Merge pull request #112 from asfadmin/mrp-gjc/feature/cumulus-v18.3.1…

…-upgrade

Cumulus v18.3.1 Upgrade

CHANGELOG.md

@@ -1,13 +1,22 @@
 
 # CHANGELOG
 
-## unreleased
+## v18.3.1.0
 * Snyk fixes for dev-requirements.txt
 * Add descriptions to daac variables
 * Update default CMA version to 2.0.3
 * Update example workflow lambda to use python3.8
 * Update tflint to [v0.51.1](https://github.com/terraform-linters/tflint/releases/tag/v0.51.1)
 * Update Dockerfile to be used for tests only
+* Update `daac/s3-replicator`, `rds/rds_cluster`, and `workflows/acme_workflow` source to v18.3.1
+* Update Dockerfile:
+  * NODE_VERSION="20.x"
+  * TERRAFORM_VERSION="1.9.2"
+  * AWS_CLI_VERSION="2.17.13"
+  * Upgrade to amazonlinux:2023 from amazonlinux:2
+  * Use `dnf` instead of `yum`
+* Remove `jenkins/`, `scripts/`, and `src/` directories and their contents
+* Fix deprecation issues in daac module by using `aws_s3_bucket_logging` resources
 
 ## v18.2.0.0
 * Upgrade to [Cumulus v18.2.0](https://github.com/nasa/cumulus/releases/tag/v18.2.0)

Dockerfile

@@ -1,4 +1,4 @@
-FROM amazonlinux:2
+FROM amazonlinux:2023
 
 # This image can be used to do Python 3 & NodeJS tests.
 # It contains:
@@ -9,28 +9,23 @@ FROM amazonlinux:2
 #   * Yarn
 #   * Application Python dependencies
 
-ENV NODE_VERSION "16.x"
-ENV TERRAFORM_VERSION "1.5.3"
-ENV AWS_CLI_VERSION "2.13.25"
+ENV NODE_VERSION="20.x"
+ENV TERRAFORM_VERSION="1.9.2"
+ENV AWS_CLI_VERSION="2.17.13"
 
-# Add NodeJS and Yarn repos & update package index
-RUN \
-        yum install https://rpm.nodesource.com/pub_${NODE_VERSION}/nodistro/repo/nodesource-release-nodistro-1.noarch.rpm -y && \
-        yum install nodejs -y --setopt=nodesource-nodejs.module_hotfixes=1 && \
-        curl -sL https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo && \
-        yum update -y
+# Install NodeJS
+RUN curl -fsSL https://rpm.nodesource.com/setup_${NODE_VERSION} | bash -
+RUN dnf install -y nodejs
 
 # CLI utilities
-RUN yum install -y gcc gcc-c++ git make openssl unzip wget zip jq
+RUN dnf install -y gcc gcc-c++ git make openssl unzip wget zip jq
 
 
-# Python 3 & NodeJS
+# Python 3
 RUN \
-        amazon-linux-extras install python3.8 && \
-        ln -s /usr/bin/python3.8 /usr/bin/python3 && \
-        ln -s /usr/bin/pip3.8 /usr/bin/pip3 && \
-        python3 -m pip install boto3 && \
-        yum install -y nodejs yarn \
+        dnf install -y python3-devel && \
+        dnf install -y python3-pip && \
+        python3 -m pip install setuptools
 
 
 ARG USER

daac/main.tf

@@ -65,13 +65,16 @@ resource "aws_s3_bucket" "protected-bucket" {
   lifecycle {
     prevent_destroy = true
   }
-  logging {
-    target_bucket = "${local.prefix}-internal"
-    target_prefix = "${local.prefix}/ems-distribution/s3-server-access-logs/"
-  }
   tags = merge(local.default_tags, local.dar_no_tags)
 }
 
+resource "aws_s3_bucket_logging" "protected_bucket_logging" {
+  for_each = toset(local.protected_bucket_names)
+  bucket = each.key
+  target_bucket = "${local.prefix}-internal"
+  target_prefix = "${local.prefix}/ems-distribution/s3-server-access-logs/"
+}
+
 resource "aws_s3_bucket_server_side_encryption_configuration" "protected_bucket_encryption_configuration" {
   for_each = toset(local.protected_bucket_names)
 
@@ -92,13 +95,16 @@ resource "aws_s3_bucket" "public-bucket" {
   lifecycle {
     prevent_destroy = true
   }
-  logging {
-    target_bucket = "${local.prefix}-internal"
-    target_prefix = "${local.prefix}/ems-distribution/s3-server-access-logs/"
-  }
   tags = merge(local.default_tags, local.dar_no_tags)
 }
 
+resource "aws_s3_bucket_logging" "public_bucket_logging" {
+  for_each = toset(local.public_bucket_names)
+  bucket = each.key
+  target_bucket = "${local.prefix}-internal"
+  target_prefix = "${local.prefix}/ems-distribution/s3-server-access-logs/"
+}
+
 resource "aws_s3_bucket_server_side_encryption_configuration" "public_bucket_encryption_configuration" {
   for_each = toset(local.public_bucket_names)
 

daac/s3-replicator.tf

@@ -27,7 +27,7 @@ locals {
 
 module "s3-replicator" {
 
-  source = "https://github.com/nasa/cumulus/releases/download/v18.2.0/terraform-aws-cumulus-s3-replicator.zip"
+  source = "https://github.com/nasa/cumulus/releases/download/v18.3.1/terraform-aws-cumulus-s3-replicator.zip"
 
   prefix               = local.prefix
   vpc_id               = data.aws_vpc.application_vpcs.id

rds/main.tf

@@ -11,7 +11,7 @@ resource "random_string" "user_db_pass" {
 }
 
 module "rds_cluster" {
-  source                     = "https://github.com/nasa/cumulus/releases/download/v18.2.0/terraform-aws-cumulus-rds.zip"
+  source                     = "https://github.com/nasa/cumulus/releases/download/v18.3.1/terraform-aws-cumulus-rds.zip"
   db_admin_username          = var.db_admin_username
   db_admin_password          = var.db_admin_password == "" ? random_string.admin_db_pass.result : var.db_admin_password
   region                     = data.aws_region.current.name