set env staging

.aws/task-definition-production.json

@@ -0,0 +1,90 @@
+{
+  "taskDefinitionArn": "arn:aws:ecs:ap-southeast-1:537124935427:task-definition/production-ourcoach-backend:1",
+  "containerDefinitions": [
+    {
+      "name": "ourcoach-backend",
+      "image": "537124935427.dkr.ecr.ap-southeast-1.amazonaws.com/production/ourcoach-backend:a3bc1e9d281202be3aef692f06fecfeb768eb280",
+      "cpu": 256,
+      "memory": 512,
+      "portMappings": [
+        {
+          "name": "8100",
+          "containerPort": 8100,
+          "hostPort": 8100,
+          "protocol": "tcp",
+          "appProtocol": "http"
+        }
+      ],
+      "essential": true,
+      "environment": [],
+      "environmentFiles": [],
+      "mountPoints": [],
+      "volumesFrom": [],
+      "ulimits": [],
+      "logConfiguration": {
+        "logDriver": "awslogs",
+        "options": {
+          "awslogs-group": "/ecs/production-ourcoach-backend",
+          "mode": "non-blocking",
+          "awslogs-create-group": "true",
+          "max-buffer-size": "25m",
+          "awslogs-region": "ap-southeast-1",
+          "awslogs-stream-prefix": "ecs"
+        },
+        "secretOptions": []
+      },
+      "systemControls": []
+    }
+  ],
+  "family": "production-ourcoach-backend",
+  "taskRoleArn": "arn:aws:iam::537124935427:role/ecsTaskExecutionRole",
+  "executionRoleArn": "arn:aws:iam::537124935427:role/ecsTaskExecutionRole",
+  "networkMode": "awsvpc",
+  "revision": 1,
+  "volumes": [],
+  "status": "ACTIVE",
+  "requiresAttributes": [
+    {
+      "name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
+    },
+    {
+      "name": "ecs.capability.execution-role-awslogs"
+    },
+    {
+      "name": "com.amazonaws.ecs.capability.ecr-auth"
+    },
+    {
+      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
+    },
+    {
+      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.28"
+    },
+    {
+      "name": "com.amazonaws.ecs.capability.task-iam-role"
+    },
+    {
+      "name": "ecs.capability.execution-role-ecr-pull"
+    },
+    {
+      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
+    },
+    {
+      "name": "ecs.capability.task-eni"
+    },
+    {
+      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.29"
+    }
+  ],
+  "placementConstraints": [],
+  "compatibilities": ["EC2", "FARGATE"],
+  "requiresCompatibilities": ["FARGATE"],
+  "cpu": "256",
+  "memory": "512",
+  "runtimePlatform": {
+    "cpuArchitecture": "X86_64",
+    "operatingSystemFamily": "LINUX"
+  },
+  "registeredAt": "2024-10-16T15:49:35.603Z",
+  "registeredBy": "arn:aws:iam::537124935427:user/besher",
+  "tags": []
+}

.aws/task-definition-staging.json

@@ -0,0 +1,96 @@
+{
+  "taskDefinitionArn": "arn:aws:ecs:ap-southeast-1:537124935427:task-definition/staging-ourcoach-ai-core:1",
+  "containerDefinitions": [
+      {
+          "name": "ourcoach-ai-core",
+          "image": "537124935427.dkr.ecr.ap-southeast-1.amazonaws.com/staging/ourcoach-ai-core",
+          "cpu": 256,
+          "memory": 512,
+          "portMappings": [
+              {
+                  "name": "7860",
+                  "containerPort": 7860,
+                  "hostPort": 7860,
+                  "protocol": "tcp",
+                  "appProtocol": "http"
+              }
+          ],
+          "essential": true,
+          "environment": [],
+          "environmentFiles": [],
+          "mountPoints": [],
+          "volumesFrom": [],
+          "ulimits": [],
+          "logConfiguration": {
+              "logDriver": "awslogs",
+              "options": {
+                  "awslogs-group": "/ecs/staging-ourcoach-ai-core",
+                  "mode": "non-blocking",
+                  "awslogs-create-group": "true",
+                  "max-buffer-size": "25m",
+                  "awslogs-region": "ap-southeast-1",
+                  "awslogs-stream-prefix": "ecs"
+              },
+              "secretOptions": []
+          },
+          "systemControls": []
+      }
+  ],
+  "family": "staging-ourcoach-ai-core",
+  "taskRoleArn": "arn:aws:iam::537124935427:role/ecsTaskExecutionRole",
+  "executionRoleArn": "arn:aws:iam::537124935427:role/ecsTaskExecutionRole",
+  "networkMode": "awsvpc",
+  "revision": 1,
+  "volumes": [],
+  "status": "ACTIVE",
+  "requiresAttributes": [
+      {
+          "name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
+      },
+      {
+          "name": "ecs.capability.execution-role-awslogs"
+      },
+      {
+          "name": "com.amazonaws.ecs.capability.ecr-auth"
+      },
+      {
+          "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
+      },
+      {
+          "name": "com.amazonaws.ecs.capability.docker-remote-api.1.28"
+      },
+      {
+          "name": "com.amazonaws.ecs.capability.task-iam-role"
+      },
+      {
+          "name": "ecs.capability.execution-role-ecr-pull"
+      },
+      {
+          "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
+      },
+      {
+          "name": "ecs.capability.task-eni"
+      },
+      {
+          "name": "com.amazonaws.ecs.capability.docker-remote-api.1.29"
+      }
+  ],
+  "placementConstraints": [],
+  "compatibilities": [
+      "EC2",
+      "FARGATE"
+  ],
+  "requiresCompatibilities": [
+      "FARGATE"
+  ],
+  "cpu": "256",
+  "memory": "512",
+  "runtimePlatform": {
+      "cpuArchitecture": "X86_64",
+      "operatingSystemFamily": "LINUX"
+  },
+  "registeredAt": "2024-10-25T11:56:36.943Z",
+  "registeredBy": "arn:aws:iam::537124935427:user/besher",
+  "enableFaultInjection": false,
+  "tags": []
+}

