From bd40c449513ec40a45301bac1a6c9991688dbc68 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 18 Nov 2025 16:30:23 +0000 Subject: [PATCH] Add version-based tags for Debian Docker images - Read version from version.yaml in build and build310 jobs - Add version-debian tag (e.g., 2.19.2-debian) for debian/debian-dev branches - Update build310 to include version-debian-python3.10 tag - Copy Debian-based Dockerfiles from debian-dev branch - Add debian and debian-dev branches to workflow triggers Co-authored-by: whyour <22700758+whyour@users.noreply.github.com> --- .github/workflows/build-docker-image.yml | 63 ++++++++++--- docker/310.Dockerfile | 107 ++++++++++++++--------- docker/Dockerfile | 107 ++++++++++++++--------- 3 files changed, 183 insertions(+), 94 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index d10b4400..49755896 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -7,6 +7,8 @@ on: branches: - "master" - "develop" + - "debian" + - "debian-dev" tags: - "v*" schedule: @@ -129,6 +131,13 @@ jobs: with: cache: "pnpm" + - name: Read version from version.yaml + id: version + run: | + VERSION=$(grep '^version:' version.yaml | awk '{print $2}') + echo "version=$VERSION" >> $GITHUB_OUTPUT + echo "Version: $VERSION" + - name: Setup timezone uses: szenius/set-timezone@v2.0 with: @@ -164,6 +173,7 @@ jobs: type=ref,event=pr type=ref,event=branch,enable=${{ github.ref != format('refs/heads/{0}', 'master') }} type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }} + type=raw,value=${{ steps.version.outputs.version }}-debian,enable=${{ github.ref == format('refs/heads/{0}', 'debian') || github.ref == format('refs/heads/{0}', 'debian-dev') }} type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} @@ -183,22 +193,21 @@ jobs: QL_BRANCH=${{ github.ref_name }} SOURCE_COMMIT=${{ github.sha }} network: host - # linux/s390x npm 暂不可用 - platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/386 + platforms: linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x context: . file: ./docker/Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=whyour/qinglong:cache - cache-to: type=registry,ref=whyour/qinglong:cache,mode=max + cache-from: type=registry,ref=whyour/qinglong:cache-debian + cache-to: type=registry,ref=whyour/qinglong:cache-debian,mode=max - name: Image digest run: | echo ${{ steps.docker_build.outputs.digest }} build310: - if: ${{ github.ref_name == 'master' }} + if: ${{ github.ref_name == 'debian' }} needs: build-static runs-on: ubuntu-22.04 @@ -216,6 +225,13 @@ jobs: with: cache: "pnpm" + - name: Read version from version.yaml + id: version + run: | + VERSION=$(grep '^version:' version.yaml | awk '{print $2}') + echo "version=$VERSION" >> $GITHUB_OUTPUT + echo "Version: $VERSION" + - name: Setup timezone uses: szenius/set-timezone@v2.0 with: @@ -249,15 +265,42 @@ jobs: QL_BRANCH=${{ github.ref_name }} SOURCE_COMMIT=${{ github.sha }} network: host - # linux/s390x npm 暂不可用 - platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/386 + platforms: linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x context: . file: ./docker/310.Dockerfile push: true - tags: whyour/qinglong:python3.10 - cache-from: type=registry,ref=whyour/qinglong:cache-python3.10 - cache-to: type=registry,ref=whyour/qinglong:cache-python3.10,mode=max + tags: | + whyour/qinglong:debian-python3.10 + whyour/qinglong:${{ steps.version.outputs.version }}-debian-python3.10 + cache-from: type=registry,ref=whyour/qinglong:cache-debian-python3.10 + cache-to: type=registry,ref=whyour/qinglong:cache-debian-python3.10,mode=max - name: Image digest run: | echo ${{ steps.docker_build_310.outputs.digest }} + + publish: + if: ${{ github.ref_name == 'debian' }} + needs: build + + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: pnpm/action-setup@v3 + with: + version: "8.3.1" + + - uses: actions/setup-node@v3 + with: + cache: "pnpm" + + - name: build front and back + run: | + pnpm install --frozen-lockfile + pnpm build:front + pnpm build:back + + - name: publich npm package + run: | + echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" >> ~/.npmrc + npm publish diff --git a/docker/310.Dockerfile b/docker/310.Dockerfile index 8a092081..d6cd305e 100644 --- a/docker/310.Dockerfile +++ b/docker/310.Dockerfile @@ -1,13 +1,18 @@ -FROM python:3.10-alpine3.18 AS builder -COPY package.json .npmrc pnpm-lock.yaml /tmp/build/ -RUN set -x \ - && apk update \ - && apk add nodejs npm git \ - && npm i -g pnpm@8.3.1 pm2 ts-node \ - && cd /tmp/build \ - && pnpm install --prod +FROM node:22-slim AS nodebuilder -FROM python:3.10-alpine +FROM python:3.10-slim-bookworm AS builder +COPY package.json .npmrc pnpm-lock.yaml /tmp/build/ +COPY --from=nodebuilder /usr/local/bin/node /usr/local/bin/ +COPY --from=nodebuilder /usr/local/lib/node_modules/. /usr/local/lib/node_modules/ +RUN set -x && \ + ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm && \ + apt-get update && \ + apt-get install --no-install-recommends -y libatomic1 && \ + npm i -g pnpm@8.3.1 && \ + cd /tmp/build && \ + pnpm install --prod + +FROM python:3.10-slim-bookworm ARG QL_MAINTAINER="whyour" LABEL maintainer="${QL_MAINTAINER}" @@ -21,51 +26,63 @@ ENV QL_DIR=/ql \ SHELL=/bin/bash \ PS1="\u@\h:\w \$ " -VOLUME /ql/data - -EXPOSE 5700 +ARG QL_UID=5432 +ARG QL_GID=5432 +RUN groupadd -g ${QL_GID} qinglong && \ + useradd -m -u ${QL_UID} -g ${QL_GID} -s /bin/bash qinglong && \ + mkdir -p /home/qinglong/bin /home/qinglong/.ssh && \ + chmod 700 /home/qinglong/.ssh && \ + chown -R ${QL_UID}:${QL_GID} /home/qinglong -COPY --from=builder /usr/local/lib/node_modules/. /usr/local/lib/node_modules/ -COPY --from=builder /usr/local/bin/. /usr/local/bin/ +ENV QL_USER=qinglong +ENV QL_HOME=/home/$QL_USER -RUN set -x \ - && apk update -f \ - && apk upgrade \ - && apk --no-cache add -f bash \ - coreutils \ - git \ +COPY --from=nodebuilder /usr/local/bin/node /usr/local/bin/ +COPY --from=nodebuilder /usr/local/lib/node_modules/. /usr/local/lib/node_modules/ + +RUN set -x && \ + ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm && \ + apt-get update && \ + apt-get upgrade -y && \ + apt-get install --no-install-recommends -y git \ curl \ wget \ tzdata \ perl \ openssl \ - nodejs \ + openssh-client \ jq \ - openssh \ procps \ netcat-openbsd \ unzip \ - npm \ - && rm -rf /var/cache/apk/* \ - && apk update \ - && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ - && echo "Asia/Shanghai" > /etc/timezone \ - && git config --global user.email "qinglong@users.noreply.github.com" \ - && git config --global user.name "qinglong" \ - && git config --global http.postBuffer 524288000 \ - && rm -rf /root/.cache \ - && ulimit -c 0 + libatomic1 && \ + apt-get clean && \ + ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ + echo "Asia/Shanghai" >/etc/timezone && \ + git config --global user.email "qinglong@users.noreply.github.com" && \ + git config --global user.name "qinglong" && \ + git config --global http.postBuffer 524288000 && \ + npm install -g pnpm@8.3.1 pm2 ts-node && \ + rm -rf /root/.cache && \ + rm -rf /root/.npm && \ + rm -rf /etc/apt/apt.conf.d/docker-clean && \ + ulimit -c 0 + +RUN mkdir -p ${QL_DIR} && \ + chown -R ${QL_UID}:${QL_GID} ${QL_DIR} + +USER qinglong ARG SOURCE_COMMIT -RUN git clone --depth=1 -b ${QL_BRANCH} ${QL_URL} ${QL_DIR} \ - && cd ${QL_DIR} \ - && cp -f .env.example .env \ - && chmod 777 ${QL_DIR}/shell/*.sh \ - && chmod 777 ${QL_DIR}/docker/*.sh \ - && git clone --depth=1 -b ${QL_BRANCH} https://github.com/${QL_MAINTAINER}/qinglong-static.git /static \ - && mkdir -p ${QL_DIR}/static \ - && cp -rf /static/* ${QL_DIR}/static \ - && rm -rf /static +RUN git clone --depth=1 -b ${QL_BRANCH} ${QL_URL} ${QL_DIR} && \ + cd ${QL_DIR} && \ + cp -f .env.example .env && \ + chmod 777 ${QL_DIR}/shell/*.sh && \ + chmod 777 ${QL_DIR}/docker/*.sh && \ + git clone --depth=1 -b ${QL_BRANCH} https://github.com/${QL_MAINTAINER}/qinglong-static.git /tmp/static && \ + mkdir -p ${QL_DIR}/static && \ + cp -rf /tmp/static/* ${QL_DIR}/static && \ + rm -rf /tmp/static ENV PNPM_HOME=${QL_DIR}/data/dep_cache/node \ PYTHON_HOME=${QL_DIR}/data/dep_cache/python3 \ @@ -78,7 +95,9 @@ ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${PNPM_HOM RUN pip3 install --prefix ${PYTHON_HOME} requests -COPY --from=builder /tmp/build/node_modules/. /ql/node_modules/ +COPY --chown=qinglong:qinglong --from=builder /tmp/build/node_modules/. /ql/node_modules/ + +USER root WORKDIR ${QL_DIR} @@ -86,3 +105,7 @@ HEALTHCHECK --interval=5s --timeout=2s --retries=20 \ CMD curl -sf --noproxy '*' http://127.0.0.1:5700/api/health || exit 1 ENTRYPOINT ["./docker/docker-entrypoint.sh"] + +VOLUME /ql/data + +EXPOSE 5700 diff --git a/docker/Dockerfile b/docker/Dockerfile index 6617b4ee..1a2eca4a 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,13 +1,18 @@ -FROM python:3.11-alpine3.18 AS builder -COPY package.json .npmrc pnpm-lock.yaml /tmp/build/ -RUN set -x \ - && apk update \ - && apk add nodejs npm git \ - && npm i -g pnpm@8.3.1 pm2 ts-node \ - && cd /tmp/build \ - && pnpm install --prod +FROM node:22-slim AS nodebuilder -FROM python:3.11-alpine +FROM python:3.11-slim-bookworm AS builder +COPY package.json .npmrc pnpm-lock.yaml /tmp/build/ +COPY --from=nodebuilder /usr/local/bin/node /usr/local/bin/ +COPY --from=nodebuilder /usr/local/lib/node_modules/. /usr/local/lib/node_modules/ +RUN set -x && \ + ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm && \ + apt-get update && \ + apt-get install --no-install-recommends -y libatomic1 && \ + npm i -g pnpm@8.3.1 && \ + cd /tmp/build && \ + pnpm install --prod + +FROM python:3.11-slim-bookworm ARG QL_MAINTAINER="whyour" LABEL maintainer="${QL_MAINTAINER}" @@ -21,51 +26,63 @@ ENV QL_DIR=/ql \ SHELL=/bin/bash \ PS1="\u@\h:\w \$ " -VOLUME /ql/data - -EXPOSE 5700 +ARG QL_UID=5432 +ARG QL_GID=5432 +RUN groupadd -g ${QL_GID} qinglong && \ + useradd -m -u ${QL_UID} -g ${QL_GID} -s /bin/bash qinglong && \ + mkdir -p /home/qinglong/bin /home/qinglong/.ssh && \ + chmod 700 /home/qinglong/.ssh && \ + chown -R ${QL_UID}:${QL_GID} /home/qinglong -COPY --from=builder /usr/local/lib/node_modules/. /usr/local/lib/node_modules/ -COPY --from=builder /usr/local/bin/. /usr/local/bin/ +ENV QL_USER=qinglong +ENV QL_HOME=/home/$QL_USER -RUN set -x \ - && apk update -f \ - && apk upgrade \ - && apk --no-cache add -f bash \ - coreutils \ - git \ +COPY --from=nodebuilder /usr/local/bin/node /usr/local/bin/ +COPY --from=nodebuilder /usr/local/lib/node_modules/. /usr/local/lib/node_modules/ + +RUN set -x && \ + ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm && \ + ln -s /usr/local/lib/node_modules/npm/bin/npx-cli.js /usr/local/bin/npx && \ + apt-get update && \ + apt-get upgrade -y && \ + apt-get install --no-install-recommends -y git \ curl \ wget \ tzdata \ perl \ openssl \ - nodejs \ + openssh-client \ jq \ - openssh \ procps \ netcat-openbsd \ unzip \ - npm \ - && rm -rf /var/cache/apk/* \ - && apk update \ - && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ - && echo "Asia/Shanghai" > /etc/timezone \ - && git config --global user.email "qinglong@users.noreply.github.com" \ - && git config --global user.name "qinglong" \ - && git config --global http.postBuffer 524288000 \ - && rm -rf /root/.cache \ - && ulimit -c 0 + libatomic1 && \ + apt-get clean && \ + ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ + echo "Asia/Shanghai" >/etc/timezone && \ + git config --global user.email "qinglong@users.noreply.github.com" && \ + git config --global user.name "qinglong" && \ + git config --global http.postBuffer 524288000 && \ + npm install -g pnpm@8.3.1 pm2 ts-node && \ + rm -rf /root/.cache && \ + rm -rf /root/.npm && \ + rm -rf /etc/apt/apt.conf.d/docker-clean && \ + ulimit -c 0 +RUN mkdir -p ${QL_DIR} && \ + chown -R ${QL_UID}:${QL_GID} ${QL_DIR} + +USER qinglong ARG SOURCE_COMMIT -RUN git clone --depth=1 -b ${QL_BRANCH} ${QL_URL} ${QL_DIR} \ - && cd ${QL_DIR} \ - && cp -f .env.example .env \ - && chmod 777 ${QL_DIR}/shell/*.sh \ - && chmod 777 ${QL_DIR}/docker/*.sh \ - && git clone --depth=1 -b ${QL_BRANCH} https://github.com/${QL_MAINTAINER}/qinglong-static.git /static \ - && mkdir -p ${QL_DIR}/static \ - && cp -rf /static/* ${QL_DIR}/static \ - && rm -rf /static +RUN git clone --depth=1 -b ${QL_BRANCH} ${QL_URL} ${QL_DIR} && \ + cd ${QL_DIR} && \ + cp -f .env.example .env && \ + chmod 777 ${QL_DIR}/shell/*.sh && \ + chmod 777 ${QL_DIR}/docker/*.sh && \ + git clone --depth=1 -b ${QL_BRANCH} https://github.com/${QL_MAINTAINER}/qinglong-static.git /tmp/static && \ + mkdir -p ${QL_DIR}/static && \ + cp -rf /tmp/static/* ${QL_DIR}/static && \ + rm -rf /tmp/static ENV PNPM_HOME=${QL_DIR}/data/dep_cache/node \ PYTHON_HOME=${QL_DIR}/data/dep_cache/python3 \ @@ -78,7 +95,9 @@ ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${PNPM_HOM RUN pip3 install --prefix ${PYTHON_HOME} requests -COPY --from=builder /tmp/build/node_modules/. /ql/node_modules/ +COPY --chown=qinglong:qinglong --from=builder /tmp/build/node_modules/. /ql/node_modules/ + +USER root WORKDIR ${QL_DIR} @@ -86,3 +105,7 @@ HEALTHCHECK --interval=5s --timeout=2s --retries=20 \ CMD curl -sf --noproxy '*' http://127.0.0.1:5700/api/health || exit 1 ENTRYPOINT ["./docker/docker-entrypoint.sh"] + +VOLUME /ql/data + +EXPOSE 5700