add devbox ci

.github/README-ci.md

@@ -15,8 +15,10 @@ This repository publishes CI artifacts and container images from `github.com/sea
   - `ghcr.io/sealos-apps/devbox-v2-server`
   - `ghcr.io/sealos-apps/devbox-v2-httpgate`
   - `ghcr.io/sealos-apps/devbox-v2-sshgate`
+  - `ghcr.io/sealos-apps/devbox-v1`
+  - `ghcr.io/sealos-apps/devbox-v2`
 - `Release`
-  Triggers on `v*` tags, creates a GitHub Release, and uploads generated controller manifests plus `v1-cri-shim`, `v2-server`, `v2-httpgate`, and `v2-sshgate` release artifacts.
+  Triggers on `v*` tags, creates a GitHub Release, publishes the versioned cluster images, and uploads generated controller manifests plus `v1-cri-shim`, `v2-server`, `v2-httpgate`, and `v2-sshgate` release artifacts.
 
 ## Trigger Rules
 

.github/workflows/images.yml

@@ -13,6 +13,7 @@
 env:
   REGISTRY: ghcr.io
   IMAGE_NAMESPACE: ${{ github.repository_owner }}
+  SEALOS_VERSION: "5.1.1"
 
 jobs:
   build-and-push:
@@ -95,3 +96,101 @@
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=gha,scope=${{ matrix.name }}
           cache-to: type=gha,mode=max,scope=${{ matrix.name }}
+
+  cluster-images:
+    name: Cluster Image / ${{ matrix.name }}
+    runs-on: ubuntu-latest
+    needs:
+      - build-and-push
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - name: v1
+            image_name: devbox-v1
+            deploy_context: v1/deploy
+          - name: v2
+            image_name: devbox-v2
+            deploy_context: v2/deploy
+    env:
+      APP_VERSION: ${{ github.ref_name == 'main' && 'latest' || github.ref_name }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install sealos
+        run: |
+          curl -sSL -H 'User-Agent: curl' \
+            -o /tmp/sealos.tgz \
+            "https://github.com/labring/sealos/releases/download/v${SEALOS_VERSION}/sealos_${SEALOS_VERSION}_linux_amd64.tar.gz"
+          tar -xzf /tmp/sealos.tgz -C /tmp
+          sudo install "$(find /tmp -maxdepth 2 -type f -name sealos | head -n 1)" /usr/local/bin/sealos
+          sealos version
+
+      - name: Prepare cluster image context
+        id: prepare
+        run: |
+          workdir="$(mktemp -d)"
+          cp -R "${{ matrix.deploy_context }}/." "${workdir}/"
+
+          case "${{ matrix.name }}" in
+            v1)
+              values_file="${workdir}/charts/devbox-v1/values.yaml"
+              sed -i.bak -E "/^controller:/,/^frontend:/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v1-controller#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              sed -i.bak -E "/^frontend:/,\$/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v1-frontend#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              ;;
+            v2)
+              values_file="${workdir}/charts/devbox-v2/values.yaml"
+              sed -i.bak -E "/^controller:/,/^server:/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-controller#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              sed -i.bak -E "/^server:/,/^frontend:/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-server#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              sed -i.bak -E "/^frontend:/,/^httpgate:/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-frontend#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              sed -i.bak -E "s#^  repository: .*#  repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-httpgate#; s#^  tag: .*#  tag: ${APP_VERSION}#" "${workdir}/charts/devbox-v2/charts/httpgate/values.yaml"
+              sed -i.bak -E "s#^image: .*#image: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-sshgate:${APP_VERSION}#" "${workdir}/charts/devbox-v2/charts/sshgate/values.yaml"
+              ;;
+          esac
+
+          find "${workdir}" -name '*.bak' -delete
+
+          sealos registry save --registry-dir "${workdir}/registry_amd64" --arch amd64 "${workdir}"
+          sealos registry save --registry-dir "${workdir}/registry_arm64" --arch arm64 "${workdir}"
+
+          echo "workdir=${workdir}" >> "${GITHUB_OUTPUT}"
+
+      - name: Compute cluster image metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/${{ matrix.image_name }}
+          tags: |
+            type=ref,event=branch
+            type=sha,prefix=sha-
+            type=raw,value=latest,enable=${{ github.ref_name == 'main' }}
+
+      - name: Build and push cluster image
+        uses: docker/build-push-action@v6
+        with:
+          context: ${{ steps.prepare.outputs.workdir }}
+          file: ${{ steps.prepare.outputs.workdir }}/Kubefile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          build-args: |
+            APP_VERSION=${{ env.APP_VERSION }}
+            IMAGE_REGISTRY=${{ env.REGISTRY }}
+            IMAGE_NAMESPACE=${{ env.IMAGE_NAMESPACE }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha,scope=cluster-${{ matrix.name }}
+          cache-to: type=gha,mode=max,scope=cluster-${{ matrix.name }}

