All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Added
processing_timesfield to the Job schema in the API in order to support jobs with multiple processing steps.
- Removed
processing_time_in_secondsfield from the Job schema.
- New
RIVER_WIDTHjob type.
- Job specifications can now specify multiple tasks.
WATER_MAPandWATER_MAP_10Mnow can run up to 10 hours before timing out.
WATER_MAPandWATER_MAP_10Mnow can run up to 19800s before timing out.
scale-clusternow temporarily disables the Batch Compute Environment to allow maxvCpus to be reduced in cases when the current desired vCpus exceeds the new target value.
scale-clusternow adjusts the compute environment size based on total month-to-date spending, rather than only EC2 spending.
- Granted additional IAM permissions required by AWS Step Functions to manage AWS Batch jobs.
- Changed the Swagger UI page header and title to reflect the particular HyP3 deployment.
- The
nextURL in paginatedGET /jobsresponses will now reflect the correct API hostname and path in load balanced environments. Fixes #1071.
- Added support for updating subscription
startandintersectsWithfields.
- Increased
MemorySizeforprocess-new-granulesfunction to improve performance when evaluating subscriptions.
BannedCidrBlocksstack parameter to specify CIDR ranges that will receive HTTP 403 Forbidden responses from the API
- Granules for jobs are now validated against the updated 2021 release of Copernicus GLO-30 Public DEM coverage.
- GitHub action to scan Python dependencies and rendered CloudFormation templates for known security vulnerabilities using Snyk.
- AUTORIFT jobs can now be submitted for Sentinel-2 scenes with 25-character Earth Search names. Fixes #1022.
GET /jobsrequests now acceptnameparameters up to 100 characters. Fixes #1019.
- Fix how we fetch jobs that are waiting for step function execution, so that we actually start up to 400 executions at a time.
- Added default values for
logsandexpiration_time, which should prevent failed jobs from remaining inRUNNING.
- Monthly job quota checks can now be suppressed for individual users by setting
max_jobs_per_monthtonullin the users table. - A user can now be given a fixed Batch job priority for all jobs that they submit by setting the
priorityfield in the users table.
- Handle missing log stream when uploading logs, which should prevent jobs from remaining in
RUNNINGstatus after failure. - Don't write error messages to
processing_time_in_secondsfield.
- Added
execution_startedfield to job schema to indicate whether a step function execution has been started for the job.
- Job status code doesn't switch from
PENDINGtoRUNNINGuntil the Batch job starts running.
- Added flood depth options to water map job (currently limited to
hyp3-test).
- Increased job name length limit to 100 characters.
- Compute processing time when one or more Batch attempts is missing a
StartedAttime.
- Convert floats to decimals when adding a subscription.
- Process new granules for
WATER_MAPsubscriptions.
- Step function now retries the CHECK_PROCESSING_TIME task when errors are encountered.
- Step function now retries transient
Batch.AWSBatchExceptionerrors when submitting jobs to AWS Batch. Fixes #911.
- Expose CloudFront product download URLs for Earthdata Cloud environments via the HyP3 API.
OriginAccessIdentityIdstack parameter supporting content distribution via CloudFront.
- Upgraded AWS Lambda functions and Github Actions to Python 3.9
- Require HttpTokens to be consistent with EC2 instance metadata configured with Instance Metadata Service Version 2 (IMDSv2).
- Cloudformation stack parameters that are specific to Earthdata Cloud environments are now managed via Jinja templates, rather than CloudFormation conditions.
- A
JPL-publicsecurity environment when rendering CloudFormation templates which will deploy a public bucket policy. To use this environment, the AWS S3 account level Block All Public Access setting must have been turned off by the JPL Cloud team.
- The
JPLsecurity environment, when rendering CloudFormation templates, will no longer deploy a public bucket policy as this is disallowed by default for JPL commercial cloud accounts.
- New
InstanceTypesparameter to the cloudformation template to specify which EC2 Instance Types are available to the Compute Environment - Added
r5dn.xlargeas an eligible instance type in most HyP3 deployments
- The
job_spec_filespositional argument torender_cf.pyhas been switched to a required--job-spec-filesoptional argument to support multiple open-ended arguments. - Set S3 Object Ownership to
Bucket owner enforcedfor all buckets so that access via ACLs is no longer supported.
- The HyP3 API is now implemented as an API Gateway REST API, supporting private API deployments.
- AutoRIFT jobs now allow submission with Landsat 9 Collection 2 granules
- Add
processing_time_in_secondsto thejobAPI schema to allow plugin developers to check processing time.
- Encrypt Earthdata username and password using AWS Secrets Manager.
- Documentation about deploying to a JPL-managed commercial AWS account has been added to
docs/deployments.
- Increase monthly job quota per user from 250 to 1,000.
- Limited the number of jobs a subscription can send at a time to avoid timing out. Fixes #794.
- Confirm there are no unprocessed granules before disabling subscriptions past their expiration date.
- Jobs are now assigned a
priorityattribute when submitted.priorityis calculated based on jobs already submitted month-to-date by the same user. Jobs with a higherpriorityvalue will run before jobs with a lower value. Batch.ServerExceptionerrors encountered by the Step Function are now retried, to address intermittent errors when the Step Functions service calls the Batch SubmitJob API.
- HyP3 can now be deployed into a JPL managed commercial AWS account
- Selectable security environment when rendering CloudFormation templates, which will modify resources/configurations for:
ASF(default) -- AWS accounts managed by the Alaska Satellite FacilityEDC-- AWS accounts managed by the NASA Earthdata CLoudJPL-- AWS accounts managed by the NASA Jet Propulsion Laboratory
- A
security_environmentMake variable used by therendertarget (and any target that depends onrender). Use likemake security_environment=ASF build
- All CloudFormation templates (
*-cf.yml) are now rendered from jinja2 templates (*-cf.yml.j2)
- The
EarthdataCloudCloudFormation template parameter toapps/main-cf.yml
- Use Managed Policies for IAM permissions in support of future deployments using custom CloudFormation IAM resources
- Added build target to Makefile.
- Disabled default encryption for the monitoring SNS topic. Fixes #762.
- Enabled default encryption for the monitoring SNS topic
- Block Public Access settings for the S3 content bucket are now configured based on the EarthdataCloud stack parameter.
- s3 access log bucket is now encrypted using AWS S3 Bucket Keys
- The
scale-clusterlambda now reducesdesiredVpucsto matchmaxVcpuswhen necessary to allow the compute environment to scale down immediately.
- The
DomainNameandCertificateArnstack parameters are now optional, allowing HyP3 to be deployed without a custom domain name for the API.
- Support for automatic toggling between two
maxvCpusvalues for the Batch compute environment, based on monthly budget vs month-to-date spending
- Api 400 responses now use a consistent JSON schema for the response body. Fixes #625
- Default autoRIFT parameter file was updated to point at the new
its-live-dataAWS S3 bucket instead ofits-live-data.jpl.nasa.gov, except for the customautorift-eudeployment which uses a copy ineu-central-1. - Job specification YAMLs can now specify a container
image_tag, which will override the deployment default image tag - Provided example granule pairs for INSAR_GAMMA and AUTORIFT jobs in the OpenApi schema
POST /jobsno longer allows users to submit a job of onejob_typewith the parameters of anotherPOST /subscriptionsno longer allows user to submit a subscriptions of onejob_typewith the parameters of anotherProcessNewGranulesnow convertsdecimal.Decimalobjects tofloatorintbefore passing toasf_search.search
- fixed typo in
search_parameteters['FlightDirection']DECENDING -> DESCENDING
- New
AmiIdstack parameter to specify a specific AMI for the AWS Batch compute environment
job_spec/*.ymlfiles are now explicitly selected allowing per-deployment job customization
AutoriftImage,AutoriftNamingScheme, andAutoriftParameterFileCloudFormation stack parameters have been removed and are instead captured in customjob_spec/*.ymlfiles.
