Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(platform/ci) Set up deploys from dev #8355

Merged
merged 16 commits into from
Oct 22, 2024

Conversation

aarushik93
Copy link
Contributor

@aarushik93 aarushik93 commented Oct 16, 2024

Background

Automatic deploys from dev branch to dev environment

Changes 🏗️

Set up gha iam account
Set up workload identity pools so we can use an IAM without keys
Set up CI pipeline to build, push docker images to artifact registery
Set up CI pipeline to do a helm upgrade on all services

Testing 🔍

Note

Only for the new autogpt platform, currently in autogpt_platform/

  • Create from scratch and execute an agent with at least 3 blocks
  • Import an agent from file upload, and confirm it executes correctly
  • Upload agent to marketplace
  • Import an agent from marketplace and confirm it executes correctly
  • Edit an agent from monitor, and confirm it executes correctly

@github-actions github-actions bot added platform/backend AutoGPT Platform - Back end size/l labels Oct 16, 2024
@aarushik93 aarushik93 force-pushed the aarushikansal/secrt-944-set-up-deploys-from-dev branch from 81ad519 to f860cbe Compare October 20, 2024 11:28
@aarushik93 aarushik93 changed the title Aarushikansal/secrt 944 set up deploys from dev feat(platform/ci) Set up deploys from dev Oct 21, 2024
@aarushik93 aarushik93 marked this pull request as ready for review October 21, 2024 09:41
@aarushik93 aarushik93 requested a review from a team as a code owner October 21, 2024 09:41
Copy link

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 4 🔵🔵🔵🔵⚪
🧪 No relevant tests
🔒 Security concerns

Sensitive information exposure:
The GitHub workflow file (.github/workflows/platform-autogpt-deploy.yaml) contains hardcoded values for the project ID and service account email. These should be stored as GitHub secrets and referenced in the workflow, rather than being directly visible in the code. This exposure could potentially be used by malicious actors to target your GCP resources.

⚡ Recommended focus areas for review

Security Concern
The workflow is using a hardcoded project ID and service account email. These should be stored as secrets instead of being exposed in the workflow file.

Error Handling
The workflow lacks proper error handling and rollback mechanisms in case of deployment failures. Consider adding steps to handle errors and potentially roll back changes if a deployment fails.

Hardcoded Value
The attribute_condition is hardcoded to a specific repository owner. This might need to be parameterized or made more flexible for different environments or organizations.

Copy link
Contributor

@Swiftyos Swiftyos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work @aarushik93 Thank you!

@aarushik93 aarushik93 enabled auto-merge (squash) October 22, 2024 13:43
@aarushik93 aarushik93 merged commit 30a62f8 into dev Oct 22, 2024
7 checks passed
@aarushik93 aarushik93 deleted the aarushikansal/secrt-944-set-up-deploys-from-dev branch October 22, 2024 13:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

2 participants