add examples using new docker build provider and running containers on HTTPS

[EvanBoyle]

From what I could find, all of the awsx examples show exposing containers via an ALB on http, but for any real world use case users area really going to want HTTPs. I've noticed the examples in this repo in the examples repo are a bit all over the place, some referencing new AWSX alb package, some referencing the classic awsx ALB, ultimately leading to a lot of confusion for me (some problems with pulumi.ai related to this as well: pulumi/pulumi-ai#85).

Spent a couple of hours getting this worked out and thought I would share the sample code in case it helps other users:

import * as aws from "@pulumi/aws";
import * as pulumi from "@pulumi/pulumi"
import * as awsx from "@pulumi/awsx";
import * as dockerBuild from "@pulumi/docker-build";

const config = new pulumi.Config();

// Create an ECR repository to store the Docker image
const repo = new aws.ecr.Repository("cortex-api-repo");

// Grab auth credentials for ECR.
const authToken = aws.ecr.getAuthorizationTokenOutput({
    registryId: repo.registryId,
});

const cortexApiImage = new dockerBuild.Image("cortex-api-image", {
    push: true,
    context: {
        location: "../cortex-api",
    },
    tags: [pulumi.interpolate`${repo.repositoryUrl}:latest`],
    platforms: [
        "linux/amd64",
        "linux/arm64",
    ],
    registries: [
       {
        address: repo.repositoryUrl,
        password: authToken.password,
        username: authToken.userName,
       }
    ]

});
const cluster = new aws.ecs.Cluster("cortex-cluster");

// Create an ACM Certificate for our domain.
const certificate = new aws.acm.Certificate("cortex-cert", {
    domainName: "*.cortexclick.com", // Replace with your domain name
    validationMethod: "DNS",
});

const lb = new awsx.lb.ApplicationLoadBalancer("cortex-lb", {
    defaultTargetGroupPort: 3001,
});

const httpsListener = new aws.lb.Listener("app-listener", {
    loadBalancerArn: lb.loadBalancer.arn,
    port: 443,
    protocol: "HTTPS",
    certificateArn: certificate.arn,
    defaultActions: [{
        type: "forward",
        targetGroupArn: lb.defaultTargetGroup.arn,
    }],
});

const service = new awsx.ecs.FargateService("cortex-api-service", {
    cluster: cluster.arn,
    assignPublicIp: true,
    desiredCount: 2,
    taskDefinitionArgs: {
        container: {
            image: cortexApiImage.ref,
            name: "cortex-api",
            cpu: 512,
            memory: 1024,
            essential: true,
            portMappings: [
                {
                    containerPort: 3001,
                    targetGroup: lb.defaultTargetGroup,
                },
            ],
            environment: [
                {
                    name: "TURBOPUFFER_API_KEY",
                    value: config.require("turbopuffer_api_key"),
                },
                {
                    name: "OPENAI_API_KEY",
                    value: config.require("openai_api_key"),
                },
                {
                    name: "DATABASE_HOST",
                    value: config.require("database_host"),
                },
                {
                    name: "DATABASE_PASSWORD",
                    value: config.require("database_password"),
                },
                {
                    name: "DATABASE_USERNAME",
                    value: config.require("database_username"),
                }
            ]
        },
    },
});

// Export the load balancer's address so that it's easy to access.
export const url = lb.loadBalancer.dnsName;

[flostadler]

Thanks a lot @EvanBoyle for bringing this up! I'll generalize it and add it to our examples.
I'll also have a look through our existing examples and clean them up where necessary