Skip to content

feat: add CD workflow for Docker deployment #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Kaiohz merged 14 commits into from
Apr 23, 2026
Merged

feat: add CD workflow for Docker deployment #13

Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
6b60113
BRIC-1: add Phoenix tracing
Guemri-Jawher Apr 5, 2026
7cfb4b6
BRIC-1: fix config
Guemri-Jawher Apr 5, 2026
50d2b12
BRIC-2: integrate prompt managment client - create & get
Guemri-Jawher Apr 6, 2026
2804f69
BRIC-2: add get prompt template content
Guemri-Jawher Apr 6, 2026
579855f
BRIC-2: install optional phoenix for test
Guemri-Jawher Apr 6, 2026
05e2014
BRIC-2: update the agent factory to get the system prompt from pheonix
Guemri-Jawher Apr 6, 2026
efa7523
BRIC-2: get subagent instructions from phoenix
Guemri-Jawher Apr 7, 2026
b28f8f4
BRIC-2: clean code
Guemri-Jawher Apr 7, 2026
3ce9901
BRIC-2: add prompt tagging and metadata for agent type and project name
Guemri-Jawher Apr 7, 2026
d46cb1e
BRIC-2: fix missing model in agent reviewer
Guemri-Jawher Apr 7, 2026
bed46ca
Merge branch 'Bric-1/Phoenix' of https://github.com/SoluDevTech/compo…
Kaiohz Apr 9, 2026
288e38e
feat: remove builtin agents
Kaiohz Apr 13, 2026
a4c356d
feat: add CD workflow and update dependencies
Kaiohz Apr 23, 2026
80e52e7
merge: resolve conflicts by accepting main
Kaiohz Apr 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
126 changes: 126 additions & 0 deletions .github/workflows/cd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
name: CD
on:
pull_request:
types: [closed]
issue_comment:
types: [created]

permissions:
contents: read
pull-requests: write

jobs:
build-and-push:
if: >
(github.event_name == 'pull_request' && github.event.pull_request.merged == true) ||
(github.event_name == 'issue_comment' && github.event.issue.pull_request && contains(github.event.comment.body, '/deploy'))
runs-on: ubuntu-latest
steps:
- name: Get deploy SHA
id: sha
uses: actions/github-script@v7
with:
script: |
if (context.eventName === 'issue_comment') {
const pr = await github.rest.pulls.get({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.issue.number,
});
return pr.data.head.sha;
}
return context.sha;
result-encoding: string

- name: Add deploy reaction
if: github.event_name == 'issue_comment'
uses: actions/github-script@v7
with:
script: |
await github.rest.reactions.createForIssueComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: context.payload.comment.id,
content: 'rocket',
});

- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ steps.sha.outputs.result }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Build Docker image for scanning (amd64)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
load: true
platforms: linux/amd64
tags: kaiohz/pickpro:composable-agents-scan
cache-from: type=gha
cache-to: type=gha,mode=max

- name: Trivy Image Scan (report)
uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1
with:
image-ref: 'kaiohz/pickpro:composable-agents-scan'
format: 'table'
severity: 'CRITICAL,HIGH,MEDIUM'
exit-code: '0'
trivy-config: trivy.yaml
trivy-version: 'v0.69.3'

- name: Trivy Image Scan (CRITICAL gate)
uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1
with:
image-ref: 'kaiohz/pickpro:composable-agents-scan'
format: 'table'
severity: 'CRITICAL'
exit-code: '1'
trivy-config: trivy.yaml
trivy-version: 'v0.69.3'

- name: Build and push Docker image (multi-platform)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
platforms: linux/amd64,linux/arm64
tags: |
kaiohz/pickpro:composable-agents-${{ steps.sha.outputs.result }}
kaiohz/pickpro:composable-agents-latest
cache-from: type=gha
cache-to: type=gha,mode=max

- name: Checkout flux repository
run: |
git clone https://x-access-token:${{ secrets.FLUX_REPO_TOKEN }}@github.com/SoluDevTech/flux.git flux-repo

- name: Update deployment image tag
run: |
DEPLOYMENT_FILE="flux-repo/dev/composables/composable-agents/deployment.yaml"
if [ -f "$DEPLOYMENT_FILE" ]; then
sed -i 's|image: kaiohz/pickpro:composable-agents-.*|image: kaiohz/pickpro:composable-agents-${{ steps.sha.outputs.result }}|g' "$DEPLOYMENT_FILE"
else
echo "Error: Deployment file not found at $DEPLOYMENT_FILE"
exit 1
fi

- name: Commit and push changes
run: |
cd flux-repo
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git add dev/composables/composable-agents/deployment.yaml
git commit -m "Update composable-agents image to ${{ steps.sha.outputs.result }}" || echo "No changes to commit"
git push https://x-access-token:${{ secrets.FLUX_REPO_TOKEN }}@github.com/SoluDevTech/flux.git main
Loading