diff --git a/.github/workflows/build-base-image.yml b/.github/workflows/build-base-image.yml new file mode 100644 index 0000000000..b373029656 --- /dev/null +++ b/.github/workflows/build-base-image.yml @@ -0,0 +1,61 @@ +name: Build and Push Base Image + +on: + push: + paths: + - 'package.json' + - 'package-lock.json' + - 'yarn.lock' + - 'Dockerfile-base' + +jobs: + build-and-push: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Extract date + id: vars + run: echo "IMAGE_TAG=$(date +'%Y%m%d_%H%M%S')" >> $GITHUB_ENV + + - name: Extract repository name + id: repo + run: echo "REPO=$(basename ${{ github.repository }})" >> $GITHUB_ENV + + - name: Create builder + run: | + docker buildx create --use --name mybuilder + docker buildx inspect --bootstrap + + - name: Build and push multi-arch image + run: | + docker buildx build \ + --platform linux/amd64,linux/arm64 \ + -f Dockerfile-base \ + -t jumpserver/${{ env.REPO }}-base:${{ env.IMAGE_TAG }} \ + --push . + + - name: Update Dockerfile + run: | + sed -i 's|-base:.* AS stage-build|-base:${{ env.IMAGE_TAG }} AS stage-build|' Dockerfile + + - name: Commit changes + run: | + git config --global user.name 'github-actions[bot]' + git config --global user.email 'github-actions[bot]@users.noreply.github.com' + git add Dockerfile + git commit -m "perf: Update Dockerfile with new base image tag" + git push + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/Dockerfile b/Dockerfile index 72b92d6575..173e0d30db 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,34 +1,4 @@ -FROM node:16.20-bullseye-slim AS stage-build -ARG TARGETARCH - -ARG DEPENDENCIES=" \ - g++ \ - make \ - python3" - -ARG APT_MIRROR=http://mirrors.ustc.edu.cn -RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ - --mount=type=cache,target=/var/lib/apt,sharing=locked \ - set -ex \ - && rm -f /etc/apt/apt.conf.d/docker-clean \ - && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \ - && sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \ - && apt-get update \ - && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ - && echo "no" | dpkg-reconfigure dash - -ARG NPM_REGISTRY="https://registry.npmmirror.com" - -RUN set -ex \ - && npm config set registry ${NPM_REGISTRY} \ - && yarn config set registry ${NPM_REGISTRY} - -WORKDIR /data - -RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked \ - --mount=type=bind,source=package.json,target=package.json \ - --mount=type=bind,source=yarn.lock,target=yarn.lock \ - yarn install +FROM jumpserver/lina-base:latest AS stage-build ARG VERSION ENV VERSION=$VERSION diff --git a/Dockerfile-base b/Dockerfile-base new file mode 100644 index 0000000000..87322cfd46 --- /dev/null +++ b/Dockerfile-base @@ -0,0 +1,17 @@ +FROM node:16.20-bullseye-slim + +ARG DEPENDENCIES=" \ + g++ \ + make \ + python3" +RUN set -ex \ + && rm -f /etc/apt/apt.conf.d/docker-clean \ + && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache \ + && apt-get update \ + && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ + && echo "no" | dpkg-reconfigure dash + +WORKDIR /data +COPY package.json yarn.lock /data/ + +RUN npm install