chore: fix the new deployment file

Author: yagarwal1307

.github/workflows/china-deployment-new.yml

@@ -13,89 +13,6 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: read
-    env:
-      _MENTRA_APP_MIN_INSTANCES: "1"
-      _MENTRA_APP_MAX_INSTANCES: "2"
-      _MENTRA_APP_USE_SPECS: 2.0-4.0Gi
-      _MENTRA_APP_VSWITCH: vsw-wz94gyb5cinmsod89a4tj, vsw-wz9p9qoldncmf9k5se950
-      _MENTRA_APP_SECURITY_GROUP: sg-wz95j71022jl4tezfozp
-      _MENTRA_APP_CONTAINER_GROUP_NAME: mentraos-dev-api-cg
-      _MENTRA_APP_CONTAINER_NAME: mentraos-dev-api-eci
-      _MENTRA_APP_SCALING_CONFIGURATION_NAME: mentraos-dev-api-scalingConfiguration
-      _MENTRA_APP_IMAGE: mentra-acr-cnsz-a-registry-vpc.cn-shenzhen.cr.aliyuncs.com/dev/api:latest
-      NODE_ENV: production
-      PORT: "80"
-      SYSTEM_DASHBOARD_PACKAGE_NAME: system.augmentos.dashboard
-      CLOUD_VERSION: 2.1.2
-      REDEPLOY: 2
-      DEPLOYMENT_REGION: china
-      ADMIN_EMAILS: israelov@mentra.glass, isaiah@mentra.glass, matt@mentra.glass, cayden@mentra.glass, nicolo@mentra.glass, team@mentra.glass
-      CLOUD_PUBLIC_HOST_NAME: api.mentraglass.cn
-      CLOUD_HOST_NAME: api.mentraglass.cn
-      CLOUD_LOCAL_HOST_NAME: cloud-prod-cloud.default.svc.cluster.local:80
-      PORTER_APP_NAME: cloud-prod
-      ACR_INSTANCE_ID: cri-h675v46p9lj694l6
-      ACR_REGION_ID: cn-shenzhen
-      ACR_PUBLIC_DOMAIN: mentra-acr-cnsz-a-registry.cn-shenzhen.cr.aliyuncs.com
-      # Mentra config
-      MONGO_URL: ${{ secrets.MONGO_URL }}
-      AUGMENTOS_AUTH_JWT_SECRET: ${{ secrets.AUGMENTOS_AUTH_JWT_SECRET }}
-      INVITE_JWT_SECRET: ${{ secrets.INVITE_JWT_SECRET }}
-      JOE_MAMA_USER_JWT: ${{ secrets.JOE_MAMA_USER_JWT }}
-      TPA_AUTH_JWT_PRIVATE_KEY: ${{ secrets.TPA_AUTH_JWT_PRIVATE_KEY }}
-      # Livekit config
-      LIVEKIT_URL: ${{ secrets.LIVEKIT_URL }}
-      LIVEKIT_API_SECRET: ${{ secrets.LIVEKIT_API_SECRET }}
-      LIVEKIT_API_KEY: ${{ secrets.LIVEKIT_API_KEY }}
-      # Authing config
-      AUTHING_APP_SECRET: ${{ secrets.AUTHING_APP_SECRET }}
-      AUTHING_APP_ID: ${{ secrets.AUTHING_APP_ID }}
-      AUTHING_APP_HOST: ${{ secrets.AUTHING_APP_HOST }}
-      # Supabase config
-      SUPABASE_URL: ${{ secrets.SUPABASE_URL }}
-      SUPABASE_SERVICE_KEY: ${{ secrets.SUPABASE_SERVICE_KEY }}
-      SUPABASE_JWT_SECRET: ${{ secrets.SUPABASE_JWT_SECRET }}
-      # Azure OpenAI config
-      AZURE_OPENAI_API_DEPLOYMENT_NAME: gpt-4o
-      AZURE_OPENAI_API_INSTANCE_NAME: mentra-uscentral-resource
-      AZURE_OPENAI_API_KEY: ${{ secrets.AZURE_OPENAI_API_KEY }}
-      AZURE_OPENAI_API_VERSION: 2024-08-01-preview
-      # Azure Speech config
-      AZURE_SPEECH_KEY: ${{ secrets.AZURE_SPEECH_KEY }}
-      AZURE_SPEECH_REGION: centralus
-      # Soniox config
-      SONIOX_API_KEY: ${{ secrets.SONIOX_API_KEY }}
-      # Anthropic config
-      ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
-      # ElevenLabs config
-      ELEVENLABS_API_KEY: ${{ secrets.ELEVENLABS_API_KEY }}
-      ELEVENLABS_DEFAULT_VOICE_ID: TX3LPaxmHKxFdv7VOQHJ
-      # OpenAI config
-      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-      # LLM config
-      LLM_MODEL: gpt-4o
-      LLM_PROVIDER: azure
-      # Alibaba config
-      ALIBABA_ENDPOINT: ${{ secrets.ALIBABA_ENDPOINT }}
-      ALIBABA_WORKSPACE: ${{ secrets.ALIBABA_WORKSPACE }}
-      ALIBABA_DASHSCOPE_API_KEY: ${{ secrets.ALIBABA_DASHSCOPE_API_KEY }}
