perf: 优化 Dockerfile

2 years ago · 7bfa21260c
2 changed files with 57 additions and 45 deletions
--- a/98
+++ b/98
@ -1,53 +1,66 @@
+FROM python:3.8-slim as stage-build
+ARG TARGETARCH
+
+ARG VERSION
+ENV VERSION=$VERSION
+
+WORKDIR /opt/jumpserver
+ADD . .
+RUN cd utils && bash -ixeu build.sh
+
 FROM python:3.8-slim
+ARG TARGETARCH
 MAINTAINER JumpServer Team <ibuler@qq.com>

 ARG BUILD_DEPENDENCIES="              \
-    g++                               \
-    make                              \
-    pkg-config"
+        g++                           \
+        make                          \
+        pkg-config"

 ARG DEPENDENCIES="                    \
-    default-libmysqlclient-dev        \
-    freetds-dev                       \
-    libpq-dev                         \
-    libffi-dev                        \
-    libldap2-dev                      \
-    libsasl2-dev                      \
-    libxml2-dev                       \
-    libxmlsec1-dev                    \
-    libxmlsec1-openssl                \
-    libaio-dev                        \
-    openssh-client                    \
-    sshpass"
+        default-libmysqlclient-dev    \
+        freetds-dev                   \
+        libpq-dev                     \
+        libffi-dev                    \
+        libjpeg-dev                   \
+        libldap2-dev                  \
+        libsasl2-dev                  \
+        libxml2-dev                   \
+        libxmlsec1-dev                \
+        libxmlsec1-openssl            \
+        libaio-dev                    \
+        openssh-client                \
+        sshpass"

 ARG TOOLS="                           \
-    curl                              \
-    default-mysql-client              \
-    iproute2                          \
-    iputils-ping                      \
-    locales                           \
-    procps                            \
-    redis-tools                       \
-    telnet                            \
-    vim                               \
-    unzip                             \
-    wget"
-
-RUN sed -i 's@http://.*.debian.org@http://mirrors.ustc.edu.cn@g' /etc/apt/sources.list \
+        ca-certificates               \
+        curl                          \
+        default-mysql-client          \
+        iputils-ping                  \
+        locales                       \
+        procps                        \
+        redis-tools                   \
+        telnet                        \
+        vim                           \
+        unzip                         \
+        wget"
+
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=core \
+    sed -i 's@http://.*.debian.org@http://mirrors.ustc.edu.cn@g' /etc/apt/sources.list \
+    && rm -f /etc/apt/apt.conf.d/docker-clean \
+    && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
    && apt-get update \
    && apt-get -y install --no-install-recommends ${BUILD_DEPENDENCIES} \
    && apt-get -y install --no-install-recommends ${DEPENDENCIES} \
    && apt-get -y install --no-install-recommends ${TOOLS} \
-    && localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 \
-    && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
    && mkdir -p /root/.ssh/ \
    && echo "Host *\n\tStrictHostKeyChecking no\n\tUserKnownHostsFile /dev/null" > /root/.ssh/config \
    && sed -i "s@# alias l@alias l@g" ~/.bashrc \
    && echo "set mouse-=a" > ~/.vimrc \
    && echo "no" | dpkg-reconfigure dash \
+    && echo "zh_CN.UTF-8" | dpkg-reconfigure locales \
    && rm -rf /var/lib/apt/lists/*

-ARG TARGETARCH
 ARG ORACLE_LIB_MAJOR=19
 ARG ORACLE_LIB_MINOR=10
 ENV ORACLE_FILE="instantclient-basiclite-linux.${TARGETARCH:-amd64}-${ORACLE_LIB_MAJOR}.${ORACLE_LIB_MINOR}.0.0.0dbru.zip"
@ -68,21 +81,18 @@ ARG PIP_MIRROR=https://pypi.douban.com/simple
 ENV PIP_MIRROR=$PIP_MIRROR
 ARG PIP_JMS_MIRROR=https://pypi.douban.com/simple
 ENV PIP_JMS_MIRROR=$PIP_JMS_MIRROR
-# 因为以 jms 或者 jumpserver 开头的 mirror 上可能没有
-RUN pip install --upgrade pip==20.2.4 setuptools==49.6.0 wheel==0.34.2 -i ${PIP_MIRROR} \
-    && pip install --no-cache-dir $(grep -E 'jms|jumpserver' requirements/requirements.txt) -i ${PIP_JMS_MIRROR} \
-    && pip install --no-cache-dir -r requirements/requirements.txt -i ${PIP_MIRROR} \
-    && rm -rf ~/.cache/pip

-ARG VERSION
-ENV VERSION=$VERSION
+RUN --mount=type=cache,target=/root/.cache/pip \
+    set -ex \
+    && pip config set global.index-url ${PIP_MIRROR} \
+    && pip install --upgrade pip \
+    && pip install --upgrade setuptools wheel \
+    && pip install $(grep -E 'jms|jumpserver' requirements/requirements.txt) -i ${PIP_JMS_MIRROR} \
+    && pip install -r requirements/requirements.txt

-ADD . .
-RUN cd utils \
-    && bash -ixeu build.sh \
-    && mv ../release/jumpserver /opt/jumpserver \
-    && rm -rf /tmp/build \
-    && echo > /opt/jumpserver/config.yml
+COPY --from=stage-build /opt/jumpserver/release/jumpserver /opt/jumpserver
+RUN echo > /opt/jumpserver/config.yml \
+    && rm -rf /tmp/build

 WORKDIR /opt/jumpserver
 VOLUME /opt/jumpserver/data
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -11,6 +11,9 @@ action="${1-start}"
 service="${2-all}"

 trap cleanup EXIT
+
+rm -f /opt/jumpserver/tmp/*.pid
+
 if [[ "$action" == "bash" || "$action" == "sh" ]];then
    bash
 elif [[ "$action" == "sleep" ]];then
@ -19,4 +22,3 @@ elif [[ "$action" == "sleep" ]];then
 else
    python jms "${action}" "${service}"
 fi
-