Skip to content

Commit 339d68c

Browse files
BaiJiangJieBaiJiangJie
authored
Merge pull request #30 from jumpserver/dev
v4.1.0
2 parents 9d087d4 + 2c76d78 commit 339d68c

File tree

10 files changed

+18461
-1623
lines changed

10 files changed

+18461
-1623
lines changed

.github/workflows/build-base-image.yml

+61
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
name: Build and Push Base Image
2+
3+
on:
4+
push:
5+
branches:
6+
- 'pr*'
7+
paths:
8+
- 'pom.xml'
9+
- 'Dockerfile-base'
10+
- 'package.json'
11+
- 'yarn.lock'
12+
13+
jobs:
14+
build-and-push:
15+
runs-on: ubuntu-latest
16+
17+
steps:
18+
- name: Checkout repository
19+
uses: actions/checkout@v3
20+
21+
- name: Set up QEMU
22+
uses: docker/setup-qemu-action@v3
23+
24+
- name: Set up Docker Buildx
25+
uses: docker/setup-buildx-action@v3
26+
27+
- name: Login to DockerHub
28+
uses: docker/login-action@v2
29+
with:
30+
username: ${{ secrets.DOCKERHUB_USERNAME }}
31+
password: ${{ secrets.DOCKERHUB_TOKEN }}
32+
33+
- name: Extract date
34+
id: vars
35+
run: echo "IMAGE_TAG=$(date +'%Y%m%d_%H%M%S')" >> $GITHUB_ENV
36+
37+
- name: Extract repository name
38+
id: repo
39+
run: echo "REPO=$(basename ${{ github.repository }})" >> $GITHUB_ENV
40+
41+
- name: Build and push multi-arch image
42+
uses: docker/build-push-action@v6
43+
with:
44+
platforms: linux/amd64,linux/arm64
45+
push: true
46+
file: Dockerfile-base
47+
tags: jumpserver/${{ env.REPO }}-base:${{ env.IMAGE_TAG }}
48+
49+
- name: Update Dockerfile
50+
run: |
51+
sed -i 's|-base:.* AS stage-build|-base:${{ env.IMAGE_TAG }} AS stage-build|' Dockerfile
52+
53+
- name: Commit changes
54+
run: |
55+
git config --global user.name 'github-actions[bot]'
56+
git config --global user.email 'github-actions[bot]@users.noreply.github.com'
57+
git add Dockerfile
58+
git commit -m "perf: Update Dockerfile with new base image tag"
59+
git push
60+
env:
61+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Dockerfile

