From 9634d336c23c024501929b7df35b4d8880e235ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E5=B0=8F=E7=99=BD?= <296015668@qq.com> Date: Wed, 24 Apr 2024 09:40:00 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=9B=B4=E6=96=B0=20v3.10.9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/build.yml | 23 ++++++++- .github/workflows/core.yml | 97 +++++++++++++++++++++++++++++++++++++ README.md | 2 +- README_EN.md | 2 +- allinone/Dockerfile | 49 ++++++++++--------- allinone/README.md | 6 +-- allinone/readme.txt | 2 +- chen/Dockerfile | 20 ++++---- config_example.conf | 2 +- core/Dockerfile | 60 ++++++++++++----------- docker-compose-build.yml | 23 --------- docker-compose.yml | 23 --------- kael/Dockerfile | 20 ++++---- koko/Dockerfile | 31 ++++++------ lion/Dockerfile | 16 +++--- magnus/Dockerfile | 20 ++++---- web/Dockerfile | 18 +++---- 17 files changed, 247 insertions(+), 167 deletions(-) create mode 100644 .github/workflows/core.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 55fb866..247dc96 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -97,7 +97,7 @@ jobs: - name: Generate poetry.lock if: matrix.component == 'core' run: | - wget https://github.com/jumpserver/jumpserver/raw/${{ env.version }}/pyproject.toml + wget --quiet https://github.com/jumpserver/jumpserver/raw/${{ env.version }}/pyproject.toml sed -i 's@^cython =@# cython =@g' pyproject.toml sed -i 's@^certifi =@# certifi =@g' pyproject.toml sed -i 's@^cffi =@# cffi =@g' pyproject.toml @@ -109,6 +109,27 @@ jobs: poetry source remove tsinghua poetry source add --priority=primary PyPI poetry lock --no-update + + - name: Cache + uses: actions/cache@v3 + id: cache + with: + path: | + var-cache-apt + var-lib-apt + pypi-cache + key: cache-${{ matrix.component }} + + - name: inject cache into docker + uses: reproducible-containers/buildkit-cache-dance@v3.1.0 + with: + cache-map: | + { + "var-cache-apt": "/var/cache/apt", + "var-lib-apt": "/var/lib/apt", + "pypi-cache": "/root/.cache" + } + skip-extraction: ${{ steps.cache.outputs.cache-hit }} - name: Login to Docker Hub uses: docker/login-action@v3 diff --git a/.github/workflows/core.yml b/.github/workflows/core.yml new file mode 100644 index 0000000..b6e2c25 --- /dev/null +++ b/.github/workflows/core.yml @@ -0,0 +1,97 @@ + +on: + schedule: + - cron: '0 1 * * *' + +name: Core for Stable Release Version + +jobs: + core-build: + runs-on: ubuntu-latest + strategy: + matrix: + component: [core] + steps: + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@main + with: + tool-cache: true + android: true + dotnet: true + haskell: true + large-packages: true + docker-images: true + swap-storage: true + + - uses: actions/checkout@v4 + - uses: docker/setup-qemu-action@v3 + - uses: docker/setup-buildx-action@v3 + - uses: actions/setup-python@v4 + if: matrix.component == 'core' + with: + python-version: 3.11 + + - uses: abatilo/actions-poetry@v2 + if: matrix.component == 'core' + + - name: Get Version + run: | + echo "version=$(curl -s https://github.com/gitapi/repos/jumpserver/jumpserver/releases/latest | jq -r .tag_name)" >> $GITHUB_ENV + + - name: Generate poetry.lock + if: matrix.component == 'core' + run: | + wget --quiet https://github.com/jumpserver/jumpserver/raw/dev/pyproject.toml + sed -i 's@^cython =@# cython =@g' pyproject.toml + sed -i 's@^certifi =@# certifi =@g' pyproject.toml + sed -i 's@^cffi =@# cffi =@g' pyproject.toml + sed -i 's@^idna =@# idna =@g' pyproject.toml + sed -i 's@^urllib3 =@# urllib3 =@g' pyproject.toml + sed -i 's@^cryptography =@# cryptography =@g' pyproject.toml + sed -i 's@^COPY --from=stage-1 /opt/jumpserver/poetry.lock /opt/jumpserver/pyproject.toml@ADD poetry.lock pyproject.toml@g' core/Dockerfile + poetry config virtualenvs.create false + poetry source remove tsinghua + poetry source add --priority=primary PyPI + poetry lock --no-update + + - name: Cache + uses: actions/cache@v3 + id: cache + with: + path: | + var-cache-apt + var-lib-apt + pypi-cache + key: cache-${{ matrix.component }} + + - name: inject cache into docker + uses: reproducible-containers/buildkit-cache-dance@v3.1.0 + with: + cache-map: | + { + "var-cache-apt": "/var/cache/apt", + "var-lib-apt": "/var/lib/apt", + "pypi-cache": "/root/.cache" + } + skip-extraction: ${{ steps.cache.outputs.cache-hit }} + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and Push Image + uses: docker/build-push-action@v5 + with: + context: . + provenance: false + file: ${{ matrix.component }}/Dockerfile + platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x + push: true + tags: | + ghcr.io/${{ github.repository_owner }}/jms_${{ matrix.component }}:buildcache + outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true + cache-from: type=gha + cache-to: type=gha,mode=max \ No newline at end of file diff --git a/README.md b/README.md index ecd6ac3..7e6e306 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ vi .env ``` ```vim # 版本号可以自己根据项目的版本修改 -VERSION=v3.10.8 +VERSION=v3.10.9 # 构建参数, 支持 amd64/arm64/ppc64le/s390x... TARGETARCH=amd64 diff --git a/README_EN.md b/README_EN.md index 7e26c9a..bb4c25c 100644 --- a/README_EN.md +++ b/README_EN.md @@ -56,7 +56,7 @@ vi .env ``` ```vim # You can modify the version number according to the project version -VERSION=v3.10.8 +VERSION=v3.10.9 # Build parameters, support amd64/arm64/loong64 TARGETARCH=amd64 diff --git a/allinone/Dockerfile b/allinone/Dockerfile index 405bd2f..7e138c6 100644 --- a/allinone/Dockerfile +++ b/allinone/Dockerfile @@ -1,9 +1,10 @@ FROM redis:7.0-bookworm as redis FROM jumpserver/guacd:1.5.5-bookworm as guacd -FROM wojiushixiaobai/jms_core:v3.10.8 +FROM wojiushixiaobai/jms_core:v3.10.9 ARG TARGETARCH ARG TOOLS=" \ + bash-completion \ curl \ default-mysql-client \ nginx \ @@ -12,7 +13,7 @@ ARG TOOLS=" \ supervisor \ wget" -RUN set -ex \ +RUN set -e \ && apt-get update \ && apt-get -y install --no-install-recommends ${TOOLS} \ && mkdir -p /var/cache/nginx \ @@ -22,11 +23,11 @@ RUN set -ex \ WORKDIR /opt ARG MONGOSH_VERSION=1.10.6 -RUN set -ex \ +RUN set -e \ && \ case "${TARGETARCH}" in \ amd64) \ - wget https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-x64.tgz \ + wget --quiet https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-x64.tgz \ && tar -xf mongosh-${MONGOSH_VERSION}-linux-x64.tgz \ && chown root:root mongosh-${MONGOSH_VERSION}-linux-x64/bin/* \ && mv mongosh-${MONGOSH_VERSION}-linux-x64/bin/mongosh /usr/local/bin/ \ @@ -34,7 +35,7 @@ RUN set -ex \ && rm -rf mongosh-${MONGOSH_VERSION}-linux-x64* \ ;; \ arm64|s390x|ppc64le) \ - wget https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}.tgz \ + wget --quiet https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}.tgz \ && tar -xf mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}.tgz \ && chown root:root mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/* \ && mv mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/mongosh /usr/local/bin/ \ @@ -48,13 +49,13 @@ RUN set -ex \ ARG HELM_VERSION=v3.14.3 ARG KUBECTL_VERSION=v1.29.3 -RUN set -ex \ - && wget -O /usr/local/bin/rawkubectl https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/${TARGETARCH}/kubectl \ - && wget http://download.jumpserver.org/public/kubectl_aliases.tar.gz \ +RUN set -e \ + && wget --quiet -O /usr/local/bin/rawkubectl https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/${TARGETARCH}/kubectl \ + && wget --quiet http://download.jumpserver.org/public/kubectl_aliases.tar.gz \ && mkdir /opt/kubectl-aliases/ \ && tar -xf kubectl_aliases.tar.gz -C /opt/kubectl-aliases/ \ && chown -R root:root /opt/kubectl-aliases/ \ - && wget https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz \ + && wget --quiet https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz -C /opt --strip-components=1 linux-${TARGETARCH}/helm \ && mv helm /usr/local/bin/rawhelm \ && chmod 755 /usr/local/bin/rawhelm /usr/local/bin/rawkubectl \ @@ -62,8 +63,8 @@ RUN set -ex \ && rm -f /opt/*.tar.gz ARG WISP_VERSION=v0.1.19 -RUN set -ex \ - && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \ && chown root:root /usr/local/bin/wisp \ && chmod 755 /usr/local/bin/wisp \ @@ -80,7 +81,7 @@ ARG RUNTIME_DEPENDENCIES=" \ COPY --from=guacd ${PREFIX_DIR} ${PREFIX_DIR} -RUN set -ex \ +RUN set -e \ && apt-get update \ && apt-get install -y --no-install-recommends $RUNTIME_DEPENDENCIES \ && apt-get install -y --no-install-recommends $(cat "${PREFIX_DIR}"/DEPENDENCIES) \ @@ -89,9 +90,9 @@ RUN set -ex \ COPY --from=redis /usr/local/bin/redis-cli /usr/local/bin/redis-cli -RUN set -ex \ +RUN set -e \ && mkdir -p /opt/koko \ - && wget https://github.com/jumpserver/koko/releases/download/${VERSION}/koko-${VERSION}-linux-${TARGETARCH}.tar.gz \ + && wget --quiet https://github.com/jumpserver/koko/releases/download/${VERSION}/koko-${VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf koko-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/koko/ --strip-components=1 \ && mv /opt/koko/kubectl /usr/local/bin/ \ && mv /opt/koko/helm /usr/local/bin/ \ @@ -99,38 +100,38 @@ RUN set -ex \ && chown root:root /usr/local/bin/helm /usr/local/bin/kubectl \ && rm -f /opt/*.tar.gz -RUN set -ex \ +RUN set -e \ && mkdir -p /opt/lion \ - && wget https://github.com/jumpserver/lion-release/releases/download/${VERSION}/lion-${VERSION}-linux-${TARGETARCH}.tar.gz \ + && wget --quiet https://github.com/jumpserver/lion-release/releases/download/${VERSION}/lion-${VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf lion-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/lion --strip-components=1 \ && chown -R root:root /opt/lion \ && rm -f /opt/*.tar.gz -RUN set -ex \ +RUN set -e \ && mkdir -p /opt/kael \ - && wget https://github.com/jumpserver/kael/releases/download/${VERSION}/kael-${VERSION}-linux-${TARGETARCH}.tar.gz \ + && wget --quiet https://github.com/jumpserver/kael/releases/download/${VERSION}/kael-${VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf kael-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/kael --strip-components=1 \ && chmod 755 /opt/kael/kael \ && chown -R root:root /opt/kael \ && rm -f /opt/*.tar.gz -RUN set -ex \ +RUN set -e \ && mkdir -p /opt/chen \ - && wget https://github.com/jumpserver/chen-release/releases/download/${VERSION}/chen-${VERSION}.tar.gz \ + && wget --quiet https://github.com/jumpserver/chen-release/releases/download/${VERSION}/chen-${VERSION}.tar.gz \ && tar -xf chen-${VERSION}.tar.gz -C /opt/chen --strip-components=1 \ && chown -R root:root /opt/chen \ && rm -f /opt/*.tar.gz -RUN set -ex \ +RUN set -e \ && mkdir -p /opt/lina \ - && wget https://github.com/jumpserver/lina/releases/download/${VERSION}/lina-${VERSION}.tar.gz \ + && wget --quiet https://github.com/jumpserver/lina/releases/download/${VERSION}/lina-${VERSION}.tar.gz \ && tar -xf lina-${VERSION}.tar.gz -C /opt/lina --strip-components=1 \ && chown -R root:root /opt/lina \ && rm -f /opt/*.tar.gz -RUN set -ex \ +RUN set -e \ && mkdir -p /opt/luna \ - && wget https://github.com/jumpserver/luna/releases/download/${VERSION}/luna-${VERSION}.tar.gz \ + && wget --quiet https://github.com/jumpserver/luna/releases/download/${VERSION}/luna-${VERSION}.tar.gz \ && tar -xf luna-${VERSION}.tar.gz -C /opt/luna --strip-components=1 \ && chown -R root:root /opt/luna \ && rm -f /opt/*.tar.gz diff --git a/allinone/README.md b/allinone/README.md index 1534dd5..22f9ce0 100644 --- a/allinone/README.md +++ b/allinone/README.md @@ -103,7 +103,7 @@ docker run --name jms_all -d \ -v /opt/jumpserver/kael/data:/opt/kael/data \ -v /opt/jumpserver/chen/data:/opt/chen/data \ -v /opt/jumpserver/web/log:/var/log/nginx \ - wojiushixiaobai/jms_all:v3.10.8 + wojiushixiaobai/jms_all:v3.10.9 ``` **升级** @@ -119,7 +119,7 @@ mysqldump -h$DB_HOST -p$DB_PORT -u$DB_USER -p$DB_PASSWORD $DB_NAME > /opt/jumpse # 例: mysqldump -h192.168.100.11 -p3306 -ujumpserver -pnu4x599Wq7u0Bn8EABh3J91G jumpserver > /opt/jumpserver-v2.12.0.sql # 拉取新版本镜像 -docker pull wojiushixiaobai/jms_all:v3.10.8 +docker pull wojiushixiaobai/jms_all:v3.10.9 # 删掉旧版本容器 docker rm jms_all @@ -147,4 +147,4 @@ docker run --name jms_all -d \ -v /opt/jumpserver/kael/data:/opt/kael/data \ -v /opt/jumpserver/chen/data:/opt/chen/data \ -v /opt/jumpserver/web/log:/var/log/nginx \ - wojiushixiaobai/jms_all:v3.10.8 \ No newline at end of file + wojiushixiaobai/jms_all:v3.10.9 \ No newline at end of file diff --git a/allinone/readme.txt b/allinone/readme.txt index 460191a..2849e61 100644 --- a/allinone/readme.txt +++ b/allinone/readme.txt @@ -11,4 +11,4 @@ The Installation is Complete. ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║ ╚════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝ - VERSION: v3.10.8 \ No newline at end of file + VERSION: v3.10.9 \ No newline at end of file diff --git a/chen/Dockerfile b/chen/Dockerfile index a80a29b..cbb6737 100644 --- a/chen/Dockerfile +++ b/chen/Dockerfile @@ -5,7 +5,7 @@ ARG DEPENDENCIES=" \ ca-certificates \ wget" -RUN set -ex \ +RUN set -e \ && apt-get update \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ && echo "no" | dpkg-reconfigure dash \ @@ -15,8 +15,8 @@ RUN set -ex \ WORKDIR /opt ARG CHECK_VERSION=v1.0.2 -RUN set -ex \ - && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && mv check /usr/local/bin/ \ && chown root:root /usr/local/bin/check \ @@ -24,8 +24,8 @@ RUN set -ex \ && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz ARG WISP_VERSION=v0.1.19 -RUN set -ex \ - && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \ && chown root:root /usr/local/bin/wisp \ && chmod 755 /usr/local/bin/wisp \ @@ -33,12 +33,12 @@ RUN set -ex \ WORKDIR /opt/chen -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} -RUN set -ex \ +RUN set -e \ && cd /opt \ - && wget https://github.com/jumpserver/chen-release/releases/download/${VERSION}/chen-${VERSION}.tar.gz \ + && wget --quiet https://github.com/jumpserver/chen-release/releases/download/${VERSION}/chen-${VERSION}.tar.gz \ && tar -xf chen-${VERSION}.tar.gz -C /opt/chen --strip-components=1 \ && chown -R root:root /opt/chen \ && rm -f /opt/*.tar.gz @@ -53,7 +53,7 @@ ARG DEPENDENCIES=" \ ca-certificates \ openjdk-17-jre-headless" -RUN set -ex \ +RUN set -e \ && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && apt-get update \ && apt-get install -y --no-install-recommends ${DEPENDENCIES} \ @@ -69,7 +69,7 @@ COPY --from=stage-1 /opt/chen /opt/chen WORKDIR /opt/chen -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} VOLUME /opt/chen/data diff --git a/config_example.conf b/config_example.conf index 7359cdf..101b76b 100644 --- a/config_example.conf +++ b/config_example.conf @@ -1,5 +1,5 @@ # 版本号可以自己根据项目的版本修改 -VERSION=v3.10.8 +VERSION=v3.10.9 # 构建参数, 支持 amd64/arm64/ppc64le/s390x TARGETARCH=amd64 diff --git a/core/Dockerfile b/core/Dockerfile index 6d8c332..801e558 100644 --- a/core/Dockerfile +++ b/core/Dockerfile @@ -7,18 +7,20 @@ ARG DEPENDENCIES=" \ git-lfs \ wget" -RUN set -ex \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + set -e \ + && rm -f /etc/apt/apt.conf.d/docker-clean \ + && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \ && apt-get update \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ - && echo "no" | dpkg-reconfigure dash \ - && apt-get clean all \ - && rm -rf /var/lib/apt/lists/* + && echo "no" | dpkg-reconfigure dash WORKDIR /opt ARG CHECK_VERSION=v1.0.2 -RUN set -ex \ - && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && mv check /usr/local/bin/ \ && chown root:root /usr/local/bin/check \ @@ -26,17 +28,17 @@ RUN set -ex \ && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz ARG RECEPTOR_VERSION=1.4.5 -RUN set -ex \ - && wget -O /opt/receptor.tar.gz https://github.com/wojiushixiaobai/receptor/releases/download/v${RECEPTOR_VERSION}/receptor_${RECEPTOR_VERSION}_linux_${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet -O /opt/receptor.tar.gz https://github.com/wojiushixiaobai/receptor/releases/download/v${RECEPTOR_VERSION}/receptor_${RECEPTOR_VERSION}_linux_${TARGETARCH}.tar.gz \ && tar -xf /opt/receptor.tar.gz -C /usr/local/bin/ \ && chown root:root /usr/local/bin/receptor \ && chmod 755 /usr/local/bin/receptor \ && rm -f /opt/receptor.tar.gz -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=$VERSION -RUN set -ex \ +RUN set -e \ && git clone -b ${VERSION} --depth=1 https://github.com/jumpserver/jumpserver /opt/jumpserver \ && sed -i "s@VERSION = .*@VERSION = \"${VERSION}\"@g" /opt/jumpserver/apps/jumpserver/const.py \ && chmod +x /opt/jumpserver/entrypoint.sh \ @@ -44,7 +46,7 @@ RUN set -ex \ WORKDIR /opt/jumpserver -RUN set -ex \ +RUN set -e \ && echo > /opt/jumpserver/config.yml \ && cd utils \ && bash -ixeu build.sh @@ -82,19 +84,21 @@ ARG TOOLS=" \ xz-utils \ wget" -RUN set -ex \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + set -e \ + && rm -f /etc/apt/apt.conf.d/docker-clean \ + && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \ && apt-get update \ && apt-get -y install --no-install-recommends ${BUILD_DEPENDENCIES} \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ && apt-get -y install --no-install-recommends ${TOOLS} \ - && echo "no" | dpkg-reconfigure dash \ - && apt-get clean all \ - && rm -rf /var/lib/apt/lists/* + && echo "no" | dpkg-reconfigure dash WORKDIR /opt -ARG RUST_VERSION=1.71.1 -RUN set -ex \ +ARG RUST_VERSION=1.77.0 +RUN set -e \ && mkdir -p /opt/rust-install \ && rustUrl="https://static.rust-lang.org/dist" \ && \ @@ -119,7 +123,7 @@ RUN set -ex \ esac \ && \ if [ -n "${rustArch}" ]; then \ - wget -O /opt/rust.tar.gz "${rustUrl}/rust-${RUST_VERSION}-${rustArch}.tar.xz"; \ + wget --quiet -O /opt/rust.tar.gz "${rustUrl}/rust-${RUST_VERSION}-${rustArch}.tar.xz"; \ tar -xf /opt/rust.tar.gz -C /opt/rust-install --strip-components=1; \ cd /opt/rust-install && ./install.sh; \ cd /opt && rm -rf /opt/rust-install /opt/rust.tar.gz; \ @@ -129,16 +133,16 @@ ENV PYTHONUNBUFFERED=1 \ PYTHONDONTWRITEBYTECODE=1 \ GRPC_PYTHON_BUILD_SYSTEM_OPENSSL=1 -RUN --mount=type=cache,target=/root/.cache \ - set -ex \ +RUN --mount=type=cache,target=/root/.cache,sharing=locked \ + set -e \ && pip install poetry WORKDIR /opt/jumpserver COPY --from=stage-1 /opt/jumpserver/poetry.lock /opt/jumpserver/pyproject.toml /opt/jumpserver/ -RUN --mount=type=cache,target=/root/.cache \ - set -ex \ +RUN --mount=type=cache,target=/root/.cache,sharing=locked \ + set -e \ && python3 -m venv /opt/py3 \ && . /opt/py3/bin/activate \ && poetry install --only=main @@ -160,7 +164,11 @@ ARG TOOLS=" \ openssh-client \ sshpass" -RUN set -ex \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + set -e \ + && rm -f /etc/apt/apt.conf.d/docker-clean \ + && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \ && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && apt-get update \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ @@ -169,9 +177,7 @@ RUN set -ex \ && echo "Host *\n\tStrictHostKeyChecking no\n\tUserKnownHostsFile /dev/null\n\tCiphers +aes128-cbc\n\tKexAlgorithms +diffie-hellman-group1-sha1\n\tHostKeyAlgorithms +ssh-rsa" > /root/.ssh/config \ && echo "no" | dpkg-reconfigure dash \ && sed -i "s@# export @export @g" ~/.bashrc \ - && sed -i "s@# alias @alias @g" ~/.bashrc \ - && apt-get clean all \ - && rm -rf /var/lib/apt/lists/* + && sed -i "s@# alias @alias @g" ~/.bashrc COPY --from=stage-2 /opt/py3 /opt/py3 COPY --from=stage-1 /usr/local/bin /usr/local/bin @@ -179,7 +185,7 @@ COPY --from=stage-1 /opt/jumpserver/release/jumpserver /opt/jumpserver WORKDIR /opt/jumpserver -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} VOLUME /opt/jumpserver/data diff --git a/docker-compose-build.yml b/docker-compose-build.yml index 9c6f676..e8e95bc 100644 --- a/docker-compose-build.yml +++ b/docker-compose-build.yml @@ -76,29 +76,6 @@ services: - ${VOLUME_DIR}/core/data:/opt/jumpserver/data networks: - net - - receptor: - image: wojiushixiaobai/jms_core:${VERSION} - container_name: jms_receptor - ulimits: - core: 0 - restart: always - command: start receptor - environment: - TZ: ${TZ:-Asia/Shanghai} - depends_on: - core: - condition: service_healthy - healthcheck: - test: "test -S /opt/jumpserver/data/share/control.sock || exit 1" - interval: 10s - timeout: 5s - retries: 3 - start_period: 30s - volumes: - - ${VOLUME_DIR}/core/data:/opt/jumpserver/data - networks: - - net koko: build: diff --git a/docker-compose.yml b/docker-compose.yml index 25adbf7..62c32c6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -68,29 +68,6 @@ services: networks: - net - receptor: - image: wojiushixiaobai/jms_core:${VERSION} - container_name: jms_receptor - ulimits: - core: 0 - restart: always - command: start receptor - environment: - TZ: ${TZ:-Asia/Shanghai} - depends_on: - core: - condition: service_healthy - healthcheck: - test: "test -S /opt/jumpserver/data/share/control.sock || exit 1" - interval: 10s - timeout: 5s - retries: 3 - start_period: 30s - volumes: - - ${VOLUME_DIR}/core/data:/opt/jumpserver/data - networks: - - net - koko: image: wojiushixiaobai/jms_koko:${VERSION} container_name: jms_koko diff --git a/kael/Dockerfile b/kael/Dockerfile index 93af224..2f5ad2b 100644 --- a/kael/Dockerfile +++ b/kael/Dockerfile @@ -5,7 +5,7 @@ ARG DEPENDENCIES=" \ ca-certificates \ wget" -RUN set -ex \ +RUN set -e \ && apt-get update \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ && echo "no" | dpkg-reconfigure dash \ @@ -15,8 +15,8 @@ RUN set -ex \ WORKDIR /opt ARG CHECK_VERSION=v1.0.2 -RUN set -ex \ - && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && mv check /usr/local/bin/ \ && chown root:root /usr/local/bin/check \ @@ -24,8 +24,8 @@ RUN set -ex \ && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz ARG WISP_VERSION=v0.1.19 -RUN set -ex \ - && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \ && chown root:root /usr/local/bin/wisp \ && chmod 755 /usr/local/bin/wisp \ @@ -33,12 +33,12 @@ RUN set -ex \ WORKDIR /opt/kael -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} -RUN set -ex \ +RUN set -e \ && cd /opt \ - && wget https://github.com/jumpserver/kael/releases/download/${VERSION}/kael-${VERSION}-linux-${TARGETARCH}.tar.gz \ + && wget --quiet https://github.com/jumpserver/kael/releases/download/${VERSION}/kael-${VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf kael-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/kael --strip-components=1 \ && chmod 755 /opt/kael/kael \ && chown -R root:root /opt/kael \ @@ -53,7 +53,7 @@ ENV LANG=en_US.UTF-8 ARG DEPENDENCIES=" \ ca-certificates" -RUN set -ex \ +RUN set -e \ && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && apt-get update \ && apt-get install -y --no-install-recommends ${DEPENDENCIES} \ @@ -69,7 +69,7 @@ COPY --from=stage-1 /opt/kael /opt/kael WORKDIR /opt/kael -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} VOLUME /opt/kael/data diff --git a/koko/Dockerfile b/koko/Dockerfile index 9767ee7..1cde610 100644 --- a/koko/Dockerfile +++ b/koko/Dockerfile @@ -6,7 +6,7 @@ ARG DEPENDENCIES=" \ ca-certificates \ wget" -RUN set -ex \ +RUN set -e \ && apt-get update \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ && echo "no" | dpkg-reconfigure dash \ @@ -16,8 +16,8 @@ RUN set -ex \ WORKDIR /opt ARG CHECK_VERSION=v1.0.2 -RUN set -ex \ - && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && mv check /usr/local/bin/ \ && chown root:root /usr/local/bin/check \ @@ -25,7 +25,7 @@ RUN set -ex \ && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz ARG MONGOSH_VERSION=2.1.1 -RUN set -ex \ +RUN set -e \ && \ case "${TARGETARCH}" in \ 'amd64') \ @@ -46,7 +46,7 @@ RUN set -ex \ esac \ && \ if [ -n "${ARCH}" ]; then \ - wget https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${ARCH}.tgz \ + wget --quiet https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${ARCH}.tgz \ && tar -xf mongosh-${MONGOSH_VERSION}-linux-${ARCH}.tgz \ && chown root:root mongosh-${MONGOSH_VERSION}-linux-${ARCH}/bin/* \ && mv mongosh-${MONGOSH_VERSION}-linux-${ARCH}/bin/mongosh /usr/local/bin/ \ @@ -57,19 +57,19 @@ RUN set -ex \ ARG HELM_VERSION=v3.14.3 ARG KUBECTL_VERSION=v1.29.3 -RUN set -ex \ - && wget -O kubectl.tar.gz https://dl.k8s.io/${KUBECTL_VERSION}/kubernetes-client-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet -O kubectl.tar.gz https://dl.k8s.io/${KUBECTL_VERSION}/kubernetes-client-linux-${TARGETARCH}.tar.gz \ && tar -xf kubectl.tar.gz --strip-components=3 -C /opt kubernetes/client/bin/kubectl \ && mv kubectl /usr/local/bin/rawkubectl \ && mkdir /opt/kubectl-aliases/ \ - && wget https://github.com/ahmetb/kubectl-aliases/raw/master/.kubectl_aliases \ + && wget --quiet https://github.com/ahmetb/kubectl-aliases/raw/master/.kubectl_aliases \ && mv .kubectl_aliases /opt/kubectl-aliases/ \ && chown -R root:root /opt/kubectl-aliases/ \ && \ if [ "${TARGETARCH}" = "loong64" ]; then \ - wget https://github.com/wojiushixiaobai/helm-loongarch64/releases/download/${HELM_VERSION}/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz; \ + wget --quiet https://github.com/wojiushixiaobai/helm-loongarch64/releases/download/${HELM_VERSION}/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz; \ else \ - wget https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz; \ + wget --quiet https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz; \ fi \ && tar -xf helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz --strip-components=1 linux-${TARGETARCH}/helm \ && mv helm /usr/local/bin/rawhelm \ @@ -79,12 +79,12 @@ RUN set -ex \ WORKDIR /opt/koko -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} -RUN set -ex \ +RUN set -e \ && cd /opt \ - && wget https://github.com/jumpserver/koko/releases/download/${VERSION}/koko-${VERSION}-linux-${TARGETARCH}.tar.gz \ + && wget --quiet https://github.com/jumpserver/koko/releases/download/${VERSION}/koko-${VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf koko-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/koko/ --strip-components=1 \ && mv /opt/koko/kubectl /usr/local/bin/ \ && mv /opt/koko/helm /usr/local/bin/ \ @@ -99,13 +99,14 @@ FROM debian:bookworm-slim ENV LANG=en_US.UTF-8 ARG DEPENDENCIES=" \ + bash-completion \ ca-certificates \ libssl-dev \ mariadb-client \ openssh-client \ postgresql-client" -RUN set -ex \ +RUN set -e \ && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && apt-get update \ && apt-get install -y --no-install-recommends ${DEPENDENCIES} \ @@ -122,7 +123,7 @@ COPY --from=stage-2 /opt/kubectl-aliases /opt/kubectl-aliases WORKDIR /opt/koko -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} VOLUME /opt/koko/data diff --git a/lion/Dockerfile b/lion/Dockerfile index b84432c..0fa3382 100644 --- a/lion/Dockerfile +++ b/lion/Dockerfile @@ -5,7 +5,7 @@ ARG DEPENDENCIES=" \ ca-certificates \ wget" -RUN set -ex \ +RUN set -e \ && apt-get update \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ && echo "no" | dpkg-reconfigure dash \ @@ -15,8 +15,8 @@ RUN set -ex \ WORKDIR /opt ARG CHECK_VERSION=v1.0.2 -RUN set -ex \ - && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && mv check /usr/local/bin/ \ && chown root:root /usr/local/bin/check \ @@ -25,11 +25,11 @@ RUN set -ex \ WORKDIR /opt/lion -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} -RUN set -ex \ - && wget https://github.com/jumpserver/lion-release/releases/download/${VERSION}/lion-${VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver/lion-release/releases/download/${VERSION}/lion-${VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf lion-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/lion --strip-components=1 \ && chown -R root:root /opt/lion \ && rm -f /opt/*.tar.gz @@ -46,7 +46,7 @@ ARG DEPENDENCIES=" \ USER root -RUN set -ex \ +RUN set -e \ && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && apt-get update \ && apt-get install -y --no-install-recommends ${DEPENDENCIES} \ @@ -62,7 +62,7 @@ COPY lion/supervisord.conf /etc/supervisor/conf.d/lion.conf WORKDIR /opt/lion -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} VOLUME /opt/lion/data diff --git a/magnus/Dockerfile b/magnus/Dockerfile index 2dcfbd3..e7e5cc5 100644 --- a/magnus/Dockerfile +++ b/magnus/Dockerfile @@ -5,7 +5,7 @@ ARG DEPENDENCIES=" \ ca-certificates \ wget" -RUN set -ex \ +RUN set -e \ && apt-get update \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ && echo "no" | dpkg-reconfigure dash \ @@ -15,8 +15,8 @@ RUN set -ex \ WORKDIR /opt ARG CHECK_VERSION=v1.0.2 -RUN set -ex \ - && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && mv check /usr/local/bin/ \ && chown root:root /usr/local/bin/check \ @@ -24,8 +24,8 @@ RUN set -ex \ && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz ARG WISP_VERSION=v0.1.19 -RUN set -ex \ - && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \ && chown root:root /usr/local/bin/wisp \ && chmod 755 /usr/local/bin/wisp \ @@ -33,12 +33,12 @@ RUN set -ex \ WORKDIR /opt/magnus -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} -RUN set -ex \ +RUN set -e \ && cd /opt \ - && wget https://github.com/jumpserver/magnus-release/releases/download/${VERSION}/magnus-${VERSION}-linux-${TARGETARCH}.tar.gz \ + && wget --quiet https://github.com/jumpserver/magnus-release/releases/download/${VERSION}/magnus-${VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf magnus-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/magnus --strip-components=1 \ && chmod 755 /opt/magnus/magnus \ && chown -R root:root /opt/magnus \ @@ -53,7 +53,7 @@ ENV LANG=en_US.UTF-8 ARG DEPENDENCIES=" \ ca-certificates" -RUN set -ex \ +RUN set -e \ && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && apt-get update \ && apt-get install -y --no-install-recommends ${DEPENDENCIES} \ @@ -68,7 +68,7 @@ COPY --from=stage-1 /opt/magnus /opt/magnus WORKDIR /opt/magnus -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} VOLUME /opt/magnus/data diff --git a/web/Dockerfile b/web/Dockerfile index 89602af..8a54032 100644 --- a/web/Dockerfile +++ b/web/Dockerfile @@ -5,7 +5,7 @@ ARG DEPENDENCIES=" \ ca-certificates \ wget" -RUN set -ex \ +RUN set -e \ && apt-get update \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ && echo "no" | dpkg-reconfigure dash \ @@ -15,22 +15,22 @@ RUN set -ex \ WORKDIR /opt ARG CHECK_VERSION=v1.0.2 -RUN set -ex \ - && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ +RUN set -e \ + && wget --quiet https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && mv check /usr/local/bin/ \ && chown root:root /usr/local/bin/check \ && chmod 755 /usr/local/bin/check \ && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} -RUN set -ex \ +RUN set -e \ && mkdir -p /opt/lina /opt/luna \ - && wget https://github.com/jumpserver/lina/releases/download/${VERSION}/lina-${VERSION}.tar.gz \ + && wget --quiet https://github.com/jumpserver/lina/releases/download/${VERSION}/lina-${VERSION}.tar.gz \ && tar -xf lina-${VERSION}.tar.gz -C /opt/lina --strip-components=1 \ - && wget https://github.com/jumpserver/luna/releases/download/${VERSION}/luna-${VERSION}.tar.gz \ + && wget --quiet https://github.com/jumpserver/luna/releases/download/${VERSION}/luna-${VERSION}.tar.gz \ && tar -xf luna-${VERSION}.tar.gz -C /opt/luna --strip-components=1 \ && rm -f /opt/*.tar.gz @@ -44,7 +44,7 @@ ARG DEPENDENCIES=" \ ca-certificates \ logrotate" -RUN set -ex \ +RUN set -e \ && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && apt-get update \ && apt-get install -y --no-install-recommends ${DEPENDENCIES} \ @@ -60,7 +60,7 @@ COPY web/nginx.conf /etc/nginx/ WORKDIR /opt -ARG VERSION=v3.10.8 +ARG VERSION=v3.10.9 ENV VERSION=${VERSION} VOLUME /var/log/nginx