425f3c5bb4
Convert all Chinese comments, docstrings, logger/print output, HTTPException detail messages, and API response messages to English across the entire codebase. Functional zh/ja localized strings (e.g. prompt templates, timezone display names, date formats) are preserved as-is. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
303 lines
11 KiB
YAML
303 lines
11 KiB
YAML
version: 2.1
|
|
orbs:
|
|
aws-ecr: circleci/aws-ecr@7.0.0
|
|
|
|
jobs:
|
|
build-and-push:
|
|
machine:
|
|
image: ubuntu-2204:current
|
|
resource_class: medium
|
|
parameters:
|
|
docker-tag:
|
|
type: string
|
|
path:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
dockerfile:
|
|
type: string
|
|
steps:
|
|
- aws-ecr/build-and-push-image:
|
|
checkout: true
|
|
account-url: AWS_ECR_ACCOUNT_URL
|
|
aws-access-key-id: AWS_ACCESS_KEY_ID
|
|
aws-secret-access-key: AWS_SECRET_ACCESS_KEY
|
|
create-repo: false
|
|
dockerfile: <<parameters.dockerfile>>
|
|
path: <<parameters.path>>
|
|
region: AWS_REGION
|
|
repo: <<parameters.repo>>
|
|
tag: '<<parameters.docker-tag>>${CIRCLE_SHA1}'
|
|
- run:
|
|
name: Send image push Lark notification
|
|
command: |
|
|
bash scripts/ci/notify_feishu.sh \
|
|
--event image_push \
|
|
--image-repo "$AWS_ECR_ACCOUNT_URL/<<parameters.repo>>" \
|
|
--version-tag "<<parameters.docker-tag>>${CIRCLE_SHA1}"
|
|
deploy:
|
|
machine:
|
|
image: ubuntu-2204:current
|
|
resource_class: medium
|
|
parameters:
|
|
docker-tag:
|
|
type: string
|
|
path:
|
|
type: string
|
|
deploy-name:
|
|
type: string
|
|
deploy-namespace:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: kubectl apply
|
|
command: |
|
|
CMD='/home/ubuntu/cluster-for-B/deploy.sh <<parameters.path>> <<parameters.docker-tag>>'${CIRCLE_SHA1}' <<parameters.deploy-name>> <<parameters.deploy-namespace>>'
|
|
echo $CMD
|
|
ssh ${USER_NAME}@${HOST_NAME} ${CMD}
|
|
- run:
|
|
name: Send deploy Lark notification
|
|
command: |
|
|
bash scripts/ci/notify_feishu.sh \
|
|
--event deploy \
|
|
--service-name <<parameters.deploy-name>> \
|
|
--namespace <<parameters.deploy-namespace>> \
|
|
--image-repo "$AWS_ECR_ACCOUNT_URL/<<parameters.repo>>" \
|
|
--version-tag "<<parameters.docker-tag>>${CIRCLE_SHA1}"
|
|
docker-hub-build-push:
|
|
machine:
|
|
image: ubuntu-2404:current
|
|
resource_class: medium
|
|
parameters:
|
|
repo:
|
|
type: string
|
|
dockerfile:
|
|
type: string
|
|
docker-tag:
|
|
type: string
|
|
deploy:
|
|
type: boolean
|
|
default: false
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Build Docker image
|
|
command: |
|
|
# Check whether this is an ARM build
|
|
if [[ "<<parameters.docker-tag>>" == *"arm64"* ]]; then
|
|
# Configure Docker buildx for multi-platform builds
|
|
docker buildx create --use --name multiarch
|
|
docker buildx inspect --bootstrap
|
|
# Build the ARM64 image
|
|
docker buildx build -t <<parameters.repo>>:<<parameters.docker-tag>> --platform linux/arm64 --no-cache -f <<parameters.dockerfile>> --load .
|
|
else
|
|
# Standard x86 build
|
|
docker build -t <<parameters.repo>>:<<parameters.docker-tag>> --no-cache -f <<parameters.dockerfile>> .
