-
Notifications
You must be signed in to change notification settings - Fork 59
/
Copy pathtemplate.yml
247 lines (241 loc) · 6.95 KB
/
template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Streaming Bedrock Response with FastAPI on AWS Lambda
# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst
Globals:
Function:
Timeout: 300
Parameters:
PetercatEnv:
Type: String
Description: Environment marker for Petercat
Default: 1
GitHubAppID:
Type: Number
Description: GitHub Application ID
Default: 1
GithubAppsClientId:
Type: String
Description: GitHub Application Client ID
Default: 1
GitHubToken:
Type: String
Description: GitHub Token for authentication
Default: 1
WebUrl:
Type: String
Description: Web application URL
Default: 1
StaticUrl:
Type: String
Description: URL for static files
Default: 1
APIUrl:
Type: String
Description: API endpoint URL
Default: 1
APIIdentifier:
Type: String
Description: Identifier for the API
Default: 1
FastAPISecretKey:
Type: String
Description: Secret key for FastAPI
Default: 1
GithubAppsClientSecret:
Type: String
Description: GitHub Application Client Secret
Default: 1
OpenAIAPIKey:
Type: String
Description: OpenAI API Key
Default: 1
OpenAIBaseUrl:
Type: String
Description: OpenAI Base URL
Default: 1
GeminiAPIKey:
Type: String
Description: Gemini API Key
Default: 1
DeepSeekAPIKey:
Type: String
Description: DeepSeek API Key
Default: 1
SupabaseServiceKey:
Type: String
Description: Supabase Service Key
Default: 1
SupabaseUrl:
Type: String
Description: Supabase URL
Default: 1
TavilyAPIKey:
Type: String
Description: Tavily API Key
Default: 1
SQSQueueName:
Type: String
Description: Name of the SQS queue
Default: 1
SQSQueueUrl:
Type: String
Description: URL of the SQS queue
Default: 1
Auth0Domain:
Type: String
Description: Auth0 Domain
Default: 1
Auth0ClientId:
Type: String
Description: Auth0 Client ID
Default: 1
Auth0ClientSecret:
Type: String
Description: Auth0 Client Secret
Default: 1
GithubSecretName:
Type: String
Description: Name of the GitHub secret stored in AWS Secrets Manager
Default: 1
StaticSecretName:
Type: String
Description: Name of the static secret stored in AWS Secrets Manager
Default: 1
LLMTokenSecretName:
Type: String
Description: Name of the LLM token secret stored in AWS Secrets Manager
Default: 1
LLMTokenPublicName:
Type: String
Description: Name of the LLM public token stored in AWS Secrets Manager
Default: 1
StaticKeyPairId:
Type: String
Description: Key Pair ID for static resources
Default: 1
S3TempBucketName:
Type: String
Description: Name of the temporary S3 bucket
Default: 1
Resources:
FastAPIFunction:
Type: AWS::Serverless::Function
Properties:
PackageType: Image
MemorySize: 512
Environment:
Variables:
AWS_LWA_INVOKE_MODE: RESPONSE_STREAM
PETERCAT_ENV: !Ref PetercatEnv
X_GITHUB_SECRET_NAME: !Ref GithubSecretName
STATIC_SECRET_NAME: !Ref StaticSecretName
LLM_TOKEN_SECRET_NAME: !Ref LLMTokenSecretName
