feat(docker) 重构Docker构建流程，使用多阶段构建并优化CI配置

2025-07-03 01:01:59 +08:00
parent 4ee4333bfe
commit 5c03784f9c
13 changed files with 90 additions and 136 deletions
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -19,35 +19,6 @@ jobs:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Set up JDK 8
        uses: actions/setup-java@v4
        with:
          java-version: '8' # Assuming Java 8, adjust if needed
          distribution: 'temurin'
          cache: 'maven'
      - name: Set up Node.js 18
        uses: actions/setup-node@v4
        with:
          node-version: '18' # Assuming Node.js 18 for pnpm and UI build, adjust if needed
      - name: Install pnpm
        run: npm i -g pnpm
      - name: Build Java project (generate JARs)
        run: mvn -U clean install -DskipTests
        # This assumes orion-visor-launch.jar will be in orion-visor-launch/target/
      - name: Build UI project (generate dist)
        # Assuming the UI project is in a subdirectory named 'orion-visor-ui'
        # If your UI project is at the root, remove 'working-directory'
        # and adjust paths in later copy steps accordingly.
        working-directory: ./orion-visor-ui
        run: |
          pnpm install
          pnpm build
        # This assumes 'dist' directory will be created in ./orion-visor-ui/dist
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
@@ -88,7 +59,7 @@ jobs:
      - name: Build and push orion-visor-adminer
        uses: docker/build-push-action@v5
        with:
-          context: ./docker/adminer
+          context: .
          file: ./docker/adminer/Dockerfile
          push: true
          tags: |
@@ -100,7 +71,7 @@ jobs:
      - name: Build and push orion-visor-guacd
        uses: docker/build-push-action@v5
        with:
-          context: ./docker/guacd
+          context: .
          file: ./docker/guacd/Dockerfile
          push: true
          tags: |
@@ -109,18 +80,10 @@ jobs:
          labels: ${{ steps.meta.outputs.labels }}
          platforms: linux/amd64,linux/arm64
      - name: Prepare mysql build context
        run: |
          echo "Copying SQL to service context..."
          # ls -l ./sql/ # Optional: list files for debugging
          cp -r ./sql ./docker/mysql
          echo "Copied SQL."
          # ls -l ./docker/mysql/ # Optional: list files for debugging
      - name: Build and push orion-visor-mysql
        uses: docker/build-push-action@v5
        with:
-          context: ./docker/mysql
+          context: .
          file: ./docker/mysql/Dockerfile
          push: true
          tags: |
@@ -132,7 +95,7 @@ jobs:
      - name: Build and push orion-visor-redis
        uses: docker/build-push-action@v5
        with:
-          context: ./docker/redis
+          context: .
          file: ./docker/redis/Dockerfile
          push: true
          tags: |
@@ -141,20 +104,10 @@ jobs:
          labels: ${{ steps.meta.outputs.labels }}
          platforms: linux/amd64,linux/arm64
      # --- Build and push orion-visor-service (requires pre-built JAR) ---
      - name: Prepare service build context
        run: |
          echo "Copying JAR to service context..."
          # ls -l ./orion-visor-launch/target/ # Optional: list files for debugging
          cp ./orion-visor-launch/target/orion-visor-launch.jar ./docker/service/orion-visor-launch.jar
          echo "Copied JAR."
          # ls -l ./docker/service/ # Optional: list files for debugging
      - name: Build and push orion-visor-service
        uses: docker/build-push-action@v5
        with:
-          context: ./docker/service
+          context: .
          file: ./docker/service/Dockerfile
          push: true
          tags: |
@@ -162,23 +115,11 @@ jobs:
            ghcr.io/${{ github.repository_owner }}/orion-visor-service:${{ steps.meta.outputs.version }}
          labels: ${{ steps.meta.outputs.labels }}
          platforms: linux/amd64,linux/arm64
        # run: rm ./docker/service/orion-visor-launch.jar # Optional cleanup
      # --- Build and push orion-visor-ui (requires pre-built dist directory) ---
      - name: Prepare UI build context
        run: |
          echo "Copying UI dist to UI context..."
          # ls -l ./orion-visor-ui/ # Optional: list files for debugging
          # Ensure the source dist path is correct based on your UI build output
          cp -r ./orion-visor-ui/dist ./docker/ui/dist
          echo "Copied UI dist."
