Files
Lumina-MSK/.gitea/workflows/backend-ecr.yaml
DatTT127 f6c57f745b
Some checks failed
Backend ECR Deployment / build-and-push (push) Failing after 28s
Backend ECR Deployment / notify-deploy (push) Has been skipped
update
2026-07-18 18:50:54 +07:00

136 lines
4.9 KiB
YAML

# Gitea Actions Workflow: Backend ECR Deployment
# Place at: .gitea/workflows/backend-ecr.yaml (in repository root)
name: Backend ECR Deployment
on:
push:
branches: ['**']
workflow_dispatch: {}
permissions:
contents: read
packages: write
env:
# Build-time / workflow context
BACKEND_DIR: workspace/sprint_1_2/CODEBASE/backend
ECR_REGISTRY: public.ecr.aws
ECR_REPOSITORY: ${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}/msk-cv-inference-server
DOCKERFILE_PATH: deps/implementation/backend_deploy/Dockerfile
# CV inference server runtime configuration
# These are Gitea repository variables (or secrets) that are forwarded
# to the container at deploy time. The Docker image itself does NOT bake
# them in — the FastAPI app reads them from the environment via pydantic-settings.
TRITON_ENDPOINT: ${{ vars.TRITON_ENDPOINT }}
CV_INFERENCE_HOST: ${{ vars.CV_INFERENCE_HOST }}
CV_INFERENCE_PORT: ${{ vars.CV_INFERENCE_PORT }}
BASE_URL: ${{ vars.BASE_URL }}
CORS_ORIGINS: ${{ vars.CORS_ORIGINS }}
jobs:
build-and-push:
runs-on: ubuntu-latest
container:
image: gitea-modal-runner:latest
timeout-minutes: 30
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Lint backend code
run: |
ls workspace/sprint_1_2/CODEBASE
python -m py_compile workspace/sprint_1_2/CODEBASE/backend/cv_inference_server.py
find backend -name '*.py' -exec python -m py_compile {} +
# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: us-east-1
# - name: Login to Amazon ECR Public
# id: login-ecr
# uses: aws-actions/amazon-ecr-login@v2
# with:
# registry-type: public
# mask-password: 'true'
- name: Extract metadata for Docker
id: meta
uses: docker/metadata-action@v5
with:
# Full ECR Public image reference: public.ecr.aws/{alias}/{repo}
images: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}
tags: |
type=ref,event=branch
type=sha,prefix=
type=raw,value=latest,enable={{is_default_branch}}
labels: |
org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.title=VKIST CV Inference Server
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: ./${{ env.BACKEND_DIR }}
file: ./${{ env.DOCKERFILE_PATH }}
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Print image URI and digest
run: |
echo "Pushed ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.meta.outputs.version }}"
echo "Digest: ${{ steps.meta.outputs.tags }}"
# trigger-triton:
# needs: build-and-push
# if: success() && github.event_name == 'push'
# runs-on: ubuntu-latest
# steps:
# - name: Trigger Modal Triton deployment
# uses: gitea/gitea-actions-workflow-trigger@v1
# with:
# repository: ${{ github.repository }}
# workflow: trigger_modal_triton.yaml
# ref: ${{ github.ref }}
# inputs: '{}'
notify-deploy:
needs: build-and-push
if: success() && github.event_name == 'push'
runs-on: ubuntu-latest
steps:
- name: Trigger deployment webhook
if: env.DEPLOY_WEBHOOK_URL != ''
env:
DEPLOY_WEBHOOK_URL: ${{ secrets.DEPLOY_WEBHOOK_URL }}
WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
run: |
cat <<EOF | curl -X POST "${DEPLOY_WEBHOOK_URL}" \
-H "Content-Type: application/json" \
-H "X-Gitea-Signature: sha256=$(echo -n '@-' | openssl dgst -sha256 -hmac "${WEBHOOK_SECRET}" | cut -d' ' -f2)" \
-d @-
{
"service": "cv-inference-server",
"image": "${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.meta.outputs.version }}",
"env": {
"TRITON_ENDPOINT": "${{ vars.TRITON_ENDPOINT }}",
"CV_INFERENCE_HOST": "${{ vars.CV_INFERENCE_HOST }}",
"CV_INFERENCE_PORT": "${{ vars.CV_INFERENCE_PORT }}",
"BASE_URL": "${{ vars.BASE_URL }}",
"CORS_ORIGINS": "${{ vars.CORS_ORIGINS }}",
"ECR_PUBLIC_REGISTRY_ALIAS": "${{ vars.ECR_PUBLIC_REGISTRY_ALIAS }}"
}
}
EOF