WIP: 重构Docker构建流程和部署脚本

- 更新Dockerfile为多阶段构建，提升安全性和构建效率
- 重构docker-compose.yml，添加健康检查和网络配置
- 新增Docker镜像构建和推送脚本
- 修复Maven打包配置，移除不必要的配置项
- 添加.dockerignore文件优化构建上下文
- 删除旧的deploy.sh脚本
- 新增JAR部署和回滚脚本

注意：此为开发中版本，请勿部署到生产环境

docker/Dockerfile

@@ -1,16 +1,38 @@
-FROM openjdk:11-jre-slim
+# ---------- Build stage ----------
+FROM --platform=$BUILDPLATFORM maven:3.9-eclipse-temurin-11 AS build
+WORKDIR /workspace
 
-# 设置工作目录
+# Cache-friendly: copy POMs first
+COPY pom.xml .
+COPY play-admin/pom.xml play-admin/
+COPY play-common/pom.xml play-common/
+COPY play-generator/pom.xml play-generator/
+
+# Warm deps cache
+RUN --mount=type=cache,target=/root/.m2 mvn -B -DskipTests dependency:go-offline
+
+# Add sources
+COPY play-admin/src play-admin/src/
+COPY play-common/src play-common/src/
+COPY play-generator/src play-generator/src/
+
+# Build only app module (and its deps)
+RUN --mount=type=cache,target=/root/.m2 mvn -pl play-admin -am -B -DskipTests -T 1C clean package
+
+# ---------- Runtime stage (multi-arch) ----------
+FROM eclipse-temurin:11-jre AS runtime
+# non-root
+RUN groupadd -g 1001 appgroup && useradd -u 1001 -g appgroup -m -s /usr/sbin/nologin appuser
 WORKDIR /app
 
-# 只复制应用程序JAR包，不复制lib目录
-COPY ./*.jar app.jar
+COPY --from=build /workspace/play-admin/target/*.jar /app/app.jar
+RUN chown -R appuser:appgroup /app
+USER appuser
 
-# 设置环境变量
-ENV APP_NAME=app.jar
+ENV JAVA_OPTS="-Xms2g -Xmx2g" \
+    SPRING_PROFILES_ACTIVE="test" \
+    TZ="Asia/Shanghai" \
+    LANG="C.UTF-8"
 
-# 暴露应用端口
-EXPOSE 8080
-
-# 设置启动命令
-CMD ["sh", "-c", "java -Dloader.path=./lib/ -Xms2g -Xmx2g -jar $APP_NAME --spring.profiles.active=test"]
+EXPOSE 7002
+ENTRYPOINT ["sh","-c","exec java $JAVA_OPTS -jar /app/app.jar --spring.profiles.active=${SPRING_PROFILES_ACTIVE}"]

docker/README.md

@@ -0,0 +1,30 @@
+# 私有 Docker 仓库使用速查表
+# 仓库地址: https://docker-registry.julyhaven.com
+# 用户名: hucs
+# 密码: hucsdev
+
+# 登录
+docker login docker-registry.julyhaven.com -u hucs -p hucsdev
+
+# 推送镜像 (示例: myapp:1.0.0)
+docker tag myapp:1.0.0 docker-registry.julyhaven.com/myteam/myapp:1.0.0
+docker push docker-registry.julyhaven.com/myteam/myapp:1.0.0
+
+# 同时推送 latest
+docker tag myapp:1.0.0 docker-registry.julyhaven.com/myteam/myapp:latest
+docker push docker-registry.julyhaven.com/myteam/myapp:latest
+
+# 拉取镜像
+docker pull docker-registry.julyhaven.com/myteam/myapp:1.0.0
+docker pull docker-registry.julyhaven.com/myteam/myapp:latest
+
+# 测试镜像 (hello-world)
+docker pull hello-world
+docker tag hello-world docker-registry.julyhaven.com/test/hello-world:latest
+docker push docker-registry.julyhaven.com/test/hello-world:latest
+docker pull docker-registry.julyhaven.com/test/hello-world:latest
+
+# 注意事项:
+# 1. latest 会被覆盖，生产环境请用版本号标签
+# 2. 已支持大镜像推送/拉取，无需额外配置
+# 3. 登录失败时请确认用户名/密码是否正确

docker/docker-compose.yml

@@ -1,12 +1,37 @@
-version: '3'
+version: "3.8"
 
 services:
-  spring-boot-app:
-    build: .
-    container_name: spring-boot-app
+  peipei-backend:
+    image: docker-registry.julyhaven.com/peipei/backend:latest
+    container_name: peipei-backend
     ports:
       - "7003:7002"
+    environment:
+      - SPRING_PROFILES_ACTIVE=test
+      - JAVA_OPTS=-Xms2g -Xmx2g
     volumes:
-      - ./lib:/app/lib  # 挂载主机的lib目录到容器内的lib目录
-      - ./log:/app/log  # 挂载日志目录到主机
-    restart: always
+      - ./log:/app/log # Mount log directory to host
+    restart: unless-stopped
+    healthcheck:
+      # Maybe use actuator later
+      test:
+        [
+          "CMD",
+          "wget",
+          "--no-verbose",
+          "--tries=1",
+          "--spider",
+          "http://localhost:7002/api/health",
+        ]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
+    networks:
+      - peipei-network
+
+networks:
+  peipei-network:
+    driver: bridge
+# volumes:
+#   mysql_data: