-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
b05215a
commit a491e92
Showing
5 changed files
with
79 additions
and
128 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,49 +1,66 @@ | ||
name: "Run Build Test" | ||
on: | ||
push: | ||
branches: | ||
- pr@* | ||
- repr@* | ||
paths: | ||
- 'Dockerfile' | ||
- 'Dockerfile*' | ||
- 'Dockerfile-*' | ||
- 'go.mod' | ||
- 'go.sum' | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- uses: docker/setup-qemu-action@v3 | ||
- uses: docker/setup-buildx-action@v3 | ||
|
||
- name: Prepare Mirror | ||
run: | | ||
sed -i '[email protected]@registry.yarnpkg.com@g' ui/yarn.lock | ||
sed -i '[email protected]/@@g' Dockerfile | ||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.repository_owner }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build CE Image | ||
uses: docker/build-push-action@v5 | ||
with: | ||
context: . | ||
push: false | ||
push: true | ||
file: Dockerfile | ||
tags: jumpserver/lion-ce:test | ||
tags: jumpserver/lion:v4-lite | ||
platforms: linux/amd64 | ||
build-args: | | ||
VERSION=v4 | ||
GOPROXY=direct | ||
APT_MIRROR=http://deb.debian.org | ||
NPM_REGISTRY=https://registry.yarnpkg.com | ||
outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true | ||
cache-from: type=gha | ||
cache-to: type=gha,mode=max | ||
|
||
- name: Prepare EE Image | ||
run: | | ||
sed -i 's@^FROM registry.fit2cloud.com/jumpserver@FROM ghcr.io/jumpserver@g' Dockerfile-ee | ||
- name: Build EE Image | ||
uses: docker/build-push-action@v5 | ||
with: | ||
context: . | ||
push: false | ||
file: Dockerfile-ee | ||
tags: jumpserver/lion-ee:test | ||
tags: jumpserver/lion:v4 | ||
platforms: linux/amd64 | ||
build-args: | | ||
VERSION=v4 | ||
GOPROXY=direct | ||
APT_MIRROR=http://deb.debian.org | ||
NPM_REGISTRY=https://registry.yarnpkg.com | ||
outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true | ||
cache-from: type=gha | ||
cache-to: type=gha,mode=max |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,98 +1,17 @@ | ||
FROM node:16.20-bullseye-slim as ui-build | ||
ARG TARGETARCH | ||
ARG NPM_REGISTRY="https://registry.npmmirror.com" | ||
ENV NPM_REGISTY=$NPM_REGISTRY | ||
|
||
RUN set -ex \ | ||
&& npm config set registry ${NPM_REGISTRY} \ | ||
&& yarn config set registry ${NPM_REGISTRY} | ||
|
||
WORKDIR /opt/lion/ui | ||
ADD ui/package.json ui/yarn.lock . | ||
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=lion \ | ||
yarn install | ||
|
||
ADD ui . | ||
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=lion \ | ||
yarn build | ||
|
||
FROM golang:1.22-bullseye as stage-build | ||
LABEL stage=stage-build | ||
ARG TARGETARCH | ||
|
||
WORKDIR /opt | ||
|
||
ARG CHECK_VERSION=v1.0.2 | ||
RUN set -ex \ | ||
&& wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ | ||
&& tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ | ||
&& mv check /usr/local/bin/ \ | ||
&& chown root:root /usr/local/bin/check \ | ||
&& chmod 755 /usr/local/bin/check \ | ||
&& rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz | ||
|
||
WORKDIR /opt/lion | ||
|
||
ADD go.mod go.sum . | ||
|
||
ARG GOPROXY=https://goproxy.io | ||
ENV CGO_ENABLED=0 | ||
ENV GO111MODULE=on | ||
ENV GOOS=linux | ||
|
||
RUN --mount=type=cache,target=/root/.cache \ | ||
--mount=type=cache,target=/go/pkg/mod \ | ||
go mod download -x | ||
|
||
COPY . . | ||
ARG VERSION | ||
ENV VERSION=$VERSION | ||
|
||
