Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

perf: 按要求移除重复构建代码 #1340

Merged
merged 1 commit into from
May 29, 2024
Merged

perf: 按要求移除重复构建代码 #1340

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 23 additions & 6 deletions .github/workflows/jms-build-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,36 +1,51 @@
name: "Run Build Test"
on:
push:
branches:
- pr@*
- repr@*
paths:
- 'Dockerfile'
- 'Dockerfile*'
- 'Dockerfile-*'
- 'go.mod'
- 'go.sum'

jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3

- name: Prepare Mirror
run: |
sed -i '[email protected]@registry.yarnpkg.com@g' ui/yarn.lock

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build CE Image
uses: docker/build-push-action@v5
with:
context: .
push: false
push: true
file: Dockerfile
tags: jumpserver/koko-ce:test
tags: ghcr.io/jumpserver/koko:v4-lite
platforms: linux/amd64
build-args: |
VERSION=v4
GOPROXY=direct
APT_MIRROR=http://deb.debian.org
NPM_REGISTRY=https://registry.yarnpkg.com
outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true
cache-from: type=gha
cache-to: type=gha,mode=max

- name: Prepare EE Image
run: |
sed -i 's@^FROM registry.fit2cloud.com/jumpserver@FROM ghcr.io/jumpserver@g' Dockerfile-ee

- name: Build EE Image
uses: docker/build-push-action@v5
Expand All @@ -41,8 +56,10 @@ jobs:
tags: jumpserver/koko-ee:test
platforms: linux/amd64
build-args: |
VERSION=v4
GOPROXY=direct
APT_MIRROR=http://deb.debian.org
NPM_REGISTRY=https://registry.yarnpkg.com
outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true
cache-from: type=gha
cache-to: type=gha,mode=max
31 changes: 22 additions & 9 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@ RUN set -ex \

WORKDIR /opt/koko/ui
ADD ui/package.json ui/yarn.lock .
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=koko \
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked \
yarn install

ADD ui .
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=koko \
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked \
yarn build

FROM golang:1.22-bullseye as stage-build
Expand All @@ -30,6 +30,7 @@ ARG HELM_VERSION=v3.14.3
ARG KUBECTL_VERSION=v1.29.3
ARG CHECK_VERSION=v1.0.2
ARG USQL_VERSION=v0.0.1
ARG WISP_VERSION=v0.1.20
RUN set -ex \
&& mkdir -p /opt/koko/bin \
&& wget -O kubectl.tar.gz https://dl.k8s.io/${KUBECTL_VERSION}/kubernetes-client-linux-${TARGETARCH}.tar.gz \
Expand All @@ -40,9 +41,11 @@ RUN set -ex \
&& mv /opt/koko/bin/helm /opt/koko/bin/rawhelm \
&& wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
&& tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/koko/bin/ \
&& wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
&& tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz --strip-components=1 -C /opt/koko/bin/ \
&& wget https://github.com/ahmetb/kubectl-aliases/raw/master/.kubectl_aliases \
&& wget https://github.com/jumpserver-dev/usql/releases/download/${USQL_VERSION}/usql-${USQL_VERSION}-linux-${TARGETARCH}.tar.gz \
&& tar -xf usql-${USQL_VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/koko/bin/ \
&& tar -xf usql-${USQL_VERSION}-linux-${TARGETARCH}.tar.gz --strip-components=1 -C /opt/koko/bin/ \
&& chmod 755 /opt/koko/bin/* \
&& chown root:root /opt/koko/bin/* \
&& rm -f *.tar.gz
Expand Down Expand Up @@ -89,10 +92,12 @@ ARG DEPENDENCIES=" \
ca-certificates"

ARG APT_MIRROR=http://mirrors.ustc.edu.cn
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=koko-apt \
--mount=type=cache,target=/var/lib/apt,sharing=locked,id=koko-apt \
sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
set -ex \
&& rm -f /etc/apt/apt.conf.d/docker-clean \
&& echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \
&& sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& apt-get update \
&& apt-get install -y --no-install-recommends ${DEPENDENCIES} \
Expand All @@ -109,7 +114,15 @@ COPY --from=stage-build /opt/koko/bin /usr/local/bin
COPY --from=stage-build /opt/koko/release .
COPY --from=stage-build /opt/koko/koko .

