From bce7d9583831e43c4512ee446ae8be8d34cb10a3 Mon Sep 17 00:00:00 2001 From: xiaojunnuo Date: Wed, 1 Jul 2026 00:41:50 +0800 Subject: [PATCH] docs(ci): add slim docker image support and update all documentations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1. 新增slim镜像版本的文档说明,补充镜像版本选择指南 2. 更新docker-compose示例注释,将arm适配改为slim镜像适配 3. 重构README、镜像说明文档的镜像表格排版 4. 调整CI构建脚本,将alpine构建改为slim构建,修正Dockerfile构建逻辑 5. 统一镜像标签命名,移除-alpine后缀改为-slim --- .github/workflows/release-image.yml | 16 ++++++++-------- README.md | 26 ++++++++++++++++---------- docker/run/docker-compose.yaml | 4 ++-- docs/guide/image.md | 18 +++++++++++++++--- docs/guide/install/docker/index.md | 12 ++++++++++++ packages/ui/Dockerfile | 23 ++++++++--------------- 6 files changed, 61 insertions(+), 38 deletions(-) diff --git a/.github/workflows/release-image.yml b/.github/workflows/release-image.yml index 820a98a7c..110ebe918 100644 --- a/.github/workflows/release-image.yml +++ b/.github/workflows/release-image.yml @@ -94,21 +94,21 @@ jobs: greper/certd:${{steps.get_certd_version.outputs.result}} ghcr.io/${{ github.repository }}:latest ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}} - - name: Build alpine + - name: Build slim uses: docker/build-push-action@v6 with: platforms: linux/amd64,linux/arm64 push: true context: ./packages/ui/ build-args: | - base_type=alpine + base_type=slim tags: | - registry.cn-shenzhen.aliyuncs.com/handsfree/certd:alpine - registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-alpine - greper/certd:alpine - greper/certd:${{steps.get_certd_version.outputs.result}}-alpine - ghcr.io/${{ github.repository }}:alpine - ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}-alpine + registry.cn-shenzhen.aliyuncs.com/handsfree/certd:slim + registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-slim + greper/certd:slim + greper/certd:${{steps.get_certd_version.outputs.result}}-slim + ghcr.io/${{ github.repository }}:slim + ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}-slim - name: Build armv7 uses: docker/build-push-action@v6 diff --git a/README.md b/README.md index 999d42294..05c6f2aaf 100644 --- a/README.md +++ b/README.md @@ -105,17 +105,23 @@ https://certd.handfree.work/ #### Docker镜像说明: -- 国内镜像地址: - - `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest` - - `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7`、`[version]-armv7` -- DockerHub地址: - - `https://hub.docker.com/r/greper/certd` - - `greper/certd:latest` - - `greper/certd:armv7`、`greper/certd:[version]-armv7` -- GitHub Packages地址: +**镜像版本:** - - `ghcr.io/certd/certd:latest` - - `ghcr.io/certd/certd:armv7`、`ghcr.io/certd/certd:[version]-armv7` +| 版本标签 | 基础系统 | 说明 | +| --- | --- | --- | --- | +| `latest` / `[version]` | Alpine Linux | 默认版本,镜像体积小 | +| `slim` / `[version]-slim` | Debian slim | 基于glibc,dns解析兼容性好(可能需要配置security_opt -seccomp=unconfined) | +| `armv7` / `[version]-armv7` | Alpine Linux | ARMv7 架构专用版本 | + +**镜像地址:** + +| 镜像仓库 | latest | slim | armv7 | +| --- | --- | --- | --- | +| 阿里云 | `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest` | `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:slim` | `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7` | +| Docker Hub | `greper/certd:latest` | `greper/certd:slim` | `greper/certd:armv7` | +| GitHub Packages | `ghcr.io/certd/certd:latest` | `ghcr.io/certd/certd:slim` | `ghcr.io/certd/certd:armv7` | + +> 带版本号的标签请将 `latest` / `slim` / `armv7` 替换为 `[version]` / `[version]-slim` / `[version]-armv7` - 镜像构建通过`Actions`自动执行,过程公开透明,请放心使用 - [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml) diff --git a/docker/run/docker-compose.yaml b/docker/run/docker-compose.yaml index 1f3573f8c..5cd9592da 100644 --- a/docker/run/docker-compose.yaml +++ b/docker/run/docker-compose.yaml @@ -5,8 +5,8 @@ services: image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest # image: ghcr.io/certd/certd:latest # --------- 如果 报镜像not found,可以尝试其他镜像源 # image: greper/certd:latest - # security_opt: # --------- 如果Arm下启动报错,尝试去掉这两行注释 - # - seccomp=unconfined # 解决arm下 WorkerThreadsTaskRunner::DelayedTaskScheduler::Start() 报错问题 + # security_opt: # --------- 如果slim镜像下启动报错,尝试去掉这两行注释 + # - seccomp=unconfined # 解决slim镜像下WorkerThreadsTaskRunner::DelayedTaskScheduler::Start() 报错问题 container_name: certd # 容器名 restart: unless-stopped # 自动重启 volumes: diff --git a/docs/guide/image.md b/docs/guide/image.md index e288bb419..1668c39b9 100644 --- a/docs/guide/image.md +++ b/docs/guide/image.md @@ -1,20 +1,32 @@ # 镜像说明 + +## 镜像版本说明 + +| 版本标签 | 基础系统 | OpenJDK | 说明 | +| --- | --- | --- | --- | +| `latest` / `[version]` | Alpine Linux | 有 | **推荐**,默认版本,镜像体积更小,功能完整,支持所有插件 | +| `slim` / `[version]-slim` | Debian slim | 有 | glibc 兼容性更好,适用于依赖 glibc 的特殊场景 | +| `armv7` / `[version]-armv7` | Alpine Linux | 有 | ARMv7 架构专用版本 | + ## 国内镜像地址: -* `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest` +* `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest` +* `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:slim`、`[version]-slim` * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7`、`[version]-armv7` ## DockerHub地址: * `https://hub.docker.com/r/greper/certd` * `greper/certd:latest` +* `greper/certd:slim`、`greper/certd:[version]-slim` * `greper/certd:armv7`、`greper/certd:[version]-armv7` ## GitHub Packages地址: * `ghcr.io/certd/certd:latest` +* `ghcr.io/certd/certd:slim`、`ghcr.io/certd/certd:[version]-slim` * `ghcr.io/certd/certd:armv7`、`ghcr.io/certd/certd:[version]-armv7` -* + ## 镜像构建公开 -镜像构建通过`Actions`自动执行,过程公开透明,请放心使用 +镜像构建通过`Actions`自动执行,过程公开透明,请放心使用 * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml) ![](../images/action/action-build.jpg) \ No newline at end of file diff --git a/docs/guide/install/docker/index.md b/docs/guide/install/docker/index.md index a703e6cb0..f82be38b9 100644 --- a/docs/guide/install/docker/index.md +++ b/docs/guide/install/docker/index.md @@ -2,6 +2,18 @@ ## 一、安装 +### 镜像版本选择 + +Certd 提供多种 Docker 镜像版本,您可以根据需要选择: + +| 版本标签 | 基础系统 | 说明 | +| --- | --- | --- | --- | +| `latest` / `[version]` | Alpine Linux | 默认版本,镜像体积小 | +| `slim` / `[version]-slim` | Debian slim | glibc版本,dns解析兼容性更好(可能需要配置security_opt -seccomp=unconfined)| +| `armv7` / `[version]-armv7` | Alpine Linux | ARMv7 架构专用版本 | + +> 如果您不确定使用哪个版本,请使用默认的 `latest` 版本。 + ### 一键脚本安装(推荐) 如果您的服务器未安装 Docker,该脚本会自动为您安装 Docker 和 Docker Compose,并启动 Certd 容器。 diff --git a/packages/ui/Dockerfile b/packages/ui/Dockerfile index 25b9cdd2f..660a7960a 100644 --- a/packages/ui/Dockerfile +++ b/packages/ui/Dockerfile @@ -1,4 +1,4 @@ -ARG base_type=slim +ARG base_type=alpine # 根据 base_type 参数选择基础镜像系列 FROM --platform=linux/amd64 node:22-alpine AS base-amd64-alpine @@ -21,17 +21,16 @@ RUN cp /workspace/certd-client/dist/* /workspace/certd-server/public/ -rf RUN cd /workspace/certd-server && pnpm install --production && npm run build-on-docker -ARG base_type=slim +ARG base_type=alpine FROM base-${TARGETARCH}${TARGETVARIANT:+-}${TARGETVARIANT}-${base_type} EXPOSE 7001 EXPOSE 7002 -ARG base_type=slim +ARG base_type=alpine # 根据基础镜像发行版选择包管理器 # trixie-slim -> apt-get, alpine -> apk -# base_type=alpine 时不安装 openjdk RUN if [ -f /etc/debian_version ]; then \ apt-get update \ && apt-get install -y --no-install-recommends \ @@ -43,20 +42,14 @@ RUN if [ -f /etc/debian_version ]; then \ iputils-ping \ dnsutils \ iproute2 \ - && if [ "$base_type" != "alpine" ]; then \ - wget -O - https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor | tee /usr/share/keyrings/adoptium.gpg > /dev/null \ - && echo "deb [signed-by=/usr/share/keyrings/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main" | tee /etc/apt/sources.list.d/adoptium.list \ - && apt-get update \ - && apt-get install -y --no-install-recommends temurin-8-jre; \ - fi \ + && wget -O - https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor | tee /usr/share/keyrings/adoptium.gpg > /dev/null \ + && echo "deb [signed-by=/usr/share/keyrings/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main" | tee /etc/apt/sources.list.d/adoptium.list \ + && apt-get update \ + && apt-get install -y --no-install-recommends temurin-8-jre \ && apt-get clean \ && rm -rf /var/lib/apt/lists/*; \ elif [ -f /etc/alpine-release ]; then \ - if [ "$base_type" = "alpine" ]; then \ - apk add --no-cache openssl; \ - else \ - apk add --no-cache openssl openjdk8-jre; \ - fi; \ + apk add --no-cache openssl openjdk8-jre; \ else \ echo "Unsupported base image"; exit 1; \ fi