negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(ci): harden docker builds and unblock config docs

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-12 16:45:12 +00:00
parent 46f0bfc55b
commit 9f08af1f06
6 changed files with 31 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/docker-release.yml vendored
View File

@@ -36,7 +36,7 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Set up Docker Builder - name: Set up Docker Builder
uses: useblacksmith/setup-docker-builder@v1 uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
uses: docker/login-action@v3 uses: docker/login-action@v3
@@ -137,7 +137,7 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Set up Docker Builder - name: Set up Docker Builder
uses: useblacksmith/setup-docker-builder@v1 uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
uses: docker/login-action@v3 uses: docker/login-action@v3

2
.github/workflows/install-smoke.yml vendored
View File

@@ -41,7 +41,7 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Set up Docker Builder - name: Set up Docker Builder
uses: useblacksmith/setup-docker-builder@v1 uses: docker/setup-buildx-action@v3
# Blacksmith can fall back to the local docker driver, which rejects gha # Blacksmith can fall back to the local docker driver, which rejects gha
# cache export/import. Keep smoke builds driver-agnostic. # cache export/import. Keep smoke builds driver-agnostic.

2
.github/workflows/sandbox-common-smoke.yml vendored
View File

@@ -27,7 +27,7 @@ jobs:
submodules: false submodules: false
- name: Set up Docker Builder - name: Set up Docker Builder
uses: useblacksmith/setup-docker-builder@v1 uses: docker/setup-buildx-action@v3
- name: Build minimal sandbox base (USER sandbox) - name: Build minimal sandbox base (USER sandbox)
shell: bash shell: bash

24
Dockerfile
View File

@@ -39,8 +39,18 @@ RUN mkdir -p /out && \
# ── Stage 2: Build ────────────────────────────────────────────── # ── Stage 2: Build ──────────────────────────────────────────────
FROM ${OPENCLAW_NODE_BOOKWORM_IMAGE} AS build FROM ${OPENCLAW_NODE_BOOKWORM_IMAGE} AS build
# Install Bun (required for build scripts) # Install Bun (required for build scripts). Retry the whole bootstrap flow to
RUN curl -fsSL https://bun.sh/install | bash # tolerate transient 5xx failures from bun.sh/GitHub during CI image builds.
RUN set -eux; \
for attempt in 1 2 3 4 5; do \
if curl --retry 5 --retry-all-errors --retry-delay 2 -fsSL https://bun.sh/install | bash; then \
break; \
fi; \
if [ "$attempt" -eq 5 ]; then \
exit 1; \
fi; \
sleep $((attempt * 2)); \
done
ENV PATH="/root/.bun/bin:${PATH}" ENV PATH="/root/.bun/bin:${PATH}"
RUN corepack enable RUN corepack enable
@@ -141,7 +151,15 @@ COPY --from=runtime-assets --chown=node:node /app/docs ./docs
ENV COREPACK_HOME=/usr/local/share/corepack ENV COREPACK_HOME=/usr/local/share/corepack
RUN install -d -m 0755 "$COREPACK_HOME" && \ RUN install -d -m 0755 "$COREPACK_HOME" && \
corepack enable && \ corepack enable && \
corepack prepare "$(node -p "require('./package.json').packageManager")" --activate && \ for attempt in 1 2 3 4 5; do \
if corepack prepare "$(node -p "require('./package.json').packageManager")" --activate; then \
break; \
fi; \
if [ "$attempt" -eq 5 ]; then \
exit 1; \
fi; \
sleep $((attempt * 2)); \
done && \
chmod -R a+rX "$COREPACK_HOME" chmod -R a+rX "$COREPACK_HOME"
# Install additional system packages needed by your skills or extensions. # Install additional system packages needed by your skills or extensions.

2
docs/platforms/ios.md
View File

@@ -154,7 +154,7 @@ gateway still needs direct APNs credentials:
```bash ```bash
export OPENCLAW_APNS_TEAM_ID="TEAMID" export OPENCLAW_APNS_TEAM_ID="TEAMID"
export OPENCLAW_APNS_KEY_ID="KEYID" export OPENCLAW_APNS_KEY_ID="KEYID"
export OPENCLAW_APNS_PRIVATE_KEY_P8='-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----' export OPENCLAW_APNS_PRIVATE_KEY_P8="$(cat /path/to/AuthKey_KEYID.p8)"
``` ```
## Discovery paths ## Discovery paths

5
src/config/schema.labels.ts
View File

@@ -250,6 +250,11 @@ export const FIELD_LABELS: Record<string, string> = {
"Dangerously Allow Host-Header Origin Fallback", "Dangerously Allow Host-Header Origin Fallback",
"gateway.controlUi.allowInsecureAuth": "Insecure Control UI Auth Toggle", "gateway.controlUi.allowInsecureAuth": "Insecure Control UI Auth Toggle",
"gateway.controlUi.dangerouslyDisableDeviceAuth": "Dangerously Disable Control UI Device Auth", "gateway.controlUi.dangerouslyDisableDeviceAuth": "Dangerously Disable Control UI Device Auth",
"gateway.push": "Gateway Push Delivery",
"gateway.push.apns": "Gateway APNs Delivery",
"gateway.push.apns.relay": "Gateway APNs Relay",
"gateway.push.apns.relay.baseUrl": "Gateway APNs Relay Base URL",
"gateway.push.apns.relay.timeoutMs": "Gateway APNs Relay Timeout (ms)",
"gateway.http.endpoints.chatCompletions.enabled": "OpenAI Chat Completions Endpoint", "gateway.http.endpoints.chatCompletions.enabled": "OpenAI Chat Completions Endpoint",
"gateway.http.endpoints.chatCompletions.maxBodyBytes": "OpenAI Chat Completions Max Body Bytes", "gateway.http.endpoints.chatCompletions.maxBodyBytes": "OpenAI Chat Completions Max Body Bytes",
"gateway.http.endpoints.chatCompletions.maxImageParts": "OpenAI Chat Completions Max Image Parts", "gateway.http.endpoints.chatCompletions.maxImageParts": "OpenAI Chat Completions Max Image Parts",