|
|
fi
|
|
- run:
|
|
name: Publish Docker Image to Docker Hub
|
|
command: |
|
|
echo "$DOCKERHUB_PASS" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin
|
|
IMAGE_TAG="0.0.${CIRCLE_BUILD_NUM}"
|
|
docker tag <<parameters.repo>>:<<parameters.docker-tag>> <<parameters.repo>>:$IMAGE_TAG
|
|
docker push <<parameters.repo>>:<<parameters.docker-tag>>
|
|
docker push <<parameters.repo>>:$IMAGE_TAG
|
|
|
|
# Pass IMAGE_TAG through to later steps for CD SSH deployment
|
|
echo "export IMAGE_TAG=$IMAGE_TAG" >> $BASH_ENV
|
|
|
|
bash scripts/ci/notify_feishu.sh \
|
|
--event docker_hub \
|
|
--image-repo <<parameters.repo>> \
|
|
--image-tag <<parameters.docker-tag>> \
|
|
--version-tag "$IMAGE_TAG"
|
|
- when:
|
|
# Trigger CD only when deploy=true and the current branch is onprem-release
|
|
# to avoid accidental deployments from other branches
|
|
condition:
|
|
and:
|
|
- << parameters.deploy >>
|
|
- equal: [ onprem-release, << pipeline.git.branch >> ]
|
|
steps:
|
|
# Load the private key uploaded in CircleCI project settings -> SSH Keys into ssh-agent
|
|
# ONPREM_DEPLOY_SSH_KEY_FINGERPRINT is the MD5 fingerprint returned by CircleCI after upload
|
|
- add_ssh_keys:
|
|
fingerprints:
|
|
- "$ONPREM_DEPLOY_SSH_KEY_FINGERPRINT"
|
|
- run:
|
|
name: SSH deploy to server (update catalog-agent image and restart)
|
|
command: |
|
|
# Write the server public key to known_hosts to avoid an interactive
|
|
# confirmation prompt on the first connection
|
|
# The server SSH port is controlled by the ONPREM_DEPLOY_SSH_PORT
|
|
# environment variable, for example 17290
|
|
mkdir -p ~/.ssh
|
|
ssh-keyscan -H -p "$ONPREM_DEPLOY_SSH_PORT" "$ONPREM_DEPLOY_SSH_HOST" >> ~/.ssh/known_hosts 2>/dev/null
|
|
|
|
# Pass the IMAGE_TAG generated in this job to the remote script
|
|
# - The local shell expands $IMAGE_TAG into the remote command prefix
|
|
# - The heredoc uses the single-quoted 'REMOTE' form to avoid local
|
|
# re-expansion of the script body
|
|
# - sed replaces the entire catalog-agent image line directly,
|
|
# compatible with any repository prefix such as "gptbasesparticle/..."
|
|
# or "docker.gbase.ai/...", and any tag format such as 0.0.x
|
|
# - Tags starting with a digit exclude non-AMD64 images such as arm64;
|
|
# this CD step only runs in the AMD64 job
|
|
ssh -p "$ONPREM_DEPLOY_SSH_PORT" "$ONPREM_DEPLOY_SSH_USER@$ONPREM_DEPLOY_SSH_HOST" \
|
|
"IMAGE_TAG='$IMAGE_TAG' bash -s" \<<'REMOTE'
|
|
set -euo pipefail
|
|
cd gbase_onprem
|
|
echo "catalog-agent image line before update:"
|
|
grep -E '^[[:space:]]*image:[[:space:]]*[^#[:space:]]*catalog-agent:[0-9]' docker-compose.yml || true
|
|
sed -i -E "s|^([[:space:]]*)image:[[:space:]]*[^#[:space:]]*catalog-agent:[0-9][^[:space:]]*|\1image: gptbasesparticle/catalog-agent:${IMAGE_TAG}|" docker-compose.yml
|
|
echo "catalog-agent image line after update:"
|
|
grep -E "^[[:space:]]*image:[[:space:]]*gptbasesparticle/catalog-agent:${IMAGE_TAG}" docker-compose.yml
|
|
docker compose down catalog-agent
|
|
docker compose up catalog-agent -d
|
|
REMOTE
|
|
|
|
bash scripts/ci/notify_feishu.sh \
|
|
--event deploy \
|
|
--service-name catalog-agent \
|
|
--namespace onprem-release \
|
|
--image-repo <<parameters.repo>> \
|
|
--version-tag "$IMAGE_TAG"
|
|
|
|
workflows:
|
|
backend_build_and_push:
|
|
jobs:
|
|
- build-and-push:
|
|
name: build-for-test
|
|
context:
|
|
- ecr-new
|
|
path: .
