Deploy Backend API #370
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Backend API | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- "apps/server/**" | |
workflow_dispatch: | |
env: | |
ACR_REPOSITORY: "l3-api" | |
TR_DIRECTORY: "apps/server/terraform" | |
jobs: | |
Build: | |
name: Build Application Container | |
timeout-minutes: 15 | |
runs-on: ubuntu-latest | |
outputs: | |
tag_name: ${{ steps.build-image.outputs.TAG_NAME }} | |
environment: dev | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: "Build and push image" | |
uses: azure/docker-login@v1 | |
with: | |
login-server: ${{ vars.ACR_REGISTRY }} | |
username: ${{ secrets.AZURE_USERNAME }} | |
password: ${{ secrets.AZURE_PASSWORD }} | |
- run: | | |
docker build -t ${{ vars.ACR_REGISTRY }}/${{ env.ACR_REPOSITORY }}:${{ github.sha }} -f apps/server/docker/Dockerfile apps/server | |
docker push ${{ vars.ACR_REGISTRY }}/${{ env.ACR_REPOSITORY }}:${{ github.sha }} | |
echo "TAG_NAME=${{ github.sha }}" >> $GITHUB_ENV | |
Init_dev: | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
environment: dev | |
env: | |
ENVIRONMENT: dev | |
defaults: | |
run: | |
shell: bash | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Change file name | |
run: | | |
mv ${{ github.workspace }}/${{ env.TR_DIRECTORY }}/varfiles/${{ env.ENVIRONMENT }}.tfvars ${{ github.workspace }}/${{ env.TR_DIRECTORY }}/${{ env.ENVIRONMENT }}.auto.tfvars | |
- name: Update task_container_version | |
run: | | |
TFVARS="${{ github.workspace }}/${{ env.TR_DIRECTORY }}/${{ env.ENVIRONMENT }}.auto.tfvars" | |
echo -e "client_id = \"${{ secrets.azure_client_id }}\"\n" >> $TFVARS | |
echo -e "client_secret = \"${{ secrets.azure_client_secret }}\"\n" >> $TFVARS | |
echo -e "subscription_id = \"${{ secrets.azure_subscription_id }}\"\n" >> $TFVARS | |
echo -e "tenant_id = \"${{ secrets.azure_tenant_id }}\"\n" >> $TFVARS | |
echo -e "task_container_registry = \"${{ vars.ACR_REGISTRY }}\"\n" >> $TFVARS | |
echo -e "task_container_name = \"${{ env.ACR_REPOSITORY }}\"\n" >> $TFVARS | |
echo -e "task_container_version = \"${{ github.sha }}\"\n" >> $TFVARS | |
echo -e "azure_acr_username = \"${{ secrets.AZURE_USERNAME }}\"\n" >> $TFVARS | |
echo -e "azure_acr_password = \"${{ secrets.AZURE_PASSWORD }}\"\n" >> $TFVARS | |
echo -e "github_personal_access_token = \"${{ secrets.PERSONAL_ACCESS_TOKEN }}\"\n" >> $TFVARS | |
echo -e "environment = \"${{ env.ENVIRONMENT }}\"\n" >> $TFVARS | |
echo -e "OPENAI_API_KEY = \"${{ secrets.OPENAI_API_KEY }}\"\n" >> $TFVARS | |
echo -e "DB_NAME = \"${{ secrets.DB_NAME }}\"\n" >> $TFVARS | |
echo -e "DB_HOST = \"${{ secrets.DB_HOST }}\"\n" >> $TFVARS | |
echo -e "DB_PORT = \"${{ vars.DB_PORT }}\"\n" >> $TFVARS | |
echo -e "DB_USER = \"${{ secrets.DB_USER }}\"\n" >> $TFVARS | |
echo -e "DB_PASS = \"${{ secrets.DB_PASS }}\"\n" >> $TFVARS | |
echo -e "SENTRY_DSN = \"${{ secrets.SENTRY_DSN }}\"\n" >> $TFVARS | |
echo -e "AZURE_PUBSUB_CONNECTION_STRING = \"${{ secrets.AZURE_PUBSUB_CONNECTION_STRING }}\"\n" >> $TFVARS | |
echo -e "AZURE_PUBSUB_HUB_NAME = \"${{ secrets.AZURE_PUBSUB_HUB_NAME }}\"\n" >> $TFVARS | |
echo -e "ZEP_API_URL = \"${{ vars.ZEP_API_URL }}\"\n" >> $TFVARS | |
echo -e "ZEP_API_KEY = \"${{ secrets.ZEP_API_KEY }}\"\n" >> $TFVARS | |
echo -e "SERPAPI_API_KEY = \"${{ secrets.SERPAPI_API_KEY }}\"\n" >> $TFVARS | |
echo -e "LANGCHAIN_TRACING_V2 = \"${{ vars.LANGCHAIN_TRACING_V2 }}\"\n" >> $TFVARS | |
echo -e "LANGCHAIN_ENDPOINT = \"${{ vars.LANGCHAIN_ENDPOINT }}\"\n" >> $TFVARS | |
echo -e "LANGCHAIN_API_KEY = \"${{ secrets.LANGCHAIN_API_KEY }}\"\n" >> $TFVARS | |
echo -e "LANGCHAIN_PROJECT = \"${{ secrets.LANGCHAIN_PROJECT }}\"\n" >> $TFVARS | |
echo -e "JWT_EXPIRY = \"${{ vars.JWT_EXPIRY }}\"\n" >> $TFVARS | |
echo -e "JWT_SECRET_KEY = \"${{ secrets.JWT_SECRET_KEY }}\"\n" >> $TFVARS | |
echo -e "GITHUB_CLIENT_ID = \"${{ secrets.LOGIN_GITHUB_CLIENT_ID }}\"\n" >> $TFVARS | |
echo -e "GITHUB_CLIENT_SECRET = \"${{ secrets.LOGIN_GITHUB_CLIENT_SECRET }}\"\n" >> $TFVARS | |
echo -e "FRONTEND_URL = \"${{ vars.FRONTEND_URL }}\"\n" >> $TFVARS | |
echo -e "GOOGLE_API_KEY = \"${{ secrets.GOOGLE_API_KEY }}\"\n" >> $TFVARS | |
echo -e "AWS_ACCESS_KEY_ID = \"${{ secrets.AWS_ACCESS_KEY_ID }}\"\n" >> $TFVARS | |
echo -e "AWS_SECRET_ACCESS_KEY = \"${{ secrets.AWS_SECRET_ACCESS_KEY }}\"\n" >> $TFVARS | |
echo -e "AWS_REGION = \"${{ vars.AWS_REGION }}\"\n" >> $TFVARS | |
echo -e "AWS_S3_BUCKET = \"${{ vars.AWS_S3_BUCKET }}\"\n" >> $TFVARS | |
echo -e "AUTH_TOKEN = \"${{ secrets.AUTH_TOKEN }}\"\n" >> $TFVARS | |
- name: Display .auto.tfvars file content | |
run: | | |
cat ${{ github.workspace }}/${{ env.TR_DIRECTORY }}/${{ env.ENVIRONMENT }}.auto.tfvars | |
- name: Upload file | |
uses: actions/upload-artifact@v2 | |
with: | |
name: my-artifact | |
path: ${{ github.workspace }}/${{ env.TR_DIRECTORY }}/${{ env.ENVIRONMENT }}.auto.tfvars | |
Plan_dev: | |
needs: [Build, Init_dev] | |
if: github.ref == 'refs/heads/main' | |
uses: l3vels/L3AGI/.github/workflows/tf_plan_server.yml@main | |
with: | |
path: apps/server/terraform | |
tf_vars_file: varfiles/dev.tfvars | |
gh_environment: dev | |
task_container_name: "l3-api" | |
task_container_version: #${{ github.sha }} temp | |
# task_container_version: "1fe3d215f1ac2e6be5d43b4e1522b9dc43aefd36" | |
task_container_registry: ${{ vars.ACR_REGISTRY }} | |
secrets: | |
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
azure_acr_username: ${{ secrets.AZURE_USERNAME }} | |
azure_acr_password: ${{ secrets.AZURE_PASSWORD }} | |
azure_tenant_id: ${{ secrets.AZURE_TENANT_ID }} | |
azure_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
azure_client_id: "${{ secrets.AZURE_CLIENT_ID }}" | |
azure_client_secret: ${{ secrets.AZURE_CLIENT_SECRET }} | |
github_personal_access_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
github_ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }} | |
Deploy_dev: | |
needs: [Build, Plan_dev] | |
uses: l3vels/L3AGI/.github/workflows/tf_apply_server.yml@main | |
with: | |
path: apps/server/terraform | |
tf_vars_file: varfiles/dev.tfvars | |
gh_environment: dev | |
task_container_name: "l3-api" | |
task_container_version: ${{ github.sha }} | |
task_container_registry: ${{ vars.ACR_REGISTRY }} | |
secrets: | |
