Fist commit

.github/workflows/dockerhub.yml

@@ -0,0 +1,147 @@
+name: 📦 Publish Docker (Docker Hub)
+
+on:
+  release:
+    types: [published]
+  workflow_dispatch:
+    inputs:
+      version:
+        description: "Release tag (e.g., v1.2.3 or 1.2.3)"
+        required: true
+
+permissions:
+  contents: read
+
+concurrency:
+  group: dockerhub-publish-a2a-validator
+  cancel-in-progress: true
+
+jobs:
+  build-and-push:
+    name: Build & Push (Docker Hub)
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      # Normalize version from release tag or manual input
+      - name: Derive release version
+        id: version
+        shell: bash
+        run: |
+          if [ "${{ github.event_name }}" = "release" ]; then
+            RAW="${GITHUB_REF#refs/tags/}"
+          else
+            RAW="${{ github.event.inputs.version }}"
+          fi
+          if [ -z "$RAW" ]; then
+            echo "Version not provided."; exit 1
+          fi
+          if [[ "$RAW" =~ ^v ]]; then
+            RELEASE_TAG="$RAW"
+            SEMVER="${RAW#v}"
+          else
+            RELEASE_TAG="v$RAW"
+            SEMVER="$RAW"
+          fi
+          echo "RELEASE_TAG=$RELEASE_TAG" >> $GITHUB_ENV
+          echo "SEMVER=$SEMVER" >> $GITHUB_ENV
+          echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV
+          echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
+          echo "Resolved RELEASE_TAG=${RELEASE_TAG}, SEMVER=${SEMVER}, SHORT_SHA=${SHORT_SHA}"
+
+      # docker.io requires lowercase namespace
+      - name: Compute image name (lowercase)
+        id: img
+        shell: bash
+        run: |
+          USER_RAW="${{ secrets.DOCKERHUB_USERNAME }}"
+          USER_LC="${USER_RAW,,}"
+          IMAGE="docker.io/${USER_LC}/a2a-validator"
+          echo "IMAGE=$IMAGE" >> $GITHUB_ENV
+          echo "Image: $IMAGE"
+
+      - name: Set up QEMU (multi-arch)
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Docker Hub login
+        uses: docker/login-action@v3
+        with:
+          registry: docker.io
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Docker metadata (tags & labels)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.IMAGE }}
+          flavor: |
+            latest=false
+          tags: |
+            # stable semver tags (always)
+            type=raw,value=v${{ env.SEMVER }}
+            type=semver,pattern={{version}},value=${{ env.SEMVER }}
+            type=semver,pattern={{major}}.{{minor}},value=${{ env.SEMVER }}
+            type=semver,pattern={{major}},value=${{ env.SEMVER }}
+            # short sha tag (always)
+            type=raw,value=sha-${{ env.SHORT_SHA }}
+            # latest only on release
+            type=raw,value=latest,enable=${{ github.event_name == 'release' }}
+          labels: |
+            org.opencontainers.image.title=a2a-validator
+            org.opencontainers.image.description=A2A Validator — web inspector & debugger for A2A agents
+            org.opencontainers.image.url=https://github.com/${{ github.repository }}
+            org.opencontainers.image.source=https://github.com/${{ github.repository }}
+            org.opencontainers.image.version=${{ env.SEMVER }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.created=${{ env.BUILD_DATE }}
+
+      # Build & push using your Dockerfile
+      - name: Build & push (Docker Hub)
+        id: build
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          build-args: |
+            BUILD_VERSION=${{ env.SEMVER }}
+            BUILD_COMMIT=${{ github.sha }}
+            BUILD_DATE=${{ env.BUILD_DATE }}
+
+      # Guard 1: The image must NOT contain a baked /app/.env
+      - name: Sanity guard — no baked .env
+        shell: bash
+        run: |
+          REF="$(echo "${{ steps.meta.outputs.tags }}" | head -n1)"
+          docker run --rm --entrypoint /bin/bash "$REF" -lc 'test ! -f /app/.env'
+          echo "OK: no baked /app/.env"
+
+      # Guard 2: The image must NOT contain a SQLite db (e.g. *.sqlite)
+      - name: Sanity guard — no baked SQLite DB
+        shell: bash
+        run: |
+          REF="$(echo "${{ steps.meta.outputs.tags }}" | head -n1)"
+          docker run --rm --entrypoint /bin/bash "$REF" -lc 'if find /app -maxdepth 6 -name "*.sqlite" -o -name "*.db" | grep -q .; then echo "Found SQLite DB in image"; exit 1; fi'
+          echo "OK: no baked SQLite DB"
+
+      - name: Inspect multi-arch manifest (release tag)
+        if: always()
+        shell: bash
+        run: |
+          echo "Inspecting v${SEMVER}…"
+          docker buildx imagetools inspect "${IMAGE}:v${SEMVER}"
+          if [ "${{ github.event_name }}" = "release" ]; then
+            echo "Inspecting latest…"
+            docker buildx imagetools inspect "${IMAGE}:latest"
+          fi

