Skip to content

Bounty Submission: Universal One-Click Deployment (Docker + K8s + Tilt) for FinMind #308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
juzigu40-ui wants to merge 15 commits into
base: main
Choose a base branch
from
Open

Bounty Submission: Universal One-Click Deployment (Docker + K8s + Tilt) for FinMind #308

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
1b60729
feat: add fullstack review and validation tooling
Mar 15, 2026
1f2fd38
fix: harden k8s and tilt runtime review
Mar 15, 2026
9eb8e52
feat: add provider deployment and validate routes
Mar 15, 2026
52d6e55
feat: publish deployment review artifacts
Mar 15, 2026
48d5e6c
docs: rewrite bounty submission materials
Mar 15, 2026
0a4b11f
docs: refresh maintainer demo assets
Mar 15, 2026
a622e03
fix: align render blueprint schema
juzigu40-ui Mar 15, 2026
39f6d2d
docs: attach render hosted proof
juzigu40-ui Mar 15, 2026
f5667cd
docs: repair render proof artifacts
juzigu40-ui Mar 15, 2026
63ab7de
docs: refresh render hosted proof package
juzigu40-ui Mar 15, 2026
dc97f81
docs: refresh render proof to 63ab7de
Mar 15, 2026
b6e2110
docs: add render proof head delta
Mar 15, 2026
3a23330
docs: finalize render proof delta note
Mar 15, 2026
adfb071
docs: refresh render proof video in english
Mar 16, 2026
3e39ca3
docs: simplify render proof wording
Mar 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
85 changes: 85 additions & 0 deletions .do/app.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
name: finmind
region: nyc
jobs:
- name: migrate
kind: PRE_DEPLOY
environment_slug: docker
dockerfile_path: packages/backend/Dockerfile
source_dir: /
git:
repo_clone_url: https://github.com/juzigu40-ui/FinMind.git
branch: codex/finmind-144-deploy-bounty
deploy_on_push: false
instance_count: 1
instance_size_slug: basic-xxs
run_command: python -m flask --app wsgi:app init-db
envs:
- key: DATABASE_URL
scope: RUN_TIME
value: ${finmind-db.DATABASE_URL}
- key: REDIS_URL
scope: RUN_TIME
value: ${finmind-redis.REDIS_URL}
- key: JWT_SECRET
scope: RUN_TIME
type: SECRET
- key: LOG_LEVEL
scope: RUN_TIME
value: INFO
- key: GEMINI_MODEL
scope: RUN_TIME
value: gemini-1.5-flash
services:
- name: backend
environment_slug: docker
dockerfile_path: packages/backend/Dockerfile
source_dir: /
git:
repo_clone_url: https://github.com/juzigu40-ui/FinMind.git
branch: codex/finmind-144-deploy-bounty
deploy_on_push: false
http_port: 8000
instance_count: 1
instance_size_slug: basic-xxs
health_check:
http_path: /health/ready
envs:
- key: DATABASE_URL
scope: RUN_TIME
value: ${finmind-db.DATABASE_URL}
- key: REDIS_URL
scope: RUN_TIME
value: ${finmind-redis.REDIS_URL}
- key: JWT_SECRET
scope: RUN_TIME
type: SECRET
- key: LOG_LEVEL
scope: RUN_TIME
value: INFO
- key: GEMINI_MODEL
scope: RUN_TIME
value: gemini-1.5-flash
- key: CORS_ALLOWED_ORIGINS
scope: RUN_TIME
value: ${frontend.PUBLIC_URL}
static_sites:
- name: frontend
git:
repo_clone_url: https://github.com/juzigu40-ui/FinMind.git
branch: codex/finmind-144-deploy-bounty
deploy_on_push: false
source_dir: app
build_command: npm ci && npm run build
output_dir: dist
envs:
- key: VITE_API_URL
scope: BUILD_TIME
value: ${backend.PUBLIC_URL}
databases:
- name: finmind-db
engine: PG
production: false
version: "16"
- name: finmind-redis
engine: REDIS
production: false
10 changes: 10 additions & 0 deletions .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
.git
.github
app/dist
app/node_modules
packages/backend/.pytest_cache
packages/backend/__pycache__
packages/backend/app/__pycache__
**/__pycache__
**/*.pyc
tmp
4 changes: 3 additions & 1 deletion .env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,13 @@ JWT_SECRET="change-me"
OPENAI_API_KEY=""
GEMINI_API_KEY=""
GEMINI_MODEL="gemini-1.5-flash"
CORS_ALLOWED_ORIGINS="http://localhost:5173,http://127.0.0.1:5173,http://localhost:8081,http://127.0.0.1:8081,http://frontend,http://frontend:80"
TWILIO_ACCOUNT_SID=""
TWILIO_AUTH_TOKEN=""
TWILIO_WHATSAPP_FROM=""
EMAIL_FROM=""
SMTP_URL=""
MAX_UPLOAD_BYTES="10485760"

VITE_API_URL="http://localhost:8000"
VITE_API_URL=""
LOG_LEVEL="INFO"
104 changes: 104 additions & 0 deletions .github/workflows/deploy-artifacts.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
name: Deploy Artifacts

on:
push:
branches: ["**"]
paths:
- 'docker-compose.prod.yml'
- 'render.yaml'
- 'railway.toml'
- 'heroku.yml'
- 'app.json'
- 'netlify.toml'
- 'vercel.json'
- '.do/app.yaml'
- 'deploy/**'
- 'Tiltfile'
- 'scripts/review-deploy.sh'
- 'scripts/collect-review-artifacts.sh'
- 'scripts/smoke-deploy.py'
- 'scripts/validate-deploy.sh'
- 'scripts/validate-observability.sh'
- 'docs/demo/**'
- 'app/**'
- 'packages/backend/**'
pull_request:
paths:
- 'docker-compose.prod.yml'
- 'render.yaml'
- 'railway.toml'
- 'heroku.yml'
- 'app.json'
- 'netlify.toml'
- 'vercel.json'
- '.do/app.yaml'
- 'deploy/**'
- 'Tiltfile'
- 'scripts/review-deploy.sh'
- 'scripts/collect-review-artifacts.sh'
- 'scripts/smoke-deploy.py'
- 'scripts/validate-deploy.sh'
- 'scripts/validate-observability.sh'
- 'docs/demo/**'
- 'app/**'
- 'packages/backend/**'

permissions:
contents: read

jobs:
compose-smoke:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Prepare env
run: cp .env.example .env

- name: Run full review path
run: FINMIND_REVIEW_KEEP_RUNNING=1 ./scripts/review-deploy.sh

- name: Collect review artifacts
run: ./scripts/collect-review-artifacts.sh .artifacts/review

- name: Upload review artifacts
uses: actions/upload-artifact@v4
with:
name: finmind-review-artifacts
path: .artifacts/review

- name: Compose logs on failure
if: failure()
run: docker compose -f docker-compose.prod.yml --profile observability logs --no-color

- name: Shutdown compose
if: always()
run: docker compose -f docker-compose.prod.yml --profile observability down -v

helm-render:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Lint Helm chart
run: |
docker run --rm \
-v "$PWD":/work \
-w /work \
alpine/helm:3.16.2 \
lint deploy/helm/finmind

- name: Render Helm chart
run: |
docker run --rm \
-v "$PWD":/work \
-w /work \
alpine/helm:3.16.2 \
template finmind deploy/helm/finmind > /tmp/finmind-helm.yaml

- name: Ensure ingress and backend exist in rendered chart
run: |
grep -q "kind: Ingress" /tmp/finmind-helm.yaml
grep -q "name: finmind-backend" /tmp/finmind-helm.yaml
grep -q "name: finmind-prometheus" /tmp/finmind-helm.yaml
grep -q "name: finmind-grafana" /tmp/finmind-helm.yaml
75 changes: 75 additions & 0 deletions .github/workflows/k8s-runtime.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
name: K8s Runtime

on:
push:
branches: ["**"]
paths:
- 'Dockerfile.fullstack'
- 'deploy/helm/**'
- 'Tiltfile'
- 'scripts/review-k8s.sh'
- 'scripts/smoke-deploy.py'
- 'packages/backend/**'
- 'app/**'
pull_request:
paths:
- 'Dockerfile.fullstack'
- 'deploy/helm/**'
- 'Tiltfile'
- 'scripts/review-k8s.sh'
- 'scripts/smoke-deploy.py'
- 'packages/backend/**'
- 'app/**'

permissions:
contents: read

jobs:
kind-helm-runtime:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Install Kind
run: |
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.24.0/kind-linux-amd64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind

- name: Install Helm
run: |
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

- name: Install Tilt
run: |
curl -fsSL https://raw.githubusercontent.com/tilt-dev/tilt/master/scripts/install.sh | bash

- name: Run kind + Helm runtime review
env:
FINMIND_RUN_TILT_CI: "1"
run: ./scripts/review-k8s.sh

- name: Collect cluster diagnostics on failure
if: failure()
run: |
mkdir -p "$RUNNER_TEMP/k8s-diagnostics"
kubectl get all -A -o wide > "$RUNNER_TEMP/k8s-diagnostics/get-all.txt" || true
kubectl get events -A --sort-by=.metadata.creationTimestamp > "$RUNNER_TEMP/k8s-diagnostics/events.txt" || true
kubectl describe pods -n finmind > "$RUNNER_TEMP/k8s-diagnostics/describe-pods.txt" || true
kubectl describe jobs -n finmind > "$RUNNER_TEMP/k8s-diagnostics/describe-jobs.txt" || true
kubectl logs -n finmind job/finmind-migrate > "$RUNNER_TEMP/k8s-diagnostics/migrate.log" || true
helm status finmind -n finmind > "$RUNNER_TEMP/k8s-diagnostics/helm-status.txt" || true
helm test finmind -n finmind --logs > "$RUNNER_TEMP/k8s-diagnostics/helm-test.log" || true
tilt dump engine > "$RUNNER_TEMP/k8s-diagnostics/tilt-engine.txt" || true
tilt doctor > "$RUNNER_TEMP/k8s-diagnostics/tilt-doctor.txt" || true

- name: Upload K8s diagnostics
if: failure()
uses: actions/upload-artifact@v4
with:
name: k8s-runtime-diagnostics
path: ${{ runner.temp }}/k8s-diagnostics

- name: Delete kind cluster
if: always()
run: kind delete cluster --name finmind-review
7 changes: 3 additions & 4 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,14 @@ logs/
npm-debug.log*
yarn-debug.log*
pnpm-debug.log*
output/
tmp/
plan.md
checklist.md
continuation_prompt.md
deployment.md
SESSION_SUMMARY.md

docker-compose.prod.yml

FEATURES.md

create_issues.ps1
bounty_issues.ps1
bounty_issues.ps1
Loading