diff --git a/.github/workflows/fastgpt-pro-test.yaml b/.github/workflows/fastgpt-pro-test.yaml index 32b1b61765..b361d66d3a 100644 --- a/.github/workflows/fastgpt-pro-test.yaml +++ b/.github/workflows/fastgpt-pro-test.yaml @@ -1,15 +1,25 @@ -name: 'FastGPT-Pro-Test' +name: "FastGPT-Pro-Test" on: - pull_request: + pull_request_target: + types: [ opened, synchronize, reopened ] + paths: + - "pro" + - "pro/**" + - "packages/**" + - "sdk/**" + - "pnpm-lock.yaml" + - "pnpm-workspace.yaml" + - "turbo.json" + - ".gitmodules" + - ".github/workflows/fastgpt-pro-test.yaml" workflow_dispatch: concurrency: - group: 'fastgpt-pro-test-${{ github.event.pull_request.number || github.ref }}' + group: "fastgpt-pro-test-${{ github.event.pull_request.number || github.ref }}" cancel-in-progress: true jobs: test: - if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository || secrets.PRO_SUBMODULE_TOKEN != '' }} runs-on: ubuntu-latest permissions: @@ -19,17 +29,24 @@ jobs: steps: - uses: actions/checkout@v4 with: - ref: ${{ github.event.pull_request.head.ref || github.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }} + ref: ${{ github.event_name == 'pull_request_target' && + github.event.pull_request.head.sha || github.ref }} + repository: ${{ github.event_name == 'pull_request_target' && + github.event.pull_request.head.repo.full_name || github.repository + }} - name: Update submodules env: PRO_SUBMODULE_TOKEN: ${{ secrets.PRO_SUBMODULE_TOKEN }} run: | if [ -f .gitmodules ]; then + if [ -z "${PRO_SUBMODULE_TOKEN}" ]; then + echo "::error::PRO_SUBMODULE_TOKEN is required to clone the private pro submodule. Add it to this repository's Actions secrets, or run this workflow from a repository that has the secret configured." + exit 1 + fi if [ -n "${PRO_SUBMODULE_TOKEN}" ]; then git config --global url."https://x-access-token:${PRO_SUBMODULE_TOKEN}@github.com/".insteadOf "https://github.com/" fi - git submodule update --init --recursive + git submodule update --init --recursive --jobs 8 fi - name: Install system deps for node-canvas run: | @@ -40,8 +57,8 @@ jobs: version: 10.33.2 - uses: actions/setup-node@v4 with: - node-version: '20' - cache: 'pnpm' + node-version: "24" + cache: "pnpm" - name: Install Deps run: pnpm install --frozen-lockfile - name: Test diff --git a/.github/workflows/preview-admin-build.yml b/.github/workflows/preview-admin-build.yml index 6f133e7530..b9cdca30af 100644 --- a/.github/workflows/preview-admin-build.yml +++ b/.github/workflows/preview-admin-build.yml @@ -1,37 +1,49 @@ -name: Preview Admin Image - Build & Push +name: Preview Admin Image - Build on: pull_request_target: types: [opened, synchronize, reopened] + paths: + - 'pro' + - 'pro/**' + - 'packages/**' + - 'sdk/**' + - 'pnpm-lock.yaml' + - 'pnpm-workspace.yaml' + - 'turbo.json' + - '.gitmodules' + - '.github/workflows/preview-admin-build.yml' + - '.github/workflows/preview-admin-push.yml' workflow_dispatch: concurrency: - group: 'preview-admin-build-${{ github.head_ref }}' + group: 'preview-admin-build-${{ github.event.pull_request.number || github.ref }}' cancel-in-progress: true permissions: contents: read - packages: write - pull-requests: write - issues: write jobs: - build-and-push: - if: ${{ github.event.pull_request.head.repo.full_name == github.repository || secrets.PRO_SUBMODULE_TOKEN != '' }} + build: runs-on: ubuntu-24.04 steps: - name: Checkout PR code uses: actions/checkout@v4 with: - ref: refs/pull/${{ github.event.pull_request.number }}/head - fetch-depth: 0 + ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }} + repository: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name || github.repository }} + fetch-depth: 1 - name: Update submodules env: PRO_SUBMODULE_TOKEN: ${{ secrets.PRO_SUBMODULE_TOKEN }} run: | if [ -f .gitmodules ]; then + if [ -z "${PRO_SUBMODULE_TOKEN}" ]; then + echo "::error::PRO_SUBMODULE_TOKEN is required to clone the private pro submodule. Add it to this repository's Actions secrets, or run this workflow from a repository that has the secret configured." + exit 1 + fi if [ -n "${PRO_SUBMODULE_TOKEN}" ]; then git config --global url."https://x-access-token:${PRO_SUBMODULE_TOKEN}@github.com/".insteadOf "https://github.com/" fi @@ -41,63 +53,33 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Login to Aliyun Container Registry - uses: docker/login-action@v3 - with: - registry: registry.cn-hangzhou.aliyuncs.com - username: ${{ secrets.FASTGPT_ALI_IMAGE_USER }} - password: ${{ secrets.FASTGPT_ALI_IMAGE_PSW }} - - - name: Build and push Docker image + - name: Build Docker image (no push) uses: docker/build-push-action@v6 with: context: . file: pro/admin/Dockerfile platforms: linux/amd64 - push: true - tags: ${{ secrets.FASTGPT_ALI_IMAGE_PREFIX }}/fastgpt-pro-pr:${{ github.event.pull_request.head.sha }} + push: false + tags: fastgpt-pro-pr:${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }} labels: | org.opencontainers.image.source=https://github.com/${{ github.repository_owner }}/FastGPT org.opencontainers.image.description=fastgpt-pro admin image + org.opencontainers.image.revision=${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }} + outputs: type=docker,dest=/tmp/fastgpt-pro-image.tar + cache-from: type=gha,scope=fastgpt-pro + cache-to: type=gha,mode=max,scope=fastgpt-pro - - name: Add PR comment on success - if: success() - uses: actions/github-script@v7 + - name: Save PR metadata + run: | + echo "${{ github.event.pull_request.number || '' }}" > /tmp/pr-number.txt + echo "${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}" > /tmp/pr-sha.txt + + - name: Upload Docker image artifact + uses: actions/upload-artifact@v4 with: - script: | - const prNumber = ${{ github.event.pull_request.number }}; - const marker = ''; - - const { data: comments } = await github.rest.issues.listComments({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: prNumber, - }); - - const existingComment = comments.find(comment => - comment.body.includes(marker) - ); - - const commentBody = `${marker} - ✅ **Admin Preview Image Ready!** - - \`\`\` - ${{ secrets.FASTGPT_ALI_IMAGE_PREFIX }}/fastgpt-pro-pr:${{ github.event.pull_request.head.sha }} - \`\`\` - `; - - if (existingComment) { - await github.rest.issues.updateComment({ - owner: context.repo.owner, - repo: context.repo.repo, - comment_id: existingComment.id, - body: commentBody - }); - } else { - await github.rest.issues.createComment({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: prNumber, - body: commentBody - }); - } + name: preview-admin-image + path: | + /tmp/fastgpt-pro-image.tar + /tmp/pr-number.txt + /tmp/pr-sha.txt + retention-days: 1 diff --git a/.github/workflows/preview-admin-push.yml b/.github/workflows/preview-admin-push.yml new file mode 100644 index 0000000000..f101ed2502 --- /dev/null +++ b/.github/workflows/preview-admin-push.yml @@ -0,0 +1,101 @@ +name: Preview Admin Image - Push + +on: + workflow_run: + workflows: ['Preview Admin Image - Build'] + types: [completed] + +concurrency: + group: 'preview-admin-push' + cancel-in-progress: false + +permissions: + contents: read + packages: write + attestations: write + id-token: write + pull-requests: write + issues: write + actions: read + +jobs: + push: + runs-on: ubuntu-24.04 + if: ${{ github.event.workflow_run.conclusion == 'success' }} + + steps: + - name: Download build artifact + uses: actions/download-artifact@v4 + with: + name: preview-admin-image + path: /tmp + run-id: ${{ github.event.workflow_run.id }} + github-token: ${{ secrets.GITHUB_TOKEN }} + + - name: Read PR metadata + id: pr + run: | + echo "number=$(cat /tmp/pr-number.txt)" >> "$GITHUB_OUTPUT" + echo "sha=$(cat /tmp/pr-sha.txt)" >> "$GITHUB_OUTPUT" + + - name: Load Docker image + run: docker load --input /tmp/fastgpt-pro-image.tar + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Aliyun Container Registry + uses: docker/login-action@v3 + with: + registry: registry.cn-hangzhou.aliyuncs.com + username: ${{ secrets.FASTGPT_ALI_IMAGE_USER }} + password: ${{ secrets.FASTGPT_ALI_IMAGE_PSW }} + + - name: Tag and push Docker image + run: | + SHA="${{ steps.pr.outputs.sha }}" + docker tag fastgpt-pro-pr:${SHA} \ + ${{ secrets.FASTGPT_ALI_IMAGE_PREFIX }}/fastgpt-pro-pr:${SHA} + docker push ${{ secrets.FASTGPT_ALI_IMAGE_PREFIX }}/fastgpt-pro-pr:${SHA} + + - name: Add PR comment on success + if: success() && steps.pr.outputs.number != '' + uses: actions/github-script@v7 + with: + script: | + const prNumber = parseInt('${{ steps.pr.outputs.number }}'); + const marker = ''; + + const { data: comments } = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: prNumber, + }); + + const existingComment = comments.find(comment => + comment.body.includes(marker) + ); + + const commentBody = `${marker} + ✅ **Admin Preview Image Ready!** + + \`\`\` + ${{ secrets.FASTGPT_ALI_IMAGE_PREFIX }}/fastgpt-pro-pr:${{ steps.pr.outputs.sha }} + \`\`\` + `; + + if (existingComment) { + await github.rest.issues.updateComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: existingComment.id, + body: commentBody + }); + } else { + await github.rest.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: prNumber, + body: commentBody + }); + } diff --git a/package.json b/package.json index 86650b023e..3512e83355 100644 --- a/package.json +++ b/package.json @@ -3,7 +3,7 @@ "version": "4.0", "private": true, "scripts": { - "proDev": "turbo run dev --filter=@fastgpt/app", + "dev:pro": "turbo run dev:pro --filter=@fastgpt/app", "prepare": "husky install", "gen:theme-typings": "chakra-cli tokens packages/web/styles/theme.ts --out node_modules/.pnpm/node_modules/@chakra-ui/styled-system/dist/theming.types.d.ts", "postinstall": "pnpm gen:theme-typings && pnpm run build:sdks", diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index bc1da0e7c5..4cef937fb1 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -1,11 +1,12 @@ packages: - packages/* - projects/* - - pro/admin - - pro/sso - scripts/icon - sdk/* + - pro/admin + - pro/sso + catalog: "@fastgpt-sdk/logger": 0.1.2 "@fastgpt-sdk/otel": 0.1.2 diff --git a/pro b/pro index 3b9a14da94..1d38337167 160000 --- a/pro +++ b/pro @@ -1 +1 @@ -Subproject commit 3b9a14da941d603ac4065dc0f4fec049f630348a +Subproject commit 1d38337167baeed33ece061772c84b0ccce71333 diff --git a/projects/app/package.json b/projects/app/package.json index e8ac5e68de..b9ee588a07 100644 --- a/projects/app/package.json +++ b/projects/app/package.json @@ -3,7 +3,8 @@ "version": "4.14.16", "private": false, "scripts": { - "dev": "NODE_OPTIONS='--max-old-space-size=8192' pnpm run build:workers && next dev", + "dev": "pnpm run build:workers && next dev", + "dev:pro": "pnpm run dev", "build": "pnpm run build:workers && next build --debug", "build:webpack": "pnpm run build:workers && next build --webpack --debug", "analyze": "next experimental-analyze", diff --git a/turbo.json b/turbo.json index c2c9bd91e7..df222891fb 100644 --- a/turbo.json +++ b/turbo.json @@ -6,6 +6,11 @@ "cache": false, "persistent": true }, + "dev:pro": { + "with": ["@fastgpt/admin#dev"], + "cache": false, + "persistent": true + }, "build": { "dependsOn": ["^build"], "outputs": [".next/**", "dist/**", "worker/**"]