18 Commits

Author SHA1 Message Date
youcef zr
6efac95b53 feat(deploy): Azure deployment support (App Service + ACI) (#3387)
* feat(deploy): add Azure deployment templates (App Service + ACI)

Adds a deploy/azure/ lane so Open Design can be deployed to Microsoft
Azure from the published runtime image, alongside the existing Docker
Compose and Helm options. Covers the App Service + ACI scope of #1028.

Two Bicep templates run the same single-port Alpine image used by
deploy/docker-compose.yml and charts/open-design:

- app-service.bicep: App Service for Containers with managed HTTPS,
  Always On, and health checks on /api/health.
- aci.bicep: a single Azure Container Instances group with a public
  FQDN and an /api/health liveness probe.

These are evaluation deployments: state lives on the container's local
disk and is ephemeral. Open Design stores SQLite under OD_DATA_DIR, and
SQLite needs real file locking, which the Azure Files (SMB) storage
behind both App Service and ACI persistence cannot provide without
corruption. App Service sets WEBSITES_ENABLE_APP_SERVICE_STORAGE=false to
keep the data dir on local disk. Durable self-hosting stays on the
Compose named volume or the Helm PVC.

Both wire the daemon's env contract (OD_BIND_HOST/OD_PORT/OD_WEB_PORT/
OD_DATA_DIR/OD_PUBLIC_BASE_URL/OD_ALLOWED_ORIGINS/OD_API_TOKEN) and take
the API token as a secure parameter so it never appears in deployment
outputs.

deploy-azure.sh wraps `az` to create the resource group, generate a
token when one isn't supplied, deploy a lane, and print the URL.
README.md documents both lanes, the ephemeral-data caveat, and the
security trade-offs.

deploy/tests/azure-bicep.test.ts guards the runtime contract and that the
data dir is never mounted to Azure Files; when the bicep CLI is present
it also compiles both templates.

* docs(deploy): add ACI health-check example to Azure quick start
2026-06-23 06:53:45 +00:00
MattchewMoar
4ca95f989d fix(deploy): install bash and git in runtime image (#4344)
The Alpine runtime image ships only BusyBox sh, so coding agents spawned
by the daemon reported "no POSIX shell in this environment" and could not
run their Bash tool. Install bash (and git, needed for nearly any agent
task) in the runtime stage alongside tini and poppler-utils.
2026-06-21 16:17:53 +00:00
Marc Chan
a0412c12e6 fix(docker): add opt-in API auth disable flag (#4541)
* fix(docker): add opt-in API auth disable flag

Generated-By: looper 0.9.10 (runner=worker, agent=opencode)

* docs(docker): add .env setup to beginner guide

Generated-By: looper 0.9.10 (runner=fixer, agent=opencode)
2026-06-19 03:24:14 +00:00
Marc Chan
7abb7888df fix(deploy): align Docker defaults with GHCR releases (#4327)
* fix(deploy): align Docker defaults with GHCR releases

Generated-By: looper 0.9.9 (runner=worker, agent=opencode)

* fix(ci): publish stable Docker tags from release workflow

Generated-By: looper 0.9.9 (runner=fixer, agent=opencode)

* fix(ci): fold reusable workflow guard expression

Generated-By: looper 0.9.9 (runner=fixer, agent=opencode)

* fix(ci): gate Docker release publish

Generated-By: looper 0.9.9 (runner=fixer, agent=opencode)

* fix(ci): publish stable Docker tags after release

Generated-By: looper 0.9.9 (runner=fixer, agent=opencode)

* fix(ci): guard Docker latest tag enable expression

Generated-By: looper 0.9.9 (runner=fixer, agent=opencode)

* fix(deploy): update Helm chart GHCR defaults

Generated-By: looper 0.9.9 (runner=fixer, agent=opencode)

* fix(ci): publish latest from release workflow inputs

Generated-By: looper 0.9.9 (runner=fixer, agent=opencode)
2026-06-17 12:25:18 +08:00
PerishFire
a0afc584bb [codex] centralize daemon data directory docs (#4222)
* docs: centralize daemon data directory contract

