diff --git a/.github/workflows/docker-release.yml b/.github/workflows/docker-release.yml index 2cc29748c91..3ad4b539311 100644 --- a/.github/workflows/docker-release.yml +++ b/.github/workflows/docker-release.yml @@ -36,7 +36,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Docker Builder - uses: useblacksmith/setup-docker-builder@v1 + uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -137,7 +137,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Docker Builder - uses: useblacksmith/setup-docker-builder@v1 + uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry uses: docker/login-action@v3 diff --git a/.github/workflows/install-smoke.yml b/.github/workflows/install-smoke.yml index f18ba38a091..ca04748f9bf 100644 --- a/.github/workflows/install-smoke.yml +++ b/.github/workflows/install-smoke.yml @@ -41,7 +41,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Docker Builder - uses: useblacksmith/setup-docker-builder@v1 + uses: docker/setup-buildx-action@v3 # Blacksmith can fall back to the local docker driver, which rejects gha # cache export/import. Keep smoke builds driver-agnostic. diff --git a/.github/workflows/sandbox-common-smoke.yml b/.github/workflows/sandbox-common-smoke.yml index 13688bd0f25..8ece9010a20 100644 --- a/.github/workflows/sandbox-common-smoke.yml +++ b/.github/workflows/sandbox-common-smoke.yml @@ -27,7 +27,7 @@ jobs: submodules: false - name: Set up Docker Builder - uses: useblacksmith/setup-docker-builder@v1 + uses: docker/setup-buildx-action@v3 - name: Build minimal sandbox base (USER sandbox) shell: bash diff --git a/Dockerfile b/Dockerfile index 87b71a4057f..72c413ebe7b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -39,8 +39,18 @@ RUN mkdir -p /out && \ # ── Stage 2: Build ────────────────────────────────────────────── FROM ${OPENCLAW_NODE_BOOKWORM_IMAGE} AS build -# Install Bun (required for build scripts) -RUN curl -fsSL https://bun.sh/install | bash +# Install Bun (required for build scripts). Retry the whole bootstrap flow to +# tolerate transient 5xx failures from bun.sh/GitHub during CI image builds. +RUN set -eux; \ + for attempt in 1 2 3 4 5; do \ + if curl --retry 5 --retry-all-errors --retry-delay 2 -fsSL https://bun.sh/install | bash; then \ + break; \ + fi; \ + if [ "$attempt" -eq 5 ]; then \ + exit 1; \ + fi; \ + sleep $((attempt * 2)); \ + done ENV PATH="/root/.bun/bin:${PATH}" RUN corepack enable @@ -141,7 +151,15 @@ COPY --from=runtime-assets --chown=node:node /app/docs ./docs ENV COREPACK_HOME=/usr/local/share/corepack RUN install -d -m 0755 "$COREPACK_HOME" && \ corepack enable && \ - corepack prepare "$(node -p "require('./package.json').packageManager")" --activate && \ + for attempt in 1 2 3 4 5; do \ + if corepack prepare "$(node -p "require('./package.json').packageManager")" --activate; then \ + break; \ + fi; \ + if [ "$attempt" -eq 5 ]; then \ + exit 1; \ + fi; \ + sleep $((attempt * 2)); \ + done && \ chmod -R a+rX "$COREPACK_HOME" # Install additional system packages needed by your skills or extensions. diff --git a/docs/platforms/ios.md b/docs/platforms/ios.md index 2653b7b51e1..f64eba3fed0 100644 --- a/docs/platforms/ios.md +++ b/docs/platforms/ios.md @@ -154,7 +154,7 @@ gateway still needs direct APNs credentials: ```bash export OPENCLAW_APNS_TEAM_ID="TEAMID" export OPENCLAW_APNS_KEY_ID="KEYID" -export OPENCLAW_APNS_PRIVATE_KEY_P8='-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----' +export OPENCLAW_APNS_PRIVATE_KEY_P8="$(cat /path/to/AuthKey_KEYID.p8)" ``` ## Discovery paths diff --git a/src/config/schema.labels.ts b/src/config/schema.labels.ts index 01b8d0f57dd..256d3c1ddb9 100644 --- a/src/config/schema.labels.ts +++ b/src/config/schema.labels.ts @@ -250,6 +250,11 @@ export const FIELD_LABELS: Record = { "Dangerously Allow Host-Header Origin Fallback", "gateway.controlUi.allowInsecureAuth": "Insecure Control UI Auth Toggle", "gateway.controlUi.dangerouslyDisableDeviceAuth": "Dangerously Disable Control UI Device Auth", + "gateway.push": "Gateway Push Delivery", + "gateway.push.apns": "Gateway APNs Delivery", + "gateway.push.apns.relay": "Gateway APNs Relay", + "gateway.push.apns.relay.baseUrl": "Gateway APNs Relay Base URL", + "gateway.push.apns.relay.timeoutMs": "Gateway APNs Relay Timeout (ms)", "gateway.http.endpoints.chatCompletions.enabled": "OpenAI Chat Completions Endpoint", "gateway.http.endpoints.chatCompletions.maxBodyBytes": "OpenAI Chat Completions Max Body Bytes", "gateway.http.endpoints.chatCompletions.maxImageParts": "OpenAI Chat Completions Max Image Parts",