.github/workflows/release.yml

@@ -14,6 +14,7 @@
   RUST_TOOLCHAIN: "stable"
   REGISTRY: ghcr.io
   IMAGE_NAMESPACE: ${{ github.repository_owner }}
+  SEALOS_VERSION: "5.1.1"
 
 jobs:
   images:
@@ -97,6 +98,104 @@
           cache-from: type=gha,scope=release-${{ matrix.name }}
           cache-to: type=gha,mode=max,scope=release-${{ matrix.name }}
 
+  cluster-images:
+    name: Release Cluster Image / ${{ matrix.name }}
+    runs-on: ubuntu-latest
+    needs:
+      - images
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - name: v1
+            image_name: devbox-v1
+            deploy_context: v1/deploy
+          - name: v2
+            image_name: devbox-v2
+            deploy_context: v2/deploy
+    env:
+      APP_VERSION: ${{ github.ref_name }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install sealos
+        run: |
+          curl -sSL -H 'User-Agent: curl' \
+            -o /tmp/sealos.tgz \
+            "https://github.com/labring/sealos/releases/download/v${SEALOS_VERSION}/sealos_${SEALOS_VERSION}_linux_amd64.tar.gz"
+          tar -xzf /tmp/sealos.tgz -C /tmp
+          sudo install "$(find /tmp -maxdepth 2 -type f -name sealos | head -n 1)" /usr/local/bin/sealos
+          sealos version
+
+      - name: Prepare cluster image context
+        id: prepare
+        run: |
+          workdir="$(mktemp -d)"
+          cp -R "${{ matrix.deploy_context }}/." "${workdir}/"
+
+          case "${{ matrix.name }}" in
+            v1)
+              values_file="${workdir}/charts/devbox-v1/values.yaml"
+              sed -i.bak -E "/^controller:/,/^frontend:/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v1-controller#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              sed -i.bak -E "/^frontend:/,\$/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v1-frontend#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              ;;
+            v2)
+              values_file="${workdir}/charts/devbox-v2/values.yaml"
+              sed -i.bak -E "/^controller:/,/^server:/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-controller#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              sed -i.bak -E "/^server:/,/^frontend:/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-server#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              sed -i.bak -E "/^frontend:/,/^httpgate:/{s#^    repository: .*#    repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-frontend#; s#^    tag: .*#    tag: ${APP_VERSION}#}" "${values_file}"
+              sed -i.bak -E "s#^  repository: .*#  repository: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-httpgate#; s#^  tag: .*#  tag: ${APP_VERSION}#" "${workdir}/charts/devbox-v2/charts/httpgate/values.yaml"
+              sed -i.bak -E "s#^image: .*#image: ${REGISTRY}/${IMAGE_NAMESPACE}/devbox-v2-sshgate:${APP_VERSION}#" "${workdir}/charts/devbox-v2/charts/sshgate/values.yaml"
+              ;;
+          esac
+
+          find "${workdir}" -name '*.bak' -delete
+
+          sealos registry save --registry-dir "${workdir}/registry_amd64" --arch amd64 "${workdir}"
+          sealos registry save --registry-dir "${workdir}/registry_arm64" --arch arm64 "${workdir}"
+
+          echo "workdir=${workdir}" >> "${GITHUB_OUTPUT}"
+
+      - name: Compute cluster image metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/${{ matrix.image_name }}
+          tags: |
+            type=ref,event=tag
+            type=sha,prefix=sha-
+            type=raw,value=latest
+
+      - name: Build and push cluster image
+        uses: docker/build-push-action@v6
+        with:
+          context: ${{ steps.prepare.outputs.workdir }}
+          file: ${{ steps.prepare.outputs.workdir }}/Kubefile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          build-args: |
+            APP_VERSION=${{ env.APP_VERSION }}
+            IMAGE_REGISTRY=${{ env.REGISTRY }}
+            IMAGE_NAMESPACE=${{ env.IMAGE_NAMESPACE }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha,scope=release-cluster-${{ matrix.name }}
+          cache-to: type=gha,mode=max,scope=release-cluster-${{ matrix.name }}
+
   controller-manifests:
     name: Controller Manifest / ${{ matrix.target }}
     runs-on: ubuntu-latest
@@ -278,6 +377,7 @@
     runs-on: ubuntu-latest
     needs:
       - images
+      - cluster-images
       - controller-manifests
       - v1-cri-shim-binaries
       - v2-server-binaries
@@ -313,6 +413,8 @@
             - `ghcr.io/${{ github.repository_owner }}/devbox-v2-server:${{ github.ref_name }}`
             - `ghcr.io/${{ github.repository_owner }}/devbox-v2-httpgate:${{ github.ref_name }}`
             - `ghcr.io/${{ github.repository_owner }}/devbox-v2-sshgate:${{ github.ref_name }}`
+            - `ghcr.io/${{ github.repository_owner }}/devbox-v1:${{ github.ref_name }}`
+            - `ghcr.io/${{ github.repository_owner }}/devbox-v2:${{ github.ref_name }}`
 
