> ## Documentation Index
> Fetch the complete documentation index at: https://tensorfuse.io/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Using Tensorkube with Github Actions

> How to create a tensorkube deployment with github actions

### Permissions

1. Follow [this blog](https://aws.amazon.com/blogs/security/use-iam-roles-to-connect-github-actions-to-actions-in-aws/) to create an OIDC provider and associate a role and policy to it that will allow your github action
   to access and modify your AWS resources. Make sure that the `AmazonS3FullAccess`, `AmazonEKSWorkerNodePolicy`, `AmazonEC2ContainerRegistryFullAccess` and `AmazonEKSClusterPolicy`
   policies are attached to the role you create.

2. You will also need to give this role access to your tensorkube cluster. You can do this by running this command after you
   have completed the first step.

```
eksctl create iamidentitymapping \
  --cluster tensorkube \
  --region us-east-1 \
  --arn <ROLE ARN> \
  --group system:masters \
  --username github
```

### GitHub Action Workflow

A typical deployment workflow will look like this:

```gh_action.yml theme={null}
name: tensorkube deploy
on: 
  push:
    branches : [ release ]

permissions:
  id-token: write
  contents: read

jobs:
  deployment:
    runs-on: ubuntu-latest
    name: Tensorkube Deployment
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          path: <PROJECT_NAME>
      - name: AWS Configure
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-region: us-east-1
          role-to-assume: <GITHUB ROLE ARN>
      - name: Start Deployment
        uses: tensorfuse/tensorkube-github-deploy@latest_release
        with:
          token: <TENSORKUBE_TOKEN> # Please use GitHub secrets for this
          session_id: <TENSORKUBE_SESSION_ID> # Please use GitHub secrets for this
          path: <PROJECT NAME>
          gpus: <GPUS>
          gpu_type: <GPU TYPE>
          min_scale: <MIN PODS>
          max_scale: <MAX PODS>
          env: <DEPLOYMENT ENVIRONMENT>
          secrets: |
            <SECRET_1>
            <SECRET_2>
            ...
```

#### Explanation

1. `actions/checkout@v4` copies your code into the `workspace/<PROJECT NAME>` directory in the GitHub runner.
   The path/ project name is required because tensorkube creates the deployment using the name of the folder the code is in
   and the checkout action by default copies the code to the `workspace` directory, which will create a clash between different
   deployments because they will end up with the same deployment name.

2. `aws-actions/configure-aws-credentials@v4` gives the GitHub runner access to your AWS resources by allowing it to assume
   the role that you associated with the GitHub OIDC provider.

3. `tensorfuse/tensorkube-github-deploy@v1` deploys your application with tensorkube. Make sure that the `path` in this step and in `actions/checkout@v4` is identical.

#### Parameters

The parameters you can specify in your deployment are:

* `token`, **Required**, Your tensorkube `token`. Can be found in `~/.tensorkube/token` after running `tensorkube login`. We recommend storing this as a GitHub action secret.

* `session_id`, **Required**,  Your tensorkube `session_id`. Can be found in `~/.tensorkube/token` after running `tensorkube login`. We recommend storing this as a GitHub action secret.

* `gpus`, **Optional**, Number of gpus to use. Default `0`.

* `gpu_type`, **Optional**, Type of GPU to use. Default is `null`.

* `cpu`, **Optional**, Number of CPUs to use. Default is `100` milli CPU.

* `memory`, **Optional**, Amount of memory to use. Default is `200` MB.

* `min_scale`, **Optional**, Minimum number of replicas. Default is `0`.

* `max_scale`, **Optional**, Maximum number of replicas. Default is `3`.

* `env`, **Optional**, Environment in which to deploy. Default is `null`.

* `secrets`, **Optional**, Secrets to be exposed as environment variables in your deployment. Default is `  `

* `path`, **Optional**, Path where to run the command. Default is ` ` (Not recommended to be left empty).
