Deploy
Deploy the Compiler app to Kubernetes via Helm or integrate into your CI/CD pipeline.
Step 1: Prerequisites
| Requirement | Description |
|---|---|
| Log10x License | Your license key (get one) |
| Helm | Helm CLI installed (for k8s deployment) |
| kubectl | Configured to access your cluster (for k8s deployment) |
| Git Token | Access token for your Git provider (GitHub, GitLab, Bitbucket, etc.) with repository read access |
| Docker Credentials | Registry credentials if pulling from private registries |
Step 2: Choose Deployment Method
The Helm chart deploys a CronJob that periodically compiles symbols from source code and container images.
Best for: Scheduled symbol compilation in production environments.
Add the Helm repository:
Verify the chart appears:
Run the compiler as a docker run step in your CI/CD pipeline (GitHub Actions, GitLab CI, Jenkins) using the log10x/compiler-10x image. The compiler image pulls source repos, scans for symbols, and pushes the compiled symbol library back to your config repository. It is the cloud compiler bundled with the source-fetch toolchain (git, docker CLI, helm) the pull stage shells out to — the lean log10x/pipeline-10x runtime image omits those tools.
Best for: Event-driven compilation triggered by code commits. No Kubernetes required.
Step 3: Configure Deployment Settings
Create a new file called my-compiler.yaml in your working directory. This Helm values file will be used in all subsequent steps.
# License key added to all pods via TENX_LICENSE env var
log10xLicense: "YOUR-LICENSE-KEY-HERE"
jobs:
- name: compiler-job
runtimeName: my-compiler # Optional: identifies this instance
schedule: "*/30 * * * *" # Run every 30 minutes
args:
- "@apps/compiler"
Airgapped mode (optional) — for clusters with no path to the Log10x SaaS (security policy, isolated network), suppress every outbound call to the vendor gateway by setting TENX_AIRGAPPED=true on each job:
jobs:
- name: compiler-job
# ... (previous config)
extraEnv:
- name: TENX_AIRGAPPED
value: "true"
The compiler verifies its license JWT locally against the embedded public key; no startup validation, no metrics reporting to the Log10x backend, no user-attribute enrichment. Source-repo pulls and symbol-library pushes are unaffected — those are customer pipelines, not vendor telemetry. demo and limited license types cannot run airgapped — the engine warns and falls back to online if either is configured with TENX_AIRGAPPED=true.
Configuration is passed via environment variables and command-line arguments in the docker run command. See the complete platform examples in Step 6.
Airgapped mode (optional) — for CI runners with no path to the Log10x SaaS, add -e TENX_AIRGAPPED=true to your docker run invocation:
docker run --rm \
-e TENX_LICENSE_FILE=/license.jwt \
-e TENX_AIRGAPPED=true \
... \
log10x/compiler-10x @apps/compiler
With this set, the compiler verifies its license JWT locally and skips every call to the Log10x SaaS gateway (no startup validation, no metrics). demo and limited license types cannot run airgapped — they warn and fall back to online.
Step 4: Load Configuration
Load the 10x engine config folder to customize which sources the compiler scans and where it writes output. If you skip this step, the default configuration bundled with the Log10x image is used.
For Kubernetes CronJob deployments, load the config folder into the cluster using one of the methods below.
An init container clones your configuration repository before each CronJob run. Works with GitHub, GitLab, Bitbucket, or any HTTPS-accessible Git provider.
- Fork the Config Repository
- Create a branch for your configuration changes
- Edit the app configuration to specify your source inputs and symbol outputs
Add to your Helm values:
gitToken: "YOUR-GIT-TOKEN"
jobs:
- name: compiler-job
# ... (previous config)
config:
git:
enabled: true
url: "https://github.com/YOUR-ACCOUNT/REPO-NAME.git"
branch: "my-compiler-config" # Optional: defaults to main
For production, store the token in a Kubernetes Secret rather than in the values file.
Mount an existing PersistentVolumeClaim containing your configuration directory. This approach works in air-gapped environments and requires no external network access.
- Create a PVC containing your configuration files (cloned from the Config Repository)
- Reference it in your Helm values:
For CI/CD pipelines, the config folder is loaded at runtime via the @github launch macro or a local volume mount. The complete CI/CD examples in Step 6 include config loading inline.
The engine clones the config repo at startup:
Step 5: Configure Secrets
Store sensitive credentials in Kubernetes Secrets rather than plain files.
Important: Only add secrets for source repositories you've configured in your Compiler app configuration.
