variable "task_role_arn" {}
variable "execution_role_arn" {}
variable "ecs_cluster" {}
variable "local_namespace" {}
variable "desired_count" {}
variable "background_desired_count" {}

variable "http_listener_sg" {
default = "sg-0024906e0e1f78048"
}

variable "lb_subnets" {
default = [ "subnet-16161a39", "subnet-323deb78", "subnet-44c2774b", "subnet-5e675761", "subnet-8519fde2", "subnet-89bab8d4", ]
}
resource "aws_ecs_task_definition" "integreat_app" {

  family                = "integreat_app_${var.stage}"
  container_definitions = file("${var.stage}-taskdef.json")
  memory = 8192
  cpu = 2048
  network_mode = "awsvpc"
  requires_compatibilities = ["FARGATE"]
  execution_role_arn = var.execution_role_arn
  task_role_arn = var.task_role_arn
}


resource "aws_ecs_task_definition" "integreat_background_worker" {

  family                = "integreat_background-worker_${var.stage}"
  container_definitions = file("${var.stage}-background-worker-taskdef.json")
  memory = 2048
  cpu = 512
  network_mode = "awsvpc"
  requires_compatibilities = ["FARGATE"]
  execution_role_arn = var.execution_role_arn
  task_role_arn = var.task_role_arn
}


resource "aws_ecs_service" "integreat_app" {
  name            = "integreat_app_${var.stage}"
  cluster         = var.ecs_cluster
  task_definition = aws_ecs_task_definition.integreat_app.arn
  desired_count   = var.desired_count
  health_check_grace_period_seconds = 600
  deployment_controller {
    type = "ECS"
  }
  scheduling_strategy                = "REPLICA"
   platform_version                   = "LATEST" 

   network_configuration {
     assign_public_ip = true
       security_groups  = [ "sg-004e5855310c453a3", "sg-02d167406b1082698"]
       subnets          = [ "subnet-5e675761", "subnet-8519fde2", "subnet-89bab8d4" ] 
   }

  load_balancer {
    target_group_arn = aws_lb_target_group.integreat_app.arn
    container_name   = "integreat-app"
    container_port   = 3000
  }
  service_registries { 
    container_port = 0
    port = 0
    registry_arn   = aws_service_discovery_service.service.arn
  }

  capacity_provider_strategy { 
          base              = 0 
          capacity_provider = "FARGATE_SPOT" 
          weight            = 5
  }
  capacity_provider_strategy {
          base              = 1
          capacity_provider = "FARGATE"
          weight            = 1
  }
  
      deployment_circuit_breaker {
          enable   = false
          rollback = false
        }

  wait_for_steady_state = true


  timeouts {}
  lifecycle {
    ignore_changes = [task_definition]
  }
}


resource "aws_lb" "integreat_app" {
  name               = "integreat-app-${var.stage}"
  internal           = false
  load_balancer_type = "application"
  security_groups    = [var.http_listener_sg]
  subnets  = var.lb_subnets 
  ip_address_type            = "ipv4" 
  enable_deletion_protection = true
  idle_timeout = 120
}

resource "aws_lb_target_group" "integreat_app" {
  name     = "integreat-app-${var.stage}"
  port     = 80
  protocol = "HTTP"
  vpc_id   = "vpc-b5b7d6ce"
  deregistration_delay          = 120
  load_balancing_algorithm_type = "round_robin"
  slow_start                    = 0
  tags                          = {}
  target_type                   = "ip"
  health_check {
      enabled             = true
        healthy_threshold   = 2
        interval            = 15
        matcher             = "200"
        path                = "/api/health-check"
        port                = "traffic-port"
        protocol            = "HTTP"
        timeout             = 14
        unhealthy_threshold = 5
  }

  stickiness {
    cookie_duration = 86400
    enabled         = false
    type            = "lb_cookie"
  }
}

resource "aws_lb_listener" "http" {
    load_balancer_arn = aws_lb.integreat_app.arn
    port              = 80
    protocol          = "HTTP"

    default_action {
        order = 1
        type  = "redirect"

        redirect {
            host        = "#{host}"
            path        = "/#{path}"
            port        = "443"
            protocol    = "HTTPS"
            query       = "#{query}"
            status_code = "HTTP_301"
        }
    }

    timeouts {}
}

resource "aws_lb_listener" "https" {
    certificate_arn   = aws_acm_certificate.cert.arn
    load_balancer_arn = aws_lb.integreat_app.arn
    port              = 443
    protocol          = "HTTPS"
    ssl_policy        = "ELBSecurityPolicy-2016-08"

