Skip to content

Deployment and Operations

AWS CLI Setup

Install the AWS CLI, then configure a base profile and a deploy profile.

aws configure --profile=hyperpath

Add an assumed-role profile to ~/.aws/config:

[profile hyperpath-deploy]
source_profile = hyperpath
region = us-east-2
role_arn = arn:aws:iam::052618127468:role/IacDeploymentAssumeRole

Verify credentials:

aws sts get-caller-identity --profile hyperpath-deploy

Pulumi Deployments

Choose a Docker image label such as a git SHA or release tag, set HYPERPATH_DOCKER_IMAGE_LABEL, then deploy the shared or tenant infrastructure from the infrastructure/shared or infrastructure/tenant folders.

Shared infrastructure workflow:

export AWS_PROFILE=hyperpath-deploy
export PULUMI_CONFIG_PASSPHRASE=""
pulumi login s3://hyperpath-pulumi-state
cd infrastructure/shared
export HYPERPATH_DOCKER_IMAGE_LABEL={git sha}
pulumi up --stack {shared env} --show-secrets

Tenant infrastructure workflow:

cd infrastructure/tenant
pulumi up --stack {institution id} --config-file Pulumi.{shared env}.yaml --show-secrets

If Pulumi state drifts from AWS reality, run pulumi refresh before the next pulumi up.

Docker Builds

Build images locally from Dockerfile.all by targeting an individual service:

docker build --file Dockerfile.all --tag hyperpath-gateway:latest --target gateway .

To test restore against GitHub Packages in PowerShell:

$env:HYPERPATH_NUGET_TOKEN = "<your-github-packages-token>"
docker build --file Dockerfile.all --target gateway --tag hyperpath-gateway:local --secret id=NUGET_TOKEN,env=HYPERPATH_NUGET_TOKEN .

Run a quick smoke test:

docker run --rm --name hyperpath-gateway-local -p 8080:8080 hyperpath-gateway:local
curl http://localhost:8080/health -v

Deployment URLs

Dev

  • Gateway: https://dev.hyperpath.app
  • The Back: https://dev-employee.hyperpath.app

Demo

  • Gateway: https://demo.hyperpath.app
  • The Back: https://demo-employee.hyperpath.app

Advanced Troubleshooting

  • You can pull deployed ECR images and run them locally for smoke testing.
  • You can push locally-built test images to ECR and deploy them via Pulumi.
  • For VPC troubleshooting, use the stopped-by-default service-node-{shared env} EC2 instance as a jump box.

Custom libvips Builds

The repository also documents how to build and package custom libvips binaries for the slide worker using the Dockerfiles under native/libvips.