ai-naymul
diff --git a/‎.dockerignore‎
Lines changed: 54 additions & 0 deletions b/‎.dockerignore‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎.env.test‎
Lines changed: 1 addition & 0 deletions b/‎.env.test‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/workflows/README.md‎
Lines changed: 58 additions & 0 deletions b/‎.github/workflows/README.md‎
Lines changed: 58 additions & 0 deletions
diff --git a/‎.github/workflows/docker-build.yml‎
Lines changed: 51 additions & 0 deletions b/‎.github/workflows/docker-build.yml‎
Lines changed: 51 additions & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 70 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 70 additions & 0 deletions
@@ -0,0 +1,54 @@
+# Ignore files not needed in the Docker build context
+
+# Git
+.git
+.gitignore
+
+# Documentation
+README.md
+.github/
+
+# Python
+__pycache__/
+*.pyc
+*.pyo
+*.pyd
+.Python
+*.so
+.pytest_cache/
+.coverage
+htmlcov/
+venv/
+.env
+
+# Node.js
+node_modules/
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.yarn/
+
+# Build outputs (will be copied from build stage)
+frontend/dist/
+frontend/node_modules/
+
+# Application outputs
+outputs/
+logs/
+*.log
+
+# IDE and editor files
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS files
+.DS_Store
+Thumbs.db
+
+# Temporary files
+tmp/
+temp/
+*.tmp
@@ -0,0 +1 @@
+GOOGLE_API_KEY=dummy_key_for_test
@@ -0,0 +1,58 @@
+# GitHub Actions Workflows
+
+## Docker Build (`docker-build.yml`)
+
+This workflow automatically builds and publishes the BrowserPilot Docker image when changes are merged to the main branch.
+
+### Triggers
+- **Push to main branch**: When code is merged to main, specifically when these files change:
+  - `Dockerfile`
+  - `docker-compose*.yml`
+  - `backend/**`
+  - `frontend/**`
+  - `requirements.txt`
+- **Pull Requests**: Builds (but doesn't push) images for PRs to test the build process
+- **Manual trigger**: Can be run manually from the GitHub Actions tab
+
+### What it does
+1. **Builds the Docker image** using the multi-stage Dockerfile
+2. **Publishes to GitHub Container Registry** (`ghcr.io`) with multiple tags:
+   - `latest` (for main branch)
+   - `main` (branch name)
+   - `main-<sha>` (commit SHA)
+3. **Multi-architecture support**: Builds for both `linux/amd64` and `linux/arm64`
+4. **Caching**: Uses GitHub Actions cache for faster builds
+5. **Security**: Generates build attestations for supply chain security
+
+### Published Images
+The Docker images are published to:
+- `ghcr.io/veverkap/browserpilot:latest`
+- `ghcr.io/veverkap/browserpilot:main`
+- `ghcr.io/veverkap/browserpilot:main-<commit-sha>`
+
+### Usage
+Users can pull and run the published images:
+
+```bash
+# Pull the latest image
+docker pull ghcr.io/veverkap/browserpilot:latest
+
+# Run with Docker
+docker run -p 8000:8000 -e GOOGLE_API_KEY=your_key ghcr.io/veverkap/browserpilot:latest
+
+# Or use in docker-compose.yml
+services:
+  browserpilot:
+    image: ghcr.io/veverkap/browserpilot:latest
+    # ... other config
+```
+
+### Permissions Required
+The workflow needs the following permissions (automatically granted):
+- `contents: read` - To checkout the repository
+- `packages: write` - To publish to GitHub Container Registry
+
+### Optional: Docker Hub Integration
+The workflow includes an optional step to update Docker Hub descriptions if you want to also publish to Docker Hub. To enable this:
+1. Add `DOCKERHUB_USERNAME` and `DOCKERHUB_TOKEN` secrets to your repository
+2. The workflow will automatically update the Docker Hub repository description using `README.docker.md`
@@ -0,0 +1,51 @@
+name: Build and Publish Docker Image
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to the Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=sha,prefix={{branch}}-
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
@@ -0,0 +1,70 @@
+# Multi-stage Dockerfile for BrowserPilot
+# Stage 1: Build the React frontend
+FROM node:20-alpine AS frontend-builder
+
+# Set working directory for frontend
+WORKDIR /app/frontend
+
+# Copy package files
+COPY frontend/package*.json ./
+
+# Install all dependencies (including dev dependencies needed for build)
+RUN npm config set strict-ssl false && npm install
+
+# Copy frontend source code
+COPY frontend/ ./
+
+# Build the frontend
+RUN npm run build
+
+# Stage 2: Use Playwright's official Docker image with Python (Ubuntu-based)
+FROM mcr.microsoft.com/playwright/python:v1.53.0-jammy
+
+# Set working directory
+WORKDIR /app
+
+# Copy Python requirements and install dependencies
+COPY requirements.txt .
+# Install compatible versions of numpy and pandas for Python 3.10
+RUN pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org --no-cache-dir \
+    fastapi==0.111.0 \
+    uvicorn[standard]==0.29.0 \
+    playwright==1.53.0 \
+    google-generativeai==0.5.0 \
+    pydantic==2.7.1 \
+    bs4==0.0.2 \
+    lxml==5.2.1 \
+    markdownify==0.11.6 \
+    "numpy>=1.24.0,<2.3.0" \
+    "pandas>=2.0.0,<2.3.0" \
+    python-dateutil==2.9.0.post0 \
+    pytz==2025.2 \
+    tzdata==2025.2 \
+    reportlab==4.4.2
+
+# Copy backend source code
+COPY backend/ ./backend/
+
+# Copy built frontend from the frontend-builder stage
+COPY --from=frontend-builder /app/frontend/dist ./frontend/
+
+# Create outputs directory
+RUN mkdir -p outputs
+
+# Set environment variables
+ENV PYTHONPATH=/app
+ENV PYTHONUNBUFFERED=1
+
+# Expose the port the app runs on
+EXPOSE 8000
+
+# Create a non-root user for security (the playwright image already has pwuser)
+RUN chown -R pwuser:pwuser /app
+USER pwuser
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
+    CMD curl -f http://localhost:8000/ || exit 1
+
+# Run the application
+CMD ["python", "-m", "uvicorn", "backend.main:app", "--host", "0.0.0.0", "--port", "8000"]