From 65c269fb33da736482d0d9f5dbb7ac4393687fab Mon Sep 17 00:00:00 2001 From: yau-wd Date: Tue, 23 Jun 2026 16:46:14 +0800 Subject: [PATCH 1/5] fix: add NODE_VERSION build-arg and native build deps to fix Docker CI build --- docker/Dockerfile | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 0e5cde010aa..c2a6b20ebe4 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,8 +1,14 @@ +# Node.js version (overridable via build-arg from CI) +ARG NODE_VERSION=24 + # Stage 1: Build stage -FROM node:24-alpine AS build +FROM node:${NODE_VERSION}-alpine AS build USER root +# Install build dependencies +RUN apk add --no-cache git python3 py3-pip make g++ build-base cairo-dev pango-dev + # Skip downloading Chrome for Puppeteer (saves build time) ENV PUPPETEER_SKIP_DOWNLOAD=true From 75a833d6b7a076c4830d4933df11b2249a5c2ef7 Mon Sep 17 00:00:00 2001 From: yau-wd Date: Tue, 23 Jun 2026 16:46:33 +0800 Subject: [PATCH 2/5] fix: add NODE_VERSION build-arg and native build deps to fix Docker CI build --- .github/workflows/docker-image-dockerhub.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/docker-image-dockerhub.yml b/.github/workflows/docker-image-dockerhub.yml index 53a80c00fe9..528913595a0 100644 --- a/.github/workflows/docker-image-dockerhub.yml +++ b/.github/workflows/docker-image-dockerhub.yml @@ -9,6 +9,7 @@ on: required: true default: '24' options: + - '20' - '24' tag_version: description: 'Tag version of the image to be pushed.' From dc82c7b66fa28a9ca6cc834c9cb44e057537bbcc Mon Sep 17 00:00:00 2001 From: yau-wd Date: Tue, 23 Jun 2026 20:39:34 +0800 Subject: [PATCH 3/5] fix: use native ARM runners and parallel matrix builds for Docker Hub CI --- .github/workflows/docker-image-dockerhub.yml | 122 +++++++++++++++---- 1 file changed, 95 insertions(+), 27 deletions(-) diff --git a/.github/workflows/docker-image-dockerhub.yml b/.github/workflows/docker-image-dockerhub.yml index 528913595a0..63632bea9c7 100644 --- a/.github/workflows/docker-image-dockerhub.yml +++ b/.github/workflows/docker-image-dockerhub.yml @@ -18,8 +18,11 @@ on: default: 'latest' jobs: - docker: + prepare: runs-on: ubuntu-latest + outputs: + node_version: ${{ steps.defaults.outputs.node_version }} + tag_version: ${{ steps.defaults.outputs.tag_version }} steps: - name: Set default values id: defaults @@ -27,12 +30,40 @@ jobs: echo "node_version=${{ github.event.inputs.node_version || '24' }}" >> $GITHUB_OUTPUT echo "tag_version=${{ github.event.inputs.tag_version || 'latest' }}" >> $GITHUB_OUTPUT + build: + needs: prepare + runs-on: ${{ matrix.runner }} + strategy: + fail-fast: false + matrix: + include: + - image: flowiseai/flowise + dockerfile: ./docker/Dockerfile + platform: linux/amd64 + runner: ubuntu-latest + - image: flowiseai/flowise + dockerfile: ./docker/Dockerfile + platform: linux/arm64 + runner: ubuntu-24.04-arm + - image: flowiseai/flowise-worker + dockerfile: docker/worker/Dockerfile + platform: linux/amd64 + runner: ubuntu-latest + - image: flowiseai/flowise-worker + dockerfile: docker/worker/Dockerfile + platform: linux/arm64 + runner: ubuntu-24.04-arm + steps: + - name: Prepare env + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + image=${{ matrix.image }} + echo "IMAGE_SLUG=${image//\//-}" >> $GITHUB_ENV + - name: Checkout uses: actions/checkout@v6.0.2 - - name: Set up QEMU - uses: docker/setup-qemu-action@v4.0.0 - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v4.0.0 @@ -42,32 +73,69 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - # ------------------------- - # Build and push main image - # ------------------------- - - name: Build and push main image + - name: Build and push by digest + id: build uses: docker/build-push-action@v6.19.2 