.github/workflows/ghcr.yml

@@ -0,0 +1,146 @@
+name: 📦 Publish Docker (GHCR)
+
+on:
+  release:
+    types: [published]
+  workflow_dispatch:
+    inputs:
+      version:
+        description: "Release tag (e.g., v1.2.3 or 1.2.3)"
+        required: true
+
+permissions:
+  contents: read
+  packages: write
+
+concurrency:
+  group: ghcr-publish-a2a-validator
+  cancel-in-progress: true
+
+jobs:
+  build-and-push:
+    name: Build & Push (GHCR)
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      # Normalize version from release tag or manual input
+      - name: Derive release version
+        id: version
+        shell: bash
+        run: |
+          if [ "${{ github.event_name }}" = "release" ]; then
+            RAW="${GITHUB_REF#refs/tags/}"
+          else
+            RAW="${{ github.event.inputs.version }}"
+          fi
+          if [ -z "$RAW" ]; then
+            echo "Version not provided."; exit 1
+          fi
+          if [[ "$RAW" =~ ^v ]]; then
+            RELEASE_TAG="$RAW"
+            SEMVER="${RAW#v}"
+          else
+            RELEASE_TAG="v$RAW"
+            SEMVER="$RAW"
+          fi
+          echo "RELEASE_TAG=$RELEASE_TAG" >> $GITHUB_ENV
+          echo "SEMVER=$SEMVER" >> $GITHUB_ENV
+          echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV
+          echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
+          echo "Resolved RELEASE_TAG=${RELEASE_TAG}, SEMVER=${SEMVER}, SHORT_SHA=${SHORT_SHA}"
+
+      # ghcr.io requires lowercase owner in the image path
+      - name: Compute image name (lowercase)
+        id: img
+        shell: bash
+        run: |
+          OWNER_LC="${GITHUB_REPOSITORY_OWNER,,}"
+          IMAGE="ghcr.io/${OWNER_LC}/a2a-validator"
+          echo "IMAGE=$IMAGE" >> $GITHUB_ENV
+          echo "Image: $IMAGE"
+
+      - name: Set up QEMU (multi-arch)
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: GHCR login
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker metadata (tags & labels)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.IMAGE }}
+          flavor: |
+            latest=false
+          tags: |
+            # stable semver tags (always)
+            type=raw,value=v${{ env.SEMVER }}
+            type=semver,pattern={{version}},value=${{ env.SEMVER }}
+            type=semver,pattern={{major}}.{{minor}},value=${{ env.SEMVER }}
+            type=semver,pattern={{major}},value=${{ env.SEMVER }}
+            # short sha tag (always)
+            type=raw,value=sha-${{ env.SHORT_SHA }}
+            # latest only on release
+            type=raw,value=latest,enable=${{ github.event_name == 'release' }}
+          labels: |
+            org.opencontainers.image.title=a2a-validator
+            org.opencontainers.image.description=A2A Validator — web inspector & debugger for A2A agents
+            org.opencontainers.image.url=https://github.com/${{ github.repository }}
+            org.opencontainers.image.source=https://github.com/${{ github.repository }}
+            org.opencontainers.image.version=${{ env.SEMVER }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.created=${{ env.BUILD_DATE }}
+
+      - name: Build & push (GHCR)
+        id: build
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          build-args: |
+            BUILD_VERSION=${{ env.SEMVER }}
+            BUILD_COMMIT=${{ github.sha }}
+            BUILD_DATE=${{ env.BUILD_DATE }}
+
+      # Guard 1: The image must NOT contain a baked /app/.env
+      - name: Sanity guard — no baked .env
+        shell: bash
+        run: |
+          REF="$(echo "${{ steps.meta.outputs.tags }}" | head -n1)"
+          docker run --rm --entrypoint /bin/bash "$REF" -lc 'test ! -f /app/.env'
+          echo "OK: no baked /app/.env"
+
+      # Guard 2: The image must NOT contain a SQLite db (e.g. *.sqlite or *.db)
+      - name: Sanity guard — no baked SQLite DB
+        shell: bash
+        run: |
+          REF="$(echo "${{ steps.meta.outputs.tags }}" | head -n1)"
+          docker run --rm --entrypoint /bin/bash "$REF" -lc 'if find /app -maxdepth 6 -name "*.sqlite" -o -name "*.db" | grep -q .; then echo "Found SQLite DB in image"; exit 1; fi'
+          echo "OK: no baked SQLite DB"
+
+      - name: Inspect multi-arch manifest (release tag)
+        if: always()
+        shell: bash
+        run: |
+          echo "Inspecting v${SEMVER}…"
+          docker buildx imagetools inspect "${IMAGE}:v${SEMVER}"
+          if [ "${{ github.event_name }}" = "release" ]; then
+            echo "Inspecting latest…"
+            docker buildx imagetools inspect "${IMAGE}:latest"
+          fi

