Spaces:

LandingAI
/

vision-agent

Running

App Files Files Community

vision-agent / .github /workflows /prod-deploy.yml

MingruiZhang

build: Simplify release note to production only and use existing solutions (#120)

882b826 unverified 3 days ago

raw history blame contribute delete

No virus

4.17 kB

	name: deploy to aws production

	on: workflow_dispatch

	env:
	repo_name: 'vision-agent'
	aws_account_id: '944932498359'
	aws_region: 'us-east-2'
	cluster_name: 'llens-app-production'
	namespace: 'datamanagement'

	jobs:
	db_migration:
	runs-on: ubuntu-latest
	environment: aws-production

	permissions:
	id-token: write
	contents: read

	steps:
	- uses: actions/checkout@v4
	with:
	ref: main

	- name: Set up Node.js
	uses: actions/setup-node@v4
	with:
	node-version: '20'

	- name: Install pnpm
	run: npm install -g pnpm@9.1.1

	- name: Install dependencies
	run: pnpm install

	- name: prisma migrate deploy
	env:
	POSTGRES_PRISMA_URL: ${{ vars.DB_MIGRATION_URL }}
	POSTGRES_URL_NON_POOLING: ${{ vars.DB_MIGRATION_URL }}
	run: \|
	mkdir -p ~/.ssh
	echo "${{ secrets.BASTION_SSH_KEY }}" > ~/.ssh/id_ed25519
	chmod 600 ~/.ssh/id_ed25519
	ssh-keyscan -H 3.142.222.176 >> ~/.ssh/known_hosts
	ssh -o StrictHostKeyChecking=no -fN -v -L localhost:5432:platform.db.app.landing.ai:5432 ubuntu@ec2-3-142-222-176.us-east-2.compute.amazonaws.com
	pnpm prisma migrate deploy

	deploy_to_aws_production:
	needs: db_migration

	runs-on: ubuntu-latest
	environment: aws-production

	permissions:
	id-token: write
	contents: write

	steps:
	- uses: actions/checkout@v4
	with:
	ref: main

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: arn:aws:iam::${{ env.aws_account_id }}:role/github-actions-role
	aws-region: ${{ env.aws_region }}

	- name: kubeconfig
	run: \|
	aws sts get-caller-identity
	aws eks update-kubeconfig --name ${{ env.cluster_name }} --region ${{ env.aws_region }}

	- name: install helm
	run: \|
	curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 \| bash

	- name: get image tag based on the sha
	id: sha_short
	run: \|
	echo "image_tag=$(git rev-parse --short HEAD)"
	echo "image_tag=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

	- name: helm upgrade --install
	env:
	IMAGE_TAG: ${{ steps.sha_short.outputs.image_tag }}
	run: \|
	helm upgrade --install --wait -n ${{ env.namespace }} ${{ env.repo_name }} -f chart/${{ vars.VALUES_FILE }} ./chart \
	--set image.tag=$IMAGE_TAG \
	--set env.AWS_BUCKET_NAME=${{ vars.AWS_BUCKET_NAME }} \
	--set env.AWS_REGION=${{ vars.AWS_REGION }} \
	--set env.NEXTAUTH_URL=${{ vars.NEXTAUTH_URL }} \
	--set env.AUTH_GITHUB_ID=${{ vars.AUTH_GITHUB_ID }} \
	--set env.AUTH_GITHUB_SECRET=${{ vars.AUTH_GITHUB_SECRET }} \
	--set env.AUTH_SECRET=${{ vars.AUTH_SECRET }} \
	--set env.AUTH_TRUST_HOST=${{ vars.AUTH_TRUST_HOST }} \
	--set env.AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }} \
	--set env.AWS_SECRET_ACCESS_KEY=${{ vars.AWS_SECRET_ACCESS_KEY }} \
	--set env.GOOGLE_CLIENT_ID=${{ vars.GOOGLE_CLIENT_ID }} \
	--set env.GOOGLE_SECRET=${{ vars.GOOGLE_SECRET }} \
	--set env.LOKI_AUTH_USER_PASSWORD=${{ vars.LOKI_AUTH_USER_PASSWORD }} \
	--set env.OPENAI_API_KEY=${{ vars.OPENAI_API_KEY }} \
	--set env.POSTGRES_PRISMA_URL=${{ vars.POSTGRES_PRISMA_URL }} \
	--set env.AGENT_HOST=${{ vars.AGENT_HOST }}

	- name: Generate release tag
	id: release_tag
	uses: amitsingh-007/next-release-tag@v6.0.0
	with:
	github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
	tag_prefix: 'v'
	tag_template: 'yyyy.mm.dd.i'

	- name: Create new release
	uses: softprops/action-gh-release@v2
	with:
	name: Release ${{ steps.release_tag.outputs.next_release_tag }}
	tag_name: ${{ steps.release_tag.outputs.next_release_tag }}
	token: ${{secrets.REPO_ACCESS_TOKEN}}
	generate_release_notes: true