fix: 修复CI/CD镜像源配置和后端CGO支持

- 为前端和管理后台CI/CD添加阿里云镜像源替换 - 修复后端Dockerfile的CGO配置以支持SQLite - 将运行时镜像从scratch改为alpine以支持动态链接
2025-07-15 23:42:41 +08:00
parent c9bf99c2a5
commit 0c96d857e2
3 changed files with 40 additions and 23 deletions
--- a/.gitea/workflows/deploy-admin.yml
+++ b/.gitea/workflows/deploy-admin.yml
@ -99,6 +99,12 @@ jobs:
      - name: 📊 压缩构建产物
        working-directory: ./admin
        run: |
+          # 使用国内镜像源安装压缩工具
+          echo "🔄 使用国内镜像源..."
+          sudo sed -i 's|http://.*.ubuntu.com|https://mirrors.aliyun.com|g' /etc/apt/sources.list
+          sudo apt-get update -o Acquire::Retries=3 -o Acquire::http::Timeout=30
+          sudo apt-get install -y tar gzip
+          
          tar -czf admin-dist.tar.gz -C dist .
          echo "压缩完成: $(ls -lh admin-dist.tar.gz)"

--- a/.gitea/workflows/deploy-frontend.yml
+++ b/.gitea/workflows/deploy-frontend.yml
@ -76,8 +76,11 @@ jobs:

      - name: 🚀 部署到服务器
        run: |
-          # 安装部署工具
-          sudo apt-get update && sudo apt-get install -y openssh-client rsync sshpass
+          # 使用国内镜像源安装部署工具
+          echo "🔄 使用国内镜像源..."
+          sudo sed -i 's|http://.*.ubuntu.com|https://mirrors.aliyun.com|g' /etc/apt/sources.list
+          sudo apt-get update -o Acquire::Retries=3 -o Acquire::http::Timeout=30
+          sudo apt-get install -y openssh-client rsync sshpass
          
          # 设置 SSH 环境
          export SSHPASS=${{ secrets.ALIYUN_PWD }}
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@ -10,8 +10,8 @@ WORKDIR /app
 # 配置镜像源加速
 RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories

-# 安装构建依赖
-RUN apk add --no-cache git ca-certificates tzdata
+# 安装构建依赖 (包含CGO所需的gcc和sqlite3开发库)
+RUN apk add --no-cache git ca-certificates tzdata gcc musl-dev sqlite-dev

 # 配置 Go 模块代理
 ENV GOPROXY=https://goproxy.cn,direct
@ -24,30 +24,34 @@ RUN go mod download
 # 复制源代码
 COPY . .

-# 构建应用程序
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
-    -ldflags='-w -s -extldflags "-static"' \
-    -a -installsuffix cgo \
+# 构建应用程序 (启用CGO支持SQLite)
+RUN CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build \
+    -ldflags='-w -s' \
    -o photography-api \
    ./cmd/api/main.go

-# 构建迁移工具
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
-    -ldflags='-w -s -extldflags "-static"' \
-    -a -installsuffix cgo \
+# 构建迁移工具 (启用CGO支持SQLite)
+RUN CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build \
+    -ldflags='-w -s' \
    -o migrate \
    ./cmd/migrate/main.go

 # Stage 2: 运行阶段
-FROM scratch
+FROM alpine:3.19

-# 从builder阶段复制时区数据和CA证书
-COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
-COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+# 配置镜像源加速
+RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories

-# 复制编译好的二进制文件
-COPY --from=builder /app/photography-api /photography-api
-COPY --from=builder /app/migrate /migrate
+# 安装运行时依赖 (包含SQLite动态库)
+RUN apk add --no-cache ca-certificates tzdata sqlite
+
+# 创建非root用户
+RUN addgroup -g 1001 -S appgroup && \
+    adduser -S appuser -G appgroup -u 1001
+
+# 从builder阶段复制编译好的二进制文件
+COPY --from=builder /app/photography-api /usr/local/bin/photography-api
+COPY --from=builder /app/migrate /usr/local/bin/migrate

 # 复制配置文件和脚本
 COPY --from=builder /app/configs /configs
@ -55,21 +59,25 @@ COPY --from=builder /app/scripts /scripts
 COPY --from=builder /app/pkg/migration /pkg/migration
 COPY --from=builder /app/etc /etc

+# 设置目录权限
+RUN mkdir -p /app && \
+    chown -R appuser:appgroup /app
+
 # 设置时区
 ENV TZ=Asia/Shanghai

 # 创建工作目录
 WORKDIR /app

-# 创建非root用户 (在scratch镜像中需要手动创建)
-USER 65534:65534
+# 使用非root用户运行
+USER appuser:appgroup

 # 暴露端口
 EXPOSE 8080

 # 健康检查
 HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
-  CMD ["/photography-api", "--health-check"]
+  CMD ["/usr/local/bin/photography-api", "--health-check"]

 # 启动应用
-ENTRYPOINT ["/photography-api"]
+ENTRYPOINT ["/usr/local/bin/photography-api"]