Model/.github/workflows/deploy_fastapi_backend.yml

name: Fast Api Backend Deploy

on:
  push:
    branches: [ dev, prod ]

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Set up Python
        uses: actions/setup-python@v2
        with:
          python-version: 3.10.12

      - name: Install Serverless and plugins
        run: |
          npm install -g serverless@^3.38.0
          npm install -g serverless-domain-manager@^7.3.8
          npm install -g serverless-python-requirements

      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip

      - name: AWS credentials for dev
        if: github.ref == 'refs/heads/dev'
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-west-2

      - name: AWS credentials for prod
        if: github.ref == 'refs/heads/prod'
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-west-2

      - name: Set domain name
        id: set_domain
        run: echo "::set-output name=domain::${{ secrets[format('{0}_DOMAIN_NAME', github.ref_name)] }}"

      - name: Set EPC auth token
        id: set_auth_token
        run: echo "::set-output name=auth_token::${{ secrets[format('{0}_EPC_AUTH_TOKEN', github.ref_name)] }}"

      # Store port, name and host in github secrets
      - name: Set DB credentials
        id: set_db_credentials
        run: |
          echo "::set-output name=db_host::${{ secrets[format('{0}_DB_HOST', github.ref_name)] }}"
          echo "::set-output name=db_port::${{ secrets[format('{0}_DB_PORT', github.ref_name)] }}"
          echo "::set-output name=db_name::${{ secrets[format('{0}_DB_NAME', github.ref_name)] }}"

      - name: Set ECR credentials
        id: set_ecr_credentials
        run: |
          echo "::set-output name=ecr_uri::${{ secrets[format('{0}_ECR_URI', github.ref_name)] }}"

      - name: Set Secrets
        id: set_api_secrets
        run: |
          echo "::set-output name=sap_predictions_bucket::${{ secrets[format('{0}_SAP_PREDICTIONS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=carbon_predictions_bucket::${{ secrets[format('{0}_CARBON_PREDICTIONS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=heat_predictions_bucket::${{ secrets[format('{0}_HEAT_PREDICTIONS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=lighting_cost_predictions_bucket::${{ secrets[format('{0}_LIGHTING_COST_PREDICTIONS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=heating_cost_predictions_bucket::${{ secrets[format('{0}_HEATING_COST_PREDICTIONS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=hot_water_cost_predictions_bucket::${{ secrets[format('{0}_HOT_WATER_COST_PREDICTIONS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=heating_kwh_predictions_bucket::${{ secrets[format('{0}_HEATING_KWH_PREDICTIONS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=hotwater_kwh_predictions_bucket::${{ secrets[format('{0}_HOTWATER_KWH_PREDICTIONS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=energy_asessments_bucket::${{ secrets[format('{0}_ENERGY_ASSESSMENTS_BUCKET', github.ref_name)] }}"
          echo "::set-output name=google_solar_api_key::${{ secrets[format('{0}_GOOGLE_SOLAR_API_KEY', github.ref_name)] }}"

      - name: Setup Docker
        uses: docker/setup-buildx-action@v1

      #      - name: Setup Docker Buildx
      #        run: |
      #          docker buildx create --use

      - name: Build Docker Image For Engine
        run: |
          docker buildx build \
            --platform linux/amd64 \
            --provenance=false \
            --output=type=docker \
            -t fastapi-lambda-image:${{ github.sha }} \
            -f backend/docker/engine.Dockerfile \
            .

      - name: Login to ECR
        run: |
          aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin ${{ steps.set_ecr_credentials.outputs.ecr_uri }}

      - name: Tag and Push Docker Image to ECR
        run: |
          docker tag fastapi-lambda-image:${{ github.sha }} ${{ steps.set_ecr_credentials.outputs.ecr_uri }}:${{ github.sha }}
          docker push ${{ steps.set_ecr_credentials.outputs.ecr_uri }}:${{ github.sha }}

      - name: Deploy to AWS Lambda via Serverless
        env:
          API_KEY: ${{ secrets.FASTAPI_API_KEY }}
          ENVIRONMENT: ${{ github.ref_name }}
          SECRET_KEY: ${{ secrets.NEXTAUTH_SECRET }}
          PLAN_TRIGGER_BUCKET: 'retrofit-plan-inputs-${{ github.ref_name }}'
          DATA_BUCKET: 'retrofit-data-${{ github.ref_name }}'
          PREDICTIONS_BUCKET: 'retrofit-sap-predictions-${{ github.ref_name }}'
          SAP_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.sap_predictions_bucket }}
          CARBON_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.carbon_predictions_bucket }}
          HEAT_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heat_predictions_bucket }}
          LIGHTING_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.lighting_cost_predictions_bucket }}
          HEATING_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heating_cost_predictions_bucket }}
          HOT_WATER_COST_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.hot_water_cost_predictions_bucket }}
          HEATING_KWH_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.heating_kwh_predictions_bucket }}
          HOTWATER_KWH_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.hotwater_kwh_predictions_bucket }}
          ENERGY_ASSESSMENTS_BUCKET: ${{ steps.set_api_secrets.outputs.energy_asessments_bucket }}
          GOOGLE_SOLAR_API_KEY: ${{ steps.set_api_secrets.outputs.google_solar_api_key }}
          DOMAIN_NAME: ${{ steps.set_domain.outputs.domain }}
          EPC_AUTH_TOKEN: ${{ steps.set_auth_token.outputs.auth_token }}
          DB_HOST: ${{ steps.set_db_credentials.outputs.db_host }}
          DB_PORT: ${{ steps.set_db_credentials.outputs.db_port }}
          DB_NAME: ${{ steps.set_db_credentials.outputs.db_name }}
          ECR_URI: ${{ steps.set_ecr_credentials.outputs.ecr_uri }}
          GITHUB_SHA: ${{ github.sha }}
        run: |
          # Fetch database credentials from AWS Secrets Manager
          SECRET_VALUE=$(aws secretsmanager get-secret-value --secret-id ${{ github.ref_name }}/assessment_model/db_credentials --query SecretString)
          DB_USERNAME=$(echo "$SECRET_VALUE" | jq -r '. | fromjson | .db_assessment_model_username')
          DB_PASSWORD=$(echo "$SECRET_VALUE" | jq -r '. | fromjson | .db_assessment_model_password')

          # Set the database credentials as environment variables
          export DB_USERNAME
          export DB_PASSWORD

          # Deploy to AWS Lambda via Serverless
          sls deploy --stage ${{ github.ref_name }} --verbose