.github/workflows/deploy-production.yml

@@ -0,0 +1,23 @@
+name: Deployment Pipeline (Production)
+
+on:
+  push:
+    branches:
+      - main
+
+permissions:
+  id-token: write # This is required for requesting the JWT
+  contents: read # This is required for actions/checkout
+
+jobs:
+  deploy:
+    name: Using Deployment Workflow
+    uses: ./.github/workflows/deployment.yml
+    with:
+      active_env: production
+      ecr_url: 537124935427.dkr.ecr.ap-southeast-1.amazonaws.com/production/ourcoach-backend
+      ecs_service: ourcoach-backend
+      ecs_cluster: ProductionECSCluster
+      ecs_task_definition: .aws/task-definition-production.json
+      container_name: ourcoach-backend
+    secrets: inherit

.github/workflows/deploy-staging.yml

@@ -0,0 +1,23 @@
+name: Deployment Pipeline (Staging)
+
+on:
+  push:
+    branches:
+      - staging
+
+permissions:
+  id-token: write # This is required for requesting the JWT
+  contents: read # This is required for actions/checkout
+
+jobs:
+  deploy:
+    name: Using Deployment Workflow
+    uses: ./.github/workflows/deployment.yml
+    with:
+      active_env: staging
+      ecr_url: 537124935427.dkr.ecr.ap-southeast-1.amazonaws.com/staging/ourcoach-ai-core
+      ecs_service: ourcoach-ai-core
+      ecs_cluster: StagingECSCluster
+      ecs_task_definition: .aws/task-definition-staging.json
+      container_name: ourcoach-ai-core
+    secrets: inherit

.github/workflows/deployment.yml

@@ -0,0 +1,76 @@
+name: Reusable Deployment Workflow
+
+on:
+  workflow_call:
+    inputs:
+      active_env:
+        required: true
+        type: string
+      ecr_url:
+        required: true
+        type: string
+      ecs_service:
+        required: true
+        type: string
+      ecs_cluster:
+        required: true
+        type: string
+      ecs_task_definition:
+        required: true
+        type: string
+      container_name:
+        required: true
+        type: string
+
+env:
+  AWS_REGION: ap-southeast-1
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    environment:
+      name: ${{ inputs.active_env }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@0e613a0980cbf65ed5b322eb7a1e075d28913a83
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@62f4f872db3836360b72999f4b87f1ff13310f3a
+
+      - name: Build, tag, and push image to Amazon ECR
+        id: build-image
+        env:
+          IMAGE_TAG: ${{ github.sha }}
+        run: |
+          docker build --build-arg FASTAPI_KEY=${{secrets.FASTAPI_KEY}} --build-arg OPENAI_KEY=${{secrets.OPENAI_KEY}} -t ${{inputs.ecr_url}}:$IMAGE_TAG .
+          docker push ${{inputs.ecr_url}}:$IMAGE_TAG
+          echo "image=${{inputs.ecr_url}}:$IMAGE_TAG" >> $GITHUB_OUTPUT
+
+      - name: Fill in the new image ID in the Amazon ECS task definition
+        id: task-def
+        uses: aws-actions/amazon-ecs-render-task-definition@c804dfbdd57f713b6c079302a4c01db7017a36fc
+        with:
+          task-definition: ${{ inputs.ecs_task_definition }}
+          container-name: ${{ inputs.container_name }}
+          image: ${{ steps.build-image.outputs.image }}
+
+      - name: Deploy Amazon ECS task definition
+        uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a
+        with:
+          task-definition: ${{ steps.task-def.outputs.task-definition }}
+          service: ${{ inputs.ecs_service }}
+          cluster: ${{ inputs.ecs_cluster }}
+          wait-for-service-stability: true

Dockerfile

@@ -1,6 +1,14 @@
 # Use the official Python 3.10.9 image
 FROM python:3.10.9
 
+
+ARG FASTAPI_KEY
+ARG OPENAI_KEY
+
+ENV FASTAPI_KEY=$FASTAPI_KEY
+ENV OPENAI_KEY=$OPENAI_KEY
+
+
 # Copy the current directory contents into the container at .
 COPY . .