Refactor to install from npm instead of building from git (#15)

* Refactor to install from npm instead of building from git

* Bump openclaw upstream to 2026.3.2

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* ci: use dappnodesdk bump-upstream and add Pinata secrets for IPFS hash comments

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* ci: remove build-test job from main.yml, rely on bump-upstream for hash comments

Hash comments are posted by auto_check.yml via dappnodesdk bump-upstream.
The build-test job was causing ENOTFOUND failures on the ipfs-dev-gateway runner.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* ci: restore build-test job for PR checks using working build command

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* ci: add build-hash job on ubuntu-latest for IPFS hash comments on all PRs

Separates concerns:
- build-test: ipfs-dev-gateway, PR events only, verifies Docker build
- build-hash: ubuntu-latest, push to non-main branches, posts IPFS hash via Pinata
- release: ipfs-dev-gateway, push to main only

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Fix CI: use github-action build for IPFS hash comments on PRs

- Remove build-test job (build-hash serves as both test and hash poster)
- Remove pull_request trigger (only push events needed)
- Fix command: 'github-action build' instead of 'build github-action build'
  (the wrong command was calling the build subcommand with provider defaulting
  to dappnode, causing ENOTFOUND errors; the correct subcommand uses Pinata)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: hcastc00

.github/workflows/auto_check.yml

@@ -10,73 +10,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          submodules: true
-          fetch-depth: 0
-
-      - name: Get current submodule commit
-        id: current
-        run: echo "sha=$(git -C openclaw rev-parse HEAD)" >> "$GITHUB_OUTPUT"
-
-      - name: Fetch latest upstream release
-        id: upstream
+          node-version: "22"
+      - run: npx @dappnode/dappnodesdk github-action bump-upstream
         env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          LATEST=$(gh api repos/openclaw/openclaw/releases/latest --jq '.tag_name')
-          echo "tag=$LATEST" >> "$GITHUB_OUTPUT"
-          # Strip leading 'v' if present for the version string
-          VERSION="${LATEST#v}"
-          echo "version=$VERSION" >> "$GITHUB_OUTPUT"
-
-      - name: Update submodule to latest release
-        id: update
-        run: |
-          cd openclaw
-          git fetch --tags origin
-          git checkout ${{ steps.upstream.outputs.tag }}
-          cd ..
-          NEW_SHA=$(git -C openclaw rev-parse HEAD)
-          echo "sha=$NEW_SHA" >> "$GITHUB_OUTPUT"
-
-      - name: Check if update is needed
-        id: check
-        run: |
-          if [ "${{ steps.current.outputs.sha }}" = "${{ steps.update.outputs.sha }}" ]; then
-            echo "changed=false" >> "$GITHUB_OUTPUT"
-          else
-            echo "changed=true" >> "$GITHUB_OUTPUT"
-          fi
-
-      - name: Update upstream version in dappnode_package.json
-        if: steps.check.outputs.changed == 'true'
-        run: |
-          VERSION=${{ steps.upstream.outputs.version }}
-          jq --arg v "$VERSION" '.upstreamVersion = $v' dappnode_package.json > tmp.json && mv tmp.json dappnode_package.json
-
-      - name: Create PR
-        if: steps.check.outputs.changed == 'true'
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          VERSION=${{ steps.upstream.outputs.version }}
-          BRANCH="bump-upstream/v${VERSION}"
-
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-
-          # Check if branch already exists on remote
-          if git ls-remote --heads origin "$BRANCH" | grep -q "$BRANCH"; then
-            echo "Branch $BRANCH already exists, skipping"
-            exit 0
-          fi
-
-          git checkout -b "$BRANCH"
-          git add openclaw dappnode_package.json
-          git commit -m "Bump openclaw upstream to ${VERSION}"
-          git push origin "$BRANCH"
-
-          gh pr create \
-            --title "Bump openclaw upstream to ${VERSION}" \
-            --body "Bumps openclaw submodule to release \`${{ steps.upstream.outputs.tag }}\`." \
-            --base main
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PINATA_API_KEY: ${{ secrets.PINATA_API_KEY }}
+          PINATA_SECRET_API_KEY: ${{ secrets.PINATA_SECRET_API_KEY }}

