From 52cb2d0010f2a209d666f28f4a5d2abdf60542ba Mon Sep 17 00:00:00 2001 From: hcastc00 Date: Tue, 3 Mar 2026 11:25:34 +0100 Subject: [PATCH 1/7] Refactor to install from npm instead of building from git --- .github/workflows/auto_check.yml | 32 +++++++++----------------------- .github/workflows/main.yml | 4 ---- .gitignore | 3 +++ .gitmodules | 3 --- Dockerfile | 24 ++++++------------------ docker-compose.yml | 5 ++--- entrypoint.sh | 2 +- openclaw | 1 - 8 files changed, 21 insertions(+), 53 deletions(-) delete mode 100644 .gitmodules delete mode 160000 openclaw diff --git a/.github/workflows/auto_check.yml b/.github/workflows/auto_check.yml index 55f4e42..bf005fe 100644 --- a/.github/workflows/auto_check.yml +++ b/.github/workflows/auto_check.yml @@ -11,38 +11,24 @@ jobs: steps: - uses: actions/checkout@v4 with: - submodules: true fetch-depth: 0 - - name: Get current submodule commit + - name: Get current upstream version id: current - run: echo "sha=$(git -C openclaw rev-parse HEAD)" >> "$GITHUB_OUTPUT" - - - name: Fetch latest upstream release - id: upstream - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - LATEST=$(gh api repos/openclaw/openclaw/releases/latest --jq '.tag_name') - echo "tag=$LATEST" >> "$GITHUB_OUTPUT" - # Strip leading 'v' if present for the version string - VERSION="${LATEST#v}" + VERSION=$(jq -r '.upstreamVersion' dappnode_package.json) echo "version=$VERSION" >> "$GITHUB_OUTPUT" - - name: Update submodule to latest release - id: update + - name: Fetch latest npm version + id: upstream run: | - cd openclaw - git fetch --tags origin - git checkout ${{ steps.upstream.outputs.tag }} - cd .. - NEW_SHA=$(git -C openclaw rev-parse HEAD) - echo "sha=$NEW_SHA" >> "$GITHUB_OUTPUT" + LATEST=$(npm view openclaw version) + echo "version=$LATEST" >> "$GITHUB_OUTPUT" - name: Check if update is needed id: check run: | - if [ "${{ steps.current.outputs.sha }}" = "${{ steps.update.outputs.sha }}" ]; then + if [ "${{ steps.current.outputs.version }}" = "${{ steps.upstream.outputs.version }}" ]; then echo "changed=false" >> "$GITHUB_OUTPUT" else echo "changed=true" >> "$GITHUB_OUTPUT" @@ -72,11 +58,11 @@ jobs: fi git checkout -b "$BRANCH" - git add openclaw dappnode_package.json + git add dappnode_package.json git commit -m "Bump openclaw upstream to ${VERSION}" git push origin "$BRANCH" gh pr create \ --title "Bump openclaw upstream to ${VERSION}" \ - --body "Bumps openclaw submodule to release \`${{ steps.upstream.outputs.tag }}\`." \ + --body "Bumps openclaw npm package to version \`${VERSION}\`." \ --base main diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9f98ac5..1afd193 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -16,8 +16,6 @@ jobs: if: github.event_name != 'push' steps: - uses: actions/checkout@v4 - with: - submodules: true - uses: actions/setup-node@v4 with: node-version: "22" @@ -29,8 +27,6 @@ jobs: if: github.event_name == 'push' || github.event_name == 'repository_dispatch' steps: - uses: actions/checkout@v4 - with: - submodules: true - uses: actions/setup-node@v4 with: node-version: "22" diff --git a/.gitignore b/.gitignore index 92e5047..3ba1849 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ +# Former git submodule (now installed via npm at build time) +openclaw/ + # Build artifacts build_*/ *.xz diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index b2682ed..0000000 --- a/.gitmodules +++ /dev/null @@ -1,3 +0,0 @@ -[submodule "openclaw"] - path = openclaw - url = https://github.com/openclaw/openclaw.git diff --git a/Dockerfile b/Dockerfile index 8b03a3d..a89dc69 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG UPSTREAM_VERSION="latest" FROM node:22-bookworm -# Install Bun (required for build scripts) and sudo (needed by openclaw tool executor) +# Install Bun (required by openclaw at runtime) and sudo (needed by openclaw tool executor) RUN curl -fsSL https://bun.sh/install | bash && \ apt-get update && \ apt-get install -y --no-install-recommends sudo && \ @@ -10,8 +10,6 @@ RUN curl -fsSL https://bun.sh/install | bash && \ rm -rf /var/lib/apt/lists/* ENV PATH="/root/.bun/bin:${PATH}" -RUN