# syntax=docker/dockerfile:1.4 # ============================================ # 多阶段构建:Maven 编译 + 运行时镜像 # 使用 Docker BuildKit 缓存加速构建 # ============================================ # ============ 构建阶段 ============ FROM maven:3.9.9-eclipse-temurin-17-alpine AS builder WORKDIR /build # 构建参数 ARG MODULE_NAME ARG JAR_NAME ARG SKIP_TESTS=true # 复制 pom 文件(利用 Docker 层缓存) COPY pom.xml . COPY viewsh-dependencies/pom.xml viewsh-dependencies/ COPY viewsh-framework/pom.xml viewsh-framework/ COPY viewsh-gateway/pom.xml viewsh-gateway/ COPY viewsh-module-system/pom.xml viewsh-module-system/ COPY viewsh-module-system/viewsh-module-system-api/pom.xml viewsh-module-system/viewsh-module-system-api/ COPY viewsh-module-system/viewsh-module-system-server/pom.xml viewsh-module-system/viewsh-module-system-server/ COPY viewsh-module-infra/pom.xml viewsh-module-infra/ COPY viewsh-module-infra/viewsh-module-infra-api/pom.xml viewsh-module-infra/viewsh-module-infra-api/ COPY viewsh-module-infra/viewsh-module-infra-server/pom.xml viewsh-module-infra/viewsh-module-infra-server/ COPY viewsh-module-iot/pom.xml viewsh-module-iot/ COPY viewsh-module-iot/viewsh-module-iot-core/pom.xml viewsh-module-iot/viewsh-module-iot-core/ COPY viewsh-module-iot/viewsh-module-iot-api/pom.xml viewsh-module-iot/viewsh-module-iot-api/ COPY viewsh-module-iot/viewsh-module-iot-server/pom.xml viewsh-module-iot/viewsh-module-iot-server/ COPY viewsh-module-iot/viewsh-module-iot-gateway/pom.xml viewsh-module-iot/viewsh-module-iot-gateway/ # 下载依赖(使用 BuildKit 缓存挂载) # 缓存会保存在 Docker 的缓存卷中,不会包含在最终镜像里 RUN --mount=type=cache,target=/root/.m2 \ mvn dependency:go-offline -B -q || true # 复制源代码 COPY . . # 编译打包(使用 BuildKit 缓存挂载) RUN --mount=type=cache,target=/root/.m2 \ mvn clean package -pl ${MODULE_NAME} -am -DskipTests=${SKIP_TESTS} -B -q # ============ 运行阶段 ============ FROM eclipse-temurin:17-jre-alpine # 安装必要工具(用于健康检查) RUN apk add --no-cache wget curl # 构建参数 ARG MODULE_NAME ARG JAR_NAME ARG APP_PORT=48080 # 元数据标签 LABEL maintainer="XW-AIOT Team" LABEL service="${MODULE_NAME}" # 创建非 root 用户 RUN addgroup -g 1000 appuser && \ adduser -D -u 1000 -G appuser appuser # 创建应用目录 RUN mkdir -p /app/logs /app/config && \ chown -R appuser:appuser /app WORKDIR /app # 从构建阶段复制 JAR 文件 COPY --from=builder --chown=appuser:appuser /build/${MODULE_NAME}/target/${JAR_NAME}.jar app.jar # 切换到非 root 用户 USER appuser # 环境变量 ENV TZ=Asia/Shanghai \ JAVA_OPTS="-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs/heap-dump.hprof" \ SPRING_PROFILES_ACTIVE=prod \ APP_ARGS="" # 暴露端口 EXPOSE ${APP_PORT} # 健康检查 HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ CMD wget --no-verbose --tries=1 --spider http://localhost:${APP_PORT}/actuator/health || exit 1 # 启动应用 ENTRYPOINT ["sh", "-c", "java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar app.jar ${APP_ARGS}"]