Hugging Face's logo

Spaces:
LandingAI
/
vision-agent
Sleeping

App Files Community
vision-agent
File size: 5,109 Bytes 
f2de1e7
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
 
name: build and publish to aws development

on:
  push:
    branches:
      - main

env:
  repo_name: "vision-agent"
  aws_account_id: "970073041993"
  aws_region: "us-east-2"
  cluster_name: "landinglens"
  namespace: "datamanagement"

jobs:
  build:
    runs-on: ubuntu-latest
    environment: aws-development

    permissions:
      id-token: write
      contents: read

    outputs:
      image_tag: ${{ steps.sha_short.outputs.image_tag }}

    steps:
      - uses: actions/checkout@v4

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: arn:aws:iam::${{ env.aws_account_id }}:role/github-actions-role
          aws-region: ${{ env.aws_region }}

      - name: Login to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v2
        with:
          registries: ${{ env.aws_account_id }}
          mask-password: "true" # see: https://github.com/aws-actions/amazon-ecr-login#docker-credentials

      - name: Set short sha
        id: sha_short
        run: |
          echo "image_tag=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

      - uses: docker/setup-buildx-action@v3
      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: ${{ steps.login-ecr.outputs.registry }}/${{ env.repo_name }}:${{ steps.sha_short.outputs.image_tag }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
          provenance: false
          secrets: |
            AUTH_SECRET=${{ vars.AUTH_SECRET }}
            OPENAI_API_KEY=${{ vars.OPENAI_API_KEY }}

  detect_migration_changes:
    runs-on: ubuntu-latest
    outputs:
      migrations: ${{ steps.filter.outputs.migrations }}
    steps:
      - uses: actions/checkout@v4
      - uses: dorny/paths-filter@v3
        id: filter
        with:
          filters: |
            migrations:
              - 'prisma/migrations/**'

  db_migration:
    needs: changes
    if: ${{ needs.changes.outputs.migrations == 'true' }}
    runs-on: ubuntu-latest
    environment: aws-development

    permissions:
      id-token: write
      contents: read

    steps:
      - uses: actions/checkout@v4
      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "20"

      - name: Install pnpm
        run: npm install -g [email protected]

      - name: Install dependencies
        run: pnpm install

      - name: prisma migrate deploy
        env:
          POSTGRES_PRISMA_URL: ${{ vars.DB_MIGRATION_URL }}
          POSTGRES_URL_NON_POOLING: ${{ vars.DB_MIGRATION_URL }}
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.BASTION_SSH_KEY }}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan -H 3.142.222.176 >> ~/.ssh/known_hosts
          ssh -o StrictHostKeyChecking=no -fN -v -L localhost:5432:platform.db.app.dev.landing.ai:5432 [email protected]
          pnpm prisma migrate deploy

  deploy_to_aws_development:
    needs: build

    runs-on: ubuntu-latest
    environment: aws-development

    permissions:
      id-token: write
      contents: read

    steps:
      - uses: actions/checkout@v4

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: arn:aws:iam::${{ env.aws_account_id }}:role/github-actions-role
          aws-region: ${{ env.aws_region }}

      - name: kubeconfig
        run: |
          aws sts get-caller-identity
          aws eks update-kubeconfig --name ${{ env.cluster_name }} --region ${{ env.aws_region }}

      - name: install helm
        run: |
          curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

      - name: helm upgrade --install
        env:
          IMAGE_TAG: ${{ needs.build.outputs.image_tag }}
        run: |
          helm upgrade --install -n ${{ env.namespace }} ${{ env.repo_name }} -f chart/${{ vars.VALUES_FILE }} ./chart \
            --set image.tag=$IMAGE_TAG \
            --set env.AWS_BUCKET_NAME=${{ vars.AWS_BUCKET_NAME }} \
            --set env.AWS_REGION=${{ vars.AWS_REGION }} \
            --set env.NEXTAUTH_URL=${{ vars.NEXTAUTH_URL }} \
            --set env.AUTH_GITHUB_ID=${{ vars.AUTH_GITHUB_ID }} \
            --set env.AUTH_GITHUB_SECRET=${{ vars.AUTH_GITHUB_SECRET }} \
            --set env.AUTH_SECRET=${{ vars.AUTH_SECRET }} \
            --set env.AUTH_TRUST_HOST=${{ vars.AUTH_TRUST_HOST }} \
            --set env.AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }} \
            --set env.AWS_SECRET_ACCESS_KEY=${{ vars.AWS_SECRET_ACCESS_KEY }} \
            --set env.GOOGLE_CLIENT_ID=${{ vars.GOOGLE_CLIENT_ID }} \
            --set env.GOOGLE_SECRET=${{ vars.GOOGLE_SECRET }} \
            --set env.LOKI_AUTH_USER_PASSWORD=${{ vars.LOKI_AUTH_USER_PASSWORD }} \
            --set env.OPENAI_API_KEY=${{ vars.OPENAI_API_KEY }} \
            --set env.POSTGRES_PRISMA_URL=${{ vars.POSTGRES_PRISMA_URL }}