+15-118
Original file line numberDiff line numberDiff line change
@@ -1,125 +1,22 @@
1-
FROM debian:bullseye-slim as stage-wisp-build
2-
ARG TARGETARCH
3-
4-
ARG DEPENDENCIES=" \
5-
ca-certificates \
6-
wget"
7-
8-
ARG APT_MIRROR=http://mirrors.ustc.edu.cn
9-
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=chen \
10-
--mount=type=cache,target=/var/lib/apt,sharing=locked,id=chen \
11-
set -ex \
12-
&& rm -f /etc/apt/apt.conf.d/docker-clean \
13-
&& echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \
14-
&& sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
15-
&& apt-get update \
16-
&& apt-get -y install --no-install-recommends ${DEPENDENCIES} \
17-
&& echo "no" | dpkg-reconfigure dash \
18-
&& apt-get clean all \
19-
&& rm -rf /var/lib/apt/lists/*
20-
21-
WORKDIR /opt
22-
23-
ARG CHECK_VERSION=v1.0.2
24-
RUN set -ex \
25-
&& wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
26-
&& tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
27-
&& mv check /usr/local/bin/ \
28-
&& chown root:root /usr/local/bin/check \
29-
&& chmod 755 /usr/local/bin/check \
30-
&& rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz
31-
32-
ARG WISP_VERSION=v0.1.21
33-
RUN set -ex \
34-
&& wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
35-
&& tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \
36-
&& chown root:root /usr/local/bin/wisp \
37-
&& chmod 755 /usr/local/bin/wisp \
38-
&& rm -f /opt/*.tar.gz
39-
40-
from node:16.20-bullseye-slim as stage-web-build
41-
ARG TARGETARCH
42-
ARG NPM_REGISTRY="https://registry.npmmirror.com"
43-
44-
RUN set -ex \
45-
&& npm config set registry ${NPM_REGISTRY} \
46-
&& yarn config set registry ${NPM_REGISTRY}
47-
48-
WORKDIR /opt/chen/frontend
49-
50-
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=chen \
51-
--mount=type=bind,source=frontend/package.json,target=package.json \
52-
--mount=type=bind,source=frontend/yarn.lock,target=yarn.lock \
53-
yarn install
54-
55-
ADD frontend .
56-
57-
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=chen \
58-
yarn build
59-
60-
FROM debian:bullseye-slim as stage-chen-build
61-
ARG TARGETARCH
62-
63-
ARG DEPENDENCIES=" \
64-
ca-certificates \
65-
curl \
66-
openjdk-17-jre-headless"
67-
68-
ARG APT_MIRROR=http://mirrors.ustc.edu.cn
69-
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=chen \
70-
--mount=type=cache,target=/var/lib/apt,sharing=locked,id=chen \
71-
set -ex \
72-
&& rm -f /etc/apt/apt.conf.d/docker-clean \
73-
&& echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \
74-
&& sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
75-
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
76-
&& apt-get update \
77-
&& apt-get install -y --no-install-recommends ${DEPENDENCIES} \
78-
&& echo "no" | dpkg-reconfigure dash
79-
80-
ARG MAVEN_VERSION=3.9.7
81-
ARG USER_HOME_DIR="/root"
82-
ARG BASE_URL=https://downloads.apache.org/maven/maven-3/${MAVEN_VERSION}/binaries
83-
84-
RUN mkdir -p /usr/share/maven /usr/share/maven/ref \
85-
&& curl -fsSL -o /tmp/apache-maven.tar.gz ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
86-
&& tar -xzf /tmp/apache-maven.tar.gz -C /usr/share/maven --strip-components=1 \
87-
&& rm -f /tmp/apache-maven.tar.gz \
88-
&& ln -s /usr/share/maven/bin/mvn /usr/bin/mvn
89-
90-
ENV MAVEN_HOME /usr/share/maven
91-
ENV MAVEN_CONFIG "$USER_HOME_DIR/.m2"
92-
93-
WORKDIR /opt/chen
1+
FROM jumpserver/chen-base:20240808_094305 AS stage-build
2+
ENV LANG=en_US.UTF-8
943

4+
WORKDIR /opt/chen/
955
COPY . .
96-
COPY --from=stage-web-build /opt/chen/frontend/dist frontend/dist
97-
98-
ARG VERSION
99-
ENV VERSION=$VERSION
1006

101-
ARG MAVEN_MIRROR=https://repo.maven.apache.org/maven2
102-
RUN --mount=type=cache,target=/root/.m2,id=chen \
103-
set -ex \
104-
&& mkdir -p /root/.m2 \
105-
&& sed -i "s@https://repo.maven.apache.org/maven2@${MAVEN_MIRROR}@g" settings.xml \
106-
&& \cp -f settings.xml /root/.m2/ \
107-
&& mvn clean package -DskipTests
7+
RUN cd frontend \
8+
&& npm run build
1089

109-
RUN chmod +x entrypoint.sh
10+
RUN mvn clean package -DskipTests
11011

11112
FROM debian:bullseye-slim
112-
ARG TARGETARCH
113-
ENV LANG=en_US.UTF-8
11413

11514
ARG DEPENDENCIES=" \
11615
ca-certificates \
11716
openjdk-17-jre-headless"
11817

119-
ARG APT_MIRROR=http://mirrors.ustc.edu.cn
120-
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=chen \
121-
--mount=type=cache,target=/var/lib/apt,sharing=locked,id=chen \
122-
sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
18+
ARG APT_MIRROR=http://deb.debian.org
19+
RUN sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
12320
&& rm -f /etc/apt/apt.conf.d/docker-clean \
12421
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
12522
&& apt-get update \
@@ -131,13 +28,13 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=chen \
13128

13229
WORKDIR /opt/chen
13330

134-
COPY --from=stage-wisp-build /usr/local/bin /usr/local/bin
135-
COPY --from=stage-chen-build /opt/chen/backend/web/target/web-*.jar /opt/chen/chen.jar
136-
COPY --from=stage-chen-build /opt/chen/entrypoint.sh .
137-
COPY --from=stage-chen-build /opt/chen/drivers /opt/chen/drivers
138-
COPY --from=stage-chen-build /opt/chen/config/application.yml /opt/chen/config/application.yml
31+
COPY --from=stage-build /usr/local/bin/check /usr/local/bin/wisp /usr/local/bin/
32+
COPY --from=stage-build /opt/chen/backend/web/target/web-*.jar /opt/chen/chen.jar
33+
COPY --from=stage-build /opt/chen/entrypoint.sh .
34+
COPY --from=stage-build /opt/chen/drivers /opt/chen/drivers
35+
COPY --from=stage-build /opt/chen/config/application.yml /opt/chen/config/application.yml
13936

140-
ARG VERSION
37+
ARG VERSION=dev
14138
ENV VERSION=$VERSION
14239

14340
VOLUME /opt/chen/data
@@ -148,4 +45,4 @@ EXPOSE 8082
14845

14946
STOPSIGNAL SIGQUIT
15047

151-
CMD [ "wisp" ]
48+
CMD [ "wisp" ]

Dockerfile-base

+75
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
FROM node:20.15-bullseye-slim
2+
ARG TARGETARCH
3+
4+
# Install linux dependencies
5+
ARG DEPENDENCIES=" \
6+
ca-certificates \
7+
openjdk-17-jre-headless \
8+
curl \
9+
wget"
10+
11+
ARG APT_MIRROR=http://deb.debian.org
12+
RUN set -ex \
13+
&& rm -f /etc/apt/apt.conf.d/docker-clean \
14+
&& echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache \
15+
&& sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
16+
&& apt-get update \
17+
&& apt-get -y install --no-install-recommends ${DEPENDENCIES} \
18+
&& echo "no" | dpkg-reconfigure dash \
19+
&& apt-get clean all \
20+
&& rm -rf /var/lib/apt/lists/*
21+
22+
# Install tools and dependencies
23+
ARG CHECK_VERSION=v1.0.3
24+
RUN set -ex \
25+
&& wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
26+
&& tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
27+
&& mv check /usr/local/bin/ \
28+
&& chown root:root /usr/local/bin/check \
29+
&& chmod 755 /usr/local/bin/check \
30+
&& rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz
31+
32+
ARG WISP_VERSION=v0.1.22
33+
RUN set -ex \
34+
&& wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
35+
&& tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \
36+
&& chown root:root /usr/local/bin/wisp \
37+
&& chmod 755 /usr/local/bin/wisp \
38+
&& rm -f /opt/*.tar.gz
39+
40+
41+
# Install NPM dependencies
42+
WORKDIR /opt/chen/frontend
43+
COPY frontend/package.json frontend/package-lock.json frontend/yarn.lock ./
44+
45+
RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=chen \
46+
npm install
47+
48+
# Install Maven dependencies
49+
ARG MAVEN_VERSION=3.9.7
50+
ARG USER_HOME_DIR="/root"
51+
ARG BASE_URL=https://downloads.apache.org/maven/maven-3/${MAVEN_VERSION}/binaries
52+
ARG MAVEN_MIRROR=https://repo.maven.apache.org/maven2
53+
ENV MAVEN_HOME=/usr/share/maven
54+
ENV MAVEN_CONFIG="$USER_HOME_DIR/.m2"
55+
56+
WORKDIR /opt/chen
57+
58+
COPY settings.xml pom.xml ./
59+
COPY backend/pom.xml backend/
60+
COPY backend/framework/pom.xml backend/framework/
61+
COPY backend/web/pom.xml backend/web/
62+
COPY backend/wisp/pom.xml backend/wisp/
63+
COPY backend/modules/pom.xml backend/modules/
64+
65+
RUN set -ex \
66+
&& mkdir -p /usr/share/maven /usr/share/maven/ref \
67+
&& curl -fsSL -o /tmp/apache-maven.tar.gz ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
68+
&& tar -xzf /tmp/apache-maven.tar.gz -C /usr/share/maven --strip-components=1 \
69+
&& rm -f /tmp/apache-maven.tar.gz \
70+
&& ln -s /usr/share/maven/bin/mvn /usr/bin/mvn \
71+
&& mkdir -p /root/.m2 \
72+
&& mkdir -p /opt/chen/frontend/dist \
73+
&& sed -i "s@https://repo.maven.apache.org/maven2@${MAVEN_MIRROR}@g" settings.xml \
74+
&& \cp -f settings.xml /root/.m2/ \
75+
&& mvn clean install

Dockerfile-ee

+3-3
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1-
ARG VERSION
1+
ARG VERSION=dev
22

3-
FROM registry.fit2cloud.com/jumpserver/chen:${VERSION}-ce
3+
FROM jumpserver/chen:${VERSION}-ce
44
ARG TARGETARCH
55

66
ARG DEPENDENCIES=" \
@@ -14,4 +14,4 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=chen \
1414
--mount=type=cache,target=/var/lib/apt,sharing=locked,id=chen \
1515
set -ex \
1616
&& apt-get update \
17-
&& apt-get install -y --no-install-recommends ${DEPENDENCIES}
17+
&& apt-get install -y --no-install-recommends ${DEPENDENCIES}

README.md

+10-12
Original file line numberDiff line numberDiff line change
@@ -1,28 +1,26 @@
11
# Chen
22

3-
Chen JumpServer 的 WebDB 连接组件,支持多种数据库协议。
3+
Chen is the WebDB connection component of JumpServer, supporting multiple database protocols.
44

5-
Chen 使用 Java 实现,名字来源于 Dota 英雄 [](https://www.dota2.com/hero/chen)
5+
Chen is implemented in Java, and its name is derived from the Dota hero [Chen](https://www.dota2.com/hero/chen).
66

7-
# UI 展示
7+
# UI Showcase
88

9-
![UI展示](https://download.jumpserver.org/images/chen.png)
9+
![UI Showcase](https://download.jumpserver.org/images/chen.png)
1010

1111

12-
## 支持的功能
12+
## Supported Features
1313

14-
- [x] 安全认证
15-
- [x] SQL 过滤
16-
- [x] SQL 录像
17-
- [x] SQL 阻断
14+
- [x] Security Authentication
15+
- [x] SQL Filtering
16+
- [x] SQL Recording
17+
- [x] SQL Blocking
1818

19-
## 支持的数据库
19+
## Supported Databases
2020

2121
- [x] MySQL 5.7/8.0+
2222
- [x] MariaDB
2323
- [x] PostgreSQL (X-Pack)
2424
- [x] SQL Server (X-Pack)
2525
- [x] Oracle (X-Pack)
2626
- [x] DB2 (X-Pack)
27-
28-

backend/web/src/main/java/org/jumpserver/chen/web/config/LocaleConfig.java

+10-3
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,13 @@
33
import com.fasterxml.jackson.core.type.TypeReference;
44
import com.fasterxml.jackson.databind.ObjectMapper;
55
import lombok.extern.slf4j.Slf4j;
6+
import org.apache.commons.lang3.StringUtils;
67
import org.springframework.beans.factory.annotation.Value;
78
import org.springframework.context.MessageSource;
89
import org.springframework.context.annotation.Bean;
910
import org.springframework.context.annotation.Configuration;
1011
import org.springframework.context.support.AbstractMessageSource;
1112
import org.springframework.stereotype.Component;
12-
import org.springframework.util.StringUtils;
1313
import org.springframework.web.client.RestTemplate;
1414
import org.springframework.web.servlet.LocaleResolver;
1515
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
@@ -63,7 +63,14 @@ class JsonMessageSource extends AbstractMessageSource {
6363

6464

6565
public JsonMessageSource(@Value("${i18n.endpoint}") String endpoint) {
66-
this.endpoint = endpoint;
66+
// 首先从环境变量中读取 core 的地址
67+
68+
String coreHost = System.getenv("CORE_HOST");
69+
if (StringUtils.isNotBlank(coreHost)) {
70+
this.endpoint = coreHost;
71+
} else {
72+
this.endpoint = endpoint;
73+
}
6774

6875
var languages = new String[]{
6976
"en", "ja", "zh", "zh_hant"
@@ -128,7 +135,7 @@ protected MessageFormat resolveCode(String code, Locale locale) {
128135
Map<String, String> localeMessages = messages.get(languageTag);
129136
if (localeMessages != null) {
130137
String message = localeMessages.get(code);
131-
if (StringUtils.hasText(message)) {
138+
if (StringUtils.isNotBlank(message)) {
132139
return new MessageFormat(message, locale);
133140
}
134141
}

entrypoint.sh

100644100755
File mode changed.

0 commit comments

Comments
 (0)