-      ALIBABA_ACCESS_KEY_ID: ${{ secrets.ALIBABA_ACCESS_KEY_ID }}
-      ALIBABA_ACCESS_KEY_SECRET: ${{ secrets.ALIBABA_ACCESS_KEY_SECRET }}
-      # BetterStack config
-      BETTERSTACK_SOURCE_TOKEN: ${{ secrets.BETTERSTACK_SOURCE_TOKEN }}
-      # Posthog config
-      POSTHOG_HOST: https://us.i.posthog.com
-      POSTHOG_PROJECT_API_KEY: ${{ secrets.POSTHOG_PROJECT_API_KEY }}
-      # Sentry config
-      SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
-      # SerpAPI config
-      SERPAPI_API_KEY: ${{ secrets.SERPAPI_API_KEY }}
-      # Cloudflare config
-      CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-      CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-      CLOUD_URL: cloud
-      # Resend config
-      RESEND_API_KEY: ${{ secrets.RESEND_API_KEY }}
 
     steps:
       # 1. Checkout source code
@@ -105,152 +22,126 @@ jobs:
       - id: vars
         run: echo "sha_short=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
 
-      # 3. Compute Docker tags dynamically
-      - id: docker-tags
-        run: |
-          BRANCH=${GITHUB_REF_NAME//\//-}
-          echo "tags=$BRANCH latest" >> "$GITHUB_OUTPUT"
-
-      # 4. Docker Buildx
-      - uses: docker/setup-buildx-action@v2
-
-      # 5. Install Alibaba Cloud CLI
-      - name: Install Alibaba Cloud CLI
-        run: |
-          curl -sSL https://aliyuncli.alicdn.com/aliyun-cli-linux-latest-amd64.tgz | tar -xz
-          sudo mv aliyun /usr/local/bin/
-
-      # 6. Configure Alibaba CLI with long-lived AK/SK
-      - name: Configure Alibaba Cloud CLI
-        run: |
-          aliyun configure set \
-            --profile default \
-            --mode AK \
-            --region $ACR_REGION_ID \
-            --access-key-id ${{ secrets.ALIBABA_ACCESS_KEY_ID }} \
-            --access-key-secret ${{ secrets.ALIBABA_ACCESS_KEY_SECRET }}
-        shell: bash
-
-      # 7. Get temporary Docker login token
-      - id: acr-token
-        run: |
-          TOKEN=$(aliyun cr GetAuthorizationToken \
-            --InstanceId $ACR_INSTANCE_ID \
-            --RegionId $ACR_REGION_ID \
-            | jq -r '.AuthorizationToken')
-          echo "token=$TOKEN" >> "$GITHUB_OUTPUT"
-
-      # 8. Docker login with temporary token
-      - name: Docker Login to ACR
-        run: |
-          docker login \
-            --username cr_temp_user \
-            --password ${{ steps.acr-token.outputs.token }} \
-            $ACR_PUBLIC_DOMAIN
-
-      # 9. Build & push Docker image
-      - uses: docker/build-push-action@v4
+      - uses: Mentra-Community/cloud-actions/deploy-app-alibaba@v1
         with:
-          context: ./cloud
-          file: ./cloud/docker/Dockerfile.livekit
-          push: true
-          tags: |
-            ${{ env.ACR_PUBLIC_DOMAIN }}/dev/api:${{ steps.vars.outputs.sha_short }}
-            ${{ env.ACR_PUBLIC_DOMAIN }}/dev/api:latest
-
-      # 10. Replace secrets in autoscaling config
-      - name: Replace secrets in autoscaling config
-        run: |
-          envsubst < .github/workflows/eci-autoscaling-config-new.yml > final-deployment.yml
-        shell: bash
-
-      # 11. Fetch Scaling Group ID
-      - name: Fetch Scaling Group ID
-        id: fetch-sg
-        run: |
-          set -e
-          SCALING_GROUP_NAME="mentraos-dev-api-scalingGroup"
-
-          echo "🔍 Fetching Scaling Group ID..."
