-
Notifications
You must be signed in to change notification settings - Fork 0
/
Makefile
151 lines (120 loc) · 5.49 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
#### Makefile template taken from: https://github.com/caseyfitz/cookiecutter-disco-pie/blob/main/%7B%7Bcookiecutter.repo_name%7D%7D/Makefile
# NOTE: Asume .env contains
# AWS_ACCOUNT_ID=123456789
# AWS_DEFAULT_REGION=some-valid-aws-region
# AWS_ACCESS_KEY=AKBCDEFGHIJKL
# AWS_SECRET_ACCESS_KEY=qwertyuiopasdfghjklzxcvbnm
# include .env
LAMBDA_AND_CONTAINER_NAME = sign-recognizer
LAMBDA_ROLE_NAME = sign-recognizer-role
ECR_URI = $(AWS_ACCOUNT_ID).dkr.ecr.$(AWS_DEFAULT_REGION).amazonaws.com
IMAGE_URI = $(ECR_URI)/$(LAMBDA_AND_CONTAINER_NAME)
AWS_DOCKERFILE_NAME = api_serverless/Dockerfile
###########################
# General docker commands
###########################
build:
docker build -t $(LAMBDA_AND_CONTAINER_NAME) . --file $(AWS_DOCKERFILE_NAME)
build_m1:
docker build -t $(LAMBDA_AND_CONTAINER_NAME) . --file $(AWS_DOCKERFILE_NAME) --platform=linux/amd64
run:
docker run -p 9000:8080 $(LAMBDA_AND_CONTAINER_NAME):latest
# Should return prediction: "before"
test_local:
curl -i -XPOST \
"http://localhost:9000/2015-03-31/functions/function/invocations" \
-d '{"video_url": "https://drive.google.com/uc?export=download&id=1lWdgnNbkosDJ_7p7_qwyBuKqCYs1yvEI"}'
# Should return prediction: "before"
test_before_sign:
curl -i -XPOST \
"http://localhost:9001/2015-03-31/functions/function/invocations" \
-d '{"video_url": "https://sign-recognizer.s3.amazonaws.com/new-videos/05739.mp4"}'
# Should return prediction: "last" (wrong prediction) instead of "before" (correct prediction)
test_wrong_before_sign:
curl -i -XPOST \
"http://localhost:9001/2015-03-31/functions/function/invocations" \
-d '{"video_url": "https://sign-recognizer.s3.amazonaws.com/new-videos/05743.mp4"}'
######################
# AWS ECR commands
######################
authenticate_ecr:
aws ecr get-login-password --region $(AWS_DEFAULT_REGION) | docker login --username AWS --password-stdin $(ECR_URI)
create_ecr_repository: authenticate_ecr
aws ecr create-repository --repository-name $(LAMBDA_AND_CONTAINER_NAME) --image-scanning-configuration scanOnPush=true --image-tag-mutability MUTABLE
deploy_to_ecr: build authenticate_ecr
docker tag $(LAMBDA_AND_CONTAINER_NAME):latest $(IMAGE_URI):latest
docker push $(IMAGE_URI):latest
deploy_to_ecr_m1: build_m1 authenticate_ecr
docker tag $(LAMBDA_AND_CONTAINER_NAME):latest $(IMAGE_URI):latest
docker push $(IMAGE_URI):latest
# Fully build an image and deploy it to AWS ECR
full_ecr_deploy: build deploy_to_ecr
full_ecr_deploy_m1: build_m1 deploy_to_ecr_m1
######################
# AWS Lambda commands
######################
create_lambda_role:
aws iam create-role \
--role-name $(LAMBDA_ROLE_NAME) \
--assume-role-policy-document '{"Version": "2012-10-17","Statement": [{ "Effect": "Allow", "Principal": {"Service": "lambda.amazonaws.com"}, "Action": "sts:AssumeRole"}]}'
aws iam attach-role-policy \
--role-name $(LAMBDA_ROLE_NAME) \
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
aws iam attach-role-policy \
--role-name $(LAMBDA_ROLE_NAME) \
--policy-arn arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess
# Create lambda function, increase timeout, max out memory, and create public function URL
create_lambda_function:
echo "wait 10 seconds for role..."
$(shell sleep 10)
aws lambda create-function \
--function-name $(LAMBDA_AND_CONTAINER_NAME) \
--region $(AWS_DEFAULT_REGION) \
--package-type Image \
--code ImageUri=$(IMAGE_URI):latest \
--role $(shell aws iam get-role --role-name $(LAMBDA_ROLE_NAME) --output json | jq -r '.Role.Arn')
echo "wait 5 seconds for function to be created..."
$(shell sleep 5)
aws lambda update-function-configuration \
--function-name $(LAMBDA_AND_CONTAINER_NAME) \
--region $(AWS_DEFAULT_REGION) \
--timeout 60 \
--memory-size 10240
echo "wait 5 seconds for configuration to be updated..."
$(shell sleep 5)
aws lambda create-function-url-config \
--function-name $(LAMBDA_AND_CONTAINER_NAME) \
--auth-type NONE \
--cors '{"AllowOrigins": ["*"], "AllowCredentials": false}'
echo "wait 5 seconds for creating the url..."
$(shell sleep 5)
aws lambda add-permission \
--function-name $(LAMBDA_AND_CONTAINER_NAME) \
--action lambda:invokeFunctionUrl \
--statement-id "open-access" \
--principal "*" \
--function-url-auth-type NONE
get_lambda_url:
aws lambda get-function-url-config \
--function-name $(LAMBDA_AND_CONTAINER_NAME) | jq .FunctionUrl
get_lambda_state:
aws lambda get-function \
--function-name sign-recognizer | jq .Configuration.State
get_lambda_update_status:
aws lambda get-function \
--function-name sign-recognizer | jq .Configuration.LastUpdateStatus
create_lambda: create_lambda_role create_lambda_function
update_lambda:
aws lambda update-function-code --function-name $(LAMBDA_AND_CONTAINER_NAME) --image-uri $(IMAGE_URI):latest
# Test the lambda function we created with a sample payload
test_lambda:
echo "If you're running this for the first time or after an update, it will take a bit to initialize the function!"
aws lambda invoke \
--function-name $(LAMBDA_AND_CONTAINER_NAME) \
--invocation-type RequestResponse \
--payload '{"video_url": "https://drive.google.com/uc?export=download&id=1lWdgnNbkosDJ_7p7_qwyBuKqCYs1yvEI"}' \
--cli-binary-format raw-in-base64-out lambda.out
cat lambda.out
# Run the full deploy pipeline: build image, push it to ECR, update the lambda function code, and confirm that the function is being updated
full_lambda_deploy: full_ecr_deploy update_lambda get_lambda_update_status
full_lambda_deploy_m1: full_ecr_deploy_m1 update_lambda get_lambda_update_status