- Optional
DeployLambdasInVpcstack parameter to deploy all lambda functions into the givenVpcIdandSubnetIds
- Job types now are defined each in their own file under the
job_specdirectory - Api job parameters are now defined in the
job_specfolder for the given job type
- Optional
PermissionsBoundaryPolicyArnstack parameter to apply to all created IAM roles
- Resolved an issue where API requests would return HTTP 500 due to space-padded sourceIp value, e.g. ' 123.123.123.50'
BannedCidrBlocksstack parameter to specify CIDR ranges that will receive HTTP 403 Forbidden responses from the API
- All job parameters of type
listnow are converted to space delimited strings prior to invoking job definitions in Batch.
- Exposed new
include_displacement_mapsAPI parameter for INSAR_GAMMA jobs, which will cause both a line-of-sight displacement and a vertical displacement GEOTIFF to be included in the product.
- Reduced default job quota to 250 jobs per user per month
- The
include_los_displacementAPI parameter for INSAR_GAMMA jobs has been deprecated in favor of theinclude_displacement_mapsparameter, and will be removed in the future.
- The
logsattribute inGET /jobsresponses is now only populated for FAILED jobs, and will be an empty list for SUCCEEDED jobs
POST /subscriptionsrequests may now include avalidate_onlykey which when set totruewill not add the subscription to the database but still validate it.- in
POST /subscriptionsrequests,search_parametersandjob_specificationare now included undersubscription GET /subscriptionsrequests now include query parametersnamegets only subscriptions with the given namejob_typegets only subscriptions with the given job typeenabledgets only subscriptions whereenabledmatches
- subscriptions now include
creation_datewhich indicates date and time of subscription creation, responses fromGET /subscriptionsare sorted bycreation_datedecending
PATCH /subscriptionsrequests may now update a subscription'senabledattribute in addition toend_date
GET /jobsresponses now include asubscription_idfield for jobs created by subscriptionsGET /jobsrequests now may include asubscription_idquery parameter to limit jobs based on subscription_id- Subscriptions are now evaluated every 16 minutes, instead of every hour
/subscriptionsendpoint which allows a user to define a subscription with search and processing criteriaPOST /subscriptionsto create a subscriptionGET /subscriptionsto list all subscriptions for the userPATCH /subscriptions/<subscription_id>to update the end date of a subscriptionGET /subscriptions/<subscription_id>to list the information for a specific subscription
process_new_granulesapp which searches for unprocessed granules related to subscriptions and automatically starts jobs for them as they become available.
- HyP3 content bucket now allows Cross Origin Resource Headers
- Exposed new
apply_water_maskAPI parameter for INSAR_GAMMA jobs, which sets pixels over coastal and large inland waterbodies as invalid for phase unwrapping.
- Modified retry strategies for Batch jobs and UploadLog lambda to address scaling errors
lib/dynamolibrary to allow sharing common code among different apps.
POST /jobsresponses no longer include thejob_id,request_time,status_code, oruser_idfields whenvalidate_only=true- moved dynamodb functionality from
hyp3_api/dynamotolib/dynamo - moved job creation buisness logic from
hyp3_api/handlerstolib/dynamo
AutoriftNamingSchemeCloudFormation parameter to set the naming scheme for autoRIFT products
- Sentinel-2 autoRIFT jobs now reserve 3/4 less memory, allowing more jobs to be run in parallel
- Increased default job quota to 1,000 jobs per user per month
- Allow the UI to be accessed from
/ui/as well as/ui - POST
/jobsnow generates an error for Sentinel-1 granules with partial-dual polarizations, fixes #376
- Removed
connexionlibrary due to inactivity, replaced withopen-api-core - Error messages from invalid input according to the
api-specare different
- POST
/jobsno longer throws 500 fordecimal.Inexacterrors, fixes #444 start_exectuion.pywill now submit at most 400 step function executions per run. Resolves an issue where no executions would be started when many PENDING jobs were available for submission.
- Landsat and Sentinel-2 autoRIFT jobs will utilize 1/3 less memory
- Exposed new
include_wrapped_phaseAPI parameter for INSAR_GAMMA jobs
- Exposed new
include_demAPI parameter for INSAR_GAMMA jobs
- RTC_GAMMA jobs now use the Copernicus DEM by default
- AUTORIFT jobs now accept Landsat 8 scenes with a sensor mode of ORI-only (
LO08)
- INSAR_GAMMA jobs now expose
include_inc_mapparameter that allows users to include an incidence angle map.