-          RAW_JSON=$(aliyun ess DescribeScalingGroups \
-            --RegionId $ACR_REGION_ID \
-            --ScalingGroupName $SCALING_GROUP_NAME)
-
-          SCALING_GROUP_ID=$(echo "$RAW_JSON" | jq -r '.ScalingGroups.ScalingGroup[0].ScalingGroupId')
-          echo "Scaling_Group_ID=$SCALING_GROUP_ID" >> $GITHUB_OUTPUT
-
-      # 12. Create Scaling Configuration
-      - name: Create Scaling Configuration
-        id: create-config
-        run: |
-          echo "🧩 Creating new scaling configuration..."
-          CONFIG_JSON=$(aliyun ess ApplyEciScalingConfiguration \
-            --RegionId $ACR_REGION_ID \
-            --ScalingGroupId ${{ steps.fetch-sg.outputs.Scaling_Group_ID }} \
-            --Content "$(cat final-deployment.yml)" \
-            --version 2022-02-22 --method POST --force)
-
-          CONFIG_ID=$(echo "$CONFIG_JSON" | jq -r '.ScalingConfigurationId')
-          echo "Scaling_Configuration_ID=$CONFIG_ID" >> $GITHUB_OUTPUT
-          echo "✅ Created scaling configuration: $CONFIG_ID"
-
-      # 13. Start Instance Refresh
-      - name: Start Instance Refresh
-        id: start-refresh
-        run: |
-          set -e
-          echo "🚀 Starting instance refresh..."
-          REFRESH_JSON=$(aliyun ess StartInstanceRefresh \
-            --ScalingGroupId ${{ steps.fetch-sg.outputs.Scaling_Group_ID }} \
-            --DesiredConfiguration.ScalingConfigurationId ${{ steps.create-config.outputs.Scaling_Configuration_ID }} \
-            --Strategy Rolling \
-            --DesiredPercentage 100 \
-            --SkipMatching false \
-            --version 2022-02-22 --method POST --force)
-
-          REFRESH_ID=$(echo "$REFRESH_JSON" | jq -r '.InstanceRefreshTaskId')
-          echo "Instance_Refresh_Task_ID=$REFRESH_ID" >> $GITHUB_OUTPUT
-          echo "🌀 Started Instance Refresh Task: $REFRESH_ID"
-
-      # 14. Monitor Instance Refresh
-      - name: Monitor Instance Refresh
-        run: |
-          set -e
-          MAX_ATTEMPTS=40
-          INTERVAL=15
-
-          SCALING_GROUP_ID="${{ steps.fetch-sg.outputs.Scaling_Group_ID }}"
-          INSTANCE_REFRESH_TASK_ID="${{ steps.start-refresh.outputs.Instance_Refresh_Task_ID }}"
-
-          for ((i=1; i<=MAX_ATTEMPTS; i++)); do
-            STATUS_JSON=$(aliyun ess DescribeInstanceRefreshes \
-              --ScalingGroupId "$SCALING_GROUP_ID" \
-              --InstanceRefreshTaskIds "$INSTANCE_REFRESH_TASK_ID" \
-              --RegionId "$ACR_REGION_ID" \
-              --method GET \
-              --version 2022-02-22 \
-              --force)
-
-            # Extract the status of the specified instance refresh task
-            STATUS=$(echo "$STATUS_JSON" | jq -r '.InstanceRefreshTasks[0].Status')
-            echo "⏱️ Attempt $i: Current status = $STATUS"
-
-            case "$STATUS" in
-              Successful)
-                echo "✅ Instance refresh completed successfully!"
