# Gitea Actions Workflow: Backend Build via Modal (Serverless) # Place at: .gitea/workflows/backend-modal.yaml # # This workflow offloads the heavy Docker build to Modal's serverless infrastructure, # avoiding resource constraints on the 2GB RAM Lightsail VM runner. # # Required Gitea Repository Secrets: # MODAL_TOKEN - Modal API token (from modal.com/settings) # AWS_ACCESS_KEY_ID - For ECR push # AWS_SECRET_ACCESS_KEY # AWS_REGION - e.g., us-east-1 # # Required Gitea Repository Variables: # ECR_PUBLIC_REGISTRY_ALIAS - Your public.ecr.aws alias (e.g., vkist-project) # TRITON_ENDPOINT - Modal Triton endpoint for CV inference # CV_INFERENCE_HOST - Bind host (default: 0.0.0.0) # CV_INFERENCE_PORT - Bind port (default: 8001) # BASE_URL - External base URL for routing name: Backend Modal Build on: push: branches: - '**' paths: - 'workspace/sprint_1_2/CODEBASE/backend/**' - 'workspace/sprint_1_2/CODEBASE/requirements.txt' - 'workspace/sprint_1_2/CODEBASE/deps/implementation/backend_deploy/**' workflow_dispatch: inputs: tag: description: 'Image tag (default: git SHA)' required: false type: string platform: description: 'Target platform' required: false type: string default: 'linux/amd64' permissions: contents: read packages: write env: BACKEND_DIR: workspace/sprint_1_2/CODEBASE/backend ECR_REGISTRY: public.ecr.aws ECR_REPOSITORY: ${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}/msk-cv-inference-server DOCKERFILE_PATH: deps/implementation/backend_deploy/Dockerfile MODAL_SCRIPT: workspace/sprint_1_2/CODEBASE/deps/implementation/backend_deploy/gitea_modal_build.py # Runtime config (forwarded to container via deployment) TRITON_ENDPOINT: ${{ vars.TRITON_ENDPOINT }} CV_INFERENCE_HOST: ${{ vars.CV_INFERENCE_HOST }} CV_INFERENCE_PORT: ${{ vars.CV_INFERENCE_PORT }} BASE_URL: ${{ vars.BASE_URL }} CORS_ORIGINS: ${{ vars.CORS_ORIGINS }} ECR_PUBLIC_REGISTRY_ALIAS: ${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }} jobs: build-via-modal: name: Build & Push via Modal runs-on: ubuntu-latest timeout-minutes: 20 steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.12' - name: Install Modal CLI run: pip install modal - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ env.AWS_REGION || 'us-east-1' }} - name: Login to Amazon ECR Public id: login-ecr uses: aws-actions/amazon-ecr-login@v2 with: registry-type: public mask-password: 'true' - name: Determine image tag id: tag run: | if [ -n "${{ github.event.inputs.tag }}" ]; then echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT elif [ "${{ github.ref_type }}" = "tag" ]; then echo "tag=${{ github.ref_name }}" >> $GITHUB_OUTPUT else echo "tag=${{ github.sha }}" >> $GITHUB_OUTPUT fi echo "tag=latest" >> $GITHUB_OUTPUT - name: Build and push via Modal id: modal-build env: MODAL_TOKEN: ${{ secrets.MODAL_TOKEN }} run: | modal run ${{ env.MODAL_SCRIPT }} \ --registry ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }} \ --image-name "" \ --tag ${{ steps.tag.outputs.tag }} \ --platform linux/amd64 \ --push - name: Print image URI run: | echo "Successfully pushed: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.tag.outputs.tag }}" echo "image=${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.tag.outputs.tag }}" >> $GITHUB_OUTPUT # Optional: Trigger dependent deployments # trigger-triton: # needs: build-via-modal # if: success() && github.event_name == 'push' # uses: ./.gitea/workflows/trigger_modal_triton.yaml # secrets: inherit notify-deploy: needs: build-via-modal if: success() && github.event_name == 'push' runs-on: ubuntu-latest steps: - name: Trigger deployment webhook if: env.DEPLOY_WEBHOOK_URL != '' env: DEPLOY_WEBHOOK_URL: ${{ secrets.DEPLOY_WEBHOOK_URL }} WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }} run: | cat <