- Updated API GATEWAY payload format to version 2.0 to support later versions of serverless wsgi
- Granules for INSAR_GAMMA jobs are now validated against Copernicus GLO-30 Public DEM coverage
- resolved
handlers.get_names_for_usererror whendynamo.query_jobsrequires paging. - Resolved HTTP 500 error when quota check requires paging.
- Exposed new
dem_nameapi parameter for RTC_GAMMA jobsdem_name="copernicus"will use the Copernicus GLO-30 Public DEMdem_name="legacy"will use the DEM with the best coverage from ASF's legacy SRTM/NED data sets
util.get_job_count_for_monthnow usesSelect='COUNT'for better performance querying DynamoDB
- Granules for RTC_GAMMA jobs are now validated against the appropriate DEM coverage map based on the value of the
dem_namejob parameter
GET /jobsnow pages results. Large queries (that require paging) will contain anextkey in the root level of the json response with a URL to fetch subsequent pagesGET /jobsnow accepts ajob_typequery parameterGET /jobsnow provides jobs sorted byrequest_timein descending order
- Exposed new
include_rgbapi parameter for RTC_GAMMA jobs
get_files.pynow only includes product files ending in.zipor.ncin thefileslist returned inGET /jobsAPI responses
- S3 content bucket now allows public
s3:ListBucketands3:GetObjectTagging
- Jobs now include a
logskey containing a list of log file download urls
- Increased max capacity for compute environment to 1600 vCPUs
- Improved response latency when submitting new jobs via
POST /jobs
GET /jobsresponses now includes3.bucketands3.keyentries for each file to facilitate interacting with products using s3-aware tools.
- AUTORIFT jobs now correctly accept Sentinel-2 granules using Earth Search IDs of 23 characters.
- AutoRIFT jobs now allow submission with Landsat 8 Collection 2 granules
- AutoRIFT jobs now only accept Sentinel-2 L1C granules, rather than any Sentinel-2 granules
- API responses are no longer validated against the OpenAPI schema.
GET /jobsrequests for jobs with legacy parameter values (e.g. S2 L2A granules) will no longer return HTTP 500 errors.
- INSAR_GAMMA jobs now use the hyp3-gamma plugin to do processing
- RTC_GAMMA jobs now use the hyp3-gamma plugin to do processing
- Autorift jobs now allow submission with Sentinel 2 granules
- A new
include_scattering_areaparamter has been added forRTC_GAMMAjobs, which includes a GeoTIFF of scattering area in the product package. This supports creation of composites of RTC images using Local Resolution Weighting per Small (2012) https://doi.org/10.1109/IGARSS.2012.6350465. - Cloudwatch request metrics are now enabled for the S3 content bucket
- Api Gateway access logs are now in JSON format for easier parsing by Cloudwatch Insights
- Api Gateway access logs now include
responseLatencyanduserAgentfields. UnusedcalleranduserIdfields are no longer included.
/now redirects to/ui
- Increased compute to allow 200 concurrent instances.
- Refactored dynamodb interactions
dynamo.pyin the api code now manages all dynamodb interactions for the api- added tests for new dynamo module
- added paging for dynamodb query calls
- Added Code of Conduct and Contributing Guidelines
MonthlyJobQuotaPerUserstack parameter no longer has a default, and the value can now be set to zero.- Value is now set to
200for ASF deployments. - Value is now set to
0for the autoRIFT deployment.
- Value is now set to
POST /jobsrequests now allow up to 200 jobs per request, up from 25
- User table which can be used to add custom quotas for users, users not in the table will still have the default.
- GET /jobs/{job_id} API endpoint to search for a job by its job_id
- Api and processing errors will now post to a SNS topic
- Parameters for
INSAR_GAMMAjobs have been updated to reflect hyp3-insar-gamma v2.2.0.
- API behavior for different job types is now defined exclusively in
job_types.yml. Available parameter types must still be defined inapps/api/src/hyp3_api/api-sec/job_parameters.yml.j2, and available validation rules must still be defined inapps/api/src/hyp3_api/validation.py.