-                exit 0
-                ;;
-              Failed)
-                echo "❌ Instance refresh failed!"
-                exit 1
-                ;;
-              InProgress)
-                echo "⏳ Instance refresh in progress..."
-                ;;
-              *)
-                echo "⚠️ Unexpected status: $STATUS"
-                ;;
-            esac
-
-            sleep $INTERVAL
-          done
+          environment: "dev"
+          alibaba-access-key-id: ${{ secrets.ALIBABA_ACCESS_KEY_ID }}
+          alibaba-access-key-secret: ${{ secrets.ALIBABA_ACCESS_KEY_SECRET }}
+          deployment-region: "cn-shenzhen"
+          app-name: "api"
+          acr-instance-id: "cri-h675v46p9lj694l6"
+          acr-vpc-domain: "mentra-acr-cnsz-a-registry-vpc.cn-shenzhen.cr.aliyuncs.com"
+          acr-public-domain: "mentra-acr-cnsz-a-registry.cn-shenzhen.cr.aliyuncs.com"
+          docker-context: "./cloud"
+          dockerfile: "./cloud/docker/Dockerfile.livekit"
+          image-tag: ${{ steps.vars.outputs.sha_short }}
+          min-instances: 1
+          max-instances: 2
+          use-specs: "2.0-4.0Gi"
+          vswitch: "vsw-wz94gyb5cinmsod89a4tj, vsw-wz9p9qoldncmf9k5se950"
+          security-group: "sg-wz95j71022jl4tezfozp"
+          env-yaml: |
+            - name: redeploy
+              value: "2"
+            - name: DEPLOYMENT_REGION
+              value: "china"
+            - name: NODE_ENV
+              value: "production"
+            - name: PORT
+              value: "80"
+            - name: SYSTEM_DASHBOARD_PACKAGE_NAME
+              value: "system.augmentos.dashboard"
+            - name: CLOUD_VERSION
+              value: "2.1.2"
+            - name: ADMIN_EMAILS
+              value: "israelov@mentra.glass, isaiah@mentra.glass, matt@mentra.glass, cayden@mentra.glass, nicolo@mentra.glass, team@mentra.glass"
+            - name: CLOUD_PUBLIC_HOST_NAME
+              value: "api.mentraglass.cn"
+            - name: CLOUD_HOST_NAME
+              value: "api.mentraglass.cn"
+            - name: CLOUD_LOCAL_HOST_NAME
+              value: "cloud-prod-cloud.default.svc.cluster.local:80"
+            - name: PORTER_APP_NAME
+              value: "cloud-prod"
+            - name: MONGO_URL
+              value: "${{ secrets.MONGO_URL }}"
+            - name: AUGMENTOS_AUTH_JWT_SECRET
+              value: "${{ secrets.AUGMENTOS_AUTH_JWT_SECRET }}"
+            - name: INVITE_JWT_SECRET
+              value: "${{ secrets.INVITE_JWT_SECRET }}"
+            - name: JOE_MAMA_USER_JWT
+              value: "${{ secrets.JOE_MAMA_USER_JWT }}"
+            - name: TPA_AUTH_JWT_PRIVATE_KEY
+              value: "${{ secrets.TPA_AUTH_JWT_PRIVATE_KEY }}"
+            - name: LIVEKIT_URL
+              value: "${{ secrets.LIVEKIT_URL }}"
+            - name: LIVEKIT_API_SECRET
+              value: "${{ secrets.LIVEKIT_API_SECRET }}"
+            - name: LIVEKIT_API_KEY
+              value: "${{ secrets.LIVEKIT_API_KEY }}"
+            - name: AUTHING_APP_SECRET