Create the secret:
kubectl create secret generic compiler-credentials \
--from-literal=github-token=YOUR_GITHUB_TOKEN \
--from-literal=docker-username=YOUR_DOCKER_USERNAME \
--from-literal=docker-token=YOUR_DOCKER_TOKEN
Add secret references to your my-compiler.yaml:
jobs:
- name: compiler-job
# ... (previous config)
extraEnv:
# For GitHub source repositories
- name: GH_TOKEN
valueFrom:
secretKeyRef:
name: compiler-credentials
key: github-token
# For Docker registries
- name: DOCKER_USERNAME
valueFrom:
secretKeyRef:
name: compiler-credentials
key: docker-username
- name: DOCKER_TOKEN
valueFrom:
secretKeyRef:
name: compiler-credentials
key: docker-token
# For Artifactory repositories
# - name: ARTIFACTORY_TOKEN
# valueFrom:
# secretKeyRef:
# name: compiler-credentials
# key: artifactory-token
Configure secrets in your CI platform:
| Secret | Description |
|---|---|
GH_TOKEN |
GitHub PAT with repo scope |
DOCKER_USERNAME |
Container registry username |
DOCKER_TOKEN |
Container registry token |
ARTIFACTORY_TOKEN |
Artifactory token (if used) |
Go to Settings > Secrets and variables > Actions > Secrets and add the secrets above.
Go to Settings > CI/CD > Variables and add the secrets above.
Go to Manage Jenkins > Credentials and add credential IDs: github-token, docker-username, docker-token.
Step 6: Deploy
Add a docker run step to your CI/CD pipeline. Select your platform below.
Create .github/workflows/compile.yml:
name: 10x Compile
on:
push:
branches: [main]
jobs:
compile:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run 10x Compiler
run: |
docker run --rm \
-v $(pwd):/work \
-e GH_TOKEN=${{ secrets.GH_TOKEN }} \
-e DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }} \
-e DOCKER_TOKEN=${{ secrets.DOCKER_TOKEN }} \
log10x/compiler-10x:latest \
'@github={"token": "${{ secrets.GH_TOKEN }}", "repo": "my-user/my-config"}' \
@apps/compiler
Create .gitlab-ci.yml:
stages:
- compile
tenx_compile:
stage: compile
image: docker:latest
services:
- docker:dind
script:
- docker run --rm \
-e GH_TOKEN=$GH_TOKEN \
-e DOCKER_USERNAME=$DOCKER_USERNAME \
-e DOCKER_TOKEN=$DOCKER_TOKEN \
log10x/compiler-10x:latest \
'@github={"token": "'$GH_TOKEN'", "repo": "my-user/my-config"}' \
@apps/compiler
Create Jenkinsfile:
pipeline {
agent any
stages {
stage('TenX Compile') {
steps {
withCredentials([
string(credentialsId: 'github-token', variable: 'GH_TOKEN'),
string(credentialsId: 'docker-username', variable: 'DOCKER_USERNAME'),
string(credentialsId: 'docker-token', variable: 'DOCKER_TOKEN')
]) {
sh '''
docker run --rm \
-e GH_TOKEN=$GH_TOKEN \
-e DOCKER_USERNAME=$DOCKER_USERNAME \
-e DOCKER_TOKEN=$DOCKER_TOKEN \
log10x/compiler-10x:latest \
'@github={"token": "'$GH_TOKEN'", "repo": "my-user/my-config"}' \
@apps/compiler
'''
}
}
}
}
}
Step 7: Verify
Verify no errors appear in the log file.
Check output files:
Verify symbol files were generated in your configured outputSymbolFolder and outputSymbolLibraryFile paths.
Step 8: Distribute Output Symbol Libraries
The compiler pushes output symbol files to your config repository. Edge and cloud apps pull these files at startup and poll for updates periodically.
Quickstart Full Sample
log10xLicense: "YOUR-LICENSE-KEY-HERE"
gitToken: "YOUR-GIT-TOKEN"
jobs:
- name: compiler-job
runtimeName: my-compiler
schedule: "*/30 * * * *"
args:
- "@apps/compiler"
config:
git:
enabled: true
url: "https://github.com/YOUR-ACCOUNT/REPO-NAME.git"
branch: "my-compiler-config"
extraEnv:
- name: GH_TOKEN
valueFrom:
secretKeyRef:
name: compiler-credentials
key: github-token
- name: DOCKER_USERNAME
valueFrom:
secretKeyRef:
name: compiler-credentials
key: docker-username
- name: DOCKER_TOKEN
valueFrom:
secretKeyRef:
name: compiler-credentials
key: docker-token
See the Deploy step above for complete CI/CD configuration examples for GitHub Actions, GitLab CI, and Jenkins.