corepack enable - WORKDIR /app ARG OPENCLAW_DOCKER_APT_PACKAGES="" @@ -22,21 +20,11 @@ RUN if [ -n "$OPENCLAW_DOCKER_APT_PACKAGES" ]; then \ rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*; \ fi -COPY openclaw/package.json openclaw/pnpm-lock.yaml openclaw/pnpm-workspace.yaml openclaw/.npmrc ./ -COPY openclaw/ui/package.json ./ui/package.json -COPY openclaw/patches ./patches -COPY openclaw/scripts ./scripts - -RUN pnpm install --frozen-lockfile - -COPY openclaw/ . -RUN OPENCLAW_A2UI_SKIP_MISSING=1 pnpm build -# Force pnpm for UI build (Bun may fail on ARM/Synology architectures) -ENV OPENCLAW_PREFER_PNPM=1 -RUN pnpm ui:build +ARG UPSTREAM_VERSION +RUN npm install -g openclaw@${UPSTREAM_VERSION} -# Make the openclaw CLI available in PATH -RUN ln -s /app/openclaw.mjs /usr/local/bin/openclaw +# Make json5 (openclaw dependency) resolvable by plain require('json5') +ENV NODE_PATH=/usr/local/lib/node_modules ENV NODE_ENV=production @@ -66,4 +54,4 @@ HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ # Run as root (no-new-privileges prevents privilege escalation via gosu/sudo) ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] -CMD ["node", "dist/index.js", "gateway", "--allow-unconfigured"] +CMD ["openclaw", "gateway", "--allow-unconfigured"] diff --git a/docker-compose.yml b/docker-compose.yml index 5ad4601..9d436cd 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,7 +5,7 @@ services: context: . dockerfile: Dockerfile args: - UPSTREAM_VERSION: "latest" + UPSTREAM_VERSION: "2026.3.2" image: "openclaw.dnp.dappnode.eth:0.1.0" container_name: DAppNodePackage-openclaw.dnp.dappnode.eth restart: unless-stopped @@ -26,8 +26,7 @@ services: max-size: "10m" max-file: "3" command: - - "node" - - "dist/index.js" + - "openclaw" - "gateway" - "--allow-unconfigured" diff --git a/entrypoint.sh b/entrypoint.sh index be07b98..6074b9f 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -29,7 +29,7 @@ EOF else node -e " const fs = require('fs'); -const JSON5 = require('/app/node_modules/json5'); +const JSON5 = require('json5'); const configPath = '$CONFIG_FILE'; try { const config = JSON5.parse(fs.readFileSync(configPath, 'utf8')); diff --git a/openclaw b/openclaw deleted file mode 160000 index d76b224..0000000 --- a/openclaw +++ /dev/null @@ -1 +0,0 @@ -Subproject commit d76b224e20c790b7223d4075abd087c9576a4661 From 962d5a794df97673c4ed80d86e80f7262d0fb49c Mon Sep 17 00:00:00 2001 From: hcastc00 Date: Tue, 3 Mar 2026 11:52:52 +0100 Subject: [PATCH 2/7] Bump openclaw upstream to 2026.3.2 Co-Authored-By: Claude Sonnet 4.6 --- dappnode_package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dappnode_package.json b/dappnode_package.json index 8b8af06..35d8e0f 100644 --- a/dappnode_package.json +++ b/dappnode_package.json @@ -1,7 +1,7 @@ { "name": "openclaw.dnp.dappnode.eth", "version": "0.1.0", - "upstreamVersion": "2026.3.1", + "upstreamVersion": "2026.3.2", "upstreamRepo": "openclaw/openclaw", "upstreamArg": "UPSTREAM_VERSION", "shortDescription": "Personal AI assistant gateway with multi-LLM support", @@ -89,4 +89,4 @@ "featuredBackground": "linear-gradient(135deg, #667eea 0%, #764ba2 100%)", "featuredColor": "white" } -} +} \ No newline at end of file From b25d70fcb567740736b1dae2a434a23689ae3392 Mon Sep 17 00:00:00 2001 From: hcastc00 Date: Tue, 3 Mar 2026 12:04:45 +0100 Subject: [PATCH 3/7] ci: use dappnodesdk bump-upstream and add Pinata secrets for IPFS hash comments Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/auto_check.yml | 60 ++++---------------------------- .github/workflows/main.yml | 13 +++---- 2 files changed, 13 insertions(+), 60 deletions(-) diff --git a/.github/workflows/auto_check.yml b/.github/workflows/auto_check.yml index bf005fe..f8ed32d 100644 --- a/.github/workflows/auto_check.yml +++ b/.github/workflows/auto_check.yml @@ -10,59 +10,11 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: - fetch-depth: 0 - - - name: Get current upstream version - id: current - run: | - VERSION=$(jq -r '.upstreamVersion' dappnode_package.json) - echo "version=$VERSION" >> "$GITHUB_OUTPUT" - - - name: Fetch