- Added
AmazonS3ReadOnlyAccesspermission to batch task role to support container jobs fetching input data from S3.
- RTC_GAMMA jobs now use the user-provided value for the speckle filter parameter. Previously, the user-provided value was ignored and all jobs processed using the default value (false).
- Hyp3 now uses jinja templates in defining CloudFormation templates and the StepFunction definition, rendered at buildtime.
- Job types are now defined only in the API spec and the
job_types.ymlfile, no job specific information needs to be added to AWS resource definitions. - Static Analysis now requires rendering before run.
- Added a new
AUTORIFTjob type for processing a pair of Sentinel-1 SLC IW scenes using autoRIFT. For details, refer to the hyp3-autorift plugin repository.
- Updated readme deployment instructions.
- Clarified job parameter descriptions in OpenAPI specification.
- Moved step function definition into it's own file and added static analysis on step funciton definition.
- Split OpenAPI spec into multiple files using File References to resolve, static analysis change from openapi-spec-validator to prance.
GET /userresponse now includes ajob_nameslist including all distinct job names previously submitted for the current user
- API is now deployed using Api Gateway V2 resources, resulting in lower response latency.
- Added a new
INSAR_GAMMAjob type for producing an interferogram from a pair of Sentinel-1 SLC IW scenes using GAMMA. For details, refer to the hyp3-insar-gamma plugin repository.
-
All job types requiring one or more granules now expose a single
granulesjob parameter, formatted as a list of granule names:"granules": ["myGranule"]forRTC_GAMMAjobs"granules": ["granule1", "granule2"]forINSAR_GAMMAjobs
Note this is a breaking change for
RTC_GAMMAjobs. -
Browse and thumbnail URLs for
RTC_GAMMAjobs will now be sorted with the amplitude image first, followed by the rgb image, inGET /jobsresponses.
- Resolved HTTP 500 error when submitting jobs with a resolution with decimal precision (e.g.
30.0)
- The
dem_matching,speckle_filter,include_dem, andinclude_inc_mapapi parameters are now booleans instead of strings. - The
resolutionapi parameter is now a number instead of a string, and the10.0option has been removed.
- Implemented 0.15° buffer and 20% threshold in DEM coverage checks when submitting new jobs. As a result slightly more granules will be rejected as having insufficient coverage.
- Removed optional
descriptionfield for jobs
- Unit tests for
get-fileslambda function
- Resolved HTTP 500 errors for
POST /jobsrequests when the optionalvalidate_onlyparameter was not provided - Jobs encountering unexpected errors in the
get-filesstep will now correctly transition to aFAILEDstatus
POST /jobsnow accepts avalidate_onlykey at root level, set to true to skip submitting jobs but run api validation.
get-filesget expiration only from product
get-filesstep functions AMI roles for tags
POST /jobsnow accepts custom job parameters when submitting jobsGET /jobsnow shows parameters job was run with
get_files.pynow uses tags to identify file_type instead of path
- Name field to job parameter, set in the same way as description but with max length of 20
- Administrators can now shut down Hyp3-api by setting SystemAvailable flag to false in CloudFormation Template and deploying
- Retry policies to improve reliability
- POST /jobs now accepts GRDH Files in the IW beam mode.
- Removed scaling rules and moved to MANAGED compute environment to run jobs
- POST /jobs now checks granule intersects DEM Coverage map to provide faster feedback on common error cases
- Resolved bug not finding granules when submitting 10 unique granules in a RTC_GAMMA job
- README.md with instructions for deploying, testing, and running the application
- Descriptions for all parameters in the top level cloudformation template
- Descriptions for all schema objects in the OpenAPI specification
- Reduced monthly job quota per user from 100 to 25
- Reduced maximum number of jobs allowed in a single POST /jobs request from 100 to 25
- Removed user authorization requirement for submitting jobs
- Removed is_authorized field from GET /user response
- New GET /user API endpoint to query job quota and jobs remaining
- browse image key for each job containing a list of urls for browse images
- browse images expire at the same time as products
- thumbnail image key for each job containing a list of urls for thumbnail images
- thubnail images expire at the same time as products
- API checks granule exists in CMR and rejects jobs with granules that are not found