From 29340d12e7ba9051fe099a5dea3112d0c917118f Mon Sep 17 00:00:00 2001
From: Simon Li <spli@dundee.ac.uk>
Date: Wed, 24 Apr 2024 12:34:52 +0100
Subject: [PATCH 1/5] Can't compare empty list `[]`, check length 0

---
 ecs-cluster/keycloak.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ecs-cluster/keycloak.tf b/ecs-cluster/keycloak.tf
index b5bcd1e..ac2638d 100644
--- a/ecs-cluster/keycloak.tf
+++ b/ecs-cluster/keycloak.tf
@@ -5,8 +5,8 @@ locals {
   keycloak-hostname = var.keycloak-hostname == "" ? aws_lb.keycloak.dns_name : var.keycloak-hostname
 
   vpc_id          = var.vpc-id == "" ? module.vpc[0].vpc_id : var.vpc-id
-  public_subnets  = var.public-subnets == [] ? module.vpc[0].public_subnets : var.public-subnets
-  private_subnets = var.private-subnets == [] ? module.vpc[0].private_subnets : var.private-subnets
+  public_subnets  = length(var.public-subnets) == 0 ? module.vpc[0].public_subnets : var.public-subnets
+  private_subnets = length(var.private-subnets) == 0 ? module.vpc[0].private_subnets : var.private-subnets
 }
 
 resource "random_password" "db-password" {

From 0c3b22d4a84d25642e0de2487505ad43b808144f Mon Sep 17 00:00:00 2001
From: Simon Li <spli@dundee.ac.uk>
Date: Wed, 24 Apr 2024 14:24:13 +0100
Subject: [PATCH 2/5] Java applications can be very slow to start, wait 3 mins
 before health check

---
 ecs-cluster/keycloak.tf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ecs-cluster/keycloak.tf b/ecs-cluster/keycloak.tf
index ac2638d..817b35d 100644
--- a/ecs-cluster/keycloak.tf
+++ b/ecs-cluster/keycloak.tf
@@ -369,6 +369,9 @@ resource "aws_ecs_service" "keycloak" {
     container_port   = local.container-port
   }
 
+  # Java applications can be very slow to start
+  health_check_grace_period_seconds = 180
+
   # lifecycle {
   #   ignore_changes = [desired_count]
   # }

From fb7c371d7545dfee334f75d6f685564d29aec0ae Mon Sep 17 00:00:00 2001
From: Simon Li <spli@dundee.ac.uk>
Date: Wed, 24 Apr 2024 14:26:37 +0100
Subject: [PATCH 3/5] Release 2.0.0-beta.3

---
 CHANGELOG.md             | 6 ++++--
 ecs-cluster/variables.tf | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c85e063..6d87a5f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,9 +1,11 @@
 # Changelog
 
-## 2.0.0-beta.1 - In progress
+## 2.0.0-beta.3 - In progress
 
-([full changelog](https://github.com/hic-infra/ecs-keycloak/compare/1.0.0...2.0.0-beta.1))
+([full changelog](https://github.com/hic-infra/ecs-keycloak/compare/1.0.0...2.0.0-beta.3))
 
+- Fix empty check of `var.{public,private}-subnets`, delay health check, 2.0.0-beta.3 [#16](https://github.com/hic-infra/ecs-keycloak/pull/16)
+- Release 2.0.0-beta.2 [#15](https://github.com/hic-infra/ecs-keycloak/pull/15)
 - Add `terraform {backend s3}` back [#14](https://github.com/hic-infra/ecs-keycloak/pull/14)
 - Release 2.0.0-beta.1 [#13](https://github.com/hic-infra/ecs-keycloak/pull/13)
 - Optionally use existing VPC. Upgrade Keycloak to 24.0.2 [#12](https://github.com/hic-infra/ecs-keycloak/pull/12)
diff --git a/ecs-cluster/variables.tf b/ecs-cluster/variables.tf
index c0375ba..5fb2fff 100644
--- a/ecs-cluster/variables.tf
+++ b/ecs-cluster/variables.tf
@@ -12,7 +12,7 @@ variable "region" {
 
 variable "keycloak-image" {
   type        = string
-  default     = "ghcr.io/hic-infra/ecs-keycloak:2.0.0-beta.2"
+  default     = "ghcr.io/hic-infra/ecs-keycloak:2.0.0-beta.3"
   description = "Keycloak image including registry"
 }
 

From 4c92a0aa7d647bcd80060e8e4578561fd5c64b18 Mon Sep 17 00:00:00 2001
From: Simon Li <spli@dundee.ac.uk>
Date: Wed, 24 Apr 2024 15:52:15 +0100
Subject: [PATCH 4/5] Use `coalescelist` instead

---
 ecs-cluster/keycloak.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ecs-cluster/keycloak.tf b/ecs-cluster/keycloak.tf
index 817b35d..280d70f 100644
--- a/ecs-cluster/keycloak.tf
+++ b/ecs-cluster/keycloak.tf
@@ -5,8 +5,8 @@ locals {
   keycloak-hostname = var.keycloak-hostname == "" ? aws_lb.keycloak.dns_name : var.keycloak-hostname
 
   vpc_id          = var.vpc-id == "" ? module.vpc[0].vpc_id : var.vpc-id
-  public_subnets  = length(var.public-subnets) == 0 ? module.vpc[0].public_subnets : var.public-subnets
-  private_subnets = length(var.private-subnets) == 0 ? module.vpc[0].private_subnets : var.private-subnets
+  public_subnets  = coalescelist(var.public-subnets, module.vpc[0].public_subnets)
+  private_subnets = coalescelist(var.private-subnets, module.vpc[0].private_subnets)
 }
 
 resource "random_password" "db-password" {

From f16c4a1e0b109446b7a84cd6cc3eba7e5d409c39 Mon Sep 17 00:00:00 2001
From: Simon Li <spli@dundee.ac.uk>
Date: Wed, 24 Apr 2024 15:54:24 +0100
Subject: [PATCH 5/5] Revert "Use `coalescelist` instead"

The ternary operator uses short-circuiting, whereas `coalescelist` always evaluates `module.vpc[0].private_subnets` and fails if `module.vpc[0]` doesn't exist.
---
 ecs-cluster/keycloak.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ecs-cluster/keycloak.tf b/ecs-cluster/keycloak.tf
index 280d70f..817b35d 100644
--- a/ecs-cluster/keycloak.tf
+++ b/ecs-cluster/keycloak.tf
@@ -5,8 +5,8 @@ locals {
   keycloak-hostname = var.keycloak-hostname == "" ? aws_lb.keycloak.dns_name : var.keycloak-hostname
 
   vpc_id          = var.vpc-id == "" ? module.vpc[0].vpc_id : var.vpc-id
-  public_subnets  = coalescelist(var.public-subnets, module.vpc[0].public_subnets)
-  private_subnets = coalescelist(var.private-subnets, module.vpc[0].private_subnets)
+  public_subnets  = length(var.public-subnets) == 0 ? module.vpc[0].public_subnets : var.public-subnets
+  private_subnets = length(var.private-subnets) == 0 ? module.vpc[0].private_subnets : var.private-subnets
 }
 
 resource "random_password" "db-password" {