feat(platform/ci) Add workflow for deploying to production (#8384)

* ci with workload identity

* temp update

* update name

* wip

* update auth step

* update provider name

* remove audience

* temp set to false

* update registry naming

* update context

* update login

* revert temp updates

* add prod iam and pool

* add release deploy with approval

* use gha default approval behaviour

* add back in release trigger

* add new line

.github/workflows/platform-autgpt-deploy-prod.yml

@@ -0,0 +1,149 @@
+name: AutoGPT Platform - Build, Push, and Deploy Prod Environment
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  contents: 'read'
+  id-token: 'write'
+
+env:
+  PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
+  GKE_CLUSTER: prod-gke-cluster
+  GKE_ZONE: us-central1-a
+  NAMESPACE: prod-agpt
+
+jobs:
+  build-push-deploy:
+    environment: production
+    name: Build, Push, and Deploy
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+
+    - id: 'auth'
+      uses: 'google-github-actions/auth@v1'
+      with:
+        workload_identity_provider: 'projects/638488734936/locations/global/workloadIdentityPools/prod-pool/providers/github'
+        service_account: 'prod-github-actions-sa@agpt-prod.iam.gserviceaccount.com'
+        token_format: 'access_token'
+        create_credentials_file: true
+
+    - name: 'Set up Cloud SDK'
+      uses: 'google-github-actions/setup-gcloud@v1'
+
+    - name: 'Configure Docker'
+      run: |
+        gcloud auth configure-docker us-east1-docker.pkg.dev
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+
+    - name: Cache Docker layers
+      uses: actions/cache@v2
+      with:
+        path: /tmp/.buildx-cache
+        key: ${{ runner.os }}-buildx-${{ github.sha }}
+        restore-keys: |
+          ${{ runner.os }}-buildx-
+
+    - name: Check for changes
+      id: check_changes
+      run: |
+        git fetch origin master
+        BACKEND_CHANGED=$(git diff --name-only origin/master HEAD | grep "^autogpt_platform/backend/" && echo "true" || echo "false")
+        FRONTEND_CHANGED=$(git diff --name-only origin/master HEAD | grep "^autogpt_platform/frontend/" && echo "true" || echo "false")
+        MARKET_CHANGED=$(git diff --name-only origin/master HEAD | grep "^autogpt_platform/market/" && echo "true" || echo "false")
+        echo "backend_changed=$BACKEND_CHANGED" >> $GITHUB_OUTPUT
+        echo "frontend_changed=$FRONTEND_CHANGED" >> $GITHUB_OUTPUT
+        echo "market_changed=$MARKET_CHANGED" >> $GITHUB_OUTPUT
+
+    - name: Get GKE credentials
+      uses: 'google-github-actions/get-gke-credentials@v1'
+      with:
+        cluster_name: ${{ env.GKE_CLUSTER }}
+        location: ${{ env.GKE_ZONE }}
+
+    - name: Build and Push Backend
+      if: steps.check_changes.outputs.backend_changed == 'true'
+      uses: docker/build-push-action@v2
+      with:
+        context: .
+        file: ./autogpt_platform/backend/Dockerfile
+        push: true
+        tags: us-east1-docker.pkg.dev/agpt-prod/agpt-backend-prod/agpt-backend-prod:${{ github.sha }}
+        cache-from: type=local,src=/tmp/.buildx-cache
+        cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+    - name: Build and Push Frontend
+      if: steps.check_changes.outputs.frontend_changed == 'true'
+      uses: docker/build-push-action@v2
+      with:
+        context: .
+        file: ./autogpt_platform/frontend/Dockerfile
+        push: true
+        tags: us-east1-docker.pkg.dev/agpt-prod/agpt-frontend-prod/agpt-frontend-prod:${{ github.sha }}
+        cache-from: type=local,src=/tmp/.buildx-cache
+        cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+    - name: Build and Push Market
+      if: steps.check_changes.outputs.market_changed == 'true'
+      uses: docker/build-push-action@v2
+      with:
+        context: .
+        file: ./autogpt_platform/market/Dockerfile
+        push: true
+        tags: us-east1-docker.pkg.dev/agpt-prod/agpt-market-prod/agpt-market-prod:${{ github.sha }}
+        cache-from: type=local,src=/tmp/.buildx-cache
+        cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+    - name: Move cache
+      run: |
+        rm -rf /tmp/.buildx-cache
+        mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
+    - name: Set up Helm
+      uses: azure/setup-helm@v1
+      with:
+        version: v3.4.0
+
+    - name: Deploy Backend
+      if: steps.check_changes.outputs.backend_changed == 'true'
+      run: |
+        helm upgrade autogpt-server ./autogpt-server \
+          --namespace ${{ env.NAMESPACE }} \
+          -f autogpt-server/values.yaml \
+          -f autogpt-server/values.prod.yaml \
+          --set image.tag=${{ github.sha }}
+
+    - name: Deploy Websocket
+      if: steps.check_changes.outputs.backend_changed == 'true'
+      run: |
+        helm upgrade autogpt-websocket-server ./autogpt-websocket-server \
+          --namespace ${{ env.NAMESPACE }} \
+          -f autogpt-websocket-server/values.yaml \
+          -f autogpt-websocket-server/values.prod.yaml \
+          --set image.tag=${{ github.sha }}
+
+    - name: Deploy Market
+      if: steps.check_changes.outputs.market_changed == 'true'
+      run: |
+        helm upgrade autogpt-market ./autogpt-market \
+          --namespace ${{ env.NAMESPACE }} \
+          -f autogpt-market/values.yaml \
+          -f autogpt-market/values.prod.yaml \
+          --set image.tag=${{ github.sha }}
+
+    - name: Deploy Frontend
+      if: steps.check_changes.outputs.frontend_changed == 'true'
+      run: |
+        helm upgrade autogpt-builder ./autogpt-builder \
+          --namespace ${{ env.NAMESPACE }} \
+          -f autogpt-builder/values.yaml \
+          -f autogpt-builder/values.prod.yaml \
+          --set image.tag=${{ github.sha }}