LLM_TOKEN_PUBLIC_NAME: !Ref LLMTokenPublicName
STATIC_KEYPAIR_ID: !Ref StaticKeyPairId
S3_TEMP_BUCKET_NAME: !Ref S3TempBucketName
API_URL: !Ref APIUrl
WEB_URL: !Ref WebUrl
STATIC_URL: !Ref StaticUrl
X_GITHUB_APP_ID: !Ref GitHubAppID
X_GITHUB_APPS_CLIENT_ID: !Ref GithubAppsClientId
X_GITHUB_APPS_CLIENT_SECRET: !Ref GithubAppsClientSecret
API_IDENTIFIER: !Ref APIIdentifier
FASTAPI_SECRET_KEY: !Ref FastAPISecretKey
OPENAI_API_KEY: !Ref OpenAIAPIKey
OPENAI_BASE_URL: !Ref OpenAIBaseUrl
GEMINI_API_KEY: !Ref GeminiAPIKey
SUPABASE_SERVICE_KEY: !Ref SupabaseServiceKey
SUPABASE_URL: !Ref SupabaseUrl
GITHUB_TOKEN: !Ref GitHubToken
TAVILY_API_KEY: !Ref TavilyAPIKey
SQS_QUEUE_URL: !Ref SQSQueueUrl
AUTH0_DOMAIN: !Ref Auth0Domain
AUTH0_CLIENT_ID: !Ref Auth0ClientId
AUTH0_CLIENT_SECRET: !Ref Auth0ClientSecret
FunctionUrlConfig:
AuthType: NONE
InvokeMode: RESPONSE_STREAM
Policies:
- Statement:
- Sid: BedrockInvokePolicy
Effect: Allow
Action:
- bedrock:InvokeModelWithResponseStream
Resource: '*'
- Sid: AllObjectActions
Effect: Allow
Action:
- s3:PutObject
- s3:GetObject
- s3:DeleteObject
Resource:
- !Sub 'arn:aws:s3:::${S3TempBucketName}/*'
Tracing: Active
Metadata:
DockerContext: server
Dockerfile: ../docker/Dockerfile.aws.lambda
DockerTag: v1
SQSSubscriptionFunction:
Type: AWS::Serverless::Function
Properties:
PackageType: Image
MemorySize: 512
FunctionUrlConfig:
AuthType: NONE
Environment:
Variables:
X_GITHUB_APP_ID: !Ref GitHubAppID
X_GITHUB_APPS_CLIENT_ID: !Ref GithubAppsClientId
X_GITHUB_APPS_CLIENT_SECRET: !Ref GithubAppsClientSecret
API_IDENTIFIER: !Ref APIIdentifier
FASTAPI_SECRET_KEY: !Ref FastAPISecretKey
OPENAI_API_KEY: !Ref OpenAIAPIKey
GEMINI_API_KEY: !Ref GeminiAPIKey
DEEPSEEK_API_KEY: !Ref DeepSeekAPIKey
SUPABASE_SERVICE_KEY: !Ref SupabaseServiceKey
SUPABASE_URL: !Ref SupabaseUrl
GITHUB_TOKEN: !Ref GitHubToken
TAVILY_API_KEY: !Ref TavilyAPIKey
SQS_QUEUE_URL: !Ref SQSQueueUrl
Policies:
- Statement:
- Sid: BedrockInvokePolicy
Effect: Allow
Action:
- bedrock:InvokeModelWithResponseStream
Resource: '*'
- Sid: SQSInvokePolicy
Effect: Allow
Action:
- sqs:*
Resource: '*'
- Sid: AllObjectActions
Effect: Allow
Action:
- s3:PutObject
- s3:GetObject
- s3:DeleteObject
Resource:
- !Sub 'arn:aws:s3:::${S3TempBucketName}/*'
- SQSPollerPolicy:
QueueName:
!Ref SQSQueueName
Tracing: Active
Metadata:
Dockerfile: ../docker/Dockerfile.subscriber
DockerContext: subscriber
DockerTag: v1
Outputs:
FastAPIFunctionUrl:
Description: "Function URL for FastAPI function"
Value: !GetAtt FastAPIFunctionUrl.FunctionUrl
FastAPIFunction:
Description: "FastAPI Lambda Function ARN"
Value: !GetAtt FastAPIFunction.Arn
SQSSubscriptionFunctionUrl:
Description: "Function URL for SQS Subscriptio function"
Value: !GetAtt SQSSubscriptionFunctionUrl.FunctionUrl
SQSSubscriptionFunction:
Description: "SQS Subscription Function Lambda Function ARN"
Value: !GetAtt SQSSubscriptionFunction.Arn