README.md

@@ -59,6 +59,59 @@ curl -s -X POST localhost:7860/agent-card \
   -d '{"url":"http://localhost:8080/","sid":"test"}' | jq
 ```
 
+## Installation (Docker) — pull from Docker Hub or GHCR
+
+You can run A2A Validator as a single container. Choose your preferred registry, pull the image, and map a port.
+
+> Replace placeholders with your image path and tag:
+>
+> * Docker Hub: `docker.io/russlanmv/a2a-validator`
+> * GHCR: `ghcr.io/<owner>/a2a-validator`
+
+### Option 1 — Docker Hub
+
+```bash
+# Pull
+docker pull docker.io/ruslanmv/a2a-validator
+
+# Run (maps host 7860 → container 7860)
+docker run --rm -p 7860:7860 docker.io/ruslanmv/a2a-validator
+```
+
+### Option 2 — GitHub Container Registry (GHCR)
+
+If needed, authenticate first:
+
+```bash
+echo "$GITHUB_TOKEN" | docker login ghcr.io -u <github-username> --password-stdin
+```
+
+Then pull and run:
+
+```bash
+docker pull ghcr.io/<owner>/a2a-validator
+
+docker run --rm -p 7860:7860 ghcr.io/ruslanmv/a2a-validator
+```
+
+### Quick smoke test
+
+With the container running locally:
+
+```bash
+# Open the UI
+# http://localhost:7860/validator
+
+# Optional: test the card endpoint
+curl -s -X POST http://localhost:7860/agent-card \
+  -H 'content-type: application/json' \
+  -d '{"url":"http://localhost:8080/","sid":"test"}' | jq
+```
+
+To stop it, press `Ctrl+C` (foreground) or `docker stop <container-id>` if you ran it detached.
+
+
+
 -----
 
 ## 🛠️ How It Works