From b06aa0fdeb67f2a41fc25af3dfa6e13188ea58dc Mon Sep 17 00:00:00 2001
From: Chris Kalafarski <chris@farski.com>
Date: Mon, 23 Oct 2023 11:56:25 -0400
Subject: [PATCH] Update ALB rules for app domains

---
 spire/templates/apps-300A.yml   |  1 +
 spire/templates/apps/augury.yml | 15 +++++++++++----
 spire/templates/apps/feeder.yml | 30 ++++++++++--------------------
 3 files changed, 22 insertions(+), 24 deletions(-)

diff --git a/spire/templates/apps-300A.yml b/spire/templates/apps-300A.yml
index 0fce792f1..a766df278 100644
--- a/spire/templates/apps-300A.yml
+++ b/spire/templates/apps-300A.yml
@@ -97,6 +97,7 @@ Resources:
         CastlePostgresInstanceEndpointPort: !Ref CastlePostgresInstanceEndpointPort
         CastlePostgresClientSecurityGroupId: !Ref CastlePostgresClientSecurityGroupId
         AdFilesHostname: !Ref AdFilesHostname
+        AuguryHostname: !Ref AuguryHostname
         FeederHostname: !Ref FeederHostname
         IdHostname: !Ref IdHostname
         CastleHostname: !Ref CastleHostname
diff --git a/spire/templates/apps/augury.yml b/spire/templates/apps/augury.yml
index 2496f0f07..2be4a4f41 100644
--- a/spire/templates/apps/augury.yml
+++ b/spire/templates/apps/augury.yml
@@ -54,6 +54,7 @@ Parameters:
   CastlePostgresInstanceEndpointPort: { Type: String }
   CastlePostgresClientSecurityGroupId: { Type: String }
   AdFilesHostname: { Type: String }
+  AuguryHostname: { Type: String }
   FeederHostname: { Type: String }
   IdHostname: { Type: String }
   CastleHostname: { Type: String }
@@ -94,18 +95,24 @@ Resources:
             - inventory.dovetail.*
       ListenerArn: !Ref AlbHttpsListenerArn
       Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "01"]]
-  AltHostHeaderListenerRule:
+  RedirectHostHeaderListenerRule:
     Type: AWS::ElasticLoadBalancingV2::ListenerRule
     Properties:
       Actions:
-        - TargetGroupArn: !Ref TargetGroup
-          Type: forward
+        - RedirectConfig:
+            Host: !Ref AuguryHostname
+            Path: "/#{path}"
+            Port: "#{port}"
+            Protocol: "#{protocol}"
+            Query: "#{query}"
+            StatusCode: "HTTP_301"
+          Type: redirect
       Conditions:
         - Field: host-header
           Values:
             - augury.*
       ListenerArn: !Ref AlbHttpsListenerArn
-      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "02"]]
+      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "03"]]
 
   TargetGroup:
     Type: AWS::ElasticLoadBalancingV2::TargetGroup
diff --git a/spire/templates/apps/feeder.yml b/spire/templates/apps/feeder.yml
index 2e98984e6..ae23f091f 100644
--- a/spire/templates/apps/feeder.yml
+++ b/spire/templates/apps/feeder.yml
@@ -82,6 +82,10 @@ Resources:
       WebLoggedErrorsMetricName: !Sub WebLoggedErrors${EnvironmentType}
       PublicFeedsUrlPrefix: !Sub https://${PublicFeedsHostname}/f
 
+  # The canonical address for this app is podcasts.dovetail.prx.org.
+  # API traffic to the old feeder.prx.org domain should continue to be handled
+  # directly.
+  # All other traffic to feeder.prx.org should redirect to the new domain.
   HostHeaderListenerRule:
     Type: AWS::ElasticLoadBalancingV2::ListenerRule
     Properties:
@@ -94,21 +98,7 @@ Resources:
             - podcasts.dovetail.*
       ListenerArn: !Ref AlbHttpsListenerArn
       Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "01"]]
-  AltHostHeaderListenerRule:
-    Type: AWS::ElasticLoadBalancingV2::ListenerRule
-    Condition: IsProduction
-    Properties:
-      Actions:
-        - TargetGroupArn: !Ref WebTargetGroup2
-          Type: forward
-      Conditions:
-        - Field: host-header
-          Values:
-            - feeder.*
-      ListenerArn: !Ref AlbHttpsListenerArn
-      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "02"]]
-
-  Temp1ListenerRule:
+  LegacyApiWildcardListenerRule:
     Type: AWS::ElasticLoadBalancingV2::ListenerRule
     Condition: IsStaging
     Properties:
@@ -123,8 +113,8 @@ Resources:
           Values:
             - /api/*
       ListenerArn: !Ref AlbHttpsListenerArn
-      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "07"]]
-  Temp3ListenerRule:
+      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "20"]]
+  LegacyApiRootListenerRule:
     Type: AWS::ElasticLoadBalancingV2::ListenerRule
     Condition: IsStaging
     Properties:
@@ -139,8 +129,8 @@ Resources:
           Values:
             - /api
       ListenerArn: !Ref AlbHttpsListenerArn
-      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "08"]]
-  Temp2ListenerRule:
+      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "21"]]
+  LegacyRedirectListenerRule:
     Type: AWS::ElasticLoadBalancingV2::ListenerRule
     Condition: IsStaging
     Properties:
@@ -158,7 +148,7 @@ Resources:
           Values:
             - feeder.*
       ListenerArn: !Ref AlbHttpsListenerArn
-      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "11"]]
+      Priority: !Join ["", [!Ref AlbListenerRulePriorityPrefix, "99"]]
 
   DefaultJobQueue:
     Type: AWS::SQS::Queue