wangtianqi/java_demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Remove network.host and simplify Buildx configuration

Browse Source 
Issues fixed:
-  Remove --network=host (not allowed by daemon config)
-  Remove --mount=type=cache from Dockerfile (compatibility)
-  Simplify builder management and error handling
-  Keep caches on build failure for faster retries
-  Use standard Docker layer caching instead of BuildKit mount

This should resolve the 'granting entitlement network.host is not allowed' error.
This commit is contained in:
wangtianqi 2025-06-24 09:08:13 +08:00
parent 269496438a
commit 98b08af4a3
2 changed files with 11 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Dockerfile
View File

@ -26,16 +26,14 @@ COPY mvnw .
# 给mvnw脚本添加执行权限 # 给mvnw脚本添加执行权限
RUN chmod +x ./mvnw RUN chmod +x ./mvnw
# 首先只复制pom.xml并下载依赖利用Docker层缓存 # 首先只下载依赖利用Docker层缓存不使用mount缓存
RUN --mount=type=cache,target=/root/.m2 \ RUN ./mvnw dependency:resolve -B -q
./mvnw dependency:resolve -B
# 复制源代码 # 复制源代码
COPY src ./src COPY src ./src
# 构建应用使用缓存挂载优化Maven依赖下载 # 构建应用(简化构建过程)
RUN --mount=type=cache,target=/root/.m2 \ RUN ./mvnw clean package -DskipTests -B -q
./mvnw clean package -DskipTests -B -q
# 运行时镜像 - 使用更小的Alpine镜像 # 运行时镜像 - 使用更小的Alpine镜像
FROM amazoncorretto:17-alpine FROM amazoncorretto:17-alpine

21
Jenkinsfile vendored
View File

@ -155,12 +155,11 @@ pipeline {
// 清理旧镜像以节省空间 // 清理旧镜像以节省空间
sh 'docker image prune -f || true' sh 'docker image prune -f || true'
echo "开始构建Docker镜像: ${IMAGE_NAME}:${IMAGE_TAG}" echo "开始构建Docker镜像: ${IMAGE_NAME}:${IMAGE_TAG}" // 启用Docker Buildx并创建构建器
// 启用Docker Buildx并创建构建器
sh ''' sh '''
echo "✅ 使用已安装的 Docker Buildx $(docker buildx version)" echo "✅ 使用已安装的 Docker Buildx $(docker buildx version)"
# 创建并使用新的构建器实例(如果不存在) # 简化构建器管理:重用或创建
if ! docker buildx inspect jenkins-builder >/dev/null 2>&1; then if ! docker buildx inspect jenkins-builder >/dev/null 2>&1; then
echo "创建新的构建器实例..." echo "创建新的构建器实例..."
docker buildx create --name jenkins-builder --use --bootstrap docker buildx create --name jenkins-builder --use --bootstrap
@ -170,22 +169,18 @@ pipeline {
fi fi
# 验证构建器状态 # 验证构建器状态
docker buildx inspect --bootstrap docker buildx inspect jenkins-builder
''' '''
// 使用Buildx构建镜像增加超时时间到30分钟
// 使用Buildx构建镜像增加超时时间到30分钟
timeout(time: 30, unit: 'MINUTES') { timeout(time: 30, unit: 'MINUTES') {
sh ''' sh '''
# 使用Buildx构建镜像启用缓存和并行构建 # 使用Buildx构建镜像移除网络限制
docker buildx build \\ docker buildx build \\
--builder jenkins-builder \\ --builder jenkins-builder \\
--platform linux/amd64 \\ --platform linux/amd64 \\
--cache-from type=local,src=/tmp/.buildx-cache \\ --cache-from type=local,src=/tmp/.buildx-cache \\
--cache-to type=local,dest=/tmp/.buildx-cache-new,mode=max \\ --cache-to type=local,dest=/tmp/.buildx-cache-new,mode=max \\
--build-arg BUILDKIT_INLINE_CACHE=1 \\ --build-arg BUILDKIT_INLINE_CACHE=1 \\
--build-arg HTTP_PROXY= \\
--build-arg HTTPS_PROXY= \\
--network=host \\
--load \\ --load \\
-t ${IMAGE_NAME}:${IMAGE_TAG} \\ -t ${IMAGE_NAME}:${IMAGE_TAG} \\
-t ${IMAGE_NAME}:latest \\ -t ${IMAGE_NAME}:latest \\
@ -201,13 +196,11 @@ pipeline {
// 验证镜像是否创建成功 // 验证镜像是否创建成功
sh "docker images ${IMAGE_NAME}:${IMAGE_TAG}" sh "docker images ${IMAGE_NAME}:${IMAGE_TAG}"
} catch (Exception e) {
} catch (Exception e) {
echo "⚠️ Docker构建失败: ${e.getMessage()}" echo "⚠️ Docker构建失败: ${e.getMessage()}"
// 清理可能的中间状态和缓存 // 清理可能的中间状态,但保留缓存用于下次构建
sh ''' sh '''
docker system prune -f || true docker system prune -f || true
rm -rf /tmp/.buildx-cache* || true
''' '''
throw e throw e
} }