jiazhizhong/LiteOps
1
0
Fork 0
mirror of https://github.com/opsre/LiteOps.git synced 2026-02-06 15:11:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
7f7cd9b33348a59afcaf0850cdae8bc00398afa6
LiteOps/Dockerfile

252 lines
10 KiB
Docker
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# =============================================================================
# LiteOps CI/CD Platform - Docker in Docker Multi-stage Dockerfile
# =============================================================================
# 第一阶段:构建和工具安装阶段
FROM debian:bullseye-slim AS builder
# 设置构建时的环境变量
ENV DEBIAN_FRONTEND=noninteractive \
PYTHONUNBUFFERED=1 \
PYTHONDONTWRITEBYTECODE=1 \
# Java环境变量
JAVA_HOME=/usr/local/java/jdk1.8.0_211 \
MAVEN_HOME=/usr/local/maven/apache-maven-3.8.8 \
# NVM环境变量
NVM_DIR=/root/.nvm \
# Docker版本
DOCKER_VERSION=24.0.7
# =============================================================================
# 系统基础配置和轻量化软件安装
# =============================================================================
RUN set -eux; \
# 配置阿里云镜像源以加速下载
sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list && \
sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list && \
apt-get update && \
apt-get install -y --no-install-recommends \
# Python
python3.9 \
python3-pip \
curl \
ca-certificates \
# SSH
openssh-client \
# GitGitPython依赖
git \
# 进程管理
procps \
bash \
# Docker安装依赖
apt-transport-https \
gnupg \
lsb-release \
iptables \
&& \
# 创建Python符号链接
ln -sf /usr/bin/python3.9 /usr/bin/python3 && \
ln -sf /usr/bin/python3.9 /usr/bin/python && \
# 配置pip镜像源
pip config set global.index-url https://mirrors.aliyun.com/pypi/simple/ && \
pip config set install.trusted-host mirrors.aliyun.com && \
# SSH客户端基础配置
mkdir -p /root/.ssh && \
chmod 700 /root/.ssh && \
# 安装NVM
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash && \
echo 'export NVM_DIR="$HOME/.nvm"' >> /root/.bashrc && \
echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"' >> /root/.bashrc && \
echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" --no-use' >> /root/.profile && \
# 创建Java和Maven安装目录
mkdir -p /usr/local/java /usr/local/maven && \
# 安装Docker Engine
(curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/debian bullseye stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null) || \
(curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian bullseye stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null) && \
apt-get update && \
apt-get install -y --no-install-recommends \
docker-ce-cli \
docker-ce \
&& \
apt-get autoremove -y && \
apt-get autoclean && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /var/cache/apt/* /root/.cache/*
# =============================================================================
# Java环境安装
# =============================================================================
COPY jdk-8u211-linux-x64.tar.gz apache-maven-3.8.8-bin.tar.gz /tmp/
RUN set -eux; \
# 解压JDK和Maven
tar -xzf /tmp/jdk-8u211-linux-x64.tar.gz -C /usr/local/java && \
tar -xzf /tmp/apache-maven-3.8.8-bin.tar.gz -C /usr/local/maven && \
# 立即清理压缩包
rm -f /tmp/jdk-8u211-linux-x64.tar.gz /tmp/apache-maven-3.8.8-bin.tar.gz && \
# 删除所有不必要的文件
cd /usr/local/java/jdk1.8.0_211 && \
rm -rf src.zip javafx-src.zip man sample demo \
COPYRIGHT LICENSE README.html THIRDPARTYLICENSEREADME.txt \
release ASSEMBLY_EXCEPTION && \
# 删除不常用的JDK工具
cd bin && \
rm -f appletviewer extcheck jarsigner java-rmi.cgi \
javadoc javah javap javaws jcmd jconsole jdb jhat \
jinfo jmap jps jrunscript jsadebugd jstack jstat \
jstatd jvisualvm native2ascii orbd policytool \
rmic rmid rmiregistry schemagen serialver servertool \
tnameserv wsgen wsimport xjc && \
# 删除JRE中的不必要文件
cd ../jre && \
rm -rf COPYRIGHT LICENSE README THIRDPARTYLICENSEREADME.txt \
ASSEMBLY_EXCEPTION release && \
cd bin && \
rm -f javaws jvisualvm orbd policytool rmid \
rmiregistry servertool tnameserv && \
# Maven安装删除文档和示例
cd /usr/local/maven/apache-maven-3.8.8 && \
rm -rf LICENSE NOTICE README.txt
# =============================================================================
# 第二阶段:超轻量运行时镜像
# =============================================================================
FROM debian:bullseye-slim
# 设置运行时环境变量
ENV DEBIAN_FRONTEND=noninteractive \
PYTHONUNBUFFERED=1 \
PYTHONDONTWRITEBYTECODE=1 \
# Java环境变量
JAVA_HOME=/usr/local/java/jdk1.8.0_211 \
MAVEN_HOME=/usr/local/maven/apache-maven-3.8.8 \
# NVM环境变量
NVM_DIR=/root/.nvm \
# Docker版本
DOCKER_VERSION=24.0.7 \
# Locale配置 - 使用POSIX避免SSH locale警告
LC_ALL=POSIX \
LANG=POSIX \
# 更新PATH环境变量
PATH=/usr/local/java/jdk1.8.0_211/bin:/usr/local/maven/apache-maven-3.8.8/bin:/usr/local/bin:/usr/local/sbin:$PATH
# =============================================================================
# 运行时最小化系统配置
# =============================================================================
RUN set -eux; \
# 配置阿里云镜像源
sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list && \
sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list && \
# 只安装绝对必需的运行时包
apt-get update && \
apt-get install -y --no-install-recommends \
python3.9 \
python3-pip \
curl \
ca-certificates \
# SSH
openssh-client \
# GitGitPython依赖
git \
# 轻量web服务器
nginx-light \
# 进程管理
procps \
bash \
# Docker运行时依赖
apt-transport-https \
gnupg \
lsb-release \
iptables \
&& \
# 创建Python符号链接
ln -sf /usr/bin/python3.9 /usr/bin/python3 && \
ln -sf /usr/bin/python3.9 /usr/bin/python && \
# 配置pip镜像源
pip config set global.index-url https://mirrors.aliyun.com/pypi/simple/ && \
pip config set install.trusted-host mirrors.aliyun.com && \
# 安装Docker Engine
(curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/debian bullseye stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null) || \
(curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian bullseye stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null) && \
apt-get update && \
apt-get install -y --no-install-recommends \
docker-ce-cli \
docker-ce \
&& \
# 安装kubectl - 使用官方二进制文件
KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt) && \
curl -LO "https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl" && \
chmod +x kubectl && \
mv kubectl /usr/local/bin/ && \
# 创建必要的目录
mkdir -p /app/logs && \
rm -rf /var/log/nginx/* /var/lib/nginx/body /var/lib/nginx/fastcgi \
/var/lib/nginx/proxy /var/lib/nginx/scgi /var/lib/nginx/uwsgi \
/etc/nginx/sites-enabled/default && \
apt-get autoremove -y && \
apt-get autoclean && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /var/cache/apt/* /root/.cache/* \
/var/cache/debconf/* /var/lib/dpkg/info/* /usr/share/doc/* \
/usr/share/man/* /usr/share/locale/* /usr/share/info/*
# =============================================================================
# 从构建阶段复制文件
# =============================================================================
# 复制SSH配置
COPY --from=builder /root/.ssh /root/.ssh
# 复制NVM环境
COPY --from=builder /root/.nvm /root/.nvm
COPY --from=builder /root/.bashrc /root/.bashrc
COPY --from=builder /root/.profile /root/.profile
# 复制Java环境
COPY --from=builder /usr/local/java /usr/local/java
COPY --from=builder /usr/local/maven /usr/local/maven
# Docker已在运行时阶段安装无需复制
# =============================================================================
# 应用程序配置
# =============================================================================
# 设置工作目录
WORKDIR /app
# 配置Nginx - 复制自定义配置文件
COPY nginx.conf /etc/nginx/sites-available/default
RUN ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
# 复制前端构建文件到Nginx静态文件目录
COPY web/dist/ /usr/share/nginx/html/
# Python依赖安装
COPY backend/requirements.txt /app/
RUN pip install --no-cache-dir -r requirements.txt && \
# 清理pip缓存和不必要的文件
rm -rf /root/.cache/pip /tmp/* && \
# 移除pip的缓存目录
pip cache purge 2>/dev/null || true
# 复制后端应用代码
COPY backend/ /app/
# 复制启动脚本并设置执行权限
COPY docker-entrypoint.sh /app/
COPY ci-entrypoint-dind.sh /usr/local/bin/
RUN chmod +x /app/docker-entrypoint.sh /usr/local/bin/ci-entrypoint-dind.sh
# =============================================================================
# 容器配置
# =============================================================================
# 暴露端口
# 80: Nginx Web服务器端口
# 8900: Django后端API端口
EXPOSE 80 8900
# 设置容器入口点和默认命令
ENTRYPOINT ["/usr/local/bin/ci-entrypoint-dind.sh"]
CMD ["/app/docker-entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink