docqai · janaka · Jun 4, 2023 · Jun 4, 2023 · Jun 4, 2023 · Jun 4, 2023
@@ -0,0 +1,47 @@
+name: Build and Publish Container Image
+on:
+  push:
+    branches:
+      #- main
+      - infra/aws-deploy
+    paths:
+      - 'source/**'
+      - 'web/**'
+      - 'pyproject.toml'
+      - '.github/workflows/publish-container.yml'
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+      - name: Get short SHA
+        id: short-sha
+        run: echo "sha=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Get app version
+        id: app-version
+        run: echo "version=$(cat pyproject.toml | grep version | head -1 | awk -F= '{ print $2 }' | sed 's/["]//g' | sed 's/^[[:space:]]//;s/[[:space:]]$//')" >> "$GITHUB_OUTPUT"
+      - name: Build and push image
+        uses: docker/build-push-action@v4
+        with:
+          push: true
+          target: prod
+          build-args: |
+            TESTBUILD=false
+            BUILDTAG=3.11-slim-buster
+            BUILDPLATFORM=linux/amd64
+            TARGET=prod
+          tags: |
+            ghcr.io/${{ github.repository }}:latest
+            ghcr.io/${{ github.repository }}:${{ steps.app-version.outputs.version }}
+            ghcr.io/${{ github.repository }}:${{ github.run_number }}-${{ steps.short-sha.outputs.sha }}
+          context: .
@@ -1,5 +1,5 @@
 ARG BUILDPLATFORM=linux/amd64
-ARG BUILDTAG=3-alpine
+ARG BUILDTAG=3.11-slim-buster
 
 FROM --platform=$BUILDPLATFORM python:$BUILDTAG as test
 
@@ -21,7 +21,7 @@ COPY tests tests
 
 RUN poetry install
 
-ARG TESTBUILD=True
+ARG TESTBUILD=False
 ENV TESTBUILD=$TESTBUILD
 RUN if [ "$TESTBUILD" = 'True' ]; then poe lint; fi
 RUN if [ "$TESTBUILD" = 'True' ]; then poe test; fi
@@ -42,10 +42,11 @@ WORKDIR /home/user/app
 
 COPY --chown=user:user --from=test /home/user/app/requirements.txt requirements.txt
 COPY --chown=user:user --from=test /home/user/app/dist dist
+COPY --chown=user:user web web
 
 RUN pip install --no-cache -r requirements.txt dist/*.whl --user
 
+ENTRYPOINT ["python", "-m", "streamlit", "run"]
+CMD ["web/index.py", "--browser.gatherUsageStats", "false"]
 
-ENTRYPOINT ["python", "-m"]
-CMD ["docq.docq"]
 
@@ -101,19 +101,26 @@ This Project depends on the following projects.
 ### Installation
 
 1. Clone the repo
+
    ```sh
    git clone https://github.com/docqai/docq
    cd docq
    ```
+
 2. Install Poe the Poet and Poetry
+
    ```sh
    pip install --user --upgrade poethepoet poetry
    ```
+
 3. Install requirements for development
+
    ```sh
    poe install-dev
    ```
+
 4. Run tests
+
    ```sh
    poe test
    ```
@@ -147,21 +154,39 @@ Some useful examples of how this project can be used:
 - Generate API documentation
 
   ```sh
-  poe doc
+  poe do
   ```
 
 - Build a docker image for tests
 
-  ```sh
-  poe docker-build --target test --build-tag 3.10-alpine
-  docker run -ti --rm docq:test-3.10-alpine
-  ```
+   ```sh
+   poe docker-build --target test --build-tag 3.10-alpine --test true
+   poe docker-run --target test
+   ```
 
 - Build a docker image to run the root files only without running any test
-  ```sh
-  poe docker-build --target prod --build-tag 3.10-alpine --no-test
-  docker run -ti --rm docq:prod-3.10-alpine
-  ```
+  - Build image
+
+   ```sh
+   poe docker-build
+   ```
+
+  - Add a `.env` file with the following
+
+   ```yaml
+   OPENAI_API_KEY # don't add secret values here, only var name. set value in your env with set/export.
+   DOCQ_DATA=./.persisted/
+   STREAMLIT_SERVER_ADDRESS=0.0.0.0
+   STREAMLIT_SERVER_PORT=8501 # option 8501 is the default
+
+   ```
+
+  - set secrets `export OPEN_API_KEY=<your secret token>`. Note that the .env file only has the env name not the value for secrets. It's best practice not to add secret to files even if gitignored.
+  - Run container
+
+   ```sh
+   poe docker-run
+   ```
 
 _For more examples, please refer to the [Documentation](https://docqai.github.io/docq/readme.html)_
 

