update the backend_build_script
This commit is contained in:
121
.gitea/workflows/backend-ecr-modal.yaml
Normal file
121
.gitea/workflows/backend-ecr-modal.yaml
Normal file
@@ -0,0 +1,121 @@
|
||||
# Gitea Actions Workflow: Backend ECR Deployment
|
||||
# Place at: .gitea/workflows/backend-ecr.yaml (in repository root)
|
||||
|
||||
name: Backend EC - Modal Deployment
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: ['**']
|
||||
workflow_dispatch: {}
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
|
||||
env:
|
||||
# Build-time / workflow context
|
||||
BACKEND_DIR: workspace/sprint_1_2/CODEBASE/backend
|
||||
ECR_REGISTRY: public.ecr.aws
|
||||
ECR_REPOSITORY: ${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}/msk-cv-inference-server
|
||||
DOCKERFILE_PATH: deps/implementation/backend_deploy/Dockerfile
|
||||
MODAL_SCRIPT: workspace/sprint_1_2/CODEBASE/deps/implementation/backend_deploy/gitea_modal_build.py
|
||||
|
||||
# CV inference server runtime configuration
|
||||
# These are Gitea repository variables (or secrets) that are forwarded
|
||||
# to the container at deploy time. The Docker image itself does NOT bake
|
||||
# them in — the FastAPI app reads them from the environment via pydantic-settings.
|
||||
TRITON_ENDPOINT: ${{ vars.TRITON_ENDPOINT }}
|
||||
CV_INFERENCE_HOST: ${{ vars.CV_INFERENCE_HOST }}
|
||||
CV_INFERENCE_PORT: ${{ vars.CV_INFERENCE_PORT }}
|
||||
BASE_URL: ${{ vars.BASE_URL }}
|
||||
CORS_ORIGINS: ${{ vars.CORS_ORIGINS }}
|
||||
ECR_PUBLIC_REGISTRY_ALIAS: ${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}
|
||||
|
||||
|
||||
jobs:
|
||||
build-and-push:
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: gitea-modal-runner:latest
|
||||
timeout-minutes: 30
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Lint backend code
|
||||
run: |
|
||||
python -m py_compile workspace/sprint_1_2/CODEBASE/backend/cv_inference_server.py
|
||||
find workspace/sprint_1_2/CODEBASE/backend -name '*.py' -exec python -m py_compile {} +
|
||||
|
||||
- name: Extract metadata for Docker
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
with:
|
||||
# Full ECR Public image reference: public.ecr.aws/{alias}/{repo}
|
||||
images: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=sha,prefix=
|
||||
type=raw,value=latest,enable={{is_default_branch}}
|
||||
labels: |
|
||||
org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
|
||||
org.opencontainers.image.revision=${{ github.sha }}
|
||||
org.opencontainers.image.title=VKIST CV Inference Server
|
||||
|
||||
- name: Print image URI and digest
|
||||
run: |
|
||||
echo "Pushed ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.meta.outputs.version }}"
|
||||
echo "Digest: ${{ steps.meta.outputs.tags }}"
|
||||
|
||||
- name: Determine image tag
|
||||
id: tag
|
||||
run: |
|
||||
if [ -n "${{ github.event.inputs.tag }}" ]; then
|
||||
echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT
|
||||
elif [ "${{ github.ref_type }}" = "tag" ]; then
|
||||
echo "tag=${{ github.ref_name }}" >> $GITHUB_OUTPUT
|
||||
else
|
||||
echo "tag=${{ github.sha }}" >> $GITHUB_OUTPUT
|
||||
fi
|
||||
echo "tag=latest" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Build and push via Modal
|
||||
id: modal-build
|
||||
env:
|
||||
MODAL_TOKEN: ${{ secrets.MODAL_TOKEN }}
|
||||
run: |
|
||||
modal run ${{ env.MODAL_SCRIPT }} \
|
||||
--registry ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }} \
|
||||
--image-name "" \
|
||||
--tag ${{ steps.tag.outputs.tag }} \
|
||||
--platform linux/amd64 \
|
||||
--push
|
||||
|
||||
notify-deploy:
|
||||
needs: modal-build
|
||||
if: success() && github.event_name == 'push'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Trigger deployment webhook
|
||||
if: env.DEPLOY_WEBHOOK_URL != ''
|
||||
env:
|
||||
DEPLOY_WEBHOOK_URL: ${{ secrets.DEPLOY_WEBHOOK_URL }}
|
||||
WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
|
||||
run: |
|
||||
cat <<EOF | curl -X POST "${DEPLOY_WEBHOOK_URL}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-H "X-Gitea-Signature: sha256=$(echo -n '@-' | openssl dgst -sha256 -hmac "${WEBHOOK_SECRET}" | cut -d' ' -f2)" \
|
||||
-d @-
|
||||
{
|
||||
"service": "cv-inference-server",
|
||||
"image": "${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.tag.outputs.tag }}",
|
||||
"env": {
|
||||
"TRITON_ENDPOINT": "${{ vars.TRITON_ENDPOINT }}",
|
||||
"CV_INFERENCE_HOST": "${{ vars.CV_INFERENCE_HOST }}",
|
||||
"CV_INFERENCE_PORT": "${{ vars.CV_INFERENCE_PORT }}",
|
||||
"BASE_URL": "${{ vars.BASE_URL }}",
|
||||
"CORS_ORIGINS": "${{ vars.CORS_ORIGINS }}",
|
||||
"ECR_PUBLIC_REGISTRY_ALIAS": "${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}"
|
||||
}
|
||||
}
|
||||
EOF
|
||||
Reference in New Issue
Block a user