RUN --mount=type=cache,target=/root/.cache \ | ||
--mount=type=cache,target=/go/pkg/mod \ | ||
export GOFlAGS="-X 'main.Buildstamp=`date -u '+%Y-%m-%d %I:%M:%S%p'`'" \ | ||
&& export GOFlAGS="${GOFlAGS} -X 'main.Githash=`git rev-parse HEAD`'" \ | ||
&& export GOFlAGS="${GOFlAGS} -X 'main.Goversion=`go version`'" \ | ||
&& export GOFlAGS="${GOFlAGS} -X 'main.Version=${VERSION}'" \ | ||
&& go build -trimpath -x -ldflags "$GOFlAGS" -o lion . | ||
|
||
RUN chmod +x entrypoint.sh | ||
|
||
FROM jumpserver/guacd:1.5.3-bullseye | ||
FROM registry.fit2cloud.com/jumpserver/lion:${VERSION}-lite | ||
ARG TARGETARCH | ||
ENV LANG=zh_CN.UTF-8 | ||
|
||
USER root | ||
|
||
ARG DEPENDENCIES=" \ | ||
ca-certificates \ | ||
curl \ | ||
locales \ | ||
supervisor \ | ||
telnet" | ||
|
||
ARG APT_MIRROR=http://mirrors.ustc.edu.cn | ||
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=lion \ | ||
sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \ | ||
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ | ||
iputils-ping \ | ||
telnet \ | ||
vim \ | ||
wget" | ||
|
||
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ | ||
--mount=type=cache,target=/var/lib/apt,sharing=locked \ | ||
set -ex \ | ||
&& apt-get update \ | ||
&& apt-get install -y --no-install-recommends ${DEPENDENCIES} \ | ||
&& echo "zh_CN.UTF-8" | dpkg-reconfigure locales \ | ||
&& sed -i "s@# export @export @g" ~/.bashrc \ | ||
&& sed -i "s@# alias @alias @g" ~/.bashrc \ | ||
&& rm -rf /var/lib/apt/lists/* | ||
|
||
WORKDIR /opt/lion | ||
|
||
COPY --from=ui-build /opt/lion/ui/dist ui/dist/ | ||
COPY --from=stage-build /usr/local/bin /usr/local/bin | ||
COPY --from=stage-build /opt/lion/lion . | ||
COPY --from=stage-build /opt/lion/config_example.yml . | ||
COPY --from=stage-build /opt/lion/entrypoint.sh . | ||
COPY --from=stage-build /opt/lion/supervisord.conf /etc/supervisor/conf.d/supervisord.conf | ||
|
||
ARG VERSION | ||
ENV VERSION=$VERSION | ||
|
||
EXPOSE 8081 | ||
CMD ["./entrypoint.sh"] | ||
&& apt-get install -y --no-install-recommends ${DEPENDENCIES} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,38 +1,42 @@ | ||
#!/bin/sh | ||
# | ||
|
||
until /usr/local/bin/check ${CORE_HOST}/api/health/; do | ||
echo "wait for jms_core ${CORE_HOST} ready" | ||
sleep 2 | ||
done | ||
if [ -n "$CORE_HOST" ]; then | ||
until check ${CORE_HOST}/api/health/; do | ||
echo "wait for jms_core ${CORE_HOST} ready" | ||
sleep 2 | ||
done | ||
fi | ||
|
||
if [ ! -d "/opt/lion/data/logs" ]; then | ||
mkdir -p /opt/lion/data/logs | ||
fi | ||
|
||
if [ "$LOG_LEVEL" ]; then | ||
level="info" | ||
case $LOG_LEVEL in | ||
"DEBUG") | ||
level="debug" | ||
;; | ||
"INFO") | ||
level='info' | ||
;; | ||
"WARN") | ||
level='warning' | ||
;; | ||
"ERROR" | "FATAL" | "CRITICAL") | ||
level='error' | ||
;; | ||
esac | ||
export GUACD_LOG_LEVEL=$level | ||
fi | ||
: ${LOG_LEVEL:='ERROR'} | ||
|
||
case $LOG_LEVEL in | ||
"DEBUG") | ||
level="debug" | ||
;; | ||
"INFO") | ||
level='info' | ||
;; | ||
"WARN") | ||
level='warning' | ||
;; | ||
"ERROR" | "FATAL" | "CRITICAL") | ||
level='error' | ||
;; | ||
*) | ||
level='error' | ||
;; | ||
esac | ||
export GUACD_LOG_LEVEL=$level | ||
|
||
echo | ||
date | ||
echo "LION Version $VERSION, more see https://www.jumpserver.org" | ||
echo "Quit the server with CONTROL-C." | ||
echo | ||
|
||
/usr/bin/supervisord | ||
exec "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters