fix: copy llms.txt into production Docker image for agent discoverabi… #20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Deploy atv-sdk to DigitalOcean | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # ── Open port 22 for all IPs ─────────────────────────────── | |
| - name: Open port 22 for all IPs | |
| run: | | |
| curl -s -X POST \ | |
| -H "Authorization: Bearer ${{ secrets.DO_API_TOKEN }}" \ | |
| -H "Content-Type: application/json" \ | |
| -d '{"inbound_rules":[{"protocol":"tcp","ports":"22","sources":{"addresses":["0.0.0.0/0"]}}]}' \ | |
| "https://api.digitalocean.com/v2/firewalls/${{ secrets.DO_FIREWALL_ID }}/rules" | |
| sleep 10 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
| - name: Login to Amazon ECR | |
| run: | | |
| aws ecr get-login-password --region ${{ secrets.AWS_DEFAULT_REGION }} | \ | |
| docker login --username AWS --password-stdin \ | |
| ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com | |
| - name: Build and push to ECR | |
| run: | | |
| docker build \ | |
| --build-arg AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ | |
| --build-arg AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ | |
| --build-arg AWS_DEFAULT_REGION=us-east-1 \ | |
| -t ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ secrets.AWS_REPO }}:latest . | |
| docker push \ | |
| ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ secrets.AWS_REPO }}:latest | |
| - name: Deploy to DigitalOcean Droplet | |
| uses: appleboy/ssh-action@v1.0.3 | |
| with: | |
| host: ${{ secrets.DO_HOST }} | |
| username: ${{ secrets.DO_USERNAME }} | |
| key: ${{ secrets.DO_SSH_PRIVATE_KEY }} | |
| script: | | |
| aws ecr get-login-password --region ${{ secrets.AWS_DEFAULT_REGION }} | \ | |
| docker login --username AWS --password-stdin \ | |
| ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com | |
| docker pull \ | |
| ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ secrets.AWS_REPO }}:latest | |
| docker stop atv-sdk1 || true | |
| docker rm atv-sdk1 || true | |
| docker run -d \ | |
| -p 3000:3000 \ | |
| --name atv-sdk1 \ | |
| -e NODE_TLS_REJECT_UNAUTHORIZED=0 \ | |
| --restart unless-stopped \ | |
| ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ secrets.AWS_REPO }}:latest | |
| docker image prune -f | |
| # ── Remove open port 22 rule ─────────────────────────────── | |
| - name: Close port 22 for all IPs | |
| if: always() | |
| run: | | |
| curl -s -X DELETE \ | |
| -H "Authorization: Bearer ${{ secrets.DO_API_TOKEN }}" \ | |
| -H "Content-Type: application/json" \ | |
| -d '{"inbound_rules":[{"protocol":"tcp","ports":"22","sources":{"addresses":["0.0.0.0/0"]}}]}' \ | |
| "https://api.digitalocean.com/v2/firewalls/${{ secrets.DO_FIREWALL_ID }}/rules" |