add health check to tawhiri

predictor.tf

@@ -205,6 +205,17 @@ resource "aws_ecs_task_definition" "tawhiri" {
   container_definitions = jsonencode(
     [
       {
+        healthCheck = {
+          retries = 3
+          command = [
+            "/usr/bin/python3.7",
+            "-c",
+            "import urllib.request; import json; import datetime; import sys; sys.exit(0) if len(json.loads(urllib.request.urlopen(f'http://localhost:8000/api/v1/?launch_latitude=51.77542999852449&launch_longitude=15.553199937567115&launch_datetime={datetime.datetime.now().strftime(\"%Y-%m-%dT%H:%M:%SZ\")}&launch_altitude=0&ascent_rate=5.00&burst_altitude=14030.77&descent_rate=5.28').read())['prediction'][0]['trajectory']) > 0 else sys.exit(1)"
+          ]
+          timeout = 20
+          interval = 60
+          startPeriod = 30
+        }
         command = [
           "/root/.local/bin/gunicorn",
           "-b",
@@ -437,7 +448,8 @@ resource "aws_ecs_service" "tawhiri" {
   launch_type                       = "FARGATE"
   platform_version                  = "LATEST"
   desired_count                     = 1
-
+  enable_execute_command            = true
+  
   load_balancer {
     container_name   = "tawhiri"
     container_port   = 8000

websockets.tf

@@ -720,6 +720,29 @@ resource "aws_iam_role_policy" "efs" {
 EOF
 }
 
+resource "aws_iam_role_policy" "ssm" {
+  name = "SSM"
+  role = aws_iam_role.ecs_execution.id
+
+  policy = jsonencode(
+      {
+        Statement = [
+            {
+                Action   = [
+                    "ssmmessages:CreateControlChannel",
+                    "ssmmessages:CreateDataChannel",
+                    "ssmmessages:OpenControlChannel",
+                    "ssmmessages:OpenDataChannel",
+                  ]
+                Effect   = "Allow"
+                Resource = "*"
+              }
+          ]
+        Version   = "2012-10-17"
+      }
+  )
+}
+
 resource "aws_iam_role_policy" "kms" {
   name = "kms"
   role = aws_iam_role.ecs_execution.id