Merge pull request #715 from Hestia-Homes/main

must have a title
2026-06-08 11:17:27 +00:00 · 2026-02-17 10:22:57 +00:00 · 2026-02-17 10:22:57 +00:00 · b720edd988
commit b720edd988
parent 5238417b32 3d32234945
7 changed files with 74 additions and 5 deletions
--- a/.github/workflows/deploy_terraform.yml
+++ b/.github/workflows/deploy_terraform.yml
@ -3,7 +3,9 @@ name: Deploy infrastructure
 on:
  push:
    branches:
-      - "**"
+      - "main"
+      - "dev"
+      - "prod"
    paths:
      - 'infrastructure/terraform/**'
      - '.github/workflows/deploy_terraform.yml'
@ -205,3 +207,44 @@ jobs:
      AWS_SECRET_ACCESS_KEY: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
      AWS_REGION: ${{ secrets.DEV_AWS_REGION }}

+  # ============================================================
+  # Categorisation image and Push
+  # ============================================================
+  categorisation_image:
+    needs: [determine_stage, shared_terraform]
+    uses: ./.github/workflows/_build_image.yml
+    with:
+      ecr_repo: categorisation-${{ needs.determine_stage.outputs.stage }}
+      dockerfile_path: backend/categorisation/handler/Dockerfile
+      build_context: .
+      build_args: |
+        DEV_DB_HOST=$DEV_DB_HOST
+        DEV_DB_PORT=$DEV_DB_PORT
+        DEV_DB_NAME=$DEV_DB_NAME
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
+      AWS_REGION: ${{ secrets.DEV_AWS_REGION }}
+      DEV_DB_HOST: ${{ secrets.DEV_DB_HOST }}
+      DEV_DB_PORT: ${{ secrets.DEV_DB_PORT }}
+      DEV_DB_NAME: ${{ secrets.DEV_DB_NAME }}
+
+  # ============================================================
+  # Deploy Categorisation Lambda
+  # ============================================================
+  categorisation_lambda:
+    needs: [categorisation_image, determine_stage]
+    uses: ./.github/workflows/_deploy_lambda.yml
+    with:
+      lambda_name: categorisation
+      lambda_path: infrastructure/terraform/lambda/categorisation
+      stage: ${{ needs.determine_stage.outputs.stage }}
+      ecr_repo: categorisation-${{ needs.determine_stage.outputs.stage }}
+      image_digest: ${{ needs.categorisation_image.outputs.image_digest }}
+      terraform_apply: ${{ needs.determine_stage.outputs.terraform_apply }}
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
+      AWS_REGION: ${{ secrets.DEV_AWS_REGION }}
+
+
--- a/backend/categorisation/handler/handler.py
+++ b/backend/categorisation/handler/handler.py
@ -1,4 +1,9 @@
+import json
 from typing import Any, Mapping
+from backend.categorisation.categorisation_trigger_request import (
+    CategorisationTriggerRequest,
+)
+from backend.categorisation.processor import process_portfolio
 from utils.logger import setup_logger


@ -7,4 +12,15 @@ logger = setup_logger()

 def handler(event: Mapping[str, Any], context: Any) -> None:

-    pass
+    for record in event.get("Records", []):
+        try:
+            body_dict = json.loads(record["body"])
+            logger.debug("Validating request body")
+            payload = CategorisationTriggerRequest.model_validate(body_dict)
+
+            logger.debug("Successfully validated request body")
+
+            process_portfolio(payload.portfolio_id)
+
+        except Exception as e:
+            logger.error(f"Failed to process record: {e}")
--- a/infrastructure/terraform/lambda/address2UPRN/main.tf
+++ b/infrastructure/terraform/lambda/address2UPRN/main.tf
@ -22,6 +22,8 @@ module "address2uprn" {

  image_uri = local.image_uri

+  timeout = 900
+
  environment = merge(
    {
      STAGE     = var.stage
--- a/infrastructure/terraform/lambda/categorisation/main.tf
+++ b/infrastructure/terraform/lambda/categorisation/main.tf
@ -1,3 +1,7 @@
+data "aws_secretsmanager_secret_version" "db_credentials" {
+  secret_id = "${var.stage}/assessment_model/db_credentials"
+}
+
 data "terraform_remote_state" "shared" {
  backend = "s3"
  config = {
@ -7,6 +11,10 @@ data "terraform_remote_state" "shared" {
  }
 }

+locals {
+  db_credentials = jsondecode(data.aws_secretsmanager_secret_version.db_credentials.secret_string)
+}
+
 module "lambda" {
  source = "../modules/lambda_with_sqs"

--- a/infrastructure/terraform/lambda/categorisation/provider.tf
+++ b/infrastructure/terraform/lambda/categorisation/provider.tf
@ -7,7 +7,7 @@ terraform {
  }

  backend "s3" {
-    bucket = "categorisation"
+    bucket = "categorisation-terraform-state"
    key    = "terraform.tfstate"
    region = "eu-west-2"
  }
--- a/infrastructure/terraform/modules/sqs_queue/main.tf
+++ b/infrastructure/terraform/modules/sqs_queue/main.tf
@ -5,7 +5,7 @@ resource "aws_sqs_queue" "dlq" {
 resource "aws_sqs_queue" "this" {
  name = var.name

-  visibility_timeout_seconds = 120
+  visibility_timeout_seconds = 1000

  redrive_policy = jsonencode({
    deadLetterTargetArn = aws_sqs_queue.dlq.arn
--- a/infrastructure/terraform/modules/sqs_queue/variables.tf
+++ b/infrastructure/terraform/modules/sqs_queue/variables.tf
@ -2,5 +2,5 @@ variable "name" { type = string }

 variable "max_receive_count" {
  type    = number
-  default = 5
+  default = 1
 }