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
azure_acr_username: ${{ secrets.AZURE_USERNAME }} | |
azure_acr_password: ${{ secrets.AZURE_PASSWORD }} | |
azure_tenant_id: ${{ secrets.AZURE_TENANT_ID }} | |
azure_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
azure_client_id: ${{ secrets.AZURE_CLIENT_ID }} | |
azure_client_secret: ${{ secrets.AZURE_CLIENT_SECRET }} | |
github_personal_access_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
# github_ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }} | |
Init_Prod: | |
needs: [Deploy_dev] | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
environment: prod | |
env: | |
ENVIRONMENT: prod | |
defaults: | |
run: | |
shell: bash | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Change file name | |
run: | | |
mv ${{ github.workspace }}/${{ env.TR_DIRECTORY }}/varfiles/${{ env.ENVIRONMENT }}.tfvars ${{ github.workspace }}/${{ env.TR_DIRECTORY }}/${{ env.ENVIRONMENT }}.auto.tfvars | |
- name: Update task_container_version | |
run: | | |
TFVARS="${{ github.workspace }}/${{ env.TR_DIRECTORY }}/${{ env.ENVIRONMENT }}.auto.tfvars" | |
echo -e "client_id = \"${{ secrets.azure_client_id }}\"\n" >> $TFVARS | |
echo -e "client_secret = \"${{ secrets.azure_client_secret }}\"\n" >> $TFVARS | |
echo -e "subscription_id = \"${{ secrets.azure_subscription_id }}\"\n" >> $TFVARS | |
echo -e "tenant_id = \"${{ secrets.azure_tenant_id }}\"\n" >> $TFVARS | |
echo -e "task_container_registry = \"${{ vars.ACR_REGISTRY }}\"\n" >> $TFVARS | |
echo -e "task_container_name = \"${{ env.ACR_REPOSITORY }}\"\n" >> $TFVARS | |
echo -e "task_container_version = \"${{ github.sha }}\"\n" >> $TFVARS | |
echo -e "azure_acr_username = \"${{ secrets.AZURE_USERNAME }}\"\n" >> $TFVARS | |
echo -e "azure_acr_password = \"${{ secrets.AZURE_PASSWORD }}\"\n" >> $TFVARS | |
echo -e "github_personal_access_token = \"${{ secrets.PERSONAL_ACCESS_TOKEN }}\"\n" >> $TFVARS | |
echo -e "environment = \"${{ env.ENVIRONMENT }}\"\n" >> $TFVARS | |
echo -e "OPENAI_API_KEY = \"${{ secrets.OPENAI_API_KEY }}\"\n" >> $TFVARS | |
echo -e "DB_NAME = \"${{ secrets.DB_NAME }}\"\n" >> $TFVARS | |
echo -e "DB_HOST = \"${{ secrets.DB_HOST }}\"\n" >> $TFVARS | |
echo -e "DB_PORT = \"${{ vars.DB_PORT }}\"\n" >> $TFVARS | |
echo -e "DB_USER = \"${{ secrets.DB_USER }}\"\n" >> $TFVARS | |
echo -e "DB_PASS = \"${{ secrets.DB_PASS }}\"\n" >> $TFVARS | |
echo -e "SENTRY_DSN = \"${{ secrets.SENTRY_DSN }}\"\n" >> $TFVARS | |
echo -e "AZURE_PUBSUB_CONNECTION_STRING = \"${{ secrets.AZURE_PUBSUB_CONNECTION_STRING }}\"\n" >> $TFVARS | |
echo -e "AZURE_PUBSUB_HUB_NAME = \"${{ secrets.AZURE_PUBSUB_HUB_NAME }}\"\n" >> $TFVARS | |
echo -e "ZEP_API_URL = \"${{ vars.ZEP_API_URL }}\"\n" >> $TFVARS | |
echo -e "ZEP_API_KEY = \"${{ secrets.ZEP_API_KEY }}\"\n" >> $TFVARS | |
echo -e "SERPAPI_API_KEY = \"${{ secrets.SERPAPI_API_KEY }}\"\n" >> $TFVARS | |
echo -e "LANGCHAIN_TRACING_V2 = \"${{ vars.LANGCHAIN_TRACING_V2 }}\"\n" >> $TFVARS | |
echo -e "LANGCHAIN_ENDPOINT = \"${{ vars.LANGCHAIN_ENDPOINT }}\"\n" >> $TFVARS | |
echo -e "LANGCHAIN_API_KEY = \"${{ secrets.LANGCHAIN_API_KEY }}\"\n" >> $TFVARS | |
