diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml new file mode 100644 index 0000000..4ed5a91 --- /dev/null +++ b/.github/workflows/build-image.yml @@ -0,0 +1,68 @@ +name: Build and Push Base Image + +on: + push: + branches: + - 'pr*' + paths: + - 'versions.txt' + +jobs: + build-and-push: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Extract date + id: vars + run: echo "IMAGE_TAG=$(date +'%Y%m%d_%H%M%S')" >> $GITHUB_ENV + + - name: Extract repository name + id: repo + run: echo "REPO=$(basename ${{ github.repository }})" >> $GITHUB_ENV + + - name: Build and push multi-arch image + uses: docker/build-push-action@v6 + with: + platforms: linux/amd64,linux/arm64 + push: true + tags: jumpserver/${{ env.REPO }}:${{ env.IMAGE_TAG }} + file: Dockerfile + + - name: Get current branch name + id: get_branch + run: echo "current_branch=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV + + - name: Set up Git + run: | + git config --global user.name 'github-actions[bot]' + git config --global user.email 'github-actions[bot]@users.noreply.github.com' + + - name: Update docker-web dependencies applets + run: | + git clone https://github.com/jumpserver/docker-web.git + cd docker-web + git checkout -b ${{ env.current_branch }} + sed -i 's|jumpserver/web-static:.* |jumpserver/web-static:${{ env.IMAGE_TAG }} |' Dockerfile-ee + git add Dockerfile-ee + git commit -m "perf: Update Dockerfile-ee web static version" + + - name: Push changes + run: | + cd docker-web + git remote set-url origin https://${{ secrets.PRIVATE_TOKEN }}@github.com/jumpserver/docker-web.git + git push origin ${{ env.current_branch }} diff --git a/.github/workflows/jms-build-test.yml b/.github/workflows/jms-build-test.yml.bak similarity index 100% rename from .github/workflows/jms-build-test.yml rename to .github/workflows/jms-build-test.yml.bak diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml.bak similarity index 92% rename from .github/workflows/release.yml rename to .github/workflows/release.yml.bak index 0be1c69..77fbf43 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml.bak @@ -1,8 +1,8 @@ on: - push: - branches: - - master + paths: + - 'prepare.sh' + - 'Dockerfile' name: Checkout and Create Release Version @@ -29,13 +29,6 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Login to FIT2CLOUD Container Registry - uses: docker/login-action@v3 - with: - registry: registry.fit2cloud.com - username: ${{ secrets.FIT2CLOUD_USERNAME }} - password: ${{ secrets.FIT2CLOUD_TOKEN }} - - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: @@ -101,4 +94,4 @@ jobs: run: | ossutil mkdir oss://jms-pkg/jumpserver/web-static/releases/download/${{ steps.get-version.outputs.upload_version }}/ || echo "Path already exists" ossutil cp -r opt/download/applets/ oss://jms-pkg/jumpserver/web-static/releases/download/${{ steps.get-version.outputs.upload_version }}/ --update - ossutil cp -r opt/download/public/ oss://jms-pkg/jumpserver/web-static/releases/download/${{ steps.get-version.outputs.upload_version }}/ --update \ No newline at end of file + ossutil cp -r opt/download/public/ oss://jms-pkg/jumpserver/web-static/releases/download/${{ steps.get-version.outputs.upload_version }}/ --update diff --git a/.github/workflows/sync.yml b/.github/workflows/sync.yml.bak similarity index 100% rename from .github/workflows/sync.yml rename to .github/workflows/sync.yml.bak diff --git a/Dockerfile b/Dockerfile index 2ba08bc..63b6f64 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,9 @@ -FROM scratch -ARG TARGETARCH -COPY opt /opt \ No newline at end of file +FROM alpine:3.20.1 + +WORKDIR /opt + +COPY . . + +RUN set -ex \ + && apk add --no-cache bash \ + && bash /opt/prepare.sh diff --git a/prepare.sh b/prepare.sh index f2bb2e8..b1296dd 100755 --- a/prepare.sh +++ b/prepare.sh @@ -1,57 +1,51 @@ #!/bin/bash set -ex -PLAY_VERSION=1.1.0-1 -PYTHON_VERSION=3.11.6 -CHROME_VERSION=118.0.5993.118 -CHROME_DRIVER_VERSION=118.0.5993.70 -DBEAVER_VERSION=22.3.4 -TINKER_VERSION=v0.1.6 -MRD_VERSION=10.6.7 -VIDEO_PLAYER_VERSION=0.1.9 -OPENSSH_VERSION=v9.4.0.0 -Client_VERSION=v2.1.3 -MONGOSH_VERSION=2.2.12 +echo "check_certificate = off + no_clobber = on" > /tmp/.wgetrc +export WGETRC=/tmp/.wgetrc + +PROJECT_DIR=$(cd `dirname $0`; pwd) + +. "${PROJECT_DIR}"/versions.txt DOWNLOAD_URL=https://download.jumpserver.org -PROJECT_DIR=$(cd `dirname $0`; pwd) if [ -d "/opt/lina" ] && [ -d "/opt/luna" ]; then PROJECT_DIR=/ fi -cd ${PROJECT_DIR} || exit 1 - mkdir -p ${PROJECT_DIR}/opt/player cd ${PROJECT_DIR}/opt/player || exit 1 -wget --no-clobber ${DOWNLOAD_URL}/public/glyptodon-enterprise-player-${PLAY_VERSION}.tar.gz +wget ${DOWNLOAD_URL}/public/glyptodon-enterprise-player-${PLAY_VERSION}.tar.gz tar -xf glyptodon-enterprise-player-${PLAY_VERSION}.tar.gz -C ${PROJECT_DIR}/opt/player --strip-components 1 rm -f glyptodon-enterprise-player-${PLAY_VERSION}.tar.gz -mkdir -p ${PROJECT_DIR}/opt/download/applets -cd ${PROJECT_DIR}/opt/download/applets -wget --no-clobber -O chromedriver-${CHROME_DRIVER_VERSION}-win64.zip https://github.com/jumpserver-dev/Chrome-Portable-Win64/releases/download/${CHROME_DRIVER_VERSION}/chromedriver-win64.zip -wget --no-clobber -O chrome-${CHROME_VERSION}-win.zip https://github.com/jumpserver-dev/Chrome-Portable-Win64/releases/download/${CHROME_VERSION}/chrome-win.zip -wget --no-clobber https://www.python.org/ftp/python/${PYTHON_VERSION}/python-${PYTHON_VERSION}-amd64.exe -wget --no-clobber ${DOWNLOAD_URL}/public/dbeaver-ce-${DBEAVER_VERSION}-x86_64-setup.exe -wget --no-clobber ${DOWNLOAD_URL}/public/dbeaver-patch-${DBEAVER_VERSION}-x86_64-setup.msi -wget --no-clobber ${DOWNLOAD_URL}/public/Tinker_Installer_${TINKER_VERSION}.exe - -mkdir -p ${PROJECT_DIR}/opt/download/public -cd ${PROJECT_DIR}/opt/download/public || exit 1 -wget --no-clobber ${DOWNLOAD_URL}/public/Microsoft_Remote_Desktop_${MRD_VERSION}_installer.pkg -wget --no-clobber https://github.com/jumpserver/VideoPlayer/releases/download/v0.1.9/JumpServer.Video.Player-${VIDEO_PLAYER_VERSION}.dmg -wget --no-clobber https://github.com/jumpserver/VideoPlayer/releases/download/v0.1.9/JumpServer.Video.Player.Setup.${VIDEO_PLAYER_VERSION}.exe -wget --no-clobber https://github.com/PowerShell/Win32-OpenSSH/releases/download/${OPENSSH_VERSION}p1-Beta/OpenSSH-Win64-${OPENSSH_VERSION}.msi -wget --no-clobber https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-win-${Client_VERSION}-x64.msi -wget --no-clobber https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-win-${Client_VERSION}-x64.exe -wget --no-clobber https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-mac-${Client_VERSION}-x64.dmg -wget --no-clobber https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-mac-${Client_VERSION}-arm64.dmg -wget --no-clobber https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-linux-${Client_VERSION}-amd64.deb -wget --no-clobber https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-linux-${Client_VERSION}-arm64.deb - -if [ "${USE_XPACK}" = "0" ]; then - for arch in x64 arm64 ppc64le s390x; do - wget --no-clobber https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${arch}.tgz - done -fi \ No newline at end of file +DOWNLOAD_DIR=${PROJECT_DIR}/opt/download +mkdir -p ${DOWNLOAD_DIR}/applets +cd ${DOWNLOAD_DIR}/applets || exit 1 +wget -O chromedriver-${CHROME_DRIVER_VERSION}-win64.zip https://github.com/jumpserver-dev/Chrome-Portable-Win64/releases/download/${CHROME_DRIVER_VERSION}/chromedriver-win64.zip +wget -O chrome-${CHROME_VERSION}-win.zip https://github.com/jumpserver-dev/Chrome-Portable-Win64/releases/download/${CHROME_VERSION}/chrome-win.zip +wget https://www.python.org/ftp/python/${PYTHON_VERSION}/python-${PYTHON_VERSION}-amd64.exe +wget ${DOWNLOAD_URL}/public/dbeaver-ce-${DBEAVER_VERSION}-x86_64-setup.exe +wget ${DOWNLOAD_URL}/public/dbeaver-patch-${DBEAVER_VERSION}-x86_64-setup.msi +wget ${DOWNLOAD_URL}/public/Tinker_Installer_${TINKER_VERSION}.exe + +mkdir -p ${DOWNLOAD_DIR}/public +cd ${DOWNLOAD_DIR}/public || exit 1 +wget ${DOWNLOAD_URL}/public/Microsoft_Remote_Desktop_${MRD_VERSION}_installer.pkg +wget https://github.com/jumpserver/VideoPlayer/releases/download/v0.1.9/JumpServer.Video.Player-${VIDEO_PLAYER_VERSION}.dmg +wget https://github.com/jumpserver/VideoPlayer/releases/download/v0.1.9/JumpServer.Video.Player.Setup.${VIDEO_PLAYER_VERSION}.exe +wget https://github.com/PowerShell/Win32-OpenSSH/releases/download/${OPENSSH_VERSION}p1-Beta/OpenSSH-Win64-${OPENSSH_VERSION}.msi + +clients=("win-${Client_VERSION}-x64.exe" "mac-${Client_VERSION}-x64.dmg" "mac-${Client_VERSION}-arm64.dmg" + "linux-${Client_VERSION}-amd64.deb" "linux-${Client_VERSION}-arm64.deb") +for client in "${clients[@]}"; do + wget "https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${client}" +done + +for arch in x64 arm64; do + wget https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${arch}.tgz +done + +cp "${PROJECT_DIR}"/versions.txt ${DOWNLOAD_DIR} diff --git a/versions.txt b/versions.txt new file mode 100644 index 0000000..1948eb8 --- /dev/null +++ b/versions.txt @@ -0,0 +1,11 @@ +PLAY_VERSION=1.1.0-1 +PYTHON_VERSION=3.11.6 +CHROME_VERSION=118.0.5993.118 +CHROME_DRIVER_VERSION=118.0.5993.70 +DBEAVER_VERSION=22.3.4 +MRD_VERSION=10.6.7 +OPENSSH_VERSION=v9.4.0.0 +MONGOSH_VERSION=2.2.12 +TINKER_VERSION=v0.1.6 +VIDEO_PLAYER_VERSION=0.1.9 +Client_VERSION=v2.1.3