with: context: . - file: ./docker/Dockerfile + file: ${{ matrix.dockerfile }} + platforms: ${{ matrix.platform }} build-args: | - NODE_VERSION=${{ steps.defaults.outputs.node_version }} - platforms: linux/amd64,linux/arm64 - push: true - tags: | - flowiseai/flowise:${{ steps.defaults.outputs.tag_version }} + NODE_VERSION=${{ needs.prepare.outputs.node_version }} + outputs: type=image,name=${{ matrix.image }},push-by-digest=true,name-canonical=true,push=true - # ------------------------- - # Build and push worker image - # ------------------------- - - name: Build and push worker image - uses: docker/build-push-action@v6.19.2 + - name: Export digest + run: | + mkdir -p ${{ runner.temp }}/digests + digest="${{ steps.build.outputs.digest }}" + touch "${{ runner.temp }}/digests/${digest#sha256:}" + + - name: Upload digest + uses: actions/upload-artifact@v4 with: - context: . - file: docker/worker/Dockerfile - build-args: | - NODE_VERSION=${{ steps.defaults.outputs.node_version }} - platforms: linux/amd64,linux/arm64 - push: true - tags: | - flowiseai/flowise-worker:${{ steps.defaults.outputs.tag_version }} + name: digests-${{ env.IMAGE_SLUG }}-${{ env.PLATFORM_PAIR }} + path: ${{ runner.temp }}/digests/* + if-no-files-found: error + retention-days: 1 + + merge: + needs: [prepare, build] + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + image: + - flowiseai/flowise + - flowiseai/flowise-worker + steps: + - name: Prepare env + run: | + image=${{ matrix.image }} + echo "IMAGE_SLUG=${image//\//-}" >> $GITHUB_ENV + + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: ${{ runner.temp }}/digests + pattern: digests-${{ env.IMAGE_SLUG }}-* + merge-multiple: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v4.0.0 + + - name: Login to Docker Hub + uses: docker/login-action@v4 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Create manifest list and push + working-directory: ${{ runner.temp }}/digests + run: | + docker buildx imagetools create \ + -t ${{ matrix.image }}:${{ needs.prepare.outputs.tag_version }} \ + $(printf '${{ matrix.image }}@sha256:%s ' *) + + - name: Inspect image + run: | + docker buildx imagetools inspect ${{ matrix.image }}:${{ needs.prepare.outputs.tag_version }} From eedb26197fcbd7d546060fcc8478ed13dcb91a5b Mon Sep 17 00:00:00 2001 From: yau-wd Date: Tue, 23 Jun 2026 23:24:08 +0800 Subject: [PATCH 4/5] fix: update Docker Hub CI artifact pattern to include 'linux' in filename --- .github/workflows/docker-image-dockerhub.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-image-dockerhub.yml b/.github/workflows/docker-image-dockerhub.yml index 63632bea9c7..a2b41819835 100644 --- a/.github/workflows/docker-image-dockerhub.yml +++ b/.github/workflows/docker-image-dockerhub.yml @@ -117,7 +117,7 @@ jobs: uses: actions/download-artifact@v4 with: path: ${{ runner.temp }}/digests - pattern: digests-${{ env.IMAGE_SLUG }}-* + pattern: digests-${{ env.IMAGE_SLUG }}-linux-* merge-multiple: true - name: Set up Docker Buildx From c998d2a00dca663d09d162ef086c204c18271107 Mon Sep 17 00:00:00 2001 From: yau-wd Date: Tue, 23 Jun 2026 23:36:32 +0800 Subject: [PATCH 5/5] Potential fix for pull request finding 'CodeQL / Workflow does not contain permissions' Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/docker-image-dockerhub.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/docker-image-dockerhub.yml b/.github/workflows/docker-image-dockerhub.yml index a2b41819835..960c24bb279 100644 --- a/.github/workflows/docker-image-dockerhub.yml +++ b/.github/workflows/docker-image-dockerhub.yml @@ -17,6 +17,9 @@ on: required: true default: 'latest' +permissions: + contents: read + jobs: prepare: runs-on: ubuntu-latest