* fix(e2e): allow slower artifact consistency navigation

Generated-By: looper 0.9.5 (runner=fixer, agent=codex)

* docs: localize daemon data directory pointers

Generated-By: looper 0.9.5 (runner=fixer, agent=codex)

---------

Co-authored-by: Looper <looper@noreply.github.com>
2026-06-15 02:52:05 +00:00
Vladyslav Ovdeychuk
77fee5fe42 docs: document macOS Docker host networking workaround (#3417)
Co-authored-by: Vladislav Ovdeychuk <ovdeychuk@trueconf.ru>
Co-authored-by: Siri-Ray <2667192167@qq.com>
2026-06-04 04:04:32 +00:00
Shivam
3f165b5498 docs(deploy): add Azure Container Instances guide (#3163)
* docs(deploy): add Azure Container Instances guide

* docs(deploy): clarify Azure proxy topology

* docs(deploy): keep Azure proxy streams unbuffered

---------

Co-authored-by: Shivam <shivam2931120@users.noreply.github.com>
2026-06-02 08:14:21 +00:00
chaoxiaoche
ef5f150e69 Fix Studio share menu hierarchy (#3266)
* fix: clarify studio share menu hierarchy

* fix: keep cli menu controls after move

* fix: hide pet quick action from chat

* fix: remove duplicate settings from cli menu

* fix: remove reasoning from cli quick menu

* fix(web): restore empty project instructions entry

* fix(web): expose markdown export download

* fix(web): restore avatar settings menu item

* fix(web): restore avatar reasoning control

* fix(web): restore inline settings shortcut

* fix(web): restore share and pet composer affordances

* test(web): expect inline settings shortcut

* fix(web): localize share menu copy

---------

Co-authored-by: chaoxiaoche <chaoxiaoche@chaoxiaochedeMacBook-Pro.local>
2026-06-01 06:28:31 +00:00
xiaotee
6e4c49cf00 fix(deploy): move stage-2 asset copies into build stage so Dockerfile is self-contained (#3350)
* fix(deploy): move stage-2 asset copies into build stage

Stage 2 COPY commands for skills, design-systems, craft,
prompt-templates, assets, and plugins/_official previously read
from the build context, which couples the Dockerfile to the repo
root.  Platforms like Railway that require the Dockerfile directory
to equal the build context could not find these paths.

Move the asset directories into the build stage and let Stage 2
pull them via --from=build, so the Dockerfile is fully
self-contained and works from any context directory.

* fix(deploy): chown volume at runtime so containers work with root-owned mounts

Platforms like Railway mount volumes as root, which overrides the
build-time chown on /app/.od.  Run the container as root with tini,
chown the volume directory on start, then drop privileges to the
open-design user via su-exec before launching the daemon.

* Revert "fix(deploy): chown volume at runtime so containers work with root-owned mounts"

This reverts commit f32655d9c2.
2026-05-31 15:45:20 +00:00
Sharon K
3f63ebb2b4 production-ready CloudFormation template for Open Design (#3011)
* cloudformation initial commit

* correct dynamic AppUrl logic and activate hardcoded port parameter

* resolve proxy port limit and log group resource to use stack name

* fixes following a review

* address PR feedback by enforcing deployment parameter validations, implementing true multi-AZ backend routing, and correcting proxy configuration syntax

* correct rules and validations

* fix readme and regex validation

* restrict allowed source IP ranges to private CIDR masks and clarify single-instance compute constraints in documentation

* addressing review points

* README update

* fixed missing output

---------

Co-authored-by: shaarron <sharon.kroch@gmail.com>
2026-05-31 14:39:02 +00:00
Yuhao Chen
fa39bda461 fix(daemon): allow codex sandbox override (#3288) 2026-05-31 14:31:23 +00:00
hahalolo
1aa72b6d09 fix(docker): fix container startup crash due to missing OD_API_TOKEN (#2928)
* fix(docker): fix container startup crash due to missing OD_API_TOKEN