+              value: "${{ secrets.AUTHING_APP_SECRET }}"
+            - name: AUTHING_APP_ID
+              value: "${{ secrets.AUTHING_APP_ID }}"
+            - name: AUTHING_APP_HOST
+              value: "${{ secrets.AUTHING_APP_HOST }}"
+            - name: SUPABASE_URL
+              value: "${{ secrets.SUPABASE_URL }}"
+            - name: SUPABASE_SERVICE_KEY
+              value: "${{ secrets.SUPABASE_SERVICE_KEY }}"
+            - name: SUPABASE_JWT_SECRET
+              value: "${{ secrets.SUPABASE_JWT_SECRET }}"
+            - name: AZURE_OPENAI_API_DEPLOYMENT_NAME
+              value: "gpt-4o"
+            - name: AZURE_OPENAI_API_INSTANCE_NAME
+              value: "mentra-uscentral-resource"
+            - name: AZURE_OPENAI_API_KEY
+              value: "${{ secrets.AZURE_OPENAI_API_KEY }}"
+            - name: AZURE_OPENAI_API_VERSION
+              value: "2024-08-01-preview"
+            - name: AZURE_SPEECH_KEY
+              value: "${{ secrets.AZURE_SPEECH_KEY }}"
+            - name: AZURE_SPEECH_REGION
+              value: "centralus"
+            - name: SONIOX_API_KEY
+              value: "${{ secrets.SONIOX_API_KEY }}"
+            - name: ANTHROPIC_API_KEY
+              value: "${{ secrets.ANTHROPIC_API_KEY }}"
+            - name: ELEVENLABS_API_KEY
+              value: "${{ secrets.ELEVENLABS_API_KEY }}"
+            - name: ELEVENLABS_DEFAULT_VOICE_ID
+              value: "TX3LPaxmHKxFdv7VOQHJ"
+            - name: OPENAI_API_KEY
+              value: "${{ secrets.OPENAI_API_KEY }}"
+            - name: LLM_MODEL
+              value: "gpt-4o"
+            - name: LLM_PROVIDER
+              value: "azure"
+            - name: ALIBABA_ENDPOINT
+              value: "${{ secrets.ALIBABA_ENDPOINT }}"
+            - name: ALIBABA_WORKSPACE
+              value: "${{ secrets.ALIBABA_WORKSPACE }}"
+            - name: ALIBABA_DASHSCOPE_API_KEY
+              value: "${{ secrets.ALIBABA_DASHSCOPE_API_KEY }}"
+            - name: ALIBABA_ACCESS_KEY_ID
+              value: "${{ secrets.ALIBABA_ACCESS_KEY_ID }}"
+            - name: ALIBABA_ACCESS_KEY_SECRET
+              value: "${{ secrets.ALIBABA_ACCESS_KEY_SECRET }}"
+            - name: BETTERSTACK_SOURCE_TOKEN
+              value: "${{ secrets.BETTERSTACK_SOURCE_TOKEN }}"
+            - name: POSTHOG_HOST
+              value: "https://us.i.posthog.com"
+            - name: POSTHOG_PROJECT_API_KEY
+              value: "${{ secrets.POSTHOG_PROJECT_API_KEY }}"
+            - name: SENTRY_DSN
+              value: "${{ secrets.SENTRY_DSN }}"
+            - name: SERPAPI_API_KEY
+              value: "${{ secrets.SERPAPI_API_KEY }}"
+            - name: CLOUDFLARE_ACCOUNT_ID
+              value: "${{ secrets.CLOUDFLARE_ACCOUNT_ID }}"
+            - name: CLOUDFLARE_API_TOKEN
+              value: "${{ secrets.CLOUDFLARE_API_TOKEN }}"
+            - name: CLOUD_URL
+              value: "cloud"
+            - name: RESEND_API_KEY
+              value: "${{ secrets.RESEND_API_KEY }}"