             Binary artifacts attached to this release:
 

.gitignore

@@ -2,3 +2,4 @@ tmp
 bin
 .vscode
 *.DS_Store
+.idea

README.md

@@ -95,6 +95,8 @@ Default image names now follow the new repository naming:
 - `ghcr.io/sealos-apps/devbox-v1-frontend:latest`
 - `ghcr.io/sealos-apps/devbox-v2-controller:latest`
 - `ghcr.io/sealos-apps/devbox-v2-frontend:latest`
+- `ghcr.io/sealos-apps/devbox-v1:latest`
+- `ghcr.io/sealos-apps/devbox-v2:latest`
 
 You can override these at build or deploy time with `IMG=...` for controllers and `IMG=...` for frontends.
 
@@ -112,12 +114,19 @@ Tagging a release such as `v1.2.3` will publish:
 - `ghcr.io/sealos-apps/devbox-v1-frontend:v1.2.3`
 - `ghcr.io/sealos-apps/devbox-v2-controller:v1.2.3`
 - `ghcr.io/sealos-apps/devbox-v2-frontend:v1.2.3`
+- `ghcr.io/sealos-apps/devbox-v1:v1.2.3`
+- `ghcr.io/sealos-apps/devbox-v2:v1.2.3`
 
 The release workflow also uploads controller manifest bundles generated from:
 
 - `v1/controller`
 - `v2/controller`
 
+Sealos cluster image packaging lives under:
+
+- [`v1/deploy`](./v1/deploy)
+- [`v2/deploy`](./v2/deploy)
+
 If you need to publish manually, you can still run the local make targets:
 
 ```bash

v1/deploy/Kubefile

@@ -0,0 +1,17 @@
+FROM --platform=$BUILDPLATFORM scratch
+ARG TARGETARCH
+ARG APP_VERSION=latest
+ARG IMAGE_REGISTRY=ghcr.io
+ARG IMAGE_NAMESPACE=sealos-apps
+
+USER 65532:65532
+
+COPY registry_${TARGETARCH} registry
+COPY install.sh install.sh
+COPY charts charts
+
+ENV APP_VERSION=${APP_VERSION}
+ENV IMAGE_REGISTRY=${IMAGE_REGISTRY}
+ENV IMAGE_NAMESPACE=${IMAGE_NAMESPACE}
+
+CMD ["bash", "install.sh"]

v1/deploy/README.md

@@ -0,0 +1,22 @@
+# DevBox v1 Cluster Image
+
+This directory contains the Sealos cluster image packaging for DevBox v1.
+
+## Contents
+
+- `Kubefile`: cluster image build entrypoint
+- `install.sh`: Sealos-aware Helm installer
+- `charts/devbox-v1`: aggregated Helm chart for `v1/controller` and `v1/frontend`
+
+## Build Notes
+
+The cluster image expects architecture-specific `registry_<arch>` directories beside the `Kubefile`.
+These are generated in CI with `sealos registry save` before building the image.
+
+## Runtime Notes
+
+- Default release name: `devbox-v1`
+- Default release namespace: `devbox-system`
+- Frontend namespace: `devbox-frontend`
+- The installer will try to read `cloudDomain` and `jwtInternal` from `sealos-system/sealos-config`
+- If the template database URL cannot be discovered automatically, provide `DATABASE_URL` or edit `/root/.sealos/cloud/values/apps/devbox-v1/values.yaml`

v1/deploy/charts/devbox-v1/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: devbox-v1
+description: Sealos cluster image chart for DevBox v1
+type: application
+version: 0.1.0
+appVersion: latest