    default_action {
        order            = 1
        target_group_arn = aws_lb_target_group.integreat_app.arn
        type             = "forward"
    }

    timeouts {}
}

resource "aws_lb_listener_rule" "static" {
    listener_arn = aws_lb_listener.https.arn
    priority     = 1

    action {
        order = 1
        type  = "redirect"

        redirect {
            host        = "s3.amazonaws.com"
            path        = "/${var.domain}/#{path}"
            port        = "443"
            protocol    = "HTTPS"
            status_code = "HTTP_301"
        }
    }

    condition {

        path_pattern {
            values = [
                "/css/*",
                "/finance-font/*",
                "/img/*",
                "/js/compiled/*",
                "index.html",
            ]
        }
    }
}

resource "aws_s3_bucket" "static" {
    bucket                      = var.domain
    request_payer               = "BucketOwner"
    tags                        = {}
    cors_rule {
        allowed_headers = [
            "*",
        ]
        allowed_methods = [
            "PUT",
            "POST",
            "DELETE",
            "GET",
        ]
        allowed_origins = [
            var.base_url,
        ]
        expose_headers  = []
        max_age_seconds = 0
    }

    versioning {
        enabled    = false
        mfa_delete = false
    }

    website {
        index_document = "index.html"
    }

  policy = <<POLICY
{
    "Id": "Policy1526084187222",
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1526084185514",
            "Action": [
                "s3:GetObject"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::${var.domain}/*",
            "Principal": "*"
        }
    ]
}
POLICY
}

resource "aws_acm_certificate" "cert" {
  domain_name = var.domain
  validation_method = "DNS"
}

resource "aws_service_discovery_service" "service" {
  name = "integreat-app-${var.stage}"

  dns_config {
    namespace_id = var.local_namespace

    dns_records {
      ttl  = 10
      type = "A"
    }

    routing_policy = "MULTIVALUE"
  }

  health_check_custom_config {
    failure_threshold = 1
  }
}

module "square_import_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(4 hours)"
       job_name = "square-import-job"
       execution_role_arn = var.execution_role_arn
       memory = 4096
       cpu = 1024
}

module "square2_import_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(5 hours)"
       job_name = "square2-import-job"
       execution_role_arn = var.execution_role_arn
       memory = 4096
       cpu = 1024
}

module "reconcile_ledger_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(1 hour)"
       job_name = "reconcile-ledger"
       execution_role_arn = var.execution_role_arn
       memory = 8192
       cpu = 2048
}

module "current_balance_cache" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(60 minutes)"
       job_name = "current-balance-cache"
       execution_role_arn = var.execution_role_arn
       memory = 2048
       cpu = 512
}

module "yodlee2_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(6 hours)"
       job_name = "yodlee2"
       execution_role_arn = var.execution_role_arn
       memory = 2048
       cpu = 1024
}

module "intuit_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(6 hours)"
       job_name = "intuit"
       execution_role_arn = var.execution_role_arn
       memory = 2048
       cpu = 1024
}

module "plaid_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(6 hours)"
       job_name = "plaid"
       execution_role_arn = var.execution_role_arn
       memory = 2048
       cpu = 1024
}

module "vendor_usages_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(4 hours)"
       job_name = "vendor-usages"
       execution_role_arn = var.execution_role_arn
       memory = 2048
       cpu = 1024
}

module "import_uploaded_invoices_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(1 hour)"
       job_name = "import-uploaded-invoices"
       execution_role_arn = var.execution_role_arn
       memory = 2048
       cpu = 512
}

module "sysco_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(3 hours)"
       job_name = "sysco"
       execution_role_arn = var.execution_role_arn
       memory = 2048
       cpu = 512
}

module "close_auto_invoices_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       schedule = "rate(1 hour)"
       job_name = "close-auto-invoices"
       execution_role_arn = var.execution_role_arn
       memory = 2048
       cpu = 512
}

module "yodlee2_accounts_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       job_name = "yodlee2-accounts"
       execution_role_arn = var.execution_role_arn
       use_schedule = false
       memory = 2048
       cpu = 512
}


module "bulk_journal_import_job" {
       source = "./background-job/"
       ecs_cluster = var.ecs_cluster
       task_role_arn = var.task_role_arn
       stage = var.stage
       job_name = "bulk-journal-import"
       execution_role_arn = var.execution_role_arn
       use_schedule = false
       memory = 4096
       cpu = 1024
}