manager/orion-visor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🐳 修改 docker 构建逻辑.

Browse Source
This commit is contained in:
lijiahangmax
2025-07-05 01:13:28 +08:00
parent ca8c5b53d2 eb64e80d06
commit 6f0f6da07c
16 changed files with 275 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
.github/workflows/docker-publish.yml vendored Normal file
View File

@@ -0,0 +1,81 @@
name: Docker Publish
on:
push:
tags:
- 'v*'
workflow_dispatch:
jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
env:
GITHUB_REGISTRY: ghcr.io
ALIYUN_REGISTRY: registry.cn-hangzhou.aliyuncs.com
ALIYUN_NAMESPACE: ${{ vars.ALIYUN_NAMESPACE }}
DOCKERHUB_NAMESPACE: ${{ vars.DOCKERHUB_NAMESPACE }}
strategy:
matrix:
service: [ adminer, guacd, mysql, redis, service, ui ]
steps:
- name: 🌱 Checkout repository
uses: actions/checkout@v4
- name: ⚙️ Set up QEMU
uses: docker/setup-qemu-action@v3
- name: 🔧 Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: 🐳 Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: 🐳 Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.GITHUB_REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: 🐳 Login to Aliyun Registry
uses: docker/login-action@v3
with:
registry: ${{ env.ALIYUN_REGISTRY }}
username: ${{ secrets.ALIYUN_USERNAME }}
password: ${{ secrets.ALIYUN_TOKEN }}
- name: 📦 Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
orion-visor-${{ matrix.service }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: 🛠️ Build and push Docker image for orion-visor-${{ matrix.service }}
uses: docker/build-push-action@v5
with:
context: .
file: ./docker/${{ matrix.service }}/Dockerfile
push: true
tags: |
${{ env.DOCKERHUB_NAMESPACE }}/orion-visor-${{ matrix.service }}:${{ steps.meta.outputs.version }}
${{ env.DOCKERHUB_NAMESPACE }}/orion-visor-${{ matrix.service }}:latest
${{ env.GITHUB_REGISTRY }}/${{ github.repository_owner }}/orion-visor-${{ matrix.service }}:${{ steps.meta.outputs.version }}
${{ env.GITHUB_REGISTRY }}/${{ github.repository_owner }}/orion-visor-${{ matrix.service }}:latest
${{ env.ALIYUN_REGISTRY }}/${{ env.ALIYUN_NAMESPACE }}/orion-visor-${{ matrix.service }}:${{ steps.meta.outputs.version }}
${{ env.ALIYUN_REGISTRY }}/${{ env.ALIYUN_NAMESPACE }}/orion-visor-${{ matrix.service }}:latest
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64

2
docker/adminer/Dockerfile
View File

@@ -1 +1 @@
FROM adminer:latest
FROM --platform=$BUILDPLATFORM adminer:latest

6
docker/adminer/build.sh
View File

@@ -1,6 +0,0 @@
#!/bin/bash
set -e
version=2.4.1
docker build -t orion-visor-adminer:${version} .
docker tag orion-visor-adminer:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version}
docker tag orion-visor-adminer:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:latest

40
docker/build.sh Normal file
View File

@@ -0,0 +1,40 @@
#!/bin/bash
set -e
# 版本
version=2.4.1
# 是否推送
push_images=false
# 命令空间
namespace="registry.cn-hangzhou.aliyuncs.com/orionsec"
# 解析参数
while [[ $# -gt 0 ]]; do
case "$1" in
--push)
push_images=true
shift
;;
*)
echo "未知参数: $1"
exit 1
;;
esac
done
docker build -f ./ui/Dockerfile -t orion-visor-ui:${version} -t ${namespace}/orion-visor-ui:${version} . && \
docker build -f ./service/Dockerfile -t orion-visor-service:${version} -t ${namespace}/orion-visor-service:${version} . && \
docker build -f ./mysql/Dockerfile -t orion-visor-mysql:${version} -t ${namespace}/orion-visor-mysql:${version} . && \
docker build -f ./redis/Dockerfile -t orion-visor-redis:${version} -t ${namespace}/orion-visor-redis:${version} . && \
docker build -f ./adminer/Dockerfile -t orion-visor-adminer:${version} -t ${namespace}/orion-visor-adminer:${version} . && \
docker build -f ./guacd/Dockerfile -t orion-visor-guacd:${version} -t ${namespace}/orion-visor-guacd:${version} .
# 推送镜像
if [ "$push_images" = true ]; then
docker push ${namespace}/orion-visor-adminer:${version}
docker push ${namespace}/orion-visor-mysql:${version}
docker push ${namespace}/orion-visor-redis:${version}
docker push ${namespace}/orion-visor-guacd:${version}
docker push ${namespace}/orion-visor-service:${version}
docker push ${namespace}/orion-visor-ui:${version}
fi

15
docker/guacd/Dockerfile
View File

@@ -1,10 +1,17 @@
FROM guacamole/guacd:1.6.0
FROM --platform=$BUILDPLATFORM guacamole/guacd:1.6.0
USER root
# 系统时区
ARG TZ=Asia/Shanghai
# 设置时区
RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo '${TZ}' > /etc/timezone
# 添加包 & 设置时区
RUN \
sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories && \
apk update && \
apk add --no-cache tzdata && \
ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo "${TZ}" > /etc/timezone
# 创建所需目录
RUN mkdir -p /home/guacd/drive /usr/share/guacd/drive

6
docker/guacd/build.sh
View File

@@ -1,6 +0,0 @@
#!/bin/bash
set -e
version=2.4.1
docker build -t orion-visor-guacd:${version} .
docker tag orion-visor-guacd:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version}
docker tag orion-visor-guacd:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:latest

16
docker/mysql/Dockerfile
View File

@@ -1,16 +1,18 @@
FROM mysql:8.0.28
FROM --platform=$BUILDPLATFORM mysql:8.0.28
# 系统时区
ARG TZ=Asia/Shanghai
# 设置时区
RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo '${TZ}' > /etc/timezone
echo "${TZ}" > /etc/timezone
# 复制配置
COPY ./my.cnf /etc/mysql/conf.d/my.cnf
COPY ./docker/mysql/my.cnf /etc/mysql/conf.d/my.cnf
# 复制初始化脚本
COPY ./sql/init-1-schema-databases.sql /tmp
COPY ./sql/init-2-schema-tables.sql /tmp
COPY ./sql/init-3-schema-quartz.sql /tmp
COPY ./sql/init-4-data.sql /tmp
COPY ./sql /tmp
# 设置初始化脚本
RUN cat /tmp/init-1-schema-databases.sql >> /tmp/init.sql && \
cat /tmp/init-2-schema-tables.sql >> /tmp/init.sql && \

8
docker/mysql/build.sh
View File

@@ -1,8 +0,0 @@
#!/bin/bash
set -e
version=2.4.1
cp -r ../../sql ./sql
docker build -t orion-visor-mysql:${version} .
rm -rf ./sql
docker tag orion-visor-mysql:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version}
docker tag orion-visor-mysql:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:latest

15
docker/push.sh
View File

@@ -1,15 +0,0 @@
#!/bin/bash
set -e
version=2.4.1
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:${version}
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:${version}
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version}
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:${version}
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version}
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version}
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-adminer:latest
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-mysql:latest
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:latest
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-guacd:latest
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:latest
docker push registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:latest

25
docker/redis/Dockerfile
View File

@@ -1,15 +1,22 @@
FROM redis:6.0.16-alpine
FROM --platform=$BUILDPLATFORM redis:6.0.16-alpine
WORKDIR /data
# 系统时区
ARG TZ=Asia/Shanghai
# 添加包
# 添加包 & 设置时区
RUN \
sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories && \
apk update && \
apk add tzdata
# 设置时区
RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo '${TZ}' > /etc/timezone
# redis 配置
COPY ./redis.conf /tmp
RUN cat /tmp/redis.conf > /usr/local/redis.conf
apk add --no-cache tzdata && \
ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo "${TZ}" > /etc/timezone && \
rm -rf /var/cache/apk/* && \
rm -f /usr/local/redis.conf
# 复制配置文件
COPY ./docker/redis/redis.conf /usr/local/redis.conf
# 启动 Redis 并加载自定义配置
CMD ["redis-server", "/usr/local/redis.conf"]

6
docker/redis/build.sh
View File

@@ -1,6 +0,0 @@
#!/bin/bash
set -e
version=2.4.1
docker build -t orion-visor-redis:${version} .
docker tag orion-visor-redis:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:${version}
docker tag orion-visor-redis:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-redis:latest

38
docker/service/Dockerfile
View File

@@ -1,20 +1,42 @@
FROM openjdk:8-jdk-alpine
# 构建应用
FROM --platform=$BUILDPLATFORM maven:3.9.10-eclipse-temurin-8-alpine AS builder
# 设置阿里云镜像加速
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
# 拷贝 settings.xml
COPY ./docker/service/settings.xml /root/.m2/
# 复制 POM 文件先进行依赖下载 (利用 Docker 缓存)
WORKDIR /build
COPY pom.xml .
RUN mvn dependency:resolve
# 构建
COPY . .
RUN mvn clean package -DskipTests
FROM --platform=$BUILDPLATFORM openjdk:8-jdk-alpine
USER root
WORKDIR /app
# 系统时区
ARG TZ=Asia/Shanghai
# 添加包
# 添加包 & 设置时区
RUN \
sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories && \
apk update && \
apk add curl && \
apk add udev && \
apk add tzdata && \
apk add dmidecode
# 设置时区
RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo '${TZ}' > /etc/timezone
# 复制包
COPY ./orion-visor-launch.jar /app/app.jar
ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo "${TZ}" > /etc/timezone
# 从构建阶段复制 jar 包
COPY --from=builder /build/orion-visor-launch/target/orion-visor-launch.jar /app/app.jar
# 启动
CMD ["java", "-jar", "/app/app.jar"]

8
docker/service/build.sh
View File

@@ -1,8 +0,0 @@
#!/bin/bash
set -e
version=2.4.1
mv ../../orion-visor-launch/target/orion-visor-launch.jar ./orion-visor-launch.jar
docker build -t orion-visor-service:${version} .
rm -rf ./orion-visor-launch.jar
docker tag orion-visor-service:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:${version}
docker tag orion-visor-service:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-service:latest

43
docker/service/settings.xml Normal file
View File

@@ -0,0 +1,43 @@
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<profiles>
<profile>
<id>repos</id>
<repositories>
<!-- 阿里云 Maven 公共仓库 -->
<repository>
<id>aliyun</id>
<name>Aliyun Repository</name>
<url>https://maven.aliyun.com/repository/public</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
<!-- Maven 中央仓库 -->
<repository>
<id>central</id>
<name>Maven Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
</profile>
</profiles>
<!-- 激活 profile -->
<activeProfiles>
<activeProfile>repos</activeProfile>
</activeProfiles>
</settings>

55
docker/ui/Dockerfile
View File

@@ -1,18 +1,51 @@
FROM nginx:alpine
# 构建应用
FROM --platform=$BUILDPLATFORM node:18-alpine AS builder
# 设置阿里云镜像加速
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
# 安装 pnpm
RUN corepack enable && corepack prepare pnpm@latest --activate
WORKDIR /app
# 设置 pnpm 使用指定的 registry
ARG REGISTRY_URL=https://registry.npmmirror.com
RUN pnpm config set registry $REGISTRY_URL
# 复制项目文件 (package.json等)
COPY ./orion-visor-ui/package.json ./orion-visor-ui/pnpm-lock.yaml* ./
# 安装依赖 (利用 Docker 缓存层)
RUN pnpm install --frozen-lockfile
# 复制源代码
COPY ./orion-visor-ui/ .
# 构建项目
RUN pnpm build
# 打包静态资源
FROM --platform=$BUILDPLATFORM nginx:alpine
# 系统时区
ARG TZ=Asia/Shanghai
# 添加包
# 添加包 & 设置时区
RUN \
sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories && \
apk update && \
apk add tzdata
# 设置时区
RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo '${TZ}' > /etc/timezone
# 删除原 nginx 配置
RUN rm -rf /etc/nginx/conf.d/*
apk add --no-cache tzdata && \
ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo "${TZ}" > /etc/timezone && \
rm -rf /var/cache/apk/* && \
rm -rf /etc/nginx/conf.d/*
# 复制包
COPY ./dist /usr/share/nginx/html
COPY ./nginx.conf /etc/nginx/conf.d
COPY --from=builder /app/dist /usr/share/nginx/html
# 复制配置
COPY ./docker/ui/nginx.conf /etc/nginx/conf.d
# 启动
CMD ["nginx", "-g", "daemon off;"]
CMD ["nginx", "-g", "daemon off;"]

9
docker/ui/build.sh
View File

@@ -1,9 +0,0 @@
#!/bin/bash
set -e
version=2.4.1
mv ../../orion-visor-ui/dist ./dist
docker build -t orion-visor-ui:${version} .
rm -rf ./orion-visor-launch.jar
rm -rf ./dist
docker tag orion-visor-ui:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:${version}
docker tag orion-visor-ui:${version} registry.cn-hangzhou.aliyuncs.com/orionsec/orion-visor-ui:latest