          # ls -l ./docker/ui/ # Optional: list files for debugging
      - name: Build and push orion-visor-ui
        uses: docker/build-push-action@v5
        with:
-          context: ./docker/ui # dist/ directory should now be here
+          context: .
          file: ./docker/ui/Dockerfile
          push: true
          tags: |
@@ -186,5 +127,3 @@ jobs:
            ghcr.io/${{ github.repository_owner }}/orion-visor-ui:${{ steps.meta.outputs.version }}
          labels: ${{ steps.meta.outputs.labels }}
          platforms: linux/amd64,linux/arm64 # Uncomment for multi-platform builds
        # Optional: Clean up the copied dist directory after build
        # run: rm -rf ./docker/ui/dist
--- a/build_docker.sh
+++ b/build_docker.sh
@@ -0,0 +1,38 @@
 #/bin/bash
 set -e
 # ./build_docker.sh --push 这样使用会编译完成后自动推送镜像到阿里云仓库
 version=2.4.1
 push_images=false
 # 解析参数
 while [[ $# -gt 0 ]]; do
    case "$1" in
        --push)
            push_images=true
            shift
            ;;
        *)
            echo "未知参数: $1"
            exit 1
            ;;
    esac
 done
 docker build -f ./docker/ui/Dockerfile -t orion-visor-ui:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version} . && \
 docker build -f ./docker/service/Dockerfile -t orion-visor-service:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version} . && \
 docker build -f ./docker/mysql/Dockerfile -t orion-visor-mysql:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version} . && \
 docker build -f ./docker/redis/Dockerfile -t orion-visor-redis:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version} . && \
 docker build -f ./docker/adminer/Dockerfile -t orion-visor-adminer:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version} . && \
 docker build -f ./docker/guacd/Dockerfile -t orion-visor-guacd:${version} -t registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version} .
 # 如果需要推送镜像
 if [ "$push_images" = true ]; then
    docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version}
    docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version}
    docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version}
    docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version}
    docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version}
    docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version}
 fi
--- a/docker/adminer/build.sh
+++ b/docker/adminer/build.sh
@@ -1,6 +0,0 @@
 #/bin/bash
 set -e
 version=2.4.1
 docker build -t orion-visor-adminer:${version} .
 docker tag orion-visor-adminer:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version}
 docker tag orion-visor-adminer:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:latest
--- a/docker/guacd/build.sh
+++ b/docker/guacd/build.sh
@@ -1,6 +0,0 @@
 #/bin/bash
 set -e
 version=2.4.1
 docker build -t orion-visor-guacd:${version} .
 docker tag orion-visor-guacd:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version}
 docker tag orion-visor-guacd:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:latest
--- a/docker/mysql/Dockerfile
+++ b/docker/mysql/Dockerfile
@@ -5,12 +5,9 @@ ARG TZ=Asia/Shanghai
 RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
  echo '${TZ}' > /etc/timezone
 # 复制配置
-COPY ./my.cnf /etc/mysql/conf.d/my.cnf
+COPY ./docker/mysql/my.cnf /etc/mysql/conf.d/my.cnf
 # 复制初始化脚本
-COPY ./sql/init-1-schema-databases.sql /tmp
+COPY ./sql /tmp
 COPY ./sql/init-2-schema-tables.sql /tmp
 COPY ./sql/init-3-schema-quartz.sql /tmp
 COPY ./sql/init-4-data.sql /tmp
 # 设置初始化脚本
 RUN cat /tmp/init-1-schema-databases.sql >> /tmp/init.sql && \
    cat /tmp/init-2-schema-tables.sql >> /tmp/init.sql && \
--- a/docker/mysql/build.sh
+++ b/docker/mysql/build.sh
@@ -1,8 +0,0 @@
 #/bin/bash
 set -e
 version=2.4.1
 cp -r ../../sql ./sql
 docker build -t orion-visor-mysql:${version} .