ENV LANG=zh_CN.UTF-8
ARG VERSION
ENV VERSION=${VERSION}

VOLUME /opt/koko/data

ENTRYPOINT ["./entrypoint.sh"]

EXPOSE 2222

STOPSIGNAL SIGQUIT

EXPOSE 2222 5000
CMD ["./entrypoint.sh"]
CMD [ "./koko" ]
168 changes: 39 additions & 129 deletions Dockerfile-ee
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,165 +1,75 @@
FROM redis:6.2-bullseye as redis

FROM node:16.20-bullseye-slim as ui-build
ARG TARGETARCH
ARG NPM_REGISTRY="https://registry.npmmirror.com"
ENV NPM_REGISTY=$NPM_REGISTRY

RUN set -ex \
&& npm config set registry ${NPM_REGISTRY} \
&& yarn config set registry ${NPM_REGISTRY}

WORKDIR /opt/koko/ui
ADD ui/package.json ui/yarn.lock .
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=koko \
yarn install

ADD ui .
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=koko \
yarn build

FROM golang:1.22-bullseye as stage-build
LABEL stage=stage-build
ARG TARGETARCH

WORKDIR /opt/koko
ARG HELM_VERSION=v3.12.2
ARG DOWNLOAD_URL=https://download.jumpserver.org

RUN set -ex \
&& echo "no" | dpkg-reconfigure dash

WORKDIR /opt/koko
ARG HELM_VERSION=v3.14.3
ARG KUBECTL_VERSION=v1.29.3
ARG CHECK_VERSION=v1.0.2
RUN set -ex \
&& mkdir -p /opt/koko/bin /opt/clickhouse \
&& LATEST_VERSION=$(curl -s https://packages.clickhouse.com/tgz/stable/ | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | sort -V -r | head -n 1) \
&& PKG="clickhouse-common-static" \
&& wget "https://packages.clickhouse.com/tgz/stable/$PKG-$LATEST_VERSION-${TARGETARCH}.tgz" \
&& tar -xf "$PKG-$LATEST_VERSION-${TARGETARCH}.tgz" --strip-components=1 -C /opt/clickhouse \
&& wget -O kubectl.tar.gz https://dl.k8s.io/${KUBECTL_VERSION}/kubernetes-client-linux-${TARGETARCH}.tar.gz \
&& tar -xf kubectl.tar.gz --strip-components=3 -C /opt/koko/bin/ kubernetes/client/bin/kubectl \
&& mv /opt/koko/bin/kubectl /opt/koko/bin/rawkubectl \
&& wget https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz \
&& tar -xf helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz --strip-components=1 -C /opt/koko/bin/ linux-${TARGETARCH}/helm \
&& mv /opt/koko/bin/helm /opt/koko/bin/rawhelm \
&& wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
&& tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/koko/bin/ \
&& wget https://github.com/ahmetb/kubectl-aliases/raw/master/.kubectl_aliases \
&& mv /opt/clickhouse/usr/bin/clickhouse /usr/local/bin/clickhouse-client \
&& chmod 755 /opt/koko/bin/* \
&& chown root:root /opt/koko/bin/* \
&& rm -f *.tar.gz *.tgz \
&& rm -rf /opt/clickhouse

ADD go.mod go.sum .

ARG GOPROXY=https://goproxy.io
ENV CGO_ENABLED=0
ENV GO111MODULE=on
ENV GOOS=linux

RUN --mount=type=cache,target=/root/.cache \
--mount=type=cache,target=/go/pkg/mod \
go mod download -x

COPY . .

COPY --from=ui-build /opt/koko/ui/dist ui/dist

ARG VERSION
ENV VERSION=$VERSION

RUN --mount=type=cache,target=/root/.cache \
--mount=type=cache,target=/go/pkg/mod \
set +x \
&& make build -s \
&& set -x && ls -al . \
&& mv /opt/koko/build/koko-linux-${TARGETARCH} /opt/koko/koko \
&& mv /opt/koko/build/helm-linux-${TARGETARCH} /opt/koko/bin/helm \
&& mv /opt/koko/build/kubectl-linux-${TARGETARCH} /opt/koko/bin/kubectl

RUN mkdir /opt/koko/release \
&& mv /opt/koko/locale /opt/koko/release \
&& mv /opt/koko/config_example.yml /opt/koko/release \
&& mv /opt/koko/entrypoint.sh /opt/koko/release \
&& mv /opt/koko/utils/init-kubectl.sh /opt/koko/release \
&& chmod 755 /opt/koko/release/entrypoint.sh /opt/koko/release/init-kubectl.sh

FROM debian:bullseye-slim
FROM debian:bullseye-slim as stage-build
ARG TARGETARCH

ARG DEPENDENCIES=" \
bash-completion \
ca-certificates \
curl \
git \
git-lfs \
iputils-ping \
jq \
less \
locales \
openssh-client \
freetds-bin \
mariadb-client \
postgresql-client \
telnet \
unzip \
vim \
wget \
xz-utils"
wget"

ARG APT_MIRROR=http://mirrors.ustc.edu.cn

RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=koko-apt \
--mount=type=cache,target=/var/lib/apt,sharing=locked,id=koko-apt \
sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
set -ex \
&& rm -f /etc/apt/apt.conf.d/docker-clean \
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \
&& sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends ${DEPENDENCIES} \
&& echo "no" | dpkg-reconfigure dash \
&& echo "zh_CN.UTF-8" | dpkg-reconfigure locales \
&& sed -i "s@# export @export @g" ~/.bashrc \
&& sed -i "s@# alias @alias @g" ~/.bashrc
&& apt-get -y install --no-install-recommends ${DEPENDENCIES} \
&& echo "no" | dpkg-reconfigure dash

WORKDIR /opt/koko

ARG MONGOSH_VERSION=1.10.3
RUN set -ex \
&& mkdir -p /opt/koko/bin /opt/koko/lib \
&& \
case "${TARGETARCH}" in \
amd64) \
wget https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-x64.tgz \
&& tar -xf mongosh-${MONGOSH_VERSION}-linux-x64.tgz \
&& chown root:root mongosh-${MONGOSH_VERSION}-linux-x64/bin/* \
&& mv mongosh-${MONGOSH_VERSION}-linux-x64/bin/mongosh /usr/local/bin/ \
&& mv mongosh-${MONGOSH_VERSION}-linux-x64/bin/mongosh_crypt_v1.so /usr/local/lib/ \
&& mv mongosh-${MONGOSH_VERSION}-linux-x64/bin/mongosh /opt/koko/bin/ \
&& mv mongosh-${MONGOSH_VERSION}-linux-x64/bin/mongosh_crypt_v1.so /opt/koko/lib/ \
&& rm -rf mongosh-${MONGOSH_VERSION}-linux-x64* \
;; \
arm64) \
wget https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}.tgz \
&& tar -xf mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}.tgz \
&& chown root:root mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/* \
&& mv mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/mongosh /usr/local/bin/ \
&& mv mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/mongosh_crypt_v1.so /usr/local/lib/ \
&& mv mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/mongosh /opt/koko/bin/ \
&& mv mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/mongosh_crypt_v1.so /opt/koko/lib/ \
&& rm -rf mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}* \
;; \
*) \
echo "Unsupported architecture: ${TARGETARCH}" \
;; \
esac

COPY --from=redis /usr/local/bin/redis-cli /usr/local/bin/redis-cli

WORKDIR /opt/koko/
FROM registry.fit2cloud.com/jumpserver/koko:${VERSION}-lite
ARG TARGETARCH

COPY --from=stage-build /opt/koko/.kubectl_aliases /opt/kubectl-aliases/.kubectl_aliases
COPY --from=stage-build /opt/koko/bin /usr/local/bin
COPY --from=stage-build /opt/koko/release .
COPY --from=stage-build /opt/koko/koko .
ARG DEPENDENCIES=" \
bash-completion \
curl \
git \
git-lfs \
iputils-ping \
jq \
less \
openssh-client \
telnet \
unzip \
vim \
wget \
xz-utils"

ENV LANG=zh_CN.UTF-8
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
set -ex \
&& apt-get update \
&& apt-get install -y --no-install-recommends ${DEPENDENCIES}

EXPOSE 2222 5000
CMD ["./entrypoint.sh"]
COPY --from=stage-build /opt/koko/bin /usr/local/bin
COPY --from=stage-build /opt/koko/lib /usr/local/lib
37 changes: 14 additions & 23 deletions entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,29 +1,20 @@
#!/bin/sh
#

until /usr/local/bin/check ${CORE_HOST}/api/health/; do
echo "wait for jms_core ${CORE_HOST} ready"
sleep 2
done
if [ -n "$CORE_HOST" ]; then
until check ${CORE_HOST}/api/health/; do
echo "wait for jms_core ${CORE_HOST} ready"
sleep 2
done
fi

# 限制所有可执行目录的权限
chmod -R 700 /usr/local/sbin/* && chmod -R 700 /usr/local/bin/* && chmod -R 700 /usr/bin/*
chmod -R 700 /usr/sbin/* && chmod -R 700 /sbin/* && chmod -R 700 /bin/*
export WORK_DIR=/opt/koko
export COMPONENT_NAME=koko
export WISP_TRACE_PROCESS=1
export EXECUTE_PROGRAM=/opt/koko/koko

function init_jms_k8s_user(){
echo `getent passwd | grep 'jms_k8s_user' || useradd -M -U -d /nonexistent jms_k8s_user` > /dev/null 2>&1
echo `getent passwd | grep 'jms_k8s_user' | grep '/nonexistent' || usermod -d /nonexistent jms_k8s_user` > /dev/null 2>&1
echo `getent group | grep 'jms_k8s_user' || groupadd jms_k8s_user` > /dev/null 2>&1
}
init_jms_k8s_user
if [ ! "$LOG_LEVEL" ]; then
export LOG_LEVEL=ERROR
fi

# 放开部分需要的可执行权限
chmod 755 `which mysql` `which psql` `which mongosh` `which tsql` `which redis` `which clickhouse-client`
chmod 755 `which kubectl` `which rawkubectl` `which helm` `which rawhelm`

# k8s 集群连接需要的命令
chown :jms_k8s_user `which jq` `which less` `which vim` `which ls` `which bash` `which grep`
chmod 750 `which jq` `which less` `which vim` `which ls` `which bash` `which grep`

cd /opt/koko
./koko
exec "$@"
Loading