feat(ci): add Docker build+push pipeline for gateway and web images
This commit is contained in:
Jarvis
@@ -59,3 +59,41 @@ steps:
|
|||||||
- lint
|
- lint
|
||||||
- format
|
- format
|
||||||
- test
|
- test
|
||||||
|
|
||||||
|
publish-gateway:
|
||||||
|
image: woodpeckerci/plugin-docker-buildx
|
||||||
|
settings:
|
||||||
|
registry: git.mosaicstack.dev
|
||||||
|
repo: git.mosaicstack.dev/mosaic/mosaic-stack-gateway
|
||||||
|
dockerfile: docker/gateway.Dockerfile
|
||||||
|
tags:
|
||||||
|
- latest
|
||||||
|
- ${CI_COMMIT_SHA}
|
||||||
|
username:
|
||||||
|
from_secret: REGISTRY_USERNAME
|
||||||
|
password:
|
||||||
|
from_secret: REGISTRY_PASSWORD
|
||||||
|
when:
|
||||||
|
- event: push
|
||||||
|
branch: main
|
||||||
|
depends_on:
|
||||||
|
- build
|
||||||
|
|
||||||
|
publish-web:
|
||||||
|
image: woodpeckerci/plugin-docker-buildx
|
||||||
|
settings:
|
||||||
|
registry: git.mosaicstack.dev
|
||||||
|
repo: git.mosaicstack.dev/mosaic/mosaic-stack-web
|
||||||
|
dockerfile: docker/web.Dockerfile
|
||||||
|
tags:
|
||||||
|
- latest
|
||||||
|
- ${CI_COMMIT_SHA}
|
||||||
|
username:
|
||||||
|
from_secret: REGISTRY_USERNAME
|
||||||
|
password:
|
||||||
|
from_secret: REGISTRY_PASSWORD
|
||||||
|
when:
|
||||||
|
- event: push
|
||||||
|
branch: main
|
||||||
|
depends_on:
|
||||||
|
- build
|
||||||
|
|||||||
30
docs/scratchpads/ci-docker-publish-20260330.md
Normal file
30
docs/scratchpads/ci-docker-publish-20260330.md
Normal file
@@ -0,0 +1,30 @@
|
|||||||
|
# Scratchpad: CI Docker Publish (2026-03-30)
|
||||||
|
|
||||||
|
- Objective: Add Woodpecker Docker build+push steps for gateway and web images on `main` pushes.
|
||||||
|
- Scope: `.woodpecker/ci.yml`.
|
||||||
|
- Constraints:
|
||||||
|
- Use existing Dockerfiles at `docker/gateway.Dockerfile` and `docker/web.Dockerfile`.
|
||||||
|
- Publish to `git.mosaicstack.dev` with `from_secret` credentials.
|
||||||
|
- Tag both `latest` and `${CI_COMMIT_SHA}`.
|
||||||
|
- Do not run publish steps on pull requests.
|
||||||
|
- ASSUMPTION: Publishing `latest` is required by the task for registry convenience, even though immutable tags remain the safer deployment reference.
|
||||||
|
- Findings:
|
||||||
|
- Existing pipeline already has `build` after `lint`, `format`, and `test`.
|
||||||
|
- `apps/gateway/package.json` uses `tsc` for `build`; no Prisma dependency or `prisma generate` hook is present.
|
||||||
|
- Plan:
|
||||||
|
1. Patch `.woodpecker/ci.yml` to keep `build` as the quality gate successor and add `publish-gateway` plus `publish-web`.
|
||||||
|
2. Validate YAML and run repo quality gates relevant to the change.
|
||||||
|
3. Review the diff, then commit/push/PR if validation passes.
|
||||||
|
- Verification:
|
||||||
|
- `python3 -c "import yaml; yaml.safe_load(open('.woodpecker/ci.yml'))" && echo "YAML valid"`
|
||||||
|
- `pnpm lint`
|
||||||
|
- `pnpm typecheck`
|
||||||
|
- `pnpm format:check`
|
||||||
|
- `docker compose up -d`
|
||||||
|
- `pnpm --filter @mosaic/db db:push`
|
||||||
|
- `pnpm test`
|
||||||
|
- `pnpm build`
|
||||||
|
- Manual review of `.woodpecker/ci.yml` diff: publish steps are main-only, depend on `build`, and use secret-backed registry auth plus dual tags.
|
||||||
|
- Risks:
|
||||||
|
- Pipeline behavior beyond YAML validation cannot be fully proven locally; remote Woodpecker execution will be the final situational check after push.
|
||||||
|
- Repo baseline required two existing `plugins/macp` files to be reformatted before `pnpm format:check` would pass.
|
||||||
@@ -9,10 +9,14 @@ const ocRequire = createRequire(import.meta.url);
|
|||||||
const sdkRoot = path.dirname(ocRequire.resolve('openclaw/dist/plugin-sdk/index.js'));
|
const sdkRoot = path.dirname(ocRequire.resolve('openclaw/dist/plugin-sdk/index.js'));
|
||||||
|
|
||||||
// Dynamic imports for runtime SDK functions
|
// Dynamic imports for runtime SDK functions
|
||||||
const { registerAcpRuntimeBackend, unregisterAcpRuntimeBackend } = await import(
|
const { registerAcpRuntimeBackend, unregisterAcpRuntimeBackend } = (await import(
|
||||||
`${sdkRoot}/acp-runtime.js`
|
`${sdkRoot}/acp-runtime.js`
|
||||||
) as {
|
)) as {
|
||||||
registerAcpRuntimeBackend: (backend: { id: string; runtime: any; healthy: () => boolean }) => void;
|
registerAcpRuntimeBackend: (backend: {
|
||||||
|
id: string;
|
||||||
|
runtime: any;
|
||||||
|
healthy: () => boolean;
|
||||||
|
}) => void;
|
||||||
unregisterAcpRuntimeBackend: (id: string) => void;
|
unregisterAcpRuntimeBackend: (id: string) => void;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -82,7 +82,15 @@ const MACP_CAPABILITIES: AcpRuntimeCapabilities = {
|
|||||||
|
|
||||||
const DEFAULT_REPO_ROOT = '~/src/mosaic-stack';
|
const DEFAULT_REPO_ROOT = '~/src/mosaic-stack';
|
||||||
const ORCHESTRATOR_RUN_PATH = '~/.config/mosaic/bin/mosaic-orchestrator-run';
|
const ORCHESTRATOR_RUN_PATH = '~/.config/mosaic/bin/mosaic-orchestrator-run';
|
||||||
const PI_RUNNER_PATH = path.join(os.homedir(), 'src', 'mosaic-stack', 'tools', 'macp', 'dispatcher', 'pi_runner.ts');
|
const PI_RUNNER_PATH = path.join(
|
||||||
|
os.homedir(),
|
||||||
|
'src',
|
||||||
|
'mosaic-stack',
|
||||||
|
'tools',
|
||||||
|
'macp',
|
||||||
|
'dispatcher',
|
||||||
|
'pi_runner.ts',
|
||||||
|
);
|
||||||
|
|
||||||
function expandHome(rawPath: string): string {
|
function expandHome(rawPath: string): string {
|
||||||
if (rawPath === '~') {
|
if (rawPath === '~') {
|
||||||
|
|||||||
Reference in New Issue
Block a user