 rm -rf ./sql
 docker tag orion-visor-mysql:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version}
 docker tag orion-visor-mysql:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:latest
--- a/docker/push.sh
+++ b/docker/push.sh
@@ -1,15 +0,0 @@
 #/bin/bash
 set -e
 version=2.4.1
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version}
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version}
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version}
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version}
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version}
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version}
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:latest
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:latest
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:latest
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:latest
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:latest
 docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:latest
--- a/docker/redis/Dockerfile
+++ b/docker/redis/Dockerfile
@@ -11,5 +11,5 @@ RUN \
 RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
  echo '${TZ}' > /etc/timezone
 # redis 配置
-COPY ./redis.conf /tmp
+COPY ./docker/redis/redis.conf /tmp
 RUN cat /tmp/redis.conf > /usr/local/redis.conf
--- a/docker/redis/build.sh
+++ b/docker/redis/build.sh
@@ -1,6 +0,0 @@
 #/bin/bash
 set -e
 version=2.4.1
 docker build -t orion-visor-redis:${version} .
 docker tag orion-visor-redis:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version}
 docker tag orion-visor-redis:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:latest
--- a/docker/service/Dockerfile
+++ b/docker/service/Dockerfile
@@ -1,3 +1,17 @@
 # 第一阶段：Maven构建阶段
 FROM --platform=$BUILDPLATFORM maven:3.9.10-eclipse-temurin-8-alpine AS builder
 # 设置阿里云镜像加速
 RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
 # 复制POM文件先进行依赖下载（利用Docker缓存）
 WORKDIR /build
 COPY . .
 RUN mvn dependency:go-offline
 # 构建
 RUN mvn clean package -DskipTests
 FROM --platform=$BUILDPLATFORM openjdk:8-jdk-alpine
 USER root
 WORKDIR /app
@@ -14,7 +28,9 @@ RUN \
 # 设置时区
 RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
  echo '${TZ}' > /etc/timezone
-# 复制包
+
-COPY ./orion-visor-launch.jar /app/app.jar
+# 从构建阶段复制jar包
 COPY --from=builder /build/orion-visor-launch/target/orion-visor-launch.jar /app/app.jar
 # 启动
 CMD ["java", "-jar", "/app/app.jar"]
--- a/docker/service/build.sh
+++ b/docker/service/build.sh
@@ -1,8 +0,0 @@
 #/bin/bash
 set -e
 version=2.4.1
 mv ../../orion-visor-launch/target/orion-visor-launch.jar ./orion-visor-launch.jar
 docker build -t orion-visor-service:${version} .
 rm -rf ./orion-visor-launch.jar
 docker tag orion-visor-service:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version}
 docker tag orion-visor-service:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:latest
--- a/docker/ui/Dockerfile
+++ b/docker/ui/Dockerfile
@@ -1,3 +1,25 @@
 FROM --platform=$BUILDPLATFORM node:18-alpine AS builder
 # 设置阿里云镜像加速
 RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
 # 安装pnpm
 RUN corepack enable && corepack prepare pnpm@latest --activate
 WORKDIR /app
 # 复制项目文件（包括package.json等）
 COPY ./orion-visor-ui/package.json ./orion-visor-ui/pnpm-lock.yaml* ./
 # 安装依赖（利用Docker缓存层）
 RUN pnpm install --frozen-lockfile
 # 复制源代码
 COPY ./orion-visor-ui/ .
 # 构建项目
 RUN pnpm build
 FROM --platform=$BUILDPLATFORM nginx:alpine
 # 系统时区
 ARG TZ=Asia/Shanghai
@@ -12,7 +34,7 @@ RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
 # 删除原 nginx 配置
 RUN rm -rf /etc/nginx/conf.d/*
 # 复制包
-COPY ./dist /usr/share/nginx/html
+COPY --from=builder /app/dist /usr/share/nginx/html
-COPY ./nginx.conf /etc/nginx/conf.d
+COPY ./docker/ui/nginx.conf /etc/nginx/conf.d
 # 启动
 CMD ["nginx", "-g", "daemon off;"]
--- a/docker/ui/build.sh
+++ b/docker/ui/build.sh
@@ -1,9 +0,0 @@
 #/bin/bash
 set -e
 version=2.4.1
 mv ../../orion-visor-ui/dist ./dist
 docker build -t orion-visor-ui:${version} .
 rm -rf ./orion-visor-launch.jar
 rm -rf ./dist
 docker tag orion-visor-ui:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version}
 docker tag orion-visor-ui:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:latest