* fix(docker): forward OD_API_TOKEN to fix docker container boot loop

* fix(docker): enforce non-empty OD_API_TOKEN for docker-compose

* fix(deploy): automate OD_API_TOKEN generation in installer and close compose loop

* docs(readme): guide manual deployment users to configure OD_API_TOKEN

* docs(readme): align working directory paths for manual deployment instructions

* docs(readme): align working directory paths for manual deployment instructions

* docs(readme): restore git clone context for first-time users
2026-05-26 06:15:48 +00:00
epic
e8b5dd8aaf feat(deploy): add one-click Docker/Podman Compose installer for Linux… (#2414)
* feat(deploy): add one-click Docker/Podman Compose installer for Linux and macOS

- Add install.sh with interactive wizard, Podman/Docker runtime detection,
  port conflict check, health verification, and systemd user unit creation
- Add update.sh for image pull and restart with health check
- Add uninstall.sh with interactive user data backup before removal
- Unify CLI output styling with step/ok/warn/error/info helpers
- Add install-guide.md documentation
- Add install.test.ts integration test suite

* feat(deploy): add one-click Docker/Podman Compose installer

- interactive setup wizard with port, image, CORS, memory prompts
- automatic Docker/Podman detection with install guidance
- systemd user unit for Linux, health check polling
- update.sh (pull + restart + prune) and uninstall.sh (backup + cleanup)
- node:test integration suite and install-guide.md

* style(deploy): improve POSIX sh compatibility and systemd unit handling

- unify shell shebangs to #!/usr/bin/env bash

- add pipefail option for better error handling

- fix systemd unit for Podman: remove After/Requires when no service

- correct documentation to match actual uninstall behavior

* fix(deploy): address review feedback for installer scripts

- remove curl | sh path, document clone-first only

- isolate tests via docker-compose.override.yml with unique names

- support both --image <ref> and --image=<ref> in update.sh

- add running container detection before install

* docs(install): remove demo scripts and add MCP note
2026-05-22 14:04:16 +08:00
lefarcen
22a3b99a47 Merge origin/main into preview/v0.8.0
Sync 49 commits from main. Conflicts resolved:
- .github/workflows/ci.yml: kept v0.8.0 granular per-area gating, added main's
  linux specs + release-stable.yml + release-preview.yml triggers
- .github/workflows/release-preview.yml: kept v0.8.0's full workflow over main's placeholder
- apps/web/src/components/AssistantMessage.tsx: combined v0.8.0 file-ops
  summary with main's stripTodoToolGroups + suppressAskUserQuestionFallbackText
- apps/web/src/components/ChatPane.tsx: kept both new imports
- apps/web/src/index.css: kept both .msg-plugin-chip and .user-copy-btn blocks
- e2e/ui/*.test.ts: kept v0.8.0 openEntrySettingsDialog helper over main's
  inline dialog navigation (UI was redesigned in v0.8.0)
- nix/package-{daemon,web}.nix: kept v0.8.0 pnpmDepsHash; rerun nix build to refresh
2026-05-15 18:23:33 +08:00
Zihan Zhao
cfcfbe0178 Inline attached file context for BYOK chats (#1730)
BYOK/API-mode chats bypass the daemon run path, so attached project
files were saved as message metadata but their readable contents were
not sent to the provider. This adds a web-side attachment context step
for API-mode requests, reusing raw text reads and existing document
preview extraction.

Constraint: Docker PDF previews require pdftotext in the runtime image
Confidence: high
Scope-risk: moderate
Tested: corepack pnpm --filter @open-design/web test -- tests/api-attachment-context.test.ts tests/components/ProjectView.api-empty-response.test.tsx
Tested: corepack pnpm --filter @open-design/web typecheck
Tested: corepack pnpm --filter @open-design/web build
Tested: corepack pnpm guard
Tested: corepack pnpm typecheck
2026-05-15 15:52:15 +08:00
Cursor Agent
bf30b308e3 feat(deploy): docker-compose + Helm chart entry slice (Phase 5)
Plan J4 / spec §15.4 / §15.5 / §16 Phase 5.

Three landings:

- deploy/Dockerfile now COPYs plugins/_official/ into the image so
  the bundled atom plugins from §3.I3 register on container boot —
  without this, registerBundledPlugins() silently no-ops inside the
  container and the §23 self-bootstrap promise breaks for hosted
  deployments.

- tools/pack/docker-compose.yml ships the canonical hosted-mode
  manifest spec §15.4 calls out: two-volume layout (od-data +
  od-config) per §15.2, OD_BIND_HOST=0.0.0.0 + OD_API_TOKEN +
  OD_NAMESPACE + snapshot retention knobs as env, /api/daemon/status
  as the healthcheck endpoint (Phase 1.5). Drop-in usable with
  `docker compose -f tools/pack/docker-compose.yml up -d`.

- tools/pack/helm/open-design/{Chart.yaml,values.yaml,README.md}
  pins the Helm chart parameter surface for the per-cloud overrides
  spec §15.5 enumerates (AWS / GCP / Azure / Aliyun / Tencent /
  Huawei / self-hosted). Templates land in the Phase 5 follow-up
  PR; the values schema is locked here so the per-cloud override
  files (values-<cloud>.yaml) review in isolation.

scripts/guard.ts allowlist gains
`packages/agui-adapter/esbuild.config.mjs` so the new package
passes the residual-JS guard.

Daemon tests stay at 1486/1486 (deploy artifacts only).

Co-authored-by: Tom Huang <1043269994@qq.com>
2026-05-09 13:20:53 +00:00
VanJay
34b5b85614 docs(deploy): document Colima build swap helper (#967)
* docs(deploy): document Colima build swap helper

Explain when Apple Silicon Colima users should prepare temporary VM swap before manual image publishing, and cover the host guard with a focused test.

* fix(deploy): harden Colima swap helper

Address review feedback by validating swap overrides, passing remote shell values safely, preserving configured fallback sizes, and expanding behavior coverage.
2026-05-09 02:17:22 +08:00
VanJay
369d136d19 Add Docker Compose deployment workflow (#65)
* Add Docker Compose deployment workflow

* Address Docker deployment review feedback

Harden publishing inputs and temporary credential handling, and tighten Docker runtime defaults requested by the PR review.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* Fix Docker publish build in CI mode

Set CI=true during the image build so pnpm prune can run non-interactively inside Docker.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* Fix Docker runtime dependency layout

Use pnpm deploy for the daemon package so the runtime image includes production dependencies where Node resolves them.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* Use legacy pnpm deploy in Docker build

Allow pnpm v10 deploy to package the daemon workspace without requiring injected workspace packages.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* Align Docker runtime with Node 24

Use Node 24 for both build and runtime stages and update image verification for the workspace daemon dependency layout.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* Remove legacy OD_HOST Docker binding fallback

Use OD_BIND_HOST as the single daemon bind-host setting for Docker deployment and origin validation.

* Update Docker image verifier for daemon dist runtime

Check the packaged daemon dist entrypoint and allow npm from the Node 24 runtime image while still rejecting build-only tools.

* Allow private LAN browser origins for daemon

* Share daemon origin validation helpers

Move browser origin validation into a shared daemon module so tests exercise the production logic and cover the remaining private LAN edge cases.

* Harden Docker Compose port exposure

Bind the Compose deployment to localhost by default and pass the published port through to the daemon origin checks so host-port overrides remain same-origin.

* Keep deployment hosts out of local-only no-origin checks

Require an actual matching Origin before configured deployment origins can satisfy local-only daemon guards, preventing no-Origin remote clients from bypassing those checks.

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Co-authored-by: mrcfps <mrc@powerformer.com>
Co-authored-by: lefarcen <935902669@qq.com>
2026-05-08 11:51:51 +08:00