init v3

Author: Aaron3S

Dockerfile

@@ -1,42 +1,3 @@
-FROM debian:bullseye-slim as stage-wisp-build
-ARG TARGETARCH
-
-ARG DEPENDENCIES="                    \
-        ca-certificates               \
-        wget"
-
-ARG APT_MIRROR=http://mirrors.ustc.edu.cn
-RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=chen \
-    --mount=type=cache,target=/var/lib/apt,sharing=locked,id=chen \
-    set -ex \
-    && rm -f /etc/apt/apt.conf.d/docker-clean \
-    && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \
-    && sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
-    && apt-get update \
-    && apt-get -y install --no-install-recommends ${DEPENDENCIES} \
-    && echo "no" | dpkg-reconfigure dash \
-    && apt-get clean all \
-    && rm -rf /var/lib/apt/lists/*
-
-WORKDIR /opt
-
-ARG CHECK_VERSION=v1.0.2
-RUN set -ex \
-    && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
-    && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
-    && mv check /usr/local/bin/ \
-    && chown root:root /usr/local/bin/check \
-    && chmod 755 /usr/local/bin/check \
-    && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz
-
-ARG WISP_VERSION=v0.1.21
-RUN set -ex \
-    && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
-    && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \
-    && chown root:root /usr/local/bin/wisp \
-    && chmod 755 /usr/local/bin/wisp \
-    && rm -f /opt/*.tar.gz
-
 from node:16.20-bullseye-slim as stage-web-build
 ARG TARGETARCH
 ARG NPM_REGISTRY="https://registry.npmmirror.com"
@@ -46,50 +7,17 @@ RUN set -ex \
     && yarn config set registry ${NPM_REGISTRY}
 
 WORKDIR /opt/chen/frontend
-
+ADD frontend/package.json frontend/yarn.lock .
 RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=chen \
-    --mount=type=bind,source=frontend/package.json,target=package.json \
-    --mount=type=bind,source=frontend/yarn.lock,target=yarn.lock \
     yarn install
 
 ADD frontend .
-
 RUN --mount=type=cache,target=/usr/local/share/.cache/yarn,sharing=locked,id=chen \
     yarn build
 
-FROM debian:bullseye-slim as stage-chen-build
+FROM registry.fit2cloud.com/jumpserver/maven:3.9.5-openjdk-17-slim-bullseye as stage-chen-build
 ARG TARGETARCH
 
-ARG DEPENDENCIES="                    \
-        ca-certificates               \
-        curl                          \
-        openjdk-17-jre-headless"
-
-ARG APT_MIRROR=http://mirrors.ustc.edu.cn
-RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=chen \
-    --mount=type=cache,target=/var/lib/apt,sharing=locked,id=chen \
-    set -ex \
-    && rm -f /etc/apt/apt.conf.d/docker-clean \
-    && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache \
-    && sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
-    && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
-    && apt-get update \
-    && apt-get install -y --no-install-recommends ${DEPENDENCIES} \
-    && echo "no" | dpkg-reconfigure dash
-
-ARG MAVEN_VERSION=3.9.7
-ARG USER_HOME_DIR="/root"
-ARG BASE_URL=https://downloads.apache.org/maven/maven-3/${MAVEN_VERSION}/binaries
-
-RUN mkdir -p /usr/share/maven /usr/share/maven/ref \
-  && curl -fsSL -o /tmp/apache-maven.tar.gz ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
-  && tar -xzf /tmp/apache-maven.tar.gz -C /usr/share/maven --strip-components=1 \
-  && rm -f /tmp/apache-maven.tar.gz \
-  && ln -s /usr/share/maven/bin/mvn /usr/bin/mvn
-
-ENV MAVEN_HOME /usr/share/maven
-ENV MAVEN_