Developer Guide

This guide provides technical details about the onboarding architecture, services, and deployment process.

Architecture

We manage the provisioning and deployment of all accounts using two components:

Onboarding, with global account config
Admin, with account-specific config

The following diagram illustrates the role of Onboarding and Admin within the overall architecture.

Onboarding Service

We maintain a global registry of accounts in a service called Onboarding (repo), which is only accessible for internal staff. In this registry we maintain global account config, like in which project an account should be deployed, and whether it is active.

The Onboarding service runs outside of the account production clusters (in Cloud Run), since it contains global config needed for all accounts in all regional clusters.

Admin Service

Admin is deployed for a single account, in one regional cluster, within an isolated account-specific namespace. Admin contains all the config and credentials needed to operate the internal services Backend and Engine, and integrate with the CX Platform.

Deployment Sequence

The following diagram shows the steps taken to provision and deploy an account. Manual steps (performed by Deepdesk staff) are indicated with note annotations.

info

For more information about CI/CD and the role of FluxCD, see Releases & Deployments

Key Components

Cloud Storage

The Onboarding service exports account configuration to Cloud Storage as accounts.json, which is then consumed by Cloud Functions to trigger provisioning workflows.

Cloud Functions

Cloud Functions orchestrate the provisioning and deployment process by invoking Cloud Build jobs. They are triggered via API calls from the Admin service during deployment.

Cloud Build

Cloud Build runs Terraform to perform the following tasks:

Creating Kubernetes namespaces and secrets
Installing FluxCD resources

GKE (Google Kubernetes Engine)

GKE hosts the account-specific namespaces where Admin and other services are deployed.

FluxCD

FluxCD is used for GitOps-based continuous deployment. It monitors the deepdesk-config repository and automatically deploys changes to the cluster. The Helm install process includes machine learning pipelines as part of the deployment.

Workflow Steps

Manual Step 1: Create Account

Account Creation: Deepdesk staff creates an account in the Onboarding service
Config Commit: Onboarding commits configuration to deepdesk-config repository
Export: Account configuration is exported to Cloud Storage
Trigger: Cloud Function is triggered by the export
Provision: Cloud Build provisions the account infrastructure (namespace, secrets, FluxCD resources)
Install Services: FluxCD installs services via Helm charts (including machine learning pipelines)
Admin Ready: Admin service is running and ready for configuration

Manual Step 2: Deploy

Deploy Trigger: Deepdesk staff triggers the Deploy action in Admin
Infrastructure Update:
- Admin exports account configuration to Cloud Storage
- Admin makes an API call to Cloud Function to trigger deployment
- Cloud Function triggers Cloud Build to provision and update account infrastructure
- Cloud Build updates GKE infrastructure
Config Deployment:
- Admin commits configuration changes to deepdesk-config repository
- FluxCD detects changes and triggers deployment
- Services are deployed with new configuration

Architecture​

Onboarding Service​

Admin Service​

Deployment Sequence​

Key Components​

Cloud Storage​

Cloud Functions​

Cloud Build​

GKE (Google Kubernetes Engine)​

FluxCD​

Workflow Steps​

Manual Step 1: Create Account​

Manual Step 2: Deploy​