Update

Author: nikhilwoodruff

README.md

@@ -6,7 +6,7 @@ A FastAPI service for running PolicyEngine microsimulations with Supabase backen
 
 - RESTful API for creating and managing simulations
 - Supabase for database and storage
-- Redis + Celery for background task processing
+- Redis caching and Celery for background task processing
 - SQLModel for type-safe database models
 - Terraform deployment to AWS
 
@@ -184,16 +184,15 @@ ruff check --fix .
 
 ### Database migrations
 
-Create a new migration:
+Schema migrations are managed through Supabase SQL migrations:
 
 ```bash
-alembic revision --autogenerate -m "description"
-```
-
-Apply migrations:
+# Create a new migration
+supabase migration new migration_name
 
-```bash
-alembic upgrade head
+# Migrations are applied automatically on supabase start
+# Or manually push to production
+supabase db push
 ```
 
 ### Supabase management
@@ -227,8 +226,7 @@ policyengine-api-v2/
 │       ├── services/         # Database, storage, initialization
 │       ├── tasks/            # Celery tasks
 │       └── main.py           # FastAPI application
-├── supabase/                 # Supabase configuration
-├── migrations/               # Alembic migrations
+├── supabase/                 # Supabase configuration and migrations
 ├── tests/                    # Test suite
 ├── docker-compose.yml        # Docker services (API, worker, Redis)
 └── pyproject.toml            # Dependencies

docs/supabase-setup.md

@@ -132,14 +132,14 @@ for f in files:
 
 ## Database schema
 
-Schema is managed via Alembic migrations. The SQLModel models automatically generate the schema:
+Schema is managed through Supabase SQL migrations. The SQLModel models define the schema, which you can export:
 
 ```bash
-# Create migration
-alembic revision --autogenerate -m "add new table"
+# Create a new migration file
+supabase migration new migration_name
 
-# Apply migrations
-alembic upgrade head
+# Edit the SQL file in supabase/migrations/ to define schema changes
+# Migrations are applied automatically on 'supabase start'
 ```
 
 ## Useful commands

src/policyengine_api/api/parameters.py

@@ -2,6 +2,7 @@
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, HTTPException
+from fastapi_cache.decorator import cache
 from sqlmodel import Session, select
 
 from policyengine_api.models import Parameter, ParameterCreate, ParameterRead
@@ -23,9 +24,14 @@ def create_parameter(
 
 
 @router.get("/", response_model=List[ParameterRead])
-def list_parameters(session: Session = Depends(get_session)):
-    """List all parameters."""
-    parameters = session.exec(select(Parameter)).all()
+@cache(expire=3600)  # Cache for 1 hour
+def list_parameters(
+    skip: int = 0, limit: int = 100, session: Session = Depends(get_session)
+):
+    """List all parameters with pagination, sorted by name."""
+    parameters = session.exec(
+        select(Parameter).order_by(Parameter.name).offset(skip).limit(limit)
+    ).all()
     return parameters
 
 

src/policyengine_api/api/variables.py

@@ -2,6 +2,7 @@
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, HTTPException
+from fastapi_cache.decorator import cache
 from sqlmodel import Session, select
 
 from policyengine_api.models import Variable, VariableCreate, VariableRead
@@ -21,9 +22,14 @@ def create_variable(variable: VariableCreate, session: Session = Depends(get_ses
 
 
 @router.get("/", response_model=List[VariableRead])
-def list_variables(session: Session = Depends(get_session)):
-    """List all variables."""
-    variables = session.exec(select(Variable)).all()
+@cache(expire=3600)  # Cache for 1 hour
+def list_variables(
+    skip: int = 0, limit: int = 100, session: Session = Depends(get_session)
+):
+    """List all variables with pagination, sorted by name."""
+    variables = session.exec(
+        select(Variable).order_by(Variable.name).offset(skip).limit(limit)
+    ).all()
     return variables
 
 

src/policyengine_api/main.py

@@ -1,6 +1,9 @@
 from contextlib import asynccontextmanager
 
 from fastapi import FastAPI
+from fastapi_cache import FastAPICache
+from fastapi_cache.backends.redis import RedisBackend
+from redis import asyncio as aioredis
 from rich.console import Console
 import logfire
 
@@ -16,10 +19,16 @@
 
 @asynccontextmanager
 async def lifespan(app: FastAPI):
-    """Initialize database on startup."""
+    """Initialize database and cache on startup."""
     console.print("[bold green]Initializing database...[/bold green]")
     init_db()
     console.print("[bold green]Database initialized[/bold green]")
+
+    console.print("[bold green]Initializing cache...[/bold green]")
+    redis = aioredis.from_url(settings.redis_url, encoding="utf8", decode_responses=True)
+    FastAPICache.init(RedisBackend(redis), prefix="fastapi-cache")
+    console.print("[bold green]Cache initialized[/bold green]")
+
     yield
 