echo -e "LANGCHAIN_PROJECT = \"${{ secrets.LANGCHAIN_PROJECT }}\"\n" >> $TFVARS | |
echo -e "JWT_EXPIRY = \"${{ vars.JWT_EXPIRY }}\"\n" >> $TFVARS | |
echo -e "JWT_SECRET_KEY = \"${{ secrets.JWT_SECRET_KEY }}\"\n" >> $TFVARS | |
echo -e "GITHUB_CLIENT_ID = \"${{ secrets.LOGIN_GITHUB_CLIENT_ID }}\"\n" >> $TFVARS | |
echo -e "GITHUB_CLIENT_SECRET = \"${{ secrets.LOGIN_GITHUB_CLIENT_SECRET }}\"\n" >> $TFVARS | |
echo -e "FRONTEND_URL = \"${{ vars.FRONTEND_URL }}\"\n" >> $TFVARS | |
echo -e "GOOGLE_API_KEY = \"${{ secrets.GOOGLE_API_KEY }}\"\n" >> $TFVARS | |
echo -e "AWS_ACCESS_KEY_ID = \"${{ secrets.AWS_ACCESS_KEY_ID }}\"\n" >> $TFVARS | |
echo -e "AWS_SECRET_ACCESS_KEY = \"${{ secrets.AWS_SECRET_ACCESS_KEY }}\"\n" >> $TFVARS | |
echo -e "AWS_REGION = \"${{ vars.AWS_REGION }}\"\n" >> $TFVARS | |
echo -e "AWS_S3_BUCKET = \"${{ vars.AWS_S3_BUCKET }}\"\n" >> $TFVARS | |
echo -e "AUTH_TOKEN = \"${{ secrets.AUTH_TOKEN }}\"\n" >> $TFVARS | |
- name: Display .auto.tfvars file content | |
run: | | |
cat ${{ github.workspace }}/${{ env.TR_DIRECTORY }}/${{ env.ENVIRONMENT }}.auto.tfvars | |
- name: Upload file | |
uses: actions/upload-artifact@v2 | |
with: | |
name: my-artifact | |
path: ${{ github.workspace }}/${{ env.TR_DIRECTORY }}/${{ env.ENVIRONMENT }}.auto.tfvars | |
Plan_prod: | |
needs: Init_Prod | |
if: github.ref == 'refs/heads/main' | |
uses: l3vels/L3AGI/.github/workflows/tf_plan_server.yml@main | |
with: | |
path: apps/server/terraform | |
tf_vars_file: varfiles/prod.tfvars | |
gh_environment: prod | |
task_container_name: "l3-api" | |
task_container_version: ${{ github.sha }} | |
task_container_registry: ${{ vars.ACR_REGISTRY }} | |
secrets: | |
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
azure_acr_username: ${{ secrets.AZURE_USERNAME }} | |
azure_acr_password: ${{ secrets.AZURE_PASSWORD }} | |
azure_tenant_id: ${{ secrets.AZURE_TENANT_ID }} | |
azure_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
azure_client_id: "${{ secrets.AZURE_CLIENT_ID }}" | |
azure_client_secret: ${{ secrets.AZURE_CLIENT_SECRET }} | |
github_personal_access_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
github_ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }} | |
Deploy_prod: | |
needs: [Build, Plan_prod] | |
uses: l3vels/L3AGI/.github/workflows/tf_apply_server.yml@main | |
with: | |
path: apps/server/terraform | |
tf_vars_file: varfiles/prod.tfvars | |
gh_environment: prod | |
task_container_name: "l3-api" | |
task_container_version: ${{ github.sha }} | |
task_container_registry: ${{ vars.ACR_REGISTRY }} | |
secrets: | |
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
azure_acr_username: ${{ secrets.AZURE_USERNAME }} | |
azure_acr_password: ${{ secrets.AZURE_PASSWORD }} | |
azure_tenant_id: ${{ secrets.AZURE_TENANT_ID }} | |
azure_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
azure_client_id: ${{ secrets.AZURE_CLIENT_ID }} | |
azure_client_secret: ${{ secrets.AZURE_CLIENT_SECRET }} | |
github_personal_access_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
# github_ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }} |