latest npm version - id: upstream - run: | - LATEST=$(npm view openclaw version) - echo "version=$LATEST" >> "$GITHUB_OUTPUT" - - - name: Check if update is needed - id: check - run: | - if [ "${{ steps.current.outputs.version }}" = "${{ steps.upstream.outputs.version }}" ]; then - echo "changed=false" >> "$GITHUB_OUTPUT" - else - echo "changed=true" >> "$GITHUB_OUTPUT" - fi - - - name: Update upstream version in dappnode_package.json - if: steps.check.outputs.changed == 'true' - run: | - VERSION=${{ steps.upstream.outputs.version }} - jq --arg v "$VERSION" '.upstreamVersion = $v' dappnode_package.json > tmp.json && mv tmp.json dappnode_package.json - - - name: Create PR - if: steps.check.outputs.changed == 'true' + node-version: "22" + - run: npx @dappnode/dappnodesdk github-action bump-upstream env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - VERSION=${{ steps.upstream.outputs.version }} - BRANCH="bump-upstream/v${VERSION}" - - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - - # Check if branch already exists on remote - if git ls-remote --heads origin "$BRANCH" | grep -q "$BRANCH"; then - echo "Branch $BRANCH already exists, skipping" - exit 0 - fi - - git checkout -b "$BRANCH" - git add dappnode_package.json - git commit -m "Bump openclaw upstream to ${VERSION}" - git push origin "$BRANCH" - - gh pr create \ - --title "Bump openclaw upstream to ${VERSION}" \ - --body "Bumps openclaw npm package to version \`${VERSION}\`." \ - --base main + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PINATA_API_KEY: ${{ secrets.PINATA_API_KEY }} + PINATA_SECRET_API_KEY: ${{ secrets.PINATA_SECRET_API_KEY }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1afd193..01aa441 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,9 +3,6 @@ on: repository_dispatch: pull_request: push: - branches: - - "main" - - "v[0-9]+.[0-9]+.[0-9]+" paths-ignore: - "README.md" @@ -13,18 +10,22 @@ jobs: build-test: runs-on: ipfs-dev-gateway name: Build test - if: github.event_name != 'push' + if: github.event_name == 'pull_request' || (github.event_name == 'push' && github.ref != 'refs/heads/main') steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: "22" - - run: npx @dappnode/dappnodesdk build --provider http://10.200.200.7:5001 --timeout 1h + - run: npx @dappnode/dappnodesdk build github-action build --content_provider=http://10.200.200.7:5001 --timeout 1h + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PINATA_API_KEY: ${{ secrets.PINATA_API_KEY }} + PINATA_SECRET_API_KEY: ${{ secrets.PINATA_SECRET_API_KEY }} release: name: Release runs-on: ipfs-dev-gateway - if: github.event_name == 'push' || github.event_name == 'repository_dispatch' + if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || github.event_name == 'repository_dispatch' steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 From cf86b5da1d1426cbc8e1fecdf9b412eb3deecaf3 Mon Sep 17 00:00:00 2001 From: hcastc00 Date: Tue, 3 Mar 2026 12:11:03 +0100 Subject: [PATCH 4/7] ci: remove build-test job from main.yml, rely on bump-upstream for hash comments Hash comments are posted by auto_check.yml via dappnodesdk bump-upstream. The build-test job was causing ENOTFOUND failures on the ipfs-dev-gateway runner. Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/main.yml | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 01aa441..7cb964b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,29 +3,17 @@ on: repository_dispatch: pull_request: push: + branches: + - "main" + - "v[0-9]+.[0-9]+.[0-9]+" paths-ignore: - "README.md" jobs: - build-test: - runs-on: ipfs-dev-gateway - name: Build test - if: github.event_name == 'pull_request' || (github.event_name == 'push' && github.ref != 'refs/heads/main') - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version: "22" - - run: npx @dappnode/dappnodesdk build github-action build --content_provider=http://10.200.200.7:5001 --timeout 1h - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - PINATA_API_KEY: ${{ secrets.PINATA_API_KEY }} - PINATA_SECRET_API_KEY: ${{ secrets.PINATA_SECRET_API_KEY }} - release: name: Release runs-on: ipfs-dev-gateway - if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || github.event_name == 'repository_dispatch' + if: github.event_name == 'push' || github.event_name == 'repository_dispatch' steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 From 4c3165ed36beaf98f83453512715bf3f9f802996 Mon Sep 17 00:00:00 2001 From: hcastc00 Date: Tue, 3 Mar 2026 12:12:32 +0100 Subject: [PATCH 5/7] ci: restore build-test job for PR checks using working build command Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/main.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7cb964b..9f91568 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -10,6 +10,17 @@ on: - "README.md" jobs: + build-test: + runs-on: ipfs-dev-gateway + name: Build test + if: github.event_name == 'pull_request' + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: "22" + - run: npx @dappnode/dappnodesdk build --provider http://10.200.200.7:5001 --timeout 1h + release: name: Release runs-on: ipfs-dev-gateway From 63a276c66632bb704dd830955ee473c870613f91 Mon Sep 17 00:00:00 2001 From: hcastc00 Date: Tue, 3 Mar 2026 12:15:17 +0100 Subject: [PATCH 6/7] ci: add build-hash job on ubuntu-latest for IPFS hash comments on all PRs Separates concerns: - build-test: ipfs-dev-gateway, PR events only, verifies Docker build - build-hash: ubuntu-latest, push to non-main branches, posts IPFS hash via Pinata - release: ipfs-dev-gateway, push to main only Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/main.yml | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9f91568..696dc48 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,9 +3,6 @@ on: repository_dispatch: pull_request: push: - branches: - - "main" - - "v[0-9]+.[0-9]+.[0-9]+" paths-ignore: - "README.md" @@ -21,10 +18,25 @@ jobs: node-version: "22" - run: npx @dappnode/dappnodesdk build --provider http://10.200.200.7:5001 --timeout 1h + build-hash: + runs-on: ubuntu-latest + name: Build and post IPFS hash + if: github.event_name == 'push' && github.ref != 'refs/heads/main' + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: "22" + - run: npx @dappnode/dappnodesdk build github-action build --timeout 1h + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PINATA_API_KEY: ${{ secrets.PINATA_API_KEY }} + PINATA_SECRET_API_KEY: ${{ secrets.PINATA_SECRET_API_KEY }} + release: name: Release runs-on: ipfs-dev-gateway - if: github.event_name == 'push' || github.event_name == 'repository_dispatch' + if: github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event_name == 'repository_dispatch' steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 From 0945c6479762148f9171a7741bff98e2d3ba0f45 Mon Sep 17 00:00:00 2001 From: hcastc00 Date: Tue, 3 Mar 2026 12:30:30 +0100 Subject: [PATCH 7/7] Fix CI: use github-action build for IPFS hash comments on PRs - Remove build-test job (build-hash serves as both test and hash poster) - Remove pull_request trigger (only push events needed) - Fix command: 'github-action build' instead of 'build github-action build' (the wrong command was calling the build subcommand with provider defaulting to dappnode, causing ENOTFOUND errors; the correct subcommand uses Pinata) Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/main.yml | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 696dc48..c69ccf8 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,23 +1,11 @@ name: "Main" on: repository_dispatch: - pull_request: push: paths-ignore: - "README.md" jobs: - build-test: - runs-on: ipfs-dev-gateway - name: Build test - if: github.event_name == 'pull_request' - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version: "22" - - run: npx @dappnode/dappnodesdk build --provider http://10.200.200.7:5001 --timeout 1h - build-hash: runs-on: ubuntu-latest name: Build and post IPFS hash @@ -27,7 +15,7 @@ jobs: - uses: actions/setup-node@v4 with: node-version: "22" - - run: npx @dappnode/dappnodesdk build github-action build --timeout 1h + - run: npx @dappnode/dappnodesdk github-action build env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PINATA_API_KEY: ${{ secrets.PINATA_API_KEY }}