Hugging Face's logo

Spaces:
LandingAI
/
vision-agent
Sleeping

App Files Community
vision-agent
File size: 4,851 Bytes 
cc1a55e
 
 
 
 
648bd9d
 
 
 
 
cc1a55e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
648bd9d
cc1a55e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
6a8047b
cc1a55e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
93889c8
cc1a55e
 
 
 
 
 
 
 
 
 
 
 
 
 
c583763
7e3ba51
648bd9d
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
 
name: deploy to aws production

on: workflow_dispatch

env:
  repo_name: 'vision-agent'
  aws_account_id: '944932498359'
  aws_region: 'us-east-2'
  cluster_name: 'llens-app-production'
  namespace: 'datamanagement'

jobs:
  db_migration:
    runs-on: ubuntu-latest
    environment: aws-production

    permissions:
      id-token: write
      contents: read

    steps:
      - uses: actions/checkout@v4
        with:
          ref: main

      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'

      - name: Install pnpm
        run: npm install -g pnpm@9.1.1

      - name: Install dependencies
        run: pnpm install

      - name: prisma migrate deploy
        env:
          POSTGRES_PRISMA_URL: ${{ vars.DB_MIGRATION_URL }}
          POSTGRES_URL_NON_POOLING: ${{ vars.DB_MIGRATION_URL }}
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.BASTION_SSH_KEY }}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan -H 3.142.222.176 >> ~/.ssh/known_hosts
          ssh -o StrictHostKeyChecking=no -fN -v -L localhost:5432:platform.db.app.landing.ai:5432 ubuntu@ec2-3-142-222-176.us-east-2.compute.amazonaws.com
          pnpm prisma migrate deploy

  deploy_to_aws_production:
    needs: db_migration

    runs-on: ubuntu-latest
    environment: aws-production

    permissions:
      id-token: write
      contents: write

    steps:
      - uses: actions/checkout@v4
        with:
          ref: main

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: arn:aws:iam::${{ env.aws_account_id }}:role/github-actions-role
          aws-region: ${{ env.aws_region }}

      - name: kubeconfig
        run: |
          aws sts get-caller-identity
          aws eks update-kubeconfig --name ${{ env.cluster_name }} --region ${{ env.aws_region }}

      - name: install helm
        run: |
          curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

      - name: get image tag based on the sha
        id: sha_short
        run: |
          echo "image_tag=$(git rev-parse --short HEAD)"
          echo "image_tag=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

      - name: helm upgrade --install
        env:
          IMAGE_TAG: ${{ steps.sha_short.outputs.image_tag }}
        run: |
          helm upgrade --install --wait -n ${{ env.namespace }} ${{ env.repo_name }} -f chart/${{ vars.VALUES_FILE }} ./chart \
            --set image.tag=$IMAGE_TAG \
            --set env.AWS_BUCKET_NAME=${{ vars.AWS_BUCKET_NAME }} \
            --set env.AWS_REGION=${{ vars.AWS_REGION }} \
            --set env.NEXTAUTH_URL=${{ vars.NEXTAUTH_URL }} \
            --set env.AUTH_GITHUB_ID=${{ vars.AUTH_GITHUB_ID }} \
            --set env.AUTH_GITHUB_SECRET=${{ vars.AUTH_GITHUB_SECRET }} \
            --set env.AUTH_SECRET=${{ vars.AUTH_SECRET }} \
            --set env.AUTH_TRUST_HOST=${{ vars.AUTH_TRUST_HOST }} \
            --set env.AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }} \
            --set env.AWS_SECRET_ACCESS_KEY=${{ vars.AWS_SECRET_ACCESS_KEY }} \
            --set env.GOOGLE_CLIENT_ID=${{ vars.GOOGLE_CLIENT_ID }} \
            --set env.GOOGLE_SECRET=${{ vars.GOOGLE_SECRET }} \
            --set env.LOKI_AUTH_USER_PASSWORD=${{ vars.LOKI_AUTH_USER_PASSWORD }} \
            --set env.OPENAI_API_KEY=${{ vars.OPENAI_API_KEY }} \
            --set env.POSTGRES_PRISMA_URL=${{ vars.POSTGRES_PRISMA_URL }} \
            --set env.AGENT_HOST=${{ vars.AGENT_HOST }}

      - name: Generate new tag
        id: vars
        run: |
          NEW_TAG_BASE="aws-production-$(date +%Y-%m-%d)"
          LAST_TAG=$(git ls-remote --tags origin "${NEW_TAG_BASE}*" | awk -F'\t' '{print $2}' | sort -V | tail -1)
          if [[ $LAST_TAG == refs/tags/${NEW_TAG_BASE}* ]]; then
            INDEX=$(echo $LAST_TAG | awk -F"/" '{print $NF}' )
            INDEX=$((INDEX + 1))
          else
            INDEX=1
          fi
          NEW_TAG="${NEW_TAG_BASE}/${INDEX}"

          echo "NEW_TAG=${NEW_TAG}" >> $GITHUB_ENV

      - name: Push new tag
        run: |
          git tag $NEW_TAG
          git push origin $NEW_TAG

      - name: Create production release with generated release notes
        env:
          GH_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }}
        run: |
          # List all releases and filter out drafts
          draft_releases=$(gh release list --json tagName,isDraft --jq '.[] | select(.isDraft) | .tagName')

          # Loop through each draft release and delete it (created by cicd.yml)
          for release in $draft_releases; do
            echo "Deleting draft release: $release"
            gh release delete "$release" --yes
          done
          gh release create $NEW_TAG --generate-notes