156 lines
5.4 KiB
YAML
156 lines
5.4 KiB
YAML
# Gitea Actions Workflow: Backend Build via Modal (Serverless)
|
|
# Place at: .gitea/workflows/backend-modal.yaml
|
|
#
|
|
# This workflow offloads the heavy Docker build to Modal's serverless infrastructure,
|
|
# avoiding resource constraints on the 2GB RAM Lightsail VM runner.
|
|
#
|
|
# Required Gitea Repository Secrets:
|
|
# MODAL_TOKEN - Modal API token (from modal.com/settings)
|
|
# AWS_ACCESS_KEY_ID - For ECR push
|
|
# AWS_SECRET_ACCESS_KEY
|
|
# AWS_REGION - e.g., us-east-1
|
|
#
|
|
# Required Gitea Repository Variables:
|
|
# ECR_PUBLIC_REGISTRY_ALIAS - Your public.ecr.aws alias (e.g., vkist-project)
|
|
# TRITON_ENDPOINT - Modal Triton endpoint for CV inference
|
|
# CV_INFERENCE_HOST - Bind host (default: 0.0.0.0)
|
|
# CV_INFERENCE_PORT - Bind port (default: 8001)
|
|
# BASE_URL - External base URL for routing
|
|
|
|
name: Backend Modal Build
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- '**'
|
|
paths:
|
|
- 'workspace/sprint_1_2/CODEBASE/backend/**'
|
|
- 'workspace/sprint_1_2/CODEBASE/requirements.txt'
|
|
- 'workspace/sprint_1_2/CODEBASE/deps/implementation/backend_deploy/**'
|
|
workflow_dispatch:
|
|
inputs:
|
|
tag:
|
|
description: 'Image tag (default: git SHA)'
|
|
required: false
|
|
type: string
|
|
platform:
|
|
description: 'Target platform'
|
|
required: false
|
|
type: string
|
|
default: 'linux/amd64'
|
|
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
|
|
env:
|
|
BACKEND_DIR: workspace/sprint_1_2/CODEBASE/backend
|
|
ECR_REGISTRY: public.ecr.aws
|
|
ECR_REPOSITORY: ${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}/msk-cv-inference-server
|
|
DOCKERFILE_PATH: deps/implementation/backend_deploy/Dockerfile
|
|
MODAL_SCRIPT: workspace/sprint_1_2/CODEBASE/deps/implementation/backend_deploy/gitea_modal_build.py
|
|
|
|
# Runtime config (forwarded to container via deployment)
|
|
TRITON_ENDPOINT: ${{ vars.TRITON_ENDPOINT }}
|
|
CV_INFERENCE_HOST: ${{ vars.CV_INFERENCE_HOST }}
|
|
CV_INFERENCE_PORT: ${{ vars.CV_INFERENCE_PORT }}
|
|
BASE_URL: ${{ vars.BASE_URL }}
|
|
CORS_ORIGINS: ${{ vars.CORS_ORIGINS }}
|
|
ECR_PUBLIC_REGISTRY_ALIAS: ${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}
|
|
|
|
jobs:
|
|
build-via-modal:
|
|
name: Build & Push via Modal
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 20
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.12'
|
|
|
|
- name: Install Modal CLI
|
|
run: pip install modal
|
|
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
aws-region: ${{ env.AWS_REGION || 'us-east-1' }}
|
|
|
|
- name: Login to Amazon ECR Public
|
|
id: login-ecr
|
|
uses: aws-actions/amazon-ecr-login@v2
|
|
with:
|
|
registry-type: public
|
|
mask-password: 'true'
|
|
|
|
- name: Determine image tag
|
|
id: tag
|
|
run: |
|
|
if [ -n "${{ github.event.inputs.tag }}" ]; then
|
|
echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT
|
|
elif [ "${{ github.ref_type }}" = "tag" ]; then
|
|
echo "tag=${{ github.ref_name }}" >> $GITHUB_OUTPUT
|
|
else
|
|
echo "tag=${{ github.sha }}" >> $GITHUB_OUTPUT
|
|
fi
|
|
echo "tag=latest" >> $GITHUB_OUTPUT
|
|
|
|
- name: Build and push via Modal
|
|
id: modal-build
|
|
env:
|
|
MODAL_TOKEN: ${{ secrets.MODAL_TOKEN }}
|
|
run: |
|
|
modal run ${{ env.MODAL_SCRIPT }} \
|
|
--registry ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }} \
|
|
--image-name "" \
|
|
--tag ${{ steps.tag.outputs.tag }} \
|
|
--platform linux/amd64 \
|
|
--push
|
|
|
|
- name: Print image URI
|
|
run: |
|
|
echo "Successfully pushed: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.tag.outputs.tag }}"
|
|
echo "image=${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.tag.outputs.tag }}" >> $GITHUB_OUTPUT
|
|
|
|
# Optional: Trigger dependent deployments
|
|
# trigger-triton:
|
|
# needs: build-via-modal
|
|
# if: success() && github.event_name == 'push'
|
|
# uses: ./.gitea/workflows/trigger_modal_triton.yaml
|
|
# secrets: inherit
|
|
|
|
notify-deploy:
|
|
needs: build-via-modal
|
|
if: success() && github.event_name == 'push'
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Trigger deployment webhook
|
|
if: env.DEPLOY_WEBHOOK_URL != ''
|
|
env:
|
|
DEPLOY_WEBHOOK_URL: ${{ secrets.DEPLOY_WEBHOOK_URL }}
|
|
WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
|
|
run: |
|
|
cat <<EOF | curl -X POST "${DEPLOY_WEBHOOK_URL}" \
|
|
-H "Content-Type: application/json" \
|
|
-H "X-Gitea-Signature: sha256=$(echo -n '@-' | openssl dgst -sha256 -hmac "${WEBHOOK_SECRET}" | cut -d' ' -f2)" \
|
|
-d @-
|
|
{
|
|
"service": "cv-inference-server",
|
|
"image": "${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.tag.outputs.tag }}",
|
|
"env": {
|
|
"TRITON_ENDPOINT": "${{ vars.TRITON_ENDPOINT }}",
|
|
"CV_INFERENCE_HOST": "${{ vars.CV_INFERENCE_HOST }}",
|
|
"CV_INFERENCE_PORT": "${{ vars.CV_INFERENCE_PORT }}",
|
|
"BASE_URL": "${{ vars.BASE_URL }}",
|
|
"CORS_ORIGINS": "${{ vars.CORS_ORIGINS }}",
|
|
"ECR_PUBLIC_REGISTRY_ALIAS": "${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}"
|
|
}
|
|
}
|
|
EOF |