|
|
dockerfile: Dockerfile
|
|
repo: catalog-agent
|
|
docker-tag: ''
|
|
filters:
|
|
branches:
|
|
only:
|
|
- dev
|
|
- deploy:
|
|
name: deploy-for-test
|
|
docker-tag: ''
|
|
repo: catalog-agent
|
|
path: '/home/ubuntu/cluster-for-B/gbase-dev/catalog-agent/deploy.yaml'
|
|
deploy-name: catalog-agent
|
|
deploy-namespace: gbase-dev
|
|
context:
|
|
- ecr-new
|
|
filters:
|
|
branches:
|
|
only:
|
|
- dev
|
|
requires:
|
|
- build-for-test
|
|
- build-and-push:
|
|
name: build-for-prod
|
|
context:
|
|
- ecr-new
|
|
path: .
|
|
dockerfile: Dockerfile
|
|
repo: catalog-agent
|
|
docker-tag: ''
|
|
filters:
|
|
branches:
|
|
only:
|
|
- prod
|
|
- build-and-push:
|
|
name: build-for-staging
|
|
context:
|
|
- ecr-new
|
|
path: .
|
|
dockerfile: Dockerfile
|
|
repo: catalog-agent
|
|
docker-tag: ''
|
|
filters:
|
|
branches:
|
|
only:
|
|
- staging
|
|
- deploy:
|
|
name: deploy-for-prod
|
|
docker-tag: ''
|
|
repo: catalog-agent
|
|
path: '/home/ubuntu/cluster-for-B/default/catalog-agent/deploy.yaml'
|
|
deploy-name: catalog-agent
|
|
deploy-namespace: gbase-dev
|
|
context:
|
|
- ecr-new
|
|
filters:
|
|
branches:
|
|
only:
|
|
- prod
|
|
requires:
|
|
- build-for-prod
|
|
- deploy:
|
|
name: deploy-for-staging
|
|
docker-tag: ''
|
|
repo: catalog-agent
|
|
path: '/home/ubuntu/cluster-for-B/gbase-staging/catalog-agent/deploy.yaml'
|
|
deploy-name: catalog-agent
|
|
deploy-namespace: gbase-staging
|
|
context:
|
|
- ecr-new
|
|
filters:
|
|
branches:
|
|
only:
|
|
- staging
|
|
requires:
|
|
- build-for-staging
|
|
- docker-hub-build-push:
|
|
name: docker-hub-build-push
|
|
repo: gptbasesparticle/catalog-agent
|
|
dockerfile: Dockerfile
|
|
docker-tag: latest
|
|
# Enable CD: after build and push complete, SSH to the server to update the
|
|
# catalog-agent image. This only applies to the onprem-release branch;
|
|
# see the when condition inside the job.
|
|
deploy: true
|
|
filters:
|
|
branches:
|
|
only:
|
|
- onprem-release
|
|
- docker-hub-build-push:
|
|
name: docker-hub-build-push-arm
|
|
repo: gptbasesparticle/catalog-agent
|
|
dockerfile: Dockerfile
|
|
docker-tag: latest_arm64
|
|
filters:
|
|
branches:
|
|
only:
|
|
- onprem-release
|
|
# Deploy to the onprem-dev environment
|
|
- build-and-push:
|
|
name: build-for-onprem-dev
|
|
context:
|
|
- ecr-new
|
|
path: .
|
|
dockerfile: Dockerfile
|
|
repo: catalog-agent
|
|
docker-tag: ''
|
|
filters:
|
|
branches:
|
|
only:
|
|
- onprem-dev
|
|
- deploy:
|
|
name: deploy-for-onprem-dev
|
|
docker-tag: ''
|
|
repo: catalog-agent
|
|
path: '/home/ubuntu/cluster-for-B/onprem-dev/catalog-agent/deploy.yaml'
|
|
deploy-name: catalog-agent
|
|
deploy-namespace: onprem-dev
|
|
context:
|
|
- ecr-new
|
|
filters:
|
|
branches:
|
|
only:
|
|
- onprem-dev
|
|
requires:
|
|
- build-for-onprem-dev
|