diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 16972dcaf..192d50865 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,6 +9,7 @@ permissions: contents: write pull-requests: write id-token: write + packages: write concurrency: ${{ github.workflow }}-${{ github.ref }} @@ -146,6 +147,37 @@ jobs: git tag "$TAG" git push origin "$TAG" + - name: Set up QEMU + if: steps.browse_cli.outputs.should_publish == 'true' && steps.browse_cli.outputs.already_published != 'true' + uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3 # v4.1.0 + + - name: Set up Docker Buildx + if: steps.browse_cli.outputs.should_publish == 'true' && steps.browse_cli.outputs.already_published != 'true' + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 + + - name: Log in to GitHub Container Registry + if: steps.browse_cli.outputs.should_publish == 'true' && steps.browse_cli.outputs.already_published != 'true' + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push browse image to GHCR + if: steps.browse_cli.outputs.should_publish == 'true' && steps.browse_cli.outputs.already_published != 'true' + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 + with: + context: packages/cli + file: packages/cli/Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + provenance: false + build-args: | + BROWSE_VERSION=${{ steps.browse_cli.outputs.version }} + tags: | + ghcr.io/browserbase/browse:${{ steps.browse_cli.outputs.version }} + ghcr.io/browserbase/browse:latest + - name: Publish browse canary if: github.ref == 'refs/heads/main' && steps.browse_cli.outputs.should_publish != 'true' run: | diff --git a/packages/cli/Dockerfile b/packages/cli/Dockerfile new file mode 100644 index 000000000..56d907345 --- /dev/null +++ b/packages/cli/Dockerfile @@ -0,0 +1,10 @@ +# No browser is bundled: browse drives a remote Browserbase cloud browser over +# CDP, so the image stays a thin client. +FROM node:20-slim + +ARG BROWSE_VERSION +RUN test -n "$BROWSE_VERSION" \ + && npm install -g "browse@${BROWSE_VERSION}" \ + && npm cache clean --force + +CMD ["browse", "--help"]