Skip to content

Update fastapi requirement from ==0.110.* to ==0.111.* in /api #45

Update fastapi requirement from ==0.110.* to ==0.111.* in /api

Update fastapi requirement from ==0.110.* to ==0.111.* in /api #45

name: Main branch Build and Deployment
on:
pull_request:
types: [closed]
branches:
- main
jobs:
on-merge-and-deploy:
name: Skip on unmerged or 'no-deploy' PRs
if: github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'no-deploy')
runs-on: ubuntu-22.04
steps:
- name: Confirm execution
shell: bash
run: |
echo "PR merge detected and deployment wanted."
pipeline-deploy-aws-infra:
name: Deploy/update AWS infrastructure for pipeline
needs: [on-merge-and-deploy]
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-22.04
defaults:
run:
working-directory: pipeline/aws_infra
steps:
- name: Check out repository code
uses: actions/checkout@v4
- name: Setup node.js (CDK requirement)
uses: actions/setup-node@v4
with:
node-version: "18"
- name: Install CDK
run: npm install -g aws-cdk
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install CDK stack dependencies
run: pip install -r requirements.txt
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-cdk-deploy
aws-region: us-east-1
- name: CDK validations (resource assertions and cdk diff)
run: make validate
- name: cdk deploy
run: make deploy ADD_CDK_ARGS="--require-approval never"
api-deploy-image-repo:
name: Deploy/update container image repository stack for API
needs: [on-merge-and-deploy]
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-22.04
defaults:
run:
working-directory: api/aws_infra
steps:
- name: Check out repository code
uses: actions/checkout@v4
- name: Setup node.js (CDK requirement)
uses: actions/setup-node@v4
with:
node-version: "18"
- name: Install CDK
run: npm install -g aws-cdk
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install CDK stack dependencies
run: pip install -r requirements.txt
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-cdk-deploy
aws-region: us-east-1
- name: CDK validations (resource assertions and cdk diff)
run: make validate-image-stack
- name: cdk deploy
run: cdk deploy PaviApiImageRepoCdkStack --require-approval never
pipeline-seq-retrieval-build-and-push-docker-image:
needs: [on-merge-and-deploy, pipeline-deploy-aws-infra]
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-22.04
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
sparse-checkout: |
pipeline/seq_retrieval/
- name: Store release tag in env
shell: bash
run: |
echo "tagname=$(git describe --tags)" >> $GITHUB_ENV
# This step will configure environment variables to be used by all steps
# involving AWS interaction further down
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-build-image-pipeline-seq-retrieval
aws-region: us-east-1
- name: Amazon ECR login
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build and push container image
uses: docker/build-push-action@v5
with:
context: ./pipeline/seq_retrieval/
push: true
tags: |
${{ steps.login-ecr.outputs.registry }}/agr_pavi/pipeline_seq_retrieval:${{ env.tagname }}
${{ steps.login-ecr.outputs.registry }}/agr_pavi/pipeline_seq_retrieval:${{ github.event.pull_request.base.ref }}
platforms: linux/amd64
pipeline-alignment-build-and-push-docker-image:
needs: [on-merge-and-deploy, pipeline-deploy-aws-infra]
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-22.04
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
sparse-checkout: |
pipeline/alignment/
- name: Store release tag in env
shell: bash
run: |
echo "tagname=$(git describe --tags)" >> $GITHUB_ENV
# This step will configure environment variables to be used by all steps
# involving AWS interaction further down
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-build-image-pipeline-seq-retrieval
aws-region: us-east-1
- name: Amazon ECR login
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build and push container image
uses: docker/build-push-action@v5
with:
context: ./pipeline/alignment/
push: true
tags: |
${{ steps.login-ecr.outputs.registry }}/agr_pavi/pipeline_alignment:${{ env.tagname }}
${{ steps.login-ecr.outputs.registry }}/agr_pavi/pipeline_alignment:${{ github.event.pull_request.base.ref }}
platforms: linux/amd64
api-build-and-push-docker-image:
needs: [on-merge-and-deploy, api-deploy-image-repo]
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-22.04
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Store release tag in env
shell: bash
run: |
echo "tagname=$(git describe --tags)" >> $GITHUB_ENV
# This step will configure environment variables to be used by all steps
# involving AWS interaction further down
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-build-image-pipeline-seq-retrieval
aws-region: us-east-1
- name: Amazon ECR login
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build and push container image
uses: docker/build-push-action@v5
with:
context: ./
file: api/Dockerfile
push: true
tags: |
${{ steps.login-ecr.outputs.registry }}/agr_pavi/api:${{ env.tagname }}
${{ steps.login-ecr.outputs.registry }}/agr_pavi/api:${{ github.event.pull_request.base.ref }}
platforms: linux/amd64
api-deploy-application:
name: Deploy application (version) for API
needs:
- on-merge-and-deploy
- api-build-and-push-docker-image
- pipeline-alignment-build-and-push-docker-image
- pipeline-seq-retrieval-build-and-push-docker-image
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-22.04
defaults:
run:
working-directory: api/aws_infra
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Store release tag in env
shell: bash
run: |
echo "tagname=$(git describe --tags)" >> $GITHUB_ENV
- name: Setup node.js (CDK requirement)
uses: actions/setup-node@v4
with:
node-version: "18"
- name: Install CDK
run: npm install -g aws-cdk
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install CDK stack dependencies
run: pip install -r requirements.txt
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-api-cdk-deploy
aws-region: us-east-1
- name: CDK validations (resource assertions and cdk diff)
run: make validate-application-stack validate-environment-stack
- name: Deploy application (and version)
run: make deploy-application PAVI_DEPLOY_VERSION_LABEL="${{ env.tagname }}" ADD_CDK_ARGS="--require-approval never"
- name: Deploy to main environment
run: make deploy-environment PAVI_DEPLOY_VERSION_LABEL="${{ env.tagname }}" PAVI_IMAGE_TAG="${{ env.tagname }}" \
DEPLOY_ENVIRONMENT=PaviApiEbMainStack ADD_CDK_ARGS="--require-approval never"