@@ -0,0 +1,9 @@
+*.js
+!jest.config.js
+*.d.ts
+node_modules
+
+# CDK asset staging directory
+.cdk.staging
+cdk.out
+dist
@@ -0,0 +1,6 @@
+*.ts
+!*.d.ts
+
+# CDK asset staging directory
+.cdk.staging
+cdk.out
@@ -0,0 +1,39 @@
+# Infra to deploy DocqAI on AWS
+
+This CDK project deploys an instance of DocqAI to AWS.
+
+This CDK project is design to also generate a CloudFormation template that we can use with a LaunchStack URL.
+
+TypeScript rather than Python so we can easily create a FABR CDF package in the future
+
+## LaunchStack URL 
+
+- `cdk synth`
+- 
+
+## CD - Trigger just an app deploy for an environment
+
+- publish updated container image. See Makefile in root of repo
+- `aws elasticbeanstalk update-environment --application-name <app-name> --environment-name <env-name> --version-label <version label from console> --profile fabrexp`
+  - Example: `aws elasticbeanstalk update-environment --application-name docqai --environment-name docqai --version-label docqappstack-appversion-240nebwgnt2z --profile fabrexp`
+  - note: that we can use the same AppVersion if the Dockerrun.aws.json is pointing at the tag `latest` and the updated image is also tagged `latest`
+
+
+
+## Publishing containers
+
+The GH action `publish-container.yml` handles publishing to GCR ( Github Container Registry)
+
+## /dockerrun/<app-name>
+
+Container config files go in these folders. This is our folder convension. All the files in the folder our bundled and uploaded to S3 for deployment.
+
+The dockerrun.aws.json (has to be v1) is how the EB HostManager know which image to pull for an environment and config the container on start up.
+
+Dockerrun.aws.json v1 ref
+
+<https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/single-container-docker-configuration.html#docker-configuration.no-compose>
+
+## Notes
+
+- EB bucket - EB creates a bucket in an account that launches EB. This is used for assets and logs. The bucket name follows the following convention "elasticbeanstalk-<region>-<account id>"
@@ -0,0 +1,39 @@
+#!/usr/bin/env node
+import * as cdk from 'aws-cdk-lib';
+import { DocqStack } from '../library/cdk-app-stack';
+
+const app = new cdk.App();
+
+
+
+new DocqStack(app, 'DocqAppStack', {
+  name: "docqai",
+  description: 'Docq AI application',
+  size: "small",
+  resiliant: false
+
+  /* If you don't specify 'env', this stack will be environment-agnostic.
+   * Account/Region-dependent features and context lookups will not work,
+   * but a single synthesized template can be deployed anywhere. */
+
+  /* Uncomment the next line to specialize this stack for the AWS Account
+   * and Region that are implied by the current CLI configuration. */
+  // env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION },
+
+  /* Uncomment the next line if you know exactly what Account and Region you
+   * want to deploy the stack to. */
+  // env: { account: '123456789012', region: 'us-east-1' },
+
+  /* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */
+
+});
+
+// const cftemplateUri = "https://cdk-hnb659fds-assets-246744040432-eu-west-1.s3.eu-west-1.amazonaws.com/cb650bc664b488ef57c3e5ff8bb37f61d3c5d52d9757a758f432079953ff2da8.json"
+// new cdk.CfnOutput(app, 'LaunchStackUrl eu-west-1', {
+//   value: `https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/new?stackName=DocqAI&templateURL=https://cdk-hnb659fds-assets-246744040432-eu-west-1.s3.eu-west-1.amazonaws.com/cf2cad040c0869ad181c5938f4adb6632d0017416246d4563d0dbcf3e34344a8.json`,
+// });
+
+
+//TODO: add a second stack to upload the template to s3 or do it on the CLI
+
+
@@ -0,0 +1,54 @@
+{
+  "app": "npx ts-node --prefer-ts-exts bin/cdk-app.ts",
+  "watch": {
+    "include": [
+      "**"
+    ],
+    "exclude": [
+      "README.md",
+      "cdk*.json",
+      "**/*.d.ts",
+      "**/*.js",
+      "tsconfig.json",
+      "package*.json",
+      "yarn.lock",
+      "node_modules",
+      "test",
+      "dist"
+    ]
+  },
+  "context": {
+    "@aws-cdk/aws-lambda:recognizeLayerVersion": true,
+    "@aws-cdk/core:checkSecretUsage": true,
+    "@aws-cdk/core:target-partitions": [
+      "aws",
+      "aws-cn"
+    ],
+    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+    "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true,
+    "@aws-cdk/aws-iam:minimizePolicies": true,
+    "@aws-cdk/core:validateSnapshotRemovalPolicy": true,
+    "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true,
+    "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true,
+    "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true,
+    "@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
+    "@aws-cdk/core:enablePartitionLiterals": true,
+    "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true,
+    "@aws-cdk/aws-iam:standardizedServicePrincipals": true,
+    "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true,
+    "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true,
+    "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
+    "@aws-cdk/aws-route53-patters:useCertificate": true,
+    "@aws-cdk/customresources:installLatestAwsSdkDefault": false,
+    "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true,
+    "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true,
+    "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true,
+    "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true,
+    "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true,
+    "@aws-cdk/aws-redshift:columnId": true,
+    "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": true,
+    "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": true,
+    "@aws-cdk/aws-apigateway:requestValidatorUniqueId": true
+  }
+}
@@ -0,0 +1,13 @@
+{
+  "AWSEBDockerrunVersion": "1",
+  "Image": {
+    "Name": "ghcr.io/docqai/docq:latest",
+    "Update": "true"
+  },
+  "Ports": [
+    {
+      "ContainerPort": "8501",
+      "HostPort": "80"
+    }
+  ]
+}
@@ -0,0 +1,12 @@
+{
+  "AWSEBDockerrunVersion": "1",
+  "Image": {
+    "Name": "public.ecr.aws/q0o2r1k7/janaka/helloworld-api:latest",
+    "Update": "true"
+  },
+  "Ports": [
+    {
+      "ContainerPort": "80"
+    }
+  ]
+}
@@ -0,0 +1,12 @@
+{
+  "AWSEBDockerrunVersion": "1",
+  "Image": {
+    "Name": "public.ecr.aws/q0o2r1k7/docqai/hazyresearch-huggingface:latest",
+    "Update": "true"
+  },
+  "Ports": [
+    {
+      "ContainerPort": "80"
+    }
+  ]
+}
@@ -0,0 +1,8 @@
+module.exports = {
+  testEnvironment: 'node',
+  roots: ['<rootDir>/test'],
+  testMatch: ['**/*.test.ts'],
+  transform: {
+    '^.+\\.tsx?$': 'ts-jest'
+  }
+};