54,7 @@ resource "aws_iam_policy" "lambda_invoke_policy" {
   #name        = "lambda_invoke_policy"
   name        = "${var.prefix}-lambda_pf_invoke_policy"
   description = "Policy to allow Lambda functions to invoke other Lambda functions"
-  policy      = jsonencode({
+  policy = jsonencode({
     Version = "2012-10-17"
     Statement = [
       {
@@ -70,14 +70,14 @@ resource "aws_iam_policy" "lambda_invoke_policy" {
 
 # Attach the Policy, which allows a Lambda to be Invoked, to the Lambda Role
 resource "aws_iam_role_policy_attachment" "lambda_invoke_policy_attachment" {
-  role        = aws_iam_role.lambda_exec_pre_filter_DistApiEndpoints.name
-  policy_arn  = aws_iam_policy.lambda_invoke_policy.arn
+  role       = aws_iam_role.lambda_exec_pre_filter_DistApiEndpoints.name
+  policy_arn = aws_iam_policy.lambda_invoke_policy.arn
 }
 
 # Attach an AWS managed Policy for DynamoDB Read Only access
 resource "aws_iam_role_policy_attachment" "dynamodb_readonly_policy" {
-  role        = aws_iam_role.lambda_exec_pre_filter_DistApiEndpoints.name
-  policy_arn  = "arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess"
+  role       = aws_iam_role.lambda_exec_pre_filter_DistApiEndpoints.name
+  policy_arn = "arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess"
 }
 
 # Fetch existing API Gateway
@@ -88,7 +88,7 @@ data "aws_api_gateway_rest_api" "distribution_api" {
 # Fetch the proxy resource (API Gateway "/{proxy+}" prop)
 data "aws_api_gateway_resource" "proxy_resource" {
   rest_api_id = data.aws_api_gateway_rest_api.distribution_api.id
-  path = "/{proxy+}"
+  path        = "/{proxy+}"
 }
 
 # No need to update the root resource
@@ -116,33 +116,33 @@ data "aws_api_gateway_resource" "proxy_resource" {
 
 # Update the integration for the root resource with GET method
 resource "aws_api_gateway_integration" "proxy_lambda_integration" {
-  rest_api_id = data.aws_api_gateway_rest_api.distribution_api.id
-  resource_id = data.aws_api_gateway_resource.proxy_resource.id
-  http_method = "ANY"
+  rest_api_id             = data.aws_api_gateway_rest_api.distribution_api.id
+  resource_id             = data.aws_api_gateway_resource.proxy_resource.id
+  http_method             = "ANY"
   integration_http_method = "POST" #"GET"
-  type = "AWS_PROXY"
-  uri = aws_lambda_function.pre_filter_DistApiEndpoints.invoke_arn
+  type                    = "AWS_PROXY"
+  uri                     = aws_lambda_function.pre_filter_DistApiEndpoints.invoke_arn
 }
 
 # Ensure the Lambda function as the necessary permissions to be invoked by API Gateway
 resource "aws_lambda_permission" "api_gateway" {
-  statement_id = "AllowAPIGatewayInvoke"
-  action = "lambda:InvokeFunction"
+  statement_id  = "AllowAPIGatewayInvoke"
+  action        = "lambda:InvokeFunction"
   function_name = aws_lambda_function.pre_filter_DistApiEndpoints.function_name
-  principal = "apigateway.amazonaws.com"
-  source_arn = "${data.aws_api_gateway_rest_api.distribution_api.execution_arn}/*/*"
+  principal     = "apigateway.amazonaws.com"
+  source_arn    = "${data.aws_api_gateway_rest_api.distribution_api.execution_arn}/*/*"
 }
 
 # Ensure the API Gateway redeploys after the update
 resource "aws_api_gateway_deployment" "api_deployment" {
   depends_on = [aws_api_gateway_integration.proxy_lambda_integration]
 
   rest_api_id = data.aws_api_gateway_rest_api.distribution_api.id
-  stage_name = "dev"  # The existing cumulus deployment for this API Gateway Stage is always called dev (in all environments)
+  stage_name  = "dev" # The existing cumulus deployment for this API Gateway Stage is always called dev (in all environments)
 
   triggers = {
     redeployment = sha1(jsonencode({
-      lambda_version = aws_lambda_function.pre_filter_DistApiEndpoints.source_code_hash
+      lambda_version  = aws_lambda_function.pre_filter_DistApiEndpoints.source_code_hash
       integration_uri = aws_api_gateway_integration.proxy_lambda_integration.uri
     }))
   }

bin/create-test-data.sh

@@ -10,7 +10,8 @@ echo -n "Determining provider bucket..."
 provider_bucket="$(
   echo 'var.buckets["provider"]["name"]' |
     terraspace console cumulus 2>/dev/null |
-    grep "${CUMULUS_PREFIX}"
+    grep "${CUMULUS_PREFIX}" |
+    sed -E 's/"(.+)"/\1/'
 )"
 echo "${provider_bucket}"