diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 29b0de8c..a21ba24f 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -19,35 +19,6 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - - name: Set up JDK 8 - uses: actions/setup-java@v4 - with: - java-version: '8' # Assuming Java 8, adjust if needed - distribution: 'temurin' - cache: 'maven' - - - name: Set up Node.js 18 - uses: actions/setup-node@v4 - with: - node-version: '18' # Assuming Node.js 18 for pnpm and UI build, adjust if needed - - - name: Install pnpm - run: npm i -g pnpm - - - name: Build Java project (generate JARs) - run: mvn -U clean install -DskipTests - # This assumes orion-visor-launch.jar will be in orion-visor-launch/target/ - - - name: Build UI project (generate dist) - # Assuming the UI project is in a subdirectory named 'orion-visor-ui' - # If your UI project is at the root, remove 'working-directory' - # and adjust paths in later copy steps accordingly. - working-directory: ./orion-visor-ui - run: | - pnpm install - pnpm build - # This assumes 'dist' directory will be created in ./orion-visor-ui/dist - - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -88,7 +59,7 @@ jobs: - name: Build and push orion-visor-adminer uses: docker/build-push-action@v5 with: - context: ./docker/adminer + context: . file: ./docker/adminer/Dockerfile push: true tags: | @@ -100,7 +71,7 @@ jobs: - name: Build and push orion-visor-guacd uses: docker/build-push-action@v5 with: - context: ./docker/guacd + context: . file: ./docker/guacd/Dockerfile push: true tags: | @@ -109,18 +80,10 @@ jobs: labels: ${{ steps.meta.outputs.labels }} platforms: linux/amd64,linux/arm64 - - name: Prepare mysql build context - run: | - echo "Copying SQL to service context..." - # ls -l ./sql/ # Optional: list files for debugging - cp -r ./sql ./docker/mysql - echo "Copied SQL." - # ls -l ./docker/mysql/ # Optional: list files for debugging - - name: Build and push orion-visor-mysql uses: docker/build-push-action@v5 with: - context: ./docker/mysql + context: . file: ./docker/mysql/Dockerfile push: true tags: | @@ -132,7 +95,7 @@ jobs: - name: Build and push orion-visor-redis uses: docker/build-push-action@v5 with: - context: ./docker/redis + context: . file: ./docker/redis/Dockerfile push: true tags: | @@ -141,20 +104,10 @@ jobs: labels: ${{ steps.meta.outputs.labels }} platforms: linux/amd64,linux/arm64 - # --- Build and push orion-visor-service (requires pre-built JAR) --- - - - name: Prepare service build context - run: | - echo "Copying JAR to service context..." - # ls -l ./orion-visor-launch/target/ # Optional: list files for debugging - cp ./orion-visor-launch/target/orion-visor-launch.jar ./docker/service/orion-visor-launch.jar - echo "Copied JAR." - # ls -l ./docker/service/ # Optional: list files for debugging - - name: Build and push orion-visor-service uses: docker/build-push-action@v5 with: - context: ./docker/service + context: . file: ./docker/service/Dockerfile push: true tags: | @@ -162,23 +115,11 @@ jobs: ghcr.io/${{ github.repository_owner }}/orion-visor-service:${{ steps.meta.outputs.version }} labels: ${{ steps.meta.outputs.labels }} platforms: linux/amd64,linux/arm64 - # run: rm ./docker/service/orion-visor-launch.jar # Optional cleanup - - # --- Build and push orion-visor-ui (requires pre-built dist directory) --- - - - name: Prepare UI build context - run: | - echo "Copying UI dist to UI context..." - # ls -l ./orion-visor-ui/ # Optional: list files for debugging - # Ensure the source dist path is correct based on your UI build output - cp -r ./orion-visor-ui/dist ./docker/ui/dist - echo "Copied UI dist." - # ls -l ./docker/ui/ # Optional: list files for debugging - name: Build and push orion-visor-ui uses: docker/build-push-action@v5 with: - context: ./docker/ui # dist/ directory should now be here + context: . file: ./docker/ui/Dockerfile push: true tags: | @@ -186,5 +127,3 @@ jobs: ghcr.io/${{ github.repository_owner }}/orion-visor-ui:${{ steps.meta.outputs.version }} labels: ${{ steps.meta.outputs.labels }} platforms: linux/amd64,linux/arm64 # Uncomment for multi-platform builds - # Optional: Clean up the copied dist directory after build - # run: rm -rf ./docker/ui/dist diff --git a/build_docker.sh