-
Notifications
You must be signed in to change notification settings - Fork 0
173 lines (144 loc) · 6.16 KB
/
deploy-dashboard.yml
File metadata and controls
173 lines (144 loc) · 6.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
name: Deploy Bot Dashboard (Cloud Run)
on:
push:
branches: [main]
paths:
- 'dashboard/**'
- 'scripts/agent_tracer.py'
- '.github/workflows/deploy-dashboard.yml'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
env:
PROJECT_ID: coderd
GAR_LOCATION: us-central1
REPOSITORY: catalog
SERVICE_NAME: bot-dashboard
REGION: us-central1
jobs:
build-and-deploy:
name: Build and Deploy to Cloud Run
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Free up disk space
run: |
sudo rm -rf /usr/share/dotnet /opt/ghc /usr/local/share/boost "$AGENT_TOOLSDIRECTORY"
docker system prune -af --volumes
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v3
with:
workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v3
- name: Configure Docker for Artifact Registry
run: |
gcloud auth configure-docker ${{ env.GAR_LOCATION }}-docker.pkg.dev --quiet
- name: Create Artifact Registry repository
run: |
if ! gcloud artifacts repositories describe ${{ env.REPOSITORY }} \
--location=${{ env.GAR_LOCATION }} \
--format="get(name)" 2>/dev/null; then
echo "Creating Artifact Registry repository"
gcloud artifacts repositories create ${{ env.REPOSITORY }} \
--repository-format=docker \
--location=${{ env.GAR_LOCATION }} \
--description="Docker repository for Catalog services"
echo "✓ Repository created"
else
echo "✓ Repository exists"
fi
- name: Build and push Docker image
run: |
IMAGE_URL="${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPOSITORY }}/${{ env.SERVICE_NAME }}:${{ github.sha }}"
LATEST_URL="${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPOSITORY }}/${{ env.SERVICE_NAME }}:latest"
docker build \
-t "$IMAGE_URL" \
-t "$LATEST_URL" \
--build-arg NEXT_PUBLIC_GOOGLE_CLIENT_ID="${{ secrets.GOOGLE_CLIENT_ID }}" \
--build-arg NEXT_PUBLIC_APP_URL="https://catalog.vectorinstitute.ai" \
--cache-from type=gha,scope=bot-dashboard \
--cache-to type=gha,mode=max,scope=bot-dashboard \
dashboard/
docker push "$IMAGE_URL"
docker push "$LATEST_URL"
echo "✓ Image pushed: $IMAGE_URL"
echo "image=$IMAGE_URL" >> $GITHUB_OUTPUT
id: build
- name: Deploy to Cloud Run
id: deploy
run: |
gcloud run deploy ${{ env.SERVICE_NAME }} \
--image ${{ steps.build.outputs.image }} \
--region ${{ env.REGION }} \
--platform managed \
--allow-unauthenticated \
--memory=1Gi \
--cpu=1 \
--timeout=300s \
--max-instances=10 \
--min-instances=0 \
--concurrency=80 \
--port=8080 \
--set-env-vars="NODE_ENV=production,NEXT_PUBLIC_GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }},GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }},SESSION_SECRET=${{ secrets.SESSION_SECRET }},NEXT_PUBLIC_APP_URL=https://catalog.vectorinstitute.ai,REDIRECT_URI=https://catalog.vectorinstitute.ai/aieng-bot-maintain/api/auth/callback,ALLOWED_DOMAINS=vectorinstitute.ai" \
--update-labels="deployed-by=github-actions,commit=${{ github.sha }},service=bot-dashboard" \
--quiet
SERVICE_URL=$(gcloud run services describe ${{ env.SERVICE_NAME }} \
--region ${{ env.REGION }} \
--format 'value(status.url)')
echo "url=$SERVICE_URL" >> $GITHUB_OUTPUT
echo "✓ Service deployed at $SERVICE_URL"
- name: Verify deployment
run: |
SERVICE_URL="${{ steps.deploy.outputs.url }}"
echo "Verifying deployment at $SERVICE_URL..."
MAX_RETRIES=20
for i in $(seq 1 $MAX_RETRIES); do
if curl -sf --max-time 10 "${SERVICE_URL}/aieng-bot-maintain/login" > /dev/null 2>&1; then
echo "✓ Service is responding"
exit 0
fi
echo "Attempt $i/$MAX_RETRIES failed, waiting..."
sleep 5
done
echo "✗ Deployment verification failed"
exit 1
- name: Output deployment summary
run: |
cat >> $GITHUB_STEP_SUMMARY << EOF
## 🚀 Bot Dashboard Deployed
**Service URL:** ${{ steps.deploy.outputs.url }}
**Commit:** \`${{ github.sha }}\`
**Region:** ${{ env.REGION }}
### Next Steps
Configure load balancer to route:
- \`catalog.vectorinstitute.ai/aieng-bot-maintain/*\` → Cloud Run service
**Cloud Run Service:** \`${{ env.SERVICE_NAME }}\`
### Manual Load Balancer Setup
If not already configured, run:
\`\`\`bash
# Create network endpoint group
gcloud compute network-endpoint-groups create bot-dashboard-neg \\
--region=us-central1 \\
--network-endpoint-type=serverless \\
--cloud-run-service=bot-dashboard
# Create backend service
gcloud compute backend-services create bot-dashboard-backend \\
--global \\
--load-balancing-scheme=EXTERNAL_MANAGED
gcloud compute backend-services add-backend bot-dashboard-backend \\
--global \\
--network-endpoint-group=bot-dashboard-neg \\
--network-endpoint-group-region=us-central1
# Add path rule to existing URL map (get name first)
# Update path matcher to route /aieng-bot-maintain/* to bot-dashboard-backend
\`\`\`
EOF