Created sap model github actions file and serverless file

.github/workflows/deploy_sap_model_lambda.yml

@@ -0,0 +1,80 @@
+name: Fast Api Backend Deploy
+
+on:
+  push:
+    branches: [ dev, prod ]
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.10.12
+
+      - name: Install Serverless and plugins
+        run: |
+          npm install -g serverless
+          npm install -g serverless-domain-manager
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+
+      - name: AWS credentials for dev
+        if: github.ref == 'refs/heads/dev'
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+
+      - name: AWS credentials for prod
+        if: github.ref == 'refs/heads/prod'
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+
+      - name: Set domain name
+        id: set_domain
+        run: echo "::set-output name=domain::${{ secrets[format('{0}_DOMAIN_NAME', github.ref_name)] }}"
+
+      - name: Set ECR credentials
+        id: set_ecr_credentials
+        run: |
+          echo "::set-output name=ecr_uri::${{ secrets[format('{0}_SAP_MODEL_ECR_URI', github.ref_name)] }}"
+
+      - name: Setup Docker
+        uses: docker/setup-buildx-action@v1
+
+      - name: Build Docker Image
+        run: |
+          docker build -t lambda-sap-prediction-image:${{ github.sha }} -f model_data/simulation_system/dockerfiles/Dockerfile.prediction.lambda . --load
+
+      - name: Login to ECR
+        run: |
+          aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin ${{ steps.set_ecr_credentials.outputs.ecr_uri }}
+
+      - name: Tag and Push Docker Image to ECR
+        run: |
+          docker tag lambda-sap-prediction-image:${{ github.sha }} ${{ steps.set_ecr_credentials.outputs.ecr_uri }}:${{ github.sha }}
+          docker push ${{ steps.set_ecr_credentials.outputs.ecr_uri }}:${{ github.sha }}
+
+      - name: Deploy to AWS Lambda via Serverless
+        env:
+          RUNTIME_ENVIRONMENT: ${{ github.ref_name }}
+          MODEL_DIRECTORY_BUCKET: 'retrofit-model-directory-${{ github.ref_name }}'
+          PREDICTIONS_BUCKET: 'retrofit-sap-predictions-${{ github.ref_name }}'
+          DOMAIN_NAME: ${{ steps.set_domain.outputs.domain }}
+          ECR_URI: ${{ steps.set_ecr_credentials.outputs.ecr_uri }}
+          GITHUB_SHA: ${{ github.sha }}
+        run: |
+          # Deploy to AWS Lambda via Serverless
+          sls deploy --config sapmodel.serverless.yml --stage ${{ github.ref_name }} --verbose

sapmodel.serverless.yml

@@ -0,0 +1,70 @@
+service: fastapi-lambda
+
+provider:
+  name: aws
+  region: eu-west-2
+  architecture: x86_64
+  environment:
+    RUNTIME_ENVIRONMENT: ${env:ENVIRONMENT}
+    MODEL_DIRECTORY_BUCKET: ${env:MODEL_DIRECTORY_BUCKET}
+    PREDICTIONS_BUCKET: ${env:PREDICTIONS_BUCKET}
+    DOMAIN_NAME: ${env:DOMAIN_NAME}
+    ECR_URI: ${env:ECR_URI}
+    GITHUB_SHA: ${env:GITHUB_SHA}
+
+
+plugins:
+  - serverless-domain-manager
+
+custom:
+  customDomain:
+    domainName: api.${self:provider.environment.DOMAIN_NAME}
+    createRoute53Record: true
+    certificateArn: ${ssm:/ssl_certificate_arn}
+
+functions:
+  sap_prediction_lambda:
+    image:
+      uri: ${env:ECR_URI}:${env:GITHUB_SHA}
+    role: sapPredictionLambdaRole
+    events:
+      - http:
+          path: /sapmodel
+          method: POST
+
+resources:
+  Resources:
+    sapPredictionLambdaRole:
+      Type: AWS::IAM::Role
+      Properties:
+        RoleName: sap-prediction-lambda-role
+        AssumeRolePolicyDocument:
+          Version: '2012-10-17'
+          Statement:
+            - Effect: Allow
+              Principal:
+                Service:
+                  - lambda.amazonaws.com
+              Action: sts:AssumeRole
+        Policies:
+          - PolicyName: sapPredictionLambdaS3Access
+            PolicyDocument:
+              Version: '2012-10-17'
+              Statement:
+                # Allow reading from MODEL_DIRECTORY_BUCKET
+                - Effect: Allow
+                  Action:
+                    - s3:GetObject
+                    - s3:ListBucket
+                  Resource:
+                    - arn:aws:s3:::${env:MODEL_DIRECTORY_BUCKET}
+                    - arn:aws:s3:::${env:MODEL_DIRECTORY_BUCKET}/*
+                # Allow reading and writing to PREDICTIONS_BUCKET
+                - Effect: Allow
+                  Action:
+                    - s3:GetObject
+                    - s3:PutObject
+                    - s3:ListBucket
+                  Resource:
+                    - arn:aws:s3:::${env:PREDICTIONS_BUCKET}
+                    - arn:aws:s3:::${env:PREDICTIONS_BUCKET}/*