add build, publish, deploy pipeline for TEE

HashWarlock · HashWarlock · commit 0cf39c859da0 · 2025-03-19T00:29:13.000-05:00
diff --git a/.github/workflows/tee-build-deploy.yml b/.github/workflows/tee-build-deploy.yml
@@ -0,0 +1,99 @@
+name: Build, Push & Deploy Eliza to Phala Cloud
+
+on:
+  push:
+    branches:
+      - v2-develop
+    paths:
+      - "Dockerfile"
+  workflow_dispatch:
+    inputs:
+      logLevel:
+        description: 'Log level'
+        required: true
+        default: 'warning'
+      environment:
+        description: 'Environment to deploy'
+        required: false
+        default: 'staging'
+
+env:
+  APP_NAME: ${{ vars.APP_NAME || secrets.APP_NAME }}
+  DOCKER_USERNAME: ${{ vars.DOCKER_USERNAME || secrets.DOCKER_USERNAME }}
+  DOCKER_IMAGE: ${{ vars.DOCKER_IMAGE || secrets.DOCKER_IMAGE }}
+  DOCKER_REGISTRY: ${{ vars.DOCKER_REGISTRY || secrets.DOCKER_REGISTRY || 'docker.io' }}
+  DOCKER_REGISTRY_USERNAME: ${{ vars.DOCKER_REGISTRY_USERNAME || secrets.DOCKER_REGISTRY_USERNAME }}
+  DOCKER_REGISTRY_PASSWORD: ${{ vars.DOCKER_REGISTRY_PASSWORD || secrets.DOCKER_REGISTRY_PASSWORD }}
+  PHALA_CLOUD_API_KEY: ${{ vars.PHALA_CLOUD_API_KEY || secrets.PHALA_CLOUD_API_KEY }}
+  EVM_CHAINS: ${{ vars.EVM_CHAINS || secrets.EVM_CHAINS }}
+  OPENAI_API_KEY: ${{ vars.OPENAI_API_KEY || secrets.OPENAI_API_KEY }}
+  ANTHROPIC_API_KEY: ${{ vars.ANTHROPIC_API_KEY || secrets.ANTHROPIC_API_KEY }}
+  BIRDEYE_API_KEY: ${{ vars.BIRDEYE_API_KEY || secrets.BIRDEYE_API_KEY }}
+  COMMUNITY_MANAGER_DISCORD_APPLICATION_ID: ${{ vars.COMMUNITY_MANAGER_DISCORD_APPLICATION_ID || secrets.COMMUNITY_MANAGER_DISCORD_APPLICATION_ID }}
+  COMMUNITY_MANAGER_DISCORD_API_TOKEN: ${{ vars.COMMUNITY_MANAGER_DISCORD_API_TOKEN || secrets.COMMUNITY_MANAGER_DISCORD_API_TOKEN }}
+  SOCIAL_MEDIA_MANAGER_DISCORD_APPLICATION_ID: ${{ vars.SOCIAL_MEDIA_MANAGER_DISCORD_APPLICATION_ID || secrets.SOCIAL_MEDIA_MANAGER_DISCORD_APPLICATION_ID }}
+  SOCIAL_MEDIA_MANAGER_DISCORD_API_TOKEN: ${{ vars.SOCIAL_MEDIA_MANAGER_DISCORD_API_TOKEN || secrets.SOCIAL_MEDIA_MANAGER_DISCORD_API_TOKEN }}
+  LIAISON_DISCORD_APPLICATION_ID: ${{ vars.LIAISON_DISCORD_APPLICATION_ID || secrets.LIAISON_DISCORD_APPLICATION_ID }}
+  LIAISON_DISCORD_API_TOKEN: ${{ vars.LIAISON_DISCORD_API_TOKEN || secrets.LIAISON_DISCORD_API_TOKEN }}
+  PROJECT_MANAGER_DISCORD_APPLICATION_ID: ${{ vars.PROJECT_MANAGER_DISCORD_APPLICATION_ID || secrets.PROJECT_MANAGER_DISCORD_APPLICATION_ID }}
+  PROJECT_MANAGER_DISCORD_API_TOKEN: ${{ vars.PROJECT_MANAGER_DISCORD_API_TOKEN || secrets.PROJECT_MANAGER_DISCORD_API_TOKEN }}
+  DEV_REL_DISCORD_APPLICATION_ID: ${{ vars.DEV_REL_DISCORD_APPLICATION_ID || secrets.DEV_REL_DISCORD_APPLICATION_ID }}
+  DEV_REL_DISCORD_API_TOKEN: ${{ vars.DEV_REL_DISCORD_API_TOKEN || secrets.DEV_REL_DISCORD_API_TOKEN }}
+  TEE_MODE: ${{ vars.TEE_MODE || secrets.TEE_MODE || 'PRODUCTION' }}
+  WALLET_SECRET_SALT: ${{ vars.WALLET_SECRET_SALT || secrets.WALLET_SECRET_SALT || github.sha }}
+  TEE_VENDOR: ${{ vars.TEE_VENDOR || secrets.TEE_VENDOR || 'phala' }}
+jobs:
+  build-and-push:
+    permissions:
+      contents: read
+      packages: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.DOCKER_REGISTRY }}
+          username: ${{ env.DOCKER_REGISTRY_USERNAME }}
+          password: ${{ env.DOCKER_REGISTRY_PASSWORD }}
+
+      - name: Build and Push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: Dockerfile
+          push: true
+          tags: |
+            ${{ env.DOCKER_IMAGE }}:latest
+            ${{ env.DOCKER_IMAGE }}:${{ github.sha }}
+      - name: Set Docker Image Full Name
+        run: |
+          export DOCKER_IMAGE_FULL_NAME=${{ env.DOCKER_IMAGE }}:${{ github.sha }}
+
+      - name: Install Phala Cloud CLI
+        run: sudo apt-get update && sudo apt-get install -y nodejs && sudo npm install -g bun
+      # Configure Phala Cloud API key
+      - name: Configure Phala Cloud
+        run: |
+          npx phala auth login ${{ env.PHALA_CLOUD_API_KEY }}
+          echo "Verifying Phala Cloud access..."
+          npx phala cvms ls
+
+      - name: Update Docker Compose
+        run: |
+          sed -i "s|\${DOCKER_IMAGE}|${DOCKER_IMAGE_FULL_NAME}|g" ./tee-docker-compose.yaml
+
+      - name: Deploy to Phala Cloud
+        run: |
+          cat ./tee-docker-compose.yaml
+          npx phala cvms create \
+            -n ${{ env.APP_NAME }} \
+            -c tee-docker-compose.yaml \
+            --skip-env \
+            --vcpu 4 \
+            --memory 8192 \
+            --disk-size 50 \
+            --teepod-id 3 \
+            --image dstack-0.3.5
diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -7,14 +7,16 @@ services:
       - POSTGRES_USER=postgres
       - POSTGRES_DB=eliza
     volumes:
-      - postgres-data:/var/lib/postgresql/data
+      - postgres-data:/root/.eliza/db
     ports:
       - '127.0.0.1:5432:5432'
     healthcheck:
       test: ['CMD-SHELL', 'pg_isready -U postgres']
       interval: 5s
       timeout: 5s
       retries: 5
+    networks:
+      - eliza-network
     restart: always
   eliza:
     build:
@@ -41,13 +43,13 @@ services:
       - LIAISON_DISCORD_API_TOKEN=${LIAISON_DISCORD_API_TOKEN}
       - PROJECT_MANAGER_DISCORD_APPLICATION_ID=${PROJECT_MANAGER_DISCORD_APPLICATION_ID}
       - PROJECT_MANAGER_DISCORD_API_TOKEN=${PROJECT_MANAGER_DISCORD_API_TOKEN}
-      - DEV_SUPPORT_DISCORD_APPLICATION_ID=${DEV_SUPPORT_DISCORD_APPLICATION_ID}
-      - DEV_SUPPORT_DISCORD_API_TOKEN=${DEV_SUPPORT_DISCORD_API_TOKEN}
+      - DEV_REL_DISCORD_APPLICATION_ID=${DEV_REL_DISCORD_APPLICATION_ID}
+      - DEV_REL_DISCORD_API_TOKEN=${DEV_REL_DISCORD_API_TOKEN}
       - INVESTMENT_MANAGER_DISCORD_APPLICATION_ID=${INVESTMENT_MANAGER_DISCORD_APPLICATION_ID}
       - INVESTMENT_MANAGER_DISCORD_API_TOKEN=${INVESTMENT_MANAGER_DISCORD_API_TOKEN}
+      - PGLITE_DATA_DIR=/root/.eliza/db
     ports:
       - '3000:3000'
-      - '5173:5173'
     depends_on:
       postgres:
         condition: service_healthy
diff --git a/tee-docker-compose.yaml b/tee-docker-compose.yaml
@@ -0,0 +1,65 @@
+version: '3'
+services:
+  postgres:
+    image: postgres:15
+    environment:
+      - POSTGRES_PASSWORD=postgres
+      - POSTGRES_USER=postgres
+      - POSTGRES_DB=eliza
+    volumes:
+      - postgres-data:/root/.eliza/db
+    ports:
+      - '127.0.0.1:5432:5432'
+    healthcheck:
+      test: ['CMD-SHELL', 'pg_isready -U postgres']
+      interval: 5s
+      timeout: 5s
+      retries: 5
+    networks:
+      - eliza-network
+    restart: always
+  eliza:
+    image: ${DOCKER_IMAGE_FULL_NAME}
+    container_name: elizav2
+    command: bun run start
+    stdin_open: true
+    tty: true
+    volumes:
+      - /var/run/tappd.sock:/var/run/tappd.sock
+    environment:
+      - OPENAI_API_KEY=${OPENAI_API_KEY}
+      - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
+      - SERVER_PORT=${SERVER_PORT}
+      - EVM_CHAINS=${EVM_CHAINS}
+      - BIRDEYE_API_KEY=${BIRDEYE_API_KEY}
+      - COMMUNITY_MANAGER_DISCORD_APPLICATION_ID=${COMMUNITY_MANAGER_DISCORD_APPLICATION_ID}
+      - COMMUNITY_MANAGER_DISCORD_API_TOKEN=${COMMUNITY_MANAGER_DISCORD_API_TOKEN}
+      - SOCIAL_MEDIA_MANAGER_DISCORD_APPLICATION_ID=${SOCIAL_MEDIA_MANAGER_DISCORD_APPLICATION_ID}
+      - SOCIAL_MEDIA_MANAGER_DISCORD_API_TOKEN=${SOCIAL_MEDIA_MANAGER_DISCORD_API_TOKEN}
+      - LIAISON_DISCORD_APPLICATION_ID=${LIAISON_DISCORD_APPLICATION_ID}
+      - LIAISON_DISCORD_API_TOKEN=${LIAISON_DISCORD_API_TOKEN}
+      - PROJECT_MANAGER_DISCORD_APPLICATION_ID=${PROJECT_MANAGER_DISCORD_APPLICATION_ID}
+      - PROJECT_MANAGER_DISCORD_API_TOKEN=${PROJECT_MANAGER_DISCORD_API_TOKEN}
+      - DEV_REL_DISCORD_APPLICATION_ID=${DEV_REL_DISCORD_APPLICATION_ID}
+      - DEV_REL_DISCORD_API_TOKEN=${DEV_REL_DISCORD_API_TOKEN}
+      - INVESTMENT_MANAGER_DISCORD_APPLICATION_ID=${INVESTMENT_MANAGER_DISCORD_APPLICATION_ID}
+      - INVESTMENT_MANAGER_DISCORD_API_TOKEN=${INVESTMENT_MANAGER_DISCORD_API_TOKEN}
+      - PGLITE_DATA_DIR=/root/.eliza/db
+      - TEE_MODE=${TEE_MODE}
+      - WALLET_SECRET_SALT=${WALLET_SECRET_SALT}
+      - TEE_VENDOR=${TEE_VENDOR}
+    ports:
+      - '3000:3000'
+    depends_on:
+      postgres:
+        condition: service_healthy
+    restart: always
+    networks:
+      - eliza-network
+
+networks:
+  eliza-network:
+    driver: bridge
+
+volumes:
+  postgres-data:
