jumpserver · Aaron3S · Dec 9, 2024 · Dec 9, 2024 · Dec 9, 2024
diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml
@@ -10,55 +10,76 @@ jobs:
   create-realese:
     name: Create Release
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java_version: [ '17' ]
+        node_version: [ '20' ]
     outputs:
       upload_url: ${{ steps.create_release.outputs.upload_url }}
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v2
+      - uses: actions/checkout@v4
+      - uses: actions/cache@v4
+        with:
+          path: |
+            ~/.m2
+            ~/.npm
+            ~/.cache
+          key: ${{ runner.os }}-build-${{ github.sha }}
+          restore-keys: ${{ runner.os }}-build-
+
       - name: Get version
         id: get_version
         run: |
           TAG=$(basename ${GITHUB_REF})
-          echo "::set-output name=TAG::$TAG"
+          echo "TAG=$TAG" >> $GITHUB_OUTPUT
+
       - name: Create Release
         id: create_release
-        uses: release-drafter/release-drafter@v5
+        uses: release-drafter/release-drafter@v6
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           config-name: release-config.yml
           version: ${{ steps.get_version.outputs.TAG }}
           tag: ${{ steps.get_version.outputs.TAG }}
-      - uses: actions/setup-node@v3
+
+      - uses: actions/setup-node@v4
         with:
-          node-version: '20.15'
+          node-version: ${{ matrix.node_version }}
+
+      - uses: actions/setup-java@v4
+        with:
+          distribution: 'oracle'
+          java-version: ${{ matrix.java_version }}
+
       - name: Build web
         run: |
           cd frontend
           yarn install
           yarn build
-      - uses: actions/setup-java@v3
-        with:
-          distribution: 'temurin'
-          java-version: '17'
+
       - name: Build chen
         run: |
           mvn clean package -DskipTests
           mkdir -p build chen-${{ steps.get_version.outputs.TAG }}
           rm -f config/application-dev.yml
+          mv README.md chen-${{ steps.get_version.outputs.TAG }}/README.md
+          mv LICENSE chen-${{ steps.get_version.outputs.TAG }}/LICENSE
+          mv entrypoint.sh chen-${{ steps.get_version.outputs.TAG }}/entrypoint.sh
           mv backend/web/target/web-*.jar chen-${{ steps.get_version.outputs.TAG }}/chen.jar
           mv drivers chen-${{ steps.get_version.outputs.TAG }}/drivers
           mv config chen-${{ steps.get_version.outputs.TAG }}/config
           tar -zcvf chen-${{ steps.get_version.outputs.TAG }}.tar.gz chen-${{ steps.get_version.outputs.TAG }}
           echo $(md5sum chen-${{ steps.get_version.outputs.TAG }}.tar.gz | awk '{print $1}') > build/chen-${{ steps.get_version.outputs.TAG }}.tar.gz.md5
           mv chen-${{ steps.get_version.outputs.TAG }}.tar.gz build/
+
       - name: Release Upload Assets
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
         if: startsWith(github.ref, 'refs/tags/')
         with:
           draft: true
           files: |
-            build/chen-${{ steps.get_version.outputs.TAG }}.tar.gz
-            build/chen-${{ steps.get_version.outputs.TAG }}.tar.gz.md5
+            build/*.gz
+            build/*.md5
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM jumpserver/chen-base:20241009_104417 AS stage-build
+FROM jumpserver/chen-base:20241209_022248 AS stage-build
 ENV LANG=en_US.UTF-8
 
 WORKDIR /opt/chen/
@@ -16,15 +16,14 @@ ARG DEPENDENCIES="                    \
         openjdk-17-jre-headless"
 
 ARG APT_MIRROR=http://deb.debian.org
-RUN sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
-    && rm -f /etc/apt/apt.conf.d/docker-clean \
+
+RUN set -ex \
+    && sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
     && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
     && apt-get update \
     && apt-get install -y --no-install-recommends ${DEPENDENCIES} \
     && echo "no" | dpkg-reconfigure dash \
-    && sed -i "[email protected]=SSLv3, TLSv1, [email protected]=SSLv3@" /etc/java-17-openjdk/security/java.security \
-    && sed -i "s@# export @export @g" ~/.bashrc \
-    && sed -i "s@# alias @alias @g" ~/.bashrc
+    && sed -i "[email protected]=SSLv3, TLSv1, [email protected]=SSLv3@" /etc/java-17-openjdk/security/java.security
 
 WORKDIR /opt/chen
 

diff --git a/Dockerfile-base b/Dockerfile-base
@@ -9,9 +9,8 @@ ARG DEPENDENCIES="                    \
         wget"
 
 ARG APT_MIRROR=http://deb.debian.org
+
 RUN set -ex \
-    && rm -f /etc/apt/apt.conf.d/docker-clean \
-    && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache \
     && sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
     && apt-get update \
     && apt-get -y install --no-install-recommends ${DEPENDENCIES} \
@@ -20,24 +19,22 @@ RUN set -ex \
     && rm -rf /var/lib/apt/lists/*
 
 # Install tools and dependencies
-ARG CHECK_VERSION=v1.0.3
+ARG CHECK_VERSION=v1.0.4
 RUN set -ex \
     && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
-    && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
-    && mv check /usr/local/bin/ \
+    && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ check \
     && chown root:root /usr/local/bin/check \
     && chmod 755 /usr/local/bin/check \
     && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz
 
-ARG WISP_VERSION=v0.2.2
+ARG WISP_VERSION=v0.2.3
 RUN set -ex \
     && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
     && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \
     && chown root:root /usr/local/bin/wisp \
     && chmod 755 /usr/local/bin/wisp \
     && rm -f /opt/*.tar.gz
 
-
 # Install NPM dependencies
 WORKDIR /opt/chen/frontend
 COPY frontend/package.json frontend/package-lock.json frontend/yarn.lock ./
@@ -46,7 +43,7 @@ RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=che
     npm install
 
 # Install Maven dependencies
-ARG MAVEN_VERSION=3.9.7
+ARG MAVEN_VERSION=3.9.9
 ARG USER_HOME_DIR="/root"
 ARG BASE_URL=https://downloads.apache.org/maven/maven-3/${MAVEN_VERSION}/binaries
 ARG MAVEN_MIRROR=https://repo.maven.apache.org/maven2