Skip to content

Add initial Spice Cloud Deploy GitHub Action#1

Merged
lukekim merged 1 commit into
trunkfrom
feat/initial-action
May 2, 2026
Merged

Add initial Spice Cloud Deploy GitHub Action#1
lukekim merged 1 commit into
trunkfrom
feat/initial-action

Conversation

@lukekim
Copy link
Copy Markdown
Contributor

@lukekim lukekim commented May 2, 2026

Summary

Node 20 TypeScript GitHub Action that deploys Spice.ai Cloud apps via the Management API using OAuth 2.0 client credentials, with optional post-deploy SQL / NSQL / search / chat / MCP smoke tests using the @spiceai/spice SDK.

  • Auth: OAuth client credentials → bearer token (cached, masked).
  • Deploy lifecycle: resolve or create app, merge tags, push spicepod.yaml, upsert app secrets, trigger deployment, poll until terminal.
  • Smoke tests: SQL (sqlJson), NSQL (nsql), and ready-check via the @spiceai/spice SDK; /v1/chat/completions, /v1/search, /v1/mcp via direct fetch.
  • Regional: runtime URL derived from the resolved app as https://<region>-prod-aws-data.spiceai.io, overridable via runtime-url.
  • Outputs: app-id, app-name, app-url, deployment-id, deployment-status, deployment-created-at, test-results (JSON).
  • Step summary: deployment metadata + per-probe pass/fail table.
  • Cross-platform: works on Ubuntu, macOS, and Windows runners.

What's included

  • action.yml, src/, bundled dist/index.js (esbuild, ~1.5 MB minified).
  • 61 unit tests across 8 files (vitest), covering inputs, auth, API retry/error mapping, secrets/tags parsing, spicepod reading, SDK-mocked runtime probes, and full deploy orchestration.
  • Biome lint/format config; TS strict.
  • CI workflow (lint, typecheck, test, build, dist/ freshness check) on Ubuntu/macOS/Windows + npm audit job.
  • Release workflow that updates the floating major-version tag (e.g. v1) and creates a GitHub release.
  • workflow_dispatch test-action workflow for live verification.
  • Dependabot config, issue/PR templates.
  • README with badges, full inputs/outputs tables, four example workflows, scope matrix, and troubleshooting.
  • CHANGELOG.md, CONTRIBUTING.md, SECURITY.md, examples/{basic,full}.yml, examples/spicepod.yaml.
  • 0 npm audit vulnerabilities (undici overridden, esbuild/vitest bumped).

Test plan

  • CI runs on this PR pass (lint, typecheck, test, build, dist/ freshness, audit).
  • Manually run the Test action workflow against a real Spice Cloud app and confirm it deploys + smoke tests pass.
  • Pin to @v1 from a consumer repo after first release; verify floating tag moves.
  • Spot-check secret masking in the Action logs (no client-secret, OAuth token, app secrets, or runtime API key in the rendered log).

Follow-ups

  • Tag v1.0.0 once this lands and CI is green.
  • Submit listing to the GitHub Marketplace.
  • Consider adding test workflows that exercise the public @v1 from a downstream sample repo.

@lukekim
Add initial Spice Cloud Deploy GitHub Action
40869c0 
Node 20 TypeScript action that deploys Spice.ai Cloud apps via the
Management API using OAuth 2.0 client credentials, with optional
post-deploy SQL/NSQL/search/chat/MCP smoke tests using the
@spiceai/spice SDK.

Includes action.yml, full deploy orchestration (resolve/create app,
push spicepod, upsert secrets, trigger + poll deployment), regional
runtime URL derivation, app tag merging, masked secrets, GitHub step
summary, examples, CI matrix (Ubuntu/macOS/Windows), release workflow,
and 61 unit tests.
@lukekim lukekim self-assigned this May 2, 2026
@lukekim lukekim merged commit d08b1df into trunk May 2, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@lukekim lukekim

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lukekim