Worker Setup
The Marqov platform worker polls Supabase for pending jobs and executes them via Temporal and AWS Braket. It runs as a Docker container on AWS ECS Fargate.
Building the Docker Image
The Dockerfile is at the repository root. It uses python:3.12-slim and installs dependencies from platform/requirements-worker-full.txt.
docker build \
--platform linux/amd64 \
--provenance=false \
--sbom=false \
-t marqov-worker .Required flags:
| Flag | Reason |
|---|---|
--platform linux/amd64 | ECS Fargate requires amd64. Apple Silicon builds ARM by default. |
--provenance=false | Prevents attestation manifest 403 errors on ECR push. |
--sbom=false | Same as above. |
The image exposes port 8080 and includes a health check that hits http://localhost:8080/health every 30 seconds.
Entrypoint: python platform/src/platform_worker.py
Pushing to ECR
ECR repository: 123456789012.dkr.ecr.us-east-1.amazonaws.com/marqov/platform-worker
# Login to ECR
aws ecr get-login-password --region us-east-1 | \
docker login --username AWS --password-stdin \
123456789012.dkr.ecr.us-east-1.amazonaws.com
# Tag the image
docker tag marqov-worker:latest \
123456789012.dkr.ecr.us-east-1.amazonaws.com/marqov/platform-worker:latest
# Push
docker push \
123456789012.dkr.ecr.us-east-1.amazonaws.com/marqov/platform-worker:latestDeploying to ECS
Cluster: marqov-production
Service: marqov-worker
AWS Account: 123456789012 (your-account)
aws ecs update-service \
--cluster marqov-production \
--service marqov-worker \
--force-new-deployment \
--region us-east-1The --force-new-deployment flag triggers a rolling update that pulls the latest image from ECR.
Health Check
The worker exposes a health check endpoint:
- Endpoint:
GET /health - Port: 8080
- Success response: HTTP 200
The Dockerfile configures a Docker HEALTHCHECK:
- Interval: 30s
- Timeout: 10s
- Start period: 5s
- Retries: 3
ECS also uses this endpoint for service health monitoring.
Environment Variables
The worker requires the following environment variables (passed via ECS task definition or --env-file):
| Variable | Required | Description |
|---|---|---|
NEXT_PUBLIC_SUPABASE_URL | Yes | Supabase project URL |
SUPABASE_SERVICE_ROLE_KEY | Yes | Supabase service role key |
TEMPORAL_ADDRESS | Yes | Temporal server address |
TEMPORAL_NAMESPACE | Yes | Temporal namespace |
TEMPORAL_API_KEY | Production | Temporal Cloud API key |
AWS_REGION | Yes | AWS region (default: us-east-1) |
AWS_ACCESS_KEY_ID | Yes | AWS credentials |
AWS_SECRET_ACCESS_KEY | Yes | AWS credentials |
BRAKET_S3_BUCKET | Yes | S3 bucket for Braket results |
BRAKET_S3_PREFIX | Yes | S3 prefix for results |
SENTRY_WORKERS_DSN | No | Sentry DSN for error tracking |
Local Development
For local development, run the worker directly:
cd /path/to/marqov-chewie
.venv/bin/python platform/src/platform_worker.pyEnsure you have a .env file or exported environment variables. The worker requires a running Temporal server (see Temporal Configuration).
Dockerfile Structure
FROM python:3.12-slim
WORKDIR /app
# 1. System dependencies (git, build-essential)
# 2. Install Python deps from requirements-worker-full.txt
# 3. Install marqov package (--no-deps to skip covalent)
# 4. Copy benchmarks/ and platform/src/
# 5. Set PYTHONPATH=/app
# 6. Expose 8080, configure healthcheck
# 7. CMD: python platform/src/platform_worker.pyThe marqov package is installed into site-packages via pip install --no-deps --no-cache-dir . so imports resolve correctly without path hacks. The --no-deps flag is needed because requirements-worker-full.txt already includes the required dependencies, and a full install would attempt to install covalent (which is no longer needed).