b/build_docker.sh new file mode 100755 index 00000000..6411fc32 --- /dev/null +++ b/build_docker.sh @@ -0,0 +1,38 @@ +#/bin/bash +set -e + +# ./build_docker.sh --push 这样使用会编译完成后自动推送镜像到阿里云仓库 +version=2.4.1 +push_images=false + +# 解析参数 +while [[ $# -gt 0 ]]; do + case "$1" in + --push) + push_images=true + shift + ;; + *) + echo "未知参数: $1" + exit 1 + ;; + esac +done + +docker build -f ./docker/ui/Dockerfile -t orion-visor-ui:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version} . && \ +docker build -f ./docker/service/Dockerfile -t orion-visor-service:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version} . && \ +docker build -f ./docker/mysql/Dockerfile -t orion-visor-mysql:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version} . && \ +docker build -f ./docker/redis/Dockerfile -t orion-visor-redis:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version} . && \ +docker build -f ./docker/adminer/Dockerfile -t orion-visor-adminer:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version} . && \ +docker build -f ./docker/guacd/Dockerfile -t orion-visor-guacd:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version} . + + +# 如果需要推送镜像 +if [ "$push_images" = true ]; then + docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version} + docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version} + docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version} + docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version} + docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version} + docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version} +fi \ No newline at end of file diff --git a/docker/adminer/build.sh b/docker/adminer/build.sh deleted file mode 100644 index 714410f5..00000000 --- a/docker/adminer/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#/bin/bash -set -e -version=2.4.1 -docker build -t orion-visor-adminer:${version} . -docker tag orion-visor-adminer:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version} -docker tag orion-visor-adminer:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:latest diff --git a/docker/guacd/build.sh b/docker/guacd/build.sh deleted file mode 100644 index 0597bab2..00000000 --- a/docker/guacd/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#/bin/bash -set -e -version=2.4.1 -docker build -t orion-visor-guacd:${version} . -docker tag orion-visor-guacd:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version} -docker tag orion-visor-guacd:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:latest diff --git a/docker/mysql/Dockerfile b/docker/mysql/Dockerfile index 6b369995..a8b72c65 100644 --- a/docker/mysql/Dockerfile +++ b/docker/mysql/Dockerfile @@ -5,12 +5,9 @@ ARG TZ=Asia/Shanghai RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \ echo '${TZ}' > /etc/timezone # 复制配置 -COPY ./my.cnf /etc/mysql/conf.d/my.cnf +COPY ./docker/mysql/my.cnf /etc/mysql/conf.d/my.cnf # 复制初始化脚本 -COPY ./sql/init-1-schema-databases.sql /tmp -COPY ./sql/init-2-schema-tables.sql /tmp -COPY ./sql/init-3-schema-quartz.sql /tmp -COPY ./sql/init-4-data.sql /tmp +COPY ./sql /tmp # 设置初始化脚本 RUN cat /tmp/init-1-schema-databases.sql >> /tmp/init.sql && \ cat /tmp/init-2-schema-tables.sql >> /tmp/init.sql && \ diff --git a/docker/mysql/build.sh b/docker/mysql/build.sh deleted file mode 100644 index 37bf3f45..00000000 --- a/docker/mysql/build.sh +++ /dev/null @@ -1,8 +0,0 @@ -#/bin/bash -set -e -version=2.4.1 -cp -r ../../sql ./sql -docker build -t orion-visor-mysql:${version} . -rm -rf ./sql -docker tag orion-visor-mysql:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version} -docker tag orion-visor-mysql:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:latest diff --git a/docker/push.sh b/docker/push.sh deleted file mode 100644 index 2de73c74..00000000 --- a/docker/push.sh +++ /dev/null @@ -1,15 +0,0 @@ -#/bin/bash -set -e -version=2.4.1 -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version} -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version} -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version} -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version} -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version} -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version} -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:latest -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:latest -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:latest -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:latest -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:latest -docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:latest diff --git a/docker/redis/Dockerfile b/docker/redis/Dockerfile index 573f2e1e..ff4bc473 100644 --- a/docker/redis/Dockerfile +++ b/docker/redis/Dockerfile @@ -11,5 +11,5 @@ RUN \ RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \ echo '${TZ}' > /etc/timezone # redis 配置 -COPY ./redis.conf /tmp +COPY ./docker/redis/redis.conf /tmp RUN cat /tmp/redis.conf > /usr/local/redis.conf diff --git a/docker/redis/build.sh b/docker/redis/build.sh deleted file mode 100644 index f0a54c46..00000000 --- a/docker/redis/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#/bin/bash -set -e -version=2.4.1 -docker build -t orion-visor-redis:${version} . -docker tag orion-visor-redis:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version} -docker tag orion-visor-redis:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:latest diff --git a/docker/service/Dockerfile b/docker/service/Dockerfile index 792eefe4..2598500f 100644 --- a/docker/service/Dockerfile +++ b/docker/service/Dockerfile @@ -1,3 +1,17 @@ +# 第一阶段:Maven构建阶段 +FROM --platform=$BUILDPLATFORM maven:3.9.10-eclipse-temurin-8-alpine AS builder + +# 设置阿里云镜像加速 +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories + +# 复制POM文件先进行依赖下载(利用Docker缓存) +WORKDIR /build +COPY . . +RUN mvn dependency:go-offline + +# 构建 +RUN mvn clean package -DskipTests + FROM --platform=$BUILDPLATFORM openjdk:8-jdk-alpine USER root WORKDIR /app @@ -14,7 +28,9 @@ RUN \ # 设置时区 RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \ echo '${TZ}' > /etc/timezone -# 复制包 -COPY ./orion-visor-launch.jar /app/app.jar + +# 从构建阶段复制jar包 +COPY --from=builder /build/orion-visor-launch/target/orion-visor-launch.jar /app/app.jar + # 启动 -CMD ["java", "-jar", "/app/app.jar"] +CMD ["java", "-jar", "/app/app.jar"] \ No newline at end of file diff --git a/docker/service/build.sh b/docker/service/build.sh deleted file mode 100644 index f8dd6b97..00000000 --- a/docker/service/build.sh +++ /dev/null @@ -1,8 +0,0 @@ -#/bin/bash -set -e -version=2.4.1 -mv ../../orion-visor-launch/target/orion-visor-launch.jar ./orion-visor-launch.jar -docker build -t orion-visor-service:${version} . -rm -rf ./orion-visor-launch.jar -docker tag orion-visor-service:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version} -docker tag orion-visor-service:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:latest diff --git a/docker/ui/Dockerfile b/docker/ui/Dockerfile index 8630f6dc..8ddf0845 100644 --- a/docker/ui/Dockerfile +++ b/docker/ui/Dockerfile @@ -1,3 +1,25 @@ +FROM --platform=$BUILDPLATFORM node:18-alpine AS builder + +# 设置阿里云镜像加速 +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories + +# 安装pnpm +RUN corepack enable && corepack prepare pnpm@latest --activate + +WORKDIR /app + +# 复制项目文件(包括package.json等) +COPY ./orion-visor-ui/package.json ./orion-visor-ui/pnpm-lock.yaml* ./ + +# 安装依赖(利用Docker缓存层) +RUN pnpm install --frozen-lockfile + +# 复制源代码 +COPY ./orion-visor-ui/ . + +# 构建项目 +RUN pnpm build + FROM --platform=$BUILDPLATFORM nginx:alpine # 系统时区 ARG TZ=Asia/Shanghai @@ -12,7 +34,7 @@ RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \ # 删除原 nginx 配置 RUN rm -rf /etc/nginx/conf.d/* # 复制包 -COPY ./dist /usr/share/nginx/html -COPY ./nginx.conf /etc/nginx/conf.d +COPY --from=builder /app/dist /usr/share/nginx/html +COPY ./docker/ui/nginx.conf /etc/nginx/conf.d # 启动 CMD ["nginx", "-g", "daemon off;"] diff --git a/docker/ui/build.sh b/docker/ui/build.sh deleted file mode 100644 index 471297e2..00000000 --- a/docker/ui/build.sh +++ /dev/null @@ -1,9 +0,0 @@ -#/bin/bash -set -e -version=2.4.1 -mv ../../orion-visor-ui/dist ./dist -docker build -t orion-visor-ui:${version} . -rm -rf ./orion-visor-launch.jar -rm -rf ./dist -docker tag orion-visor-ui:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version} -docker tag orion-visor-ui:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:latest