 

terraform/main.tf

@@ -138,84 +138,84 @@ resource "aws_ecs_cluster" "main" {
   }
 }
 
-# Application Load Balancer
-resource "aws_security_group" "alb" {
-  name        = "${var.project_name}-alb-sg"
-  description = "Security group for Application Load Balancer"
-  vpc_id      = aws_vpc.main.id
-
-  ingress {
-    from_port   = 80
-    to_port     = 80
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  ingress {
-    from_port   = 443
-    to_port     = 443
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  tags = {
-    Name = "${var.project_name}-alb-sg"
-  }
-}
-
-resource "aws_lb" "main" {
-  name               = "${var.project_name}-alb"
-  internal           = false
-  load_balancer_type = "application"
-  security_groups    = [aws_security_group.alb.id]
-  subnets            = aws_subnet.public[*].id
-
-  tags = {
-    Name = "${var.project_name}-alb"
-  }
-}
-
-resource "aws_lb_target_group" "api" {
-  name        = "${var.project_name}-api-tg"
-  port        = 8000
-  protocol    = "HTTP"
-  vpc_id      = aws_vpc.main.id
-  target_type = "ip"
-
-  health_check {
-    enabled             = true
-    healthy_threshold   = 2
-    interval            = 30
-    matcher             = "200"
-    path                = "/health"
-    port                = "traffic-port"
-    protocol            = "HTTP"
-    timeout             = 5
-    unhealthy_threshold = 2
-  }
-
-  tags = {
-    Name = "${var.project_name}-api-tg"
-  }
-}
-
-resource "aws_lb_listener" "api" {
-  load_balancer_arn = aws_lb.main.arn
-  port              = "80"
-  protocol          = "HTTP"
-
-  default_action {
-    type             = "forward"
-    target_group_arn = aws_lb_target_group.api.arn
-  }
-}
+# Application Load Balancer (COMMENTED OUT - Re-enable when AWS Support approves ALB access)
+# resource "aws_security_group" "alb" {
+#   name        = "${var.project_name}-alb-sg"
+#   description = "Security group for Application Load Balancer"
+#   vpc_id      = aws_vpc.main.id
+#
+#   ingress {
+#     from_port   = 80
+#     to_port     = 80
+#     protocol    = "tcp"
+#     cidr_blocks = ["0.0.0.0/0"]
+#   }
+#
+#   ingress {
+#     from_port   = 443
+#     to_port     = 443
+#     protocol    = "tcp"
+#     cidr_blocks = ["0.0.0.0/0"]
+#   }
+#
+#   egress {
+#     from_port   = 0
+#     to_port     = 0
+#     protocol    = "-1"
+#     cidr_blocks = ["0.0.0.0/0"]
+#   }
+#
+#   tags = {
+#     Name = "${var.project_name}-alb-sg"
+#   }
+# }
+#
+# resource "aws_lb" "main" {
+#   name               = "${var.project_name}-alb"
+#   internal           = false
+#   load_balancer_type = "application"
+#   security_groups    = [aws_security_group.alb.id]
+#   subnets            = aws_subnet.public[*].id
+#
+#   tags = {
+#     Name = "${var.project_name}-alb"
+#   }
+# }
+#
+# resource "aws_lb_target_group" "api" {
+#   name        = "${var.project_name}-api-tg"
+#   port        = 8000
+#   protocol    = "HTTP"
+#   vpc_id      = aws_vpc.main.id
+#   target_type = "ip"
+#
+#   health_check {
+#     enabled             = true
+#     healthy_threshold   = 2
+#     interval            = 30
+#     matcher             = "200"
+#     path                = "/health"
+#     port                = "traffic-port"
+#     protocol            = "HTTP"
+#     timeout             = 5
+#     unhealthy_threshold = 2
+#   }
+#
+#   tags = {
+#     Name = "${var.project_name}-api-tg"
+#   }
+# }
+#
+# resource "aws_lb_listener" "api" {
+#   load_balancer_arn = aws_lb.main.arn
+#   port              = "80"
+#   protocol          = "HTTP"
+#
+#   default_action {
+#     type             = "forward"
+#     target_group_arn = aws_lb_target_group.api.arn
+#   }
+# }
 
 # Security group for ECS tasks
 resource "aws_security_group" "ecs" {
@@ -224,10 +224,10 @@ resource "aws_security_group" "ecs" {
   vpc_id      = aws_vpc.main.id
 
   ingress {
-    from_port       = 8000
-    to_port         = 8000
-    protocol        = "tcp"
-    security_groups = [aws_security_group.alb.id]
+    from_port   = 8000
+    to_port     = 8000
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]  # Allow direct access from internet (temporary until ALB is enabled)
   }
 
   egress {
@@ -456,13 +456,14 @@ resource "aws_ecs_service" "api" {
     assign_public_ip = true
   }
 
-  load_balancer {
-    target_group_arn = aws_lb_target_group.api.arn
-    container_name   = "api"
-    container_port   = 8000
-  }
-
-  depends_on = [aws_lb_listener.api]
+  # Load balancer configuration commented out until ALB access is enabled
+  # load_balancer {
+  #   target_group_arn = aws_lb_target_group.api.arn
+  #   container_name   = "api"
+  #   container_port   = 8000
+  # }
+  #
+  # depends_on = [aws_lb_listener.api]
 
   tags = {
     Name = "${var.project_name}-api-service"

terraform/outputs.tf

@@ -8,10 +8,14 @@ output "redis_endpoint" {
   value       = aws_elasticache_cluster.redis.cache_nodes[0].address
 }
 
-output "load_balancer_url" {
-  description = "Load balancer URL for API"
-  value       = "http://${aws_lb.main.dns_name}"
-}
+# output "load_balancer_url" {
+#   description = "Load balancer URL for API"
+#   value       = "http://${aws_lb.main.dns_name}"
+# }
+#
+# Note: Without ALB, you'll need to get the task's public IP manually:
+# aws ecs list-tasks --cluster <cluster_name> --service-name <api_service_name>
+# aws ecs describe-tasks --cluster <cluster_name> --tasks <task_arn>
 
 output "ecs_cluster_name" {
   description = "ECS cluster name"