MikeWatch Forks of the Mike legal-AI codebase, distilled for legal-tech readers
Home · easterbrooka/mike · PR #1

Add AWS S3 support and backend Docker image for ECS deployment

✅ merged · #1 · easterbrooka/mike ← easterbrooka/mike · opened 22d ago by easterbrooka · merged 22d ago by easterbrooka · self · +246-20 across 5 files · ↗ on GitHub

From the PR description

Summary

This PR adds AWS S3 storage support alongside Cloudflare R2, and introduces a production-ready Docker image for deploying the backend to AWS ECS Fargate. The changes enable the Mike backend to run on AWS infrastructure while maintaining backward compatibility with R2.

Key Changes

  • Storage abstraction: Updated backend/src/lib/storage.ts to support both Cloudflare R2 and AWS S3

    • Made endpoint and explicit credentials optional
    • Region now falls back through R2_REGIONAWS_REGION"auto" (required for R2)
    • On ECS, the SDK automatically picks up credentials from the task role via the default credential provider chain
    • Local development can use explicit IAM user credentials or task role credentials

  • Backend Dockerfile: Added multi-stage Docker build (backend/Dockerfile)

    • Node 22 slim base with LibreOffice Writer (for DOCX → PDF conversion)
    • Includes tini for proper signal handling
    • Runs as non-root node user for security
    • Optimized for ECS deployment (~800 MB-1 GB image size)

  • Build optimization: Added backend/.dockerignore to keep build context minimal (source + lock files only)

  • Documentation: Updated backend/.env.example to reflect the new optional environment variable shape with clear guidance for R2 vs. AWS S3 configuration

Implementation Details

  • The storage client now uses conditional spreading to only include endpoint and credentials when explicitly provided, allowing the AWS SDK's default credential provider chain to work on ECS
  • Region resolution prioritizes explicit R2_REGION for R2 compatibility, falls back to AWS_REGION (auto-set in ECS), then defaults to "auto" for R2
  • Storage is considered enabled if either explicit credentials are present OR an AWS region is configured (supporting both R2 and AWS S3 scenarios)
  • The Dockerfile uses a builder stage to compile TypeScript and prune dev dependencies, then copies only the compiled output to the runtime stage

Notes

A comprehensive handoff document (HANDOFF.md) has been added with deployment architecture, AWS identifiers, IAM policies, and step-by-step instructions for the next phase (ECR push and ECS setup).

https://claude.ai/code/session_01KARUG9zoQ24h3xfuspk2x3

Our analysis

Add AWS S3 support and ECS-ready Docker image for the backend — read the full analysis →

Think the analysis missed something the PR description covers?

Capture this PR into my fork

Download a Markdown prompt that tells Claude how to port every commit in this PR into your working tree. Run it via claude -p < capture-pull-1.md from inside the repo you want the changes in.

⬇ Download capture-pull-1.md