.github/workflows/main.yml

@@ -1,36 +1,32 @@
 name: "Main"
 on:
   repository_dispatch:
-  pull_request:
   push:
-    branches:
-      - "main"
-      - "v[0-9]+.[0-9]+.[0-9]+"
     paths-ignore:
       - "README.md"
 
 jobs:
-  build-test:
-    runs-on: ipfs-dev-gateway
-    name: Build test
-    if: github.event_name != 'push'
+  build-hash:
+    runs-on: ubuntu-latest
+    name: Build and post IPFS hash
+    if: github.event_name == 'push' && github.ref != 'refs/heads/main'
     steps:
       - uses: actions/checkout@v4
-        with:
-          submodules: true
       - uses: actions/setup-node@v4
         with:
           node-version: "22"
-      - run: npx @dappnode/dappnodesdk build --provider http://10.200.200.7:5001 --timeout 1h
+      - run: npx @dappnode/dappnodesdk github-action build
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PINATA_API_KEY: ${{ secrets.PINATA_API_KEY }}
+          PINATA_SECRET_API_KEY: ${{ secrets.PINATA_SECRET_API_KEY }}
 
   release:
     name: Release
     runs-on: ipfs-dev-gateway
-    if: github.event_name == 'push' || github.event_name == 'repository_dispatch'
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event_name == 'repository_dispatch'
     steps:
       - uses: actions/checkout@v4
-        with:
-          submodules: true
       - uses: actions/setup-node@v4
         with:
           node-version: "22"

.gitignore

@@ -1,3 +1,6 @@
+# Former git submodule (now installed via npm at build time)
+openclaw/
+
 # Build artifacts
 build_*/
 *.xz

.gitmodules

@@ -2,16 +2,14 @@ ARG UPSTREAM_VERSION="latest"
 
 FROM node:22-bookworm
 
-# Install Bun (required for build scripts) and sudo (needed by openclaw tool executor)
+# Install Bun (required by openclaw at runtime) and sudo (needed by openclaw tool executor)
 RUN curl -fsSL https://bun.sh/install | bash && \
     apt-get update && \
     apt-get install -y --no-install-recommends sudo && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/*
 ENV PATH="/root/.bun/bin:${PATH}"
 
-RUN corepack enable
-
 WORKDIR /app
 
 ARG OPENCLAW_DOCKER_APT_PACKAGES=""
@@ -22,21 +20,11 @@ RUN if [ -n "$OPENCLAW_DOCKER_APT_PACKAGES" ]; then \
       rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*; \
     fi
 
-COPY openclaw/package.json openclaw/pnpm-lock.yaml openclaw/pnpm-workspace.yaml openclaw/.npmrc ./
-COPY openclaw/ui/package.json ./ui/package.json
-COPY openclaw/patches ./patches
-COPY openclaw/scripts ./scripts
-
-RUN pnpm install --frozen-lockfile
-
-COPY openclaw/ .
-RUN OPENCLAW_A2UI_SKIP_MISSING=1 pnpm build
-# Force pnpm for UI build (Bun may fail on ARM/Synology architectures)
-ENV OPENCLAW_PREFER_PNPM=1
-RUN pnpm ui:build
+ARG UPSTREAM_VERSION
+RUN npm install -g openclaw@${UPSTREAM_VERSION}
 
-# Make the openclaw CLI available in PATH
-RUN ln -s /app/openclaw.mjs /usr/local/bin/openclaw
+# Make json5 (openclaw dependency) resolvable by plain require('json5')
+ENV NODE_PATH=/usr/local/lib/node_modules
 
 ENV NODE_ENV=production
 
@@ -66,4 +54,4 @@ HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
 
 # Run as root (no-new-privileges prevents privilege escalation via gosu/sudo)
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
-CMD ["node", "dist/index.js", "gateway", "--allow-unconfigured"]
+CMD ["openclaw", "gateway", "--allow-unconfigured"]

Dockerfile

@@ -1,7 +1,7 @@
 {
   "name": "openclaw.dnp.dappnode.eth",
   "version": "0.1.0",
-  "upstreamVersion": "2026.3.1",
+  "upstreamVersion": "2026.3.2",
   "upstreamRepo": "openclaw/openclaw",
   "upstreamArg": "UPSTREAM_VERSION",
   "shortDescription": "Personal AI assistant gateway with multi-LLM support",
@@ -89,4 +89,4 @@
     "featuredBackground": "linear-gradient(135deg, #667eea 0%, #764ba2 100%)",
     "featuredColor": "white"
   }
-}
+}

dappnode_package.json

@@ -5,7 +5,7 @@ services:
       context: .
       dockerfile: Dockerfile
       args:
-        UPSTREAM_VERSION: "latest"
+        UPSTREAM_VERSION: "2026.3.2"
     image: "openclaw.dnp.dappnode.eth:0.1.0"
     container_name: DAppNodePackage-openclaw.dnp.dappnode.eth
     restart: unless-stopped
@@ -26,8 +26,7 @@ services:
         max-size: "10m"
         max-file: "3"
     command:
-      - "node"
-      - "dist/index.js"
+      - "openclaw"
       - "gateway"
       - "--allow-unconfigured"
 

docker-compose.yml

@@ -29,7 +29,7 @@ EOF
 else
     node -e "
 const fs = require('fs');
-const JSON5 = require('/app/node_modules/json5');
+const JSON5 = require('json5');
 const configPath = '$CONFIG_FILE';
 try {
   const config = JSON5.parse(fs.readFileSync(configPath, 'utf8'));