Skip to content

feat(docker): Add container image containing the CLP package, for Docker Compose integration (resolves #1164). #1166

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 60 commits into from
Sep 3, 2025
+196 −54
Merged

feat(docker): Add container image containing the CLP package, for Docker Compose integration (resolves #1164). #1166

Show file tree
Hide file tree
Changes from 59 commits
Commits
Show all changes
60 commits
Select commit Hold shift + click to select a range
8ea4529
feat(docker): Add CLP package image for Docker Compose integration.
junhaoliao Aug 5, 2025
4d402c1
Update install-prebuilt-packages.sh
junhaoliao Aug 6, 2025
adef439
lint
junhaoliao Aug 6, 2025
9aa74ff
Rename workflow from 'clp-execution-image-build' to 'clp-image-build'
junhaoliao Aug 6, 2025
542da81
correct action name
junhaoliao Aug 6, 2025
ce43d17
fix(workflow): Revert workflow name to 'clp-execution-image-build'
junhaoliao Aug 6, 2025
2c2ee50
Merge branch 'main' into package-image
junhaoliao Aug 6, 2025
75f88d9
fix(workflow): revert action path in workflow configuration
junhaoliao Aug 6, 2025
414e1fb
fix(build): add quotes around image tag in build command
junhaoliao Aug 6, 2025
0e9138a
fix(docker): combine install and cleanup commands in Dockerfile
junhaoliao Aug 6, 2025
912b678
Merge branch 'main' into package-image
junhaoliao Aug 8, 2025
dcc8a70
add docs
junhaoliao Aug 8, 2025
46ffa55
Merge branch 'main' into package-image
junhaoliao Aug 19, 2025
9db7ca9
improve error handling in install-prebuilt-packages.sh
junhaoliao Aug 19, 2025
d609987
set default user and group to 1000
junhaoliao Aug 19, 2025
1b3959d
update docker image name description
junhaoliao Aug 19, 2025
1f13954
update CLP package image dependencies
junhaoliao Aug 19, 2025
aceb39f
Merge branch 'main' into package-image
junhaoliao Aug 22, 2025
c49d8b4
remove unneeded prebuilt packages
junhaoliao Aug 24, 2025
099afc0
Merge branch 'main' into package-image
junhaoliao Aug 24, 2025
73ca1a0
Update MariaDB client package from libmariadb-dev to libmariadb3
junhaoliao Aug 24, 2025
a4317ea
docs - Apply suggestions from code review
junhaoliao Aug 25, 2025
806f2f8
Merge remote-tracking branch 'origin/main' into package-image
junhaoliao Aug 25, 2025
1887626
refactor(actions): Rename clp-image-build to clp-build-runtime-image …
junhaoliao Aug 25, 2025
20dcfb1
Remove incompatible input options from action.yaml
junhaoliao Aug 25, 2025
ddab8d1
rename path -> dockerfile_path
junhaoliao Aug 25, 2025
92861b9
Add comment to clarify npm cache environment variable usage
junhaoliao Aug 25, 2025
b39644e
refactor(install): Remove unnecessary packages and update dependencie…
junhaoliao Aug 25, 2025
c17a782
Rename container image name -> clp-package
junhaoliao Aug 25, 2025
8ff64f2
Move && to the next line - Apply suggestions from code review
junhaoliao Aug 25, 2025
1dfe706
alphabetize ENV definitions in Dockerfile - Apply suggestions from co…
junhaoliao Aug 25, 2025
47d0517
Merge remote-tracking branch 'junhao/package-image' into package-image
junhaoliao Aug 25, 2025
628ddae
move job 'ubuntu-jammy-package-image' to clp-core-build.yaml and rena…
junhaoliao Aug 25, 2025
23f1ef2
fix clp-build-runtime-image action to account for package image name …
junhaoliao Aug 25, 2025
63a7ec3
mark clp-build-runtime-image's platform_id and platform_version_id as…
junhaoliao Aug 25, 2025
61da837
move package image task into separate task file
junhaoliao Aug 25, 2025
227d6dd
CRLF -> LF
junhaoliao Aug 25, 2025
e98bb8e
use `paths-ignore` instead of inverted glob patterns in `paths`
junhaoliao Aug 25, 2025
e6f1af5
alphabetize
junhaoliao Aug 25, 2025
860e5ef
use absolute path for `.github/actions`
junhaoliao Aug 25, 2025
4180739
fix outdated action name
junhaoliao Aug 25, 2025
6cfabd7
fix outdated task command ` docker-images:package`
junhaoliao Aug 25, 2025
f1c566f
order task attrs according to dev guide
junhaoliao Aug 25, 2025
09539ae
fix order of ENV defs in Dockerfile
junhaoliao Aug 25, 2025
b49daba
test ci: to be reverted
junhaoliao Sep 2, 2025
be2560e
revert the last change
junhaoliao Sep 2, 2025
44a2dc5
Rename step name "Update Metadata" -> "Extract GitHub Metadata" - App…
junhaoliao Sep 2, 2025
2ebbfe0
rename action step ID for metadata extraction
junhaoliao Sep 2, 2025
1254827
update npm cache dir comment - Apply suggestions from code review
junhaoliao Sep 2, 2025
62cf06a
use yaml multiline string syntax for long `if` - Apply suggestions fr…
junhaoliao Sep 2, 2025
2f29228
Merge branch 'main' into package-image
junhaoliao Sep 2, 2025
c413a13
add checksum file for package task
junhaoliao Sep 2, 2025
bb36035
reorder COPY instruction in clp-package Dockerfile
junhaoliao Sep 2, 2025
ea4ce51
flatten the image at the last
junhaoliao Sep 2, 2025
3c81014
move COPY to later
junhaoliao Sep 2, 2025
e5a66cf
Merge branch 'main' into package-image
junhaoliao Sep 2, 2025
ff21c8e
Merge branch 'main' into package-image
junhaoliao Sep 3, 2025
cbea39b
docs: rename `clp-core-build` workflow and references -> `clp-artifac…
junhaoliao Sep 3, 2025
a857701
docs: update workflows to include CLP package image build
junhaoliao Sep 3, 2025
7dfbcc5
ci: rename workflow `clp-core-build` -> `clp-artifact-build`
junhaoliao Sep 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 31 additions & 12 deletions ...ons/clp-execution-image-build/action.yaml → ...tions/clp-build-runtime-image/action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
name: "clp-execution-image-build"
description: "Builds a container image that contains the dependencies necessary
to run the CLP package."
name: "clp-build-runtime-image"
description: "Builds a container image to be used for running CLP."
Comment on lines +1 to +2
Copy link
Contributor

