Deploy and Invoke AI Agent to AgentCore Runtime with Github Actions

#githubactions #agentcore #ai #aws

What is Github Actions? Github Actions is a Github CI/CD (continuous integration/continous deployment or continous delivery) feature that automate end-to-end (build, test and deploy) workflow.

This tutorial blog explained how to deploy AI agent to AgentCore Runtime and test invoke AI agent using Github Actions.

REQUIREMENTS :

AWS account (or AWS credentials), you can sign up/sign in here
Google Gemini account, you can sign up/sign in here
Langgraph
Github account, you can sign up/sign in here.
To get an IAM role for AgentCore Runtime, you can see this notebook then open and run the notebook.

FLASHBACK : I have already deploy production AI candidate screening agent to AgentCore Runtime in this tutorial blog. I think it is time to automate end-to-end workflow from deployment to testing invocation using CI/CD by Github Actions.

STEP-BY-STEP :

A. Follow this tutorial blog.

B. Follow this steps in Github repository:

Create new repository, click Settings, click Secrets and variables in Security section, click Actions.
Click Repository secrets then click "New repository secret".
Input secret name and secret key : AWSACCESSKEY and your AWS access key & AWSSECRETKEY and your AWS secret key.
Click "Add secret". Now go to Github Codespaces to create IDE online.
Choose repository, click "Create codespace".

C. Create workflow file to execute CI/CD automation workflow. In this tutorial, file name is workflow.yaml in .github/workflows folder. Write workflow code like this workflow code.

Explanation this workflow file :

on: push: mean when developer ready to deploy to AgentCore Runtime and invoke AI agent with git push automatically running.
on: push: paths: mean when developer update code from several files then push to repository and automatically running.
jobs: deploy: mean job running deploy to AgentCore Runtime.
steps mean running several steps with name of explanation.
outputs: mean workflow have output (agent runtime ID).
jobs: test: mean job running test invoke AI agent on AgentCore Runtime.
needs: mean need deploy job must running before running test job. If deploy job is failed, test job is not running.

D. Copy langgraph_agentcore.py and requirements.txt in requirements notebook then paste to runtime folder (in Github Codespaces).

E. Create deployment file to deploy AI agent to AgentCore Runtime. In this tutorial, file name is deploy-runtime.py. Write deployment code like this code.

Explanation this deployment code file :

# Retrieve AWS Account ID comment mean get AWS account ID that used in IAM execution role for AgentCore Runtime.
What different? Requirements notebook writing auto_create_execution_role=True mean automatically create IAM execution role while this deployment code writing auto_create_execution_role=False mean not need new IAM execution role and need input IAM execution role to execution_role.
agent_id = launch_result.agent_id mean agent runtime ID for invoke-agent.py file.

F. Create invocation file to invoke AI agent on AgentCore Runtime. In this tutorial, file name is invoke-agent.py. Write invocation code like this code.

Explanation this invocation code file :

# Get Agent Runtime ID mean get agent runtime ID from result in deploy-runtime.py file then get agent runtime ARN from agent runtime ID.

G. Add, commit and push all code to Github repository and automatically deploy AI agent to AgentCore Runtime and invoke AI agent.

NOTE : After push to Github repository then when deploy AI agent to AgentCore Runtime get error like this screenshot below.

Go to Amazon Bedrock AgentCore -> Agent runtime then click your agent name that already created.

Click "Version 1" then click IAM service role of Permissions like this screenshot.

This error is happened because ECRImageAccess action is allow bedrock-agentcore-gemini_langgraph repository only. How to fix? Click permission name, edit/modify permissions from bedrock-agentcore-gemini_langgraph to /* in policy editor then click Next and click Save.