-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathTaskfile.yml
More file actions
97 lines (84 loc) · 3.4 KB
/
Copy pathTaskfile.yml
File metadata and controls
97 lines (84 loc) · 3.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# https://taskfile.dev
version: '3'
dotenv: ['.env', '{{.HOME}}/.env']
env:
REPO_NAME: no-code-ai-platform
GITHUB_USER: lreimer
GCP_PROJECT: data-engineering-lab-411011
GCP_REGION: europe-west4
vars: {}
tasks:
default:
desc: If running only "task" print all available tasks
cmd: task --list-all
silent: true
brew:
desc: Install tool dependencies with brew
internal: true
run: once
platforms: [darwin, linux]
cmd: brew bundle --no-lock --verbose
status:
- brew bundle check --verbose
create-cluster:
desc: Create a new GKE cluster
silent: true
requires:
vars: [GCP_PROJECT, GCP_REGION]
cmds:
- gcloud container clusters create no-code-ai-platform --location={{.GCP_REGION}} --project={{.GCP_PROJECT}} --release-channel=regular --addons HttpLoadBalancing,HorizontalPodAutoscaling,ConfigConnector --workload-pool={{.GCP_PROJECT}}.svc.id.goog --num-nodes=1 --min-nodes=1 --max-nodes=5 --enable-autoscaling --machine-type=n1-standard-8
- kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value account)
- kubectl cluster-info
create-gcp-sa:
desc: Create a GCP service account and bind it to the cluster
silent: true
requires:
vars: [GCP_PROJECT, REPO_NAME]
cmds:
- gcloud iam service-accounts create {{.REPO_NAME}} --description="No-Code AI Platform Service Account" --display-name="No-Code AI Platform Service Account"
- gcloud projects add-iam-policy-binding {{.GCP_PROJECT}} --role=roles/editor --member=serviceAccount:{{.REPO_NAME}}@{{.GCP_PROJECT}}.iam.gserviceaccount.com
- gcloud iam service-accounts add-iam-policy-binding {{.REPO_NAME}}@{{.GCP_PROJECT}}.iam.gserviceaccount.com --member="serviceAccount:{{.GCP_PROJECT}}.svc.id.goog[cnrm-system/cnrm-controller-manager]" --role="roles/iam.workloadIdentityUser"
- gcloud iam service-accounts keys create {{.REPO_NAME}}-sa-key.json --iam-account={{.REPO_NAME}}@{{.GCP_PROJECT}}.iam.gserviceaccount.com
create-secrets:
desc: Create the OpenAI secret
silent: true
requires:
vars: [OPENAI_API_KEY]
cmd: kubectl create secret generic openai-api-key --from-literal=OPENAI_API_KEY={{.OPENAI_API_KEY}} --from-literal=OPENAI_APIKEY={{.OPENAI_API_KEY}}
destroy-cluster:
desc: Destroy a GKE cluster
silent: true
requires:
vars: [GCP_PROJECT, GCP_REGION]
cmd: |
gcloud container clusters delete no-code-ai-platform \
--location={{.GCP_REGION}} \
--project={{.GCP_PROJECT}} \
--async --quiet
bootstrap-flux:
desc: Bootstrap Flux
silent: true
requires:
vars: [GITHUB_USER, GITHUB_TOKEN, REPO_NAME]
cmd: |
flux bootstrap github \
--owner={{.GITHUB_USER}} \
--repository={{.REPO_NAME}} \
--branch=main \
--path=./platform/foundation \
--read-write-key \
--personal
reconcile-flux:
desc: Reconcile flux-system
silent: true
cmd: flux reconcile source git flux-system
flux-status:
desc: Show the status of the flux-system
silent: true
cmd: flux get all --all-namespaces
openai-api-secret:
desc: Create the OpenAI secret
silent: true
requires:
vars: [OPENAI_API_KEY]
cmd: kubectl create secret generic openai-api-key --from-literal=OPENAI_API_KEY={{.OPENAI_API_KEY}} --from-literal=OPENAI_APIKEY={{.OPENAI_API_KEY}}