@coderabbitai coderabbitai bot Aug 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Clarify the action’s scope in the description.

Since this action now builds both execution and package runtime images, make that explicit in the description string for discoverability.

-description: "Builds a container image to be used for running CLP."
+description: "Builds CLP runtime container images (execution or package)."
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
name: "clp-build-runtime-image"
description: "Builds a container image to be used for running CLP."
name: "clp-build-runtime-image"
description: "Builds CLP runtime container images (execution or package)."
🤖 Prompt for AI Agents 
.github/actions/clp-build-runtime-image/action.yaml lines 1-2: the action
description currently says "Builds a container image to be used for running
CLP." but no longer reflects that it builds both execution and package runtime
images; update the description string to explicitly state it builds both
execution and package runtime container images for CLP to improve
discoverability (e.g., change to mention "builds execution and package runtime
images for running CLP").


inputs:
image_type:
description: "Type of image to build"
required: true
Comment on lines +5 to +7
Copy link
Contributor

@coderabbitai coderabbitai bot Aug 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Document allowed values for image_type and prefer validating them.

The new input is great, but the contract isn’t explicit. Document the enum in-place and validate at runtime (see suggested validation in the Dockerfile selection step).

-  image_type:
-    description: "Type of image to build"
+  image_type:
+    description: "Type of image to build. One of: execution, package."
     required: true
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
image_type:
description: "Type of image to build"
required: true
image_type:
description: "Type of image to build. One of: execution, package."
required: true
🤖 Prompt for AI Agents 
.github/actions/clp-build-runtime-image/action.yaml lines 5-7: the action input
image_type lacks an explicit enum and runtime validation; update the action.yml
to document allowed values (e.g., "base", "runtime", "slim" — replace with
actual acceptable options) by adding an "options" or "enum" comment/description
and then add runtime validation where the Dockerfile is selected (or in the
entrypoint script) to reject unknown values with a clear error message and
non-zero exit code; ensure validation normalizes casing and provides a helpful
error listing the valid options so callers can correct the input.

image_registry:
default: "ghcr.io"
description: "Container image registry"
Expand All @@ -17,11 +19,11 @@ inputs:
required: false
platform_id:
description: "Platform ID of the container (e.g. ubuntu)"
required: true
required: false
Copy link
Member Author

@junhaoliao junhaoliao Aug 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no longer needed for building the new image clp-package

platform_version_id:
description: "Platform VERSION_ID / VERSION_CODENAME of the container
(e.g. jammy, focal, etc.)"
required: true
required: false
Copy link
Member Author

@junhaoliao junhaoliao Aug 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no longer needed for building the new image clp-package


runs:
using: "composite"
Expand All @@ -45,20 +47,37 @@ runs:
echo "REPOSITORY=$(echo '${{github.repository}}' | tr '[:upper:]' '[:lower:]')" \
>> "$GITHUB_OUTPUT"

- name: "Update Metadata"
id: "meta"
- name: "Compute metadata"
id: "compute-meta"
shell: "bash"
run: |
base_path="./tools/docker-images"

if [[ "${{inputs.image_type}}" == "execution" ]]; then
platform="${{inputs.platform_id}}-${{inputs.platform_version_id}}"
dockerfile_path="$base_path/clp-execution-base-$platform/Dockerfile"
image_name="clp-${{inputs.image_type}}-$platform"
else
dockerfile_path="$base_path/clp-package/Dockerfile"
image_name="clp-${{inputs.image_type}}"
fi

echo "DOCKERFILE=$dockerfile_path" >> "$GITHUB_OUTPUT"
echo "IMAGE_NAME=$image_name" >> "$GITHUB_OUTPUT"

- name: "Extract GitHub Metadata"
id: "extract-gh-meta"
uses: "docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804"
with:
images: "${{inputs.image_registry}}/${{steps.sanitization.outputs.REPOSITORY}}\
/clp-execution-x86-${{inputs.platform_id}}-${{inputs.platform_version_id}}"
/${{steps.compute-meta.outputs.IMAGE_NAME}}"

- name: "Build and Push"
if: "github.event_name != 'pull_request' && github.ref == 'refs/heads/main'"
uses: "docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4"
with:
context: "./"
file: "./tools/docker-images/\
clp-execution-base-${{inputs.platform_id}}-${{inputs.platform_version_id}}/Dockerfile"
file: "${{steps.compute-meta.outputs.DOCKERFILE}}"
push: true
tags: "${{steps.meta.outputs.tags}}"
labels: "${{steps.meta.outputs.labels}}"
tags: "${{steps.extract-gh-meta.outputs.tags}}"
labels: "${{steps.extract-gh-meta.outputs.labels}}"
2 changes: 2 additions & 0 deletions .github/actions/run-on-image/action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,11 @@ runs:
- run: "./tools/scripts/deps-download/init.sh"
shell: "bash"

# `--env npm_config_cache` overrides the default `/.npm` to avoid permission issues.
- run: >-
docker run
--user $(id -u):$(id -g)
--env npm_config_cache=/tmp/.npm
--volume "$GITHUB_WORKSPACE":/mnt/repo
--workdir /mnt/repo
${{steps.get_image_props.outputs.qualified_image_name}}
Expand Down
77 changes: 51 additions & 26 deletions .github/workflows/clp-core-build.yaml
View file
Open in desktop
Copy link
Member

@kirkrodrigues kirkrodrigues Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this is no longer just to build core, how about renaming it to something like clp-artifact-build.yaml?

Copy link
Member Author

@junhaoliao junhaoliao Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i intentionally left the clp-core-macos workflow unchanged since it still only builds the core binaries. let me know if that should be updated as well

Original file line number Diff line number Diff line change
@@ -1,28 +1,14 @@
name: "clp-core-build"
name: "clp-artifact-build"

on:
pull_request:
paths:
- ".github/actions/clp-core-build-containers/action.yaml"
- ".github/actions/run-on-image/action.yaml"
- ".github/workflows/clp-core-build.yaml"
- ".gitmodules"
- "components/core/**"
- "taskfile.yaml"
- "taskfiles/**"
- "tools/scripts/deps-download/**"
- "!components/core/tools/scripts/lib_install/macos/**"
paths-ignore: &ignored_paths
- ".github/*"
- ".github/ISSUE_TEMPLATE/**"
- "components/core/tools/scripts/lib_install/macos/**"
- "docs/**"
push:
paths:
- ".github/actions/clp-core-build-containers/action.yaml"
- ".github/actions/run-on-image/action.yaml"
- ".github/workflows/clp-core-build.yaml"
- ".gitmodules"
- "components/core/**"
- "taskfile.yaml"
- "taskfiles/**"
- "tools/scripts/deps-download/**"
- "!components/core/tools/scripts/lib_install/macos/**"
paths-ignore: *ignored_paths
schedule:
Comment on lines 10 to 12
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix actionlint error: alias in paths-ignore is invalid

actionlint flags the alias on Line 11. Inline the list for push.

   push:
-    paths-ignore: *ignored_paths
+    paths-ignore:
+      - ".github/*"
+      - ".github/ISSUE_TEMPLATE/**"
+      - "components/core/tools/scripts/lib_install/macos/**"
+      - "docs/**"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
push:
paths:
- ".github/actions/clp-core-build-containers/action.yaml"
- ".github/actions/run-on-image/action.yaml"
- ".github/workflows/clp-core-build.yaml"
- ".gitmodules"
- "components/core/**"
- "taskfile.yaml"
- "taskfiles/**"
- "tools/scripts/deps-download/**"
- "!components/core/tools/scripts/lib_install/macos/**"
paths-ignore: *ignored_paths
schedule:
push:
paths-ignore:
- ".github/*"
- ".github/ISSUE_TEMPLATE/**"
- "components/core/tools/scripts/lib_install/macos/**"
- "docs/**"
schedule:
🧰 Tools
🪛 actionlint (1.7.7)

11-11: "paths-ignore" section must be sequence node but got alias node with "" tag

(syntax-check)

🤖 Prompt for AI Agents 
.github/workflows/clp-core-build.yaml around lines 10 to 12: actionlint flags
the YAML anchor/alias used for paths-ignore on line 11 as invalid; replace the
alias with the actual inline list of ignored paths (expand the referenced
*ignored_paths sequence directly into the push.paths-ignore block) so the push
job contains a concrete array of path globs instead of an alias.

# Run daily at 00:15 UTC (the 15 is to avoid periods of high load)
- cron: "15 0 * * *"
Expand Down Expand Up @@ -74,31 +60,31 @@ jobs:
filters: |
centos_stream_9_image:
- ".github/actions/**"
- ".github/workflows/clp-core-build.yaml"
- ".github/workflows/clp-artifact-build.yaml"
- "components/core/tools/scripts/lib_install/*.sh"
Comment on lines +63 to 64
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Filters watch a non-existent workflow path

Filters reference .github/workflows/clp-artifact-build.yaml, but this file is clp-core-build.yaml. As-is, edits here won’t trigger filtered jobs.

-              - ".github/workflows/clp-artifact-build.yaml"
+              - ".github/workflows/clp-core-build.yaml"

(Apply to all five occurrences in centos_stream_9_image, manylinux_2_28_x86_64_image, musllinux_1_2_x86_64_image, ubuntu_jammy_image, and clp filters.)

Also applies to: 69-70, 75-76, 81-82, 87-88

🤖 Prompt for AI Agents 
.github/workflows/clp-core-build.yaml lines 63-64 (and similarly at lines 69-70,
75-76, 81-82, 87-88): the workflow filter entries incorrectly reference
".github/workflows/clp-artifact-build.yaml" which does not exist; update each
occurrence to reference the correct workflow path
".github/workflows/clp-core-build.yaml" (replace the erroneous string in all
five filter blocks) so the filter matching triggers as intended.

- "components/core/tools/docker-images/clp-env-base-centos-stream-9/**"
- "components/core/tools/scripts/lib_install/centos-stream-9/**"
manylinux_2_28_x86_64_image:
- ".github/actions/**"
- ".github/workflows/clp-core-build.yaml"
- ".github/workflows/clp-artifact-build.yaml"
- "components/core/tools/scripts/lib_install/*.sh"
- "components/core/tools/docker-images/clp-env-base-manylinux_2_28-x86_64/**"
- "components/core/tools/scripts/lib_install/manylinux_2_28/**"
musllinux_1_2_x86_64_image:
- ".github/actions/**"
- ".github/workflows/clp-core-build.yaml"
- ".github/workflows/clp-artifact-build.yaml"
- "components/core/tools/scripts/lib_install/*.sh"
- "components/core/tools/docker-images/clp-env-base-musllinux_1_2-x86_64/**"
- "components/core/tools/scripts/lib_install/musllinux_1_2/**"
ubuntu_jammy_image:
- ".github/actions/**"
- ".github/workflows/clp-core-build.yaml"
- ".github/workflows/clp-artifact-build.yaml"
- "components/core/tools/scripts/lib_install/*.sh"
- "components/core/tools/docker-images/clp-env-base-ubuntu-jammy/**"
- "components/core/tools/scripts/lib_install/ubuntu-jammy/**"
clp:
- ".github/actions/**"
- ".github/workflows/clp-core-build.yaml"
- ".github/workflows/clp-artifact-build.yaml"
- ".gitmodules"
- "components/core/cmake/**"
- "components/core/CMakeLists.txt"
Expand Down Expand Up @@ -520,3 +506,42 @@ jobs:
.task/checksum/utils-cpp-lint-clang-tidy-*
build/lint-clang-tidy
key: "${{steps.cache-restore-lint-check-cpp-static-full.outputs.cache-primary-key}}"

package-image:
name: "package-image"
if: >-
!cancelled() && !failure() && (
needs.filter-relevant-changes.outputs.ubuntu_jammy_image_changed == 'false' ||
needs.ubuntu-jammy-deps-image.result == 'success'
)
needs:
- "filter-relevant-changes"
- "ubuntu-jammy-deps-image"
Copy link
Member Author

@junhaoliao junhaoliao Aug 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not quite certain if this works if ubuntu-jammy-deps-image fails its if

Copy link
Member

@kirkrodrigues kirkrodrigues Aug 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I'm not sure. We should probably test. I feel like that's why we used success() before, but maybe I'm wrong.

Copy link
Member Author

@junhaoliao junhaoliao Sep 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we could test more thoroughly, though what we have written should already work. see https://github.com/junhaoliao/clp/actions/runs/17405920984/workflow for a modification on an unrelated file, where package-image still runs with Filter ubuntu_jammy_image = false. I believe that's because we have this condition set up in package-image's if:

needs.filter-relevant-changes.outputs.ubuntu_jammy_image_changed == 'false' ||
needs.ubuntu-jammy-deps-image.result == 'success'

runs-on: "ubuntu-24.04"
steps:
- uses: "actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683"
with:
submodules: "recursive"

- name: "Workaround actions/runner-images/issues/6775"
shell: "bash"
run: "chown $(id -u):$(id -g) -R ."

- name: "Build the package"
uses: "./.github/actions/run-on-image"
env:
OS_NAME: "ubuntu-jammy"
with:
image_name: "${{env.DEPS_IMAGE_NAME_PREFIX}}${{env.OS_NAME}}"
use_published_image: >-
${{needs.filter-relevant-changes.outputs.ubuntu_jammy_image_changed == 'false'
|| (github.event_name != 'pull_request' && github.ref == 'refs/heads/main')}}
run_command: >-
CLP_CORE_MAX_PARALLELISM_PER_BUILD_TASK=$(getconf _NPROCESSORS_ONLN) task package

- uses: "./.github/actions/clp-build-runtime-image"
with:
image_type: "package"
image_registry: "ghcr.io"
image_registry_username: "${{github.actor}}"
image_registry_password: "${{secrets.GITHUB_TOKEN}}"
7 changes: 4 additions & 3 deletions .github/workflows/clp-execution-image-build.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@ name: "clp-execution-image-build"
on:
pull_request:
paths:
- ".github/actions/clp-execution-image-build/action.yaml"
- ".github/actions/clp-build-runtime-image/action.yaml"
- ".github/workflows/clp-execution-image-build.yaml"
- "tools/docker-images/**/*"
push:
paths:
- ".github/actions/clp-execution-image-build/action.yaml"
- ".github/actions/clp-build-runtime-image/action.yaml"
- ".github/workflows/clp-execution-image-build.yaml"
- "tools/docker-images/**/*"
schedule:
Expand Down Expand Up @@ -61,8 +61,9 @@ jobs:
shell: "bash"
run: "chown $(id -u):$(id -g) -R ."

- uses: "./.github/actions/clp-execution-image-build"
- uses: "./.github/actions/clp-build-runtime-image"
with:
image_type: "execution"
image_registry: "ghcr.io"
image_registry_username: "${{github.actor}}"
image_registry_password: "${{secrets.GITHUB_TOKEN}}"
Expand Down
2 changes: 2 additions & 0 deletions components/core/tools/scripts/lib_install/ubuntu-jammy/install-prebuilt-packages.sh
View file
Open in desktop
Copy link
Member Author

@junhaoliao junhaoliao Aug 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i understand the added dependencies are not strictly "core" related but i believe some others here (e.g. unzip) are in a similar situation. we might want to split the package specific dependencies in anther refactoring PR, though i personally don't see too much benefit yet. any concerns / other ideas?

Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,10 @@ DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
openjdk-11-jdk \
pkg-config \
python3 \
python3-dev \
python3-pip \
python3-venv \
rsync \
software-properties-common \
unzip

Expand Down
10 changes: 10 additions & 0 deletions docs/src/dev-docs/building-package.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,5 +68,15 @@ To clean up all build artifacts, run:
task clean
```

## Building a Docker image

To build a Docker image containing the CLP package, run:

```shell
task docker-images:package
```

This will create a Docker image named `clp-package:dev`.

Comment on lines +71 to +80
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

🛠️ Refactor suggestion

Clarify prerequisites, add a quick verification step, and document retag/push for Compose.

Users need to know which container engine is required, how to sanity-check the image, and how to retag/push it for Compose scenarios. Add the following edits:

 ## Building a Docker image

-To build a Docker image containing the CLP package, run:
+Prerequisites: Docker installed and running (or Podman configured with Docker compatibility).
+
+To build a Docker image containing the CLP package, run:

 ```shell
 task docker-images:package

-This will create a Docker image named clp-package:dev.
+This will create a locally tagged image named clp-package:dev.
+
+Quick sanity check:
+
+shell +docker run --rm clp-package:dev env | egrep '^(CLP_HOME|PYTHONPATH|PATH)=' +
+
+Optional: retag and push to GHCR (for Docker Compose use):
+
+shell +docker tag clp-package:dev ghcr.io/y-scope/clp/clp-package:dev +docker push ghcr.io/y-scope/clp/clp-package:dev +
+
+See also: the tooling container and GitHub workflow docs for image build/publish details.


<details>
<summary>🤖 Prompt for AI Agents</summary>

docs/src/dev-docs/building-package.md around lines 72 to 81: update the
"Building a Docker image" section to clarify prerequisites and verification
steps: change the sentence to say this will create a locally tagged image named
clp-package:dev, add a quick sanity-check command that runs the image and greps
for CLP_HOME, PYTHONPATH and PATH environment variables, and add optional
instructions to retag the image for GHCR and push it (for Docker Compose usage);
also add a brief pointer to the tooling container and GitHub workflow docs for
build/publish details.


</details>

<!-- fingerprinting:phantom:triton:chinchilla -->

<!-- This is an auto-generated comment by CodeRabbit -->

[clp-issue-872]: https://github.com/y-scope/clp/issues/872
[Task]: https://taskfile.dev/
4 changes: 2 additions & 2 deletions docs/src/dev-docs/contributing-linting.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

Before submitting a PR, ensure you've run our linting tools and either fixed any violations or
suppressed the warning. If you can't run the linting workflows locally, you can enable and run the
[clp-lint] and [clp-core-build] workflows in your fork.
[clp-lint] and [clp-artifact-build] workflows in your fork.

## Requirements

Expand Down Expand Up @@ -32,7 +32,7 @@ To also apply any automatic fixes:
task lint:fix
```

[clp-core-build]: https://github.com/y-scope/clp/blob/main/.github/workflows/clp-core-build.yaml
[clp-artifact-build]: https://github.com/y-scope/clp/blob/main/.github/workflows/clp-artifact-build.yaml
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 3, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix broken link: file path doesn’t exist as written

Repo still contains .github/workflows/clp-core-build.yaml; the doc links to clp-artifact-build.yaml. Update link or rename the workflow file in this PR—don’t ship a dead link.

-[clp-artifact-build]: https://github.com/y-scope/clp/blob/main/.github/workflows/clp-artifact-build.yaml
+[clp-artifact-build]: https://github.com/y-scope/clp/blob/main/.github/workflows/clp-core-build.yaml
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
[clp-artifact-build]: https://github.com/y-scope/clp/blob/main/.github/workflows/clp-artifact-build.yaml
[clp-artifact-build]: https://github.com/y-scope/clp/blob/main/.github/workflows/clp-core-build.yaml
🤖 Prompt for AI Agents 
In docs/src/dev-docs/contributing-linting.md around line 35, the markdown link
target points to .github/workflows/clp-artifact-build.yaml which doesn't exist
in the repo; update the link to reference the existing
.github/workflows/clp-core-build.yaml (or rename the workflow to match if you
intend the new name) so the reference is valid, and run a quick link-check to
verify no other dead links remain.

Copy link
Member Author

@junhaoliao junhaoliao Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the file should also has been renamed in the PR? could you double check?

Copy link
Contributor

@coderabbitai coderabbitai bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check if both workflow files exist in the repository
echo "Checking for workflow files..."
ls -la .github/workflows/ | grep -E "(clp-core-build|clp-artifact-build)"

# Check git history for any file renames in this PR
echo -e "\n\nChecking for file renames in recent commits..."
git log --name-status --oneline -10 | grep -E "(clp-core-build|clp-artifact-build)"

# Specifically check if clp-artifact-build.yaml exists
echo -e "\n\nChecking if clp-artifact-build.yaml exists..."
if [ -f ".github/workflows/clp-artifact-build.yaml" ]; then
    echo "✓ clp-artifact-build.yaml exists"
else
    echo "✗ clp-artifact-build.yaml does not exist"
fi

# Check if clp-core-build.yaml exists
if [ -f ".github/workflows/clp-core-build.yaml" ]; then
    echo "✓ clp-core-build.yaml exists"
else
    echo "✗ clp-core-build.yaml does not exist"
fi

Length of output: 1083

@junhaoliao You're absolutely right! I apologize for the confusion.

The workflow file was indeed renamed in this PR from clp-core-build.yaml to clp-artifact-build.yaml. The git history shows a commit titled "ci: rename workflow clp-core-build -> clp-artifact-build" and the file system confirms:

clp-artifact-build.yaml exists
clp-core-build.yaml does not exist

The documentation link in contributing-linting.md is correct as written and points to the properly renamed workflow file. My initial assessment was wrong - there's no broken link here. The workflow renaming was part of this PR's changes, and all the documentation references have been properly updated to match the new filename.

Thank you for asking me to double-check!

[clp-lint]: https://github.com/y-scope/clp/blob/main/.github/workflows/clp-lint.yaml
[clp-issue-872]: https://github.com/y-scope/clp/issues/872
[feature-req]: https://github.com/y-scope/clp/issues/new?assignees=&labels=enhancement&projects=&template=feature-request.yml
Expand Down
10 changes: 10 additions & 0 deletions docs/src/dev-docs/tooling-containers.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,16 @@ environment.
tools/docker-images/clp-execution-base-ubuntu-jammy
```

## clp-package

An image containing the CLP package.

* Path:

```text
tools/docker-images/clp-package
```
Comment on lines +150 to +158
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Match other sections: add GH Packages link and pull command

Keep the clp-package section consistent with the rest.

 ## clp-package
 
 An image containing the CLP package.
 
+* [GitHub Packages page][clp-package]
+* Pull command:
+
+  ```bash
+  docker pull ghcr.io/y-scope/clp/clp-package:main
+  ```
+
 * Path:
 
   ```text
   tools/docker-images/clp-package

+[clp-package]: https://github.com/y-scope/clp/pkgs/container/clp%2Fclp-package


<details>
<summary>🤖 Prompt for AI Agents</summary>

In docs/src/dev-docs/tooling-containers.md around lines 150 to 158, the
clp-package section is missing the GitHub Packages pull command and the
reference link used by other image sections; update the section to include a
code block with the docker pull command for ghcr.io/y-scope/clp/clp-package:main
and add the markdown reference link [clp-package]:
https://github.com/y-scope/clp/pkgs/container/clp%2Fclp-package at the end of
the section so it matches the format of the other image entries.


</details>

<!-- fingerprinting:phantom:triton:chinchilla -->

<!-- This is an auto-generated comment by CodeRabbit -->


[core-deps-centos-stream-9]: https://github.com/y-scope/clp/pkgs/container/clp%2Fclp-core-dependencies-x86-centos-stream-9
[core-deps-manylinux_2_28-x86_64]: https://github.com/y-scope/clp/pkgs/container/clp%2Fclp-core-dependencies-x86-manylinux_2_28
[core-deps-musllinux_1_2-x86_64]: https://github.com/y-scope/clp/pkgs/container/clp%2Fclp-core-dependencies-x86-musllinux_1_2
Expand Down
9 changes: 6 additions & 3 deletions docs/src/dev-docs/tooling-gh-workflows.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,13 @@
The CLP repo includes several GitHub workflows for automating container image builds, artifact
builds, testing, and linting. We briefly describe each workflow below.

## clp-core-build
## clp-artifact-build

This workflow is responsible for:

1. building (Linux) container images containing CLP-core's dependencies, and
2. building CLP-core and running its unit tests.
1. building (Linux) container images containing CLP-core's dependencies,
2. building CLP-core and running its unit tests, and
3. building a container image containing CLP's package components.

To minimize build times, the jobs in the workflow are organized in the directed acyclic graph (DAG)
shown below.
Expand Down Expand Up @@ -40,6 +41,7 @@ flowchart LR
manylinux_2_28-x86_64-deps-image --> manylinux_2_28-x86_64-binaries
musllinux_1_2-x86_64-deps-image --> musllinux_1_2-x86_64-binaries
ubuntu-jammy-deps-image --> ubuntu-jammy-binaries
ubuntu-jammy-deps-image --> package-image
ubuntu-jammy-binaries --> ubuntu-jammy-binaries-image
:::

Expand All @@ -61,6 +63,7 @@ Arrows between jobs indicate a dependency. The jobs are as follows:
container and runs core's unit tests.
* `musllinux_1_2-x86_64-binaries`: Builds the CLP-core binaries in the built musllinux_1_2 container
and runs core's unit tests.
* `package-image`: Builds a container image containing CLP's package components.
* `ubuntu-jammy-binaries`: Builds the CLP-core binaries in the built Ubuntu Jammy container and runs
core's unit tests.
* `ubuntu-jammy-binaries-image`: Builds an Ubuntu Jammy container image containing CLP-core's
Expand Down
4 changes: 3 additions & 1 deletion taskfile.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ shopt: ["globstar"]

includes:
deps: "taskfiles/deps/main.yaml"
docker-images: "taskfiles/docker-images.yaml"
docs: "taskfiles/docs.yaml"
lint: "taskfiles/lint.yaml"
utils: "tools/yscope-dev-utils/exports/taskfiles/utils/utils.yaml"
Expand Down Expand Up @@ -37,6 +38,7 @@ vars:
{{default "" (env "CLP_CORE_MAX_PARALLELISM_PER_BUILD_TASK")}}

# Checksum files
G_PACKAGE_CHECKSUM_FILE: "{{.G_BUILD_DIR}}/package.md5"
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Use G_PACKAGE_CHECKSUM_FILE consistently (avoid hard-coded path).

package-tar still references the literal path; switch it to the new var to prevent drift.

@@
   package-tar:
@@
   sources:
-      - "{{.G_BUILD_DIR}}/package.md5"
+      - "{{.G_PACKAGE_CHECKSUM_FILE}}"
       - "{{.TASKFILE}}"

🏁 Script executed:

#!/bin/bash
set -euo pipefail
# Expect no hard-coded references after the change
rg -n '{{\.G_BUILD_DIR}}/package\.md5' -g '!**/node_modules/**' || true

Length of output: 198

🏁 Script executed:

#!/usr/bin/env bash
set -euo pipefail
# Verify no hard-coded references to the old path remain
rg -F "{{.G_BUILD_DIR}}/package.md5" -g '!**/node_modules/**' || echo "No hard-coded references found"

Length of output: 208

Replace literal package.md5 path with G_PACKAGE_CHECKSUM_FILE in package-tar sources

The package-tar targets still reference "{{.G_BUILD_DIR}}/package.md5" directly; switch it to use the G_PACKAGE_CHECKSUM_FILE variable for consistency:

@@ package-tar:
 sources:
-      - "{{.G_BUILD_DIR}}/package.md5"
+      - "{{.G_PACKAGE_CHECKSUM_FILE}}"
       - "{{.TASKFILE}}"
🤖 Prompt for AI Agents 
In taskfile.yaml around line 41, G_PACKAGE_CHECKSUM_FILE is set to
"{{.G_BUILD_DIR}}/package.md5" but the package-tar targets elsewhere still
reference the literal "{{.G_BUILD_DIR}}/package.md5"; update those package-tar
sources to use the G_PACKAGE_CHECKSUM_FILE variable instead (replace the literal
path with "{{ .G_PACKAGE_CHECKSUM_FILE }}" or the taskfile's variable
interpolation syntax) so all references are consistent and rely on the single
variable defined at line 41.

G_WEBUI_CLIENT_NODE_MODULES_CHECKSUM_FILE: "{{.G_BUILD_DIR}}/webui-client-node-modules.md5"
G_WEBUI_COMMON_NODE_MODULES_CHECKSUM_FILE: "{{.G_BUILD_DIR}}/webui-common-node-modules.md5"
G_WEBUI_LOG_VIEWER_NODE_MODULES_CHECKSUM_FILE:
Expand Down Expand Up @@ -94,7 +96,7 @@ tasks:
env:
NODE_ENV: "production"
vars:
CHECKSUM_FILE: "{{.G_BUILD_DIR}}/{{.TASK}}.md5"
CHECKSUM_FILE: "{{.G_PACKAGE_CHECKSUM_FILE}}"
OUTPUT_DIR: "{{.G_PACKAGE_BUILD_DIR}}"
sources:
- "{{.G_BUILD_DIR}}/package-venv.md5"
Expand Down
14 changes: 14 additions & 0 deletions taskfiles/docker-images.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
version: "3"

tasks:
package:
vars:
SRC_DIR: "{{.ROOT_DIR}}/tools/docker-images/clp-package"
dir: "{{.SRC_DIR}}"
sources:
- "{{.G_PACKAGE_CHECKSUM_FILE}}"
- "{{.SRC_DIR}}/**/*"
deps:
- ":package"
cmds:
- "./build.sh"
9 changes: 2 additions & 7 deletions .../docker-images/clp-execution-base-ubuntu-jammy/setup-scripts/install-prebuilt-packages.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,6 @@ set -u
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
ca-certificates \
checkinstall \
curl \
libcurl4 \
libmariadb-dev \
libssl-dev \
python3 \
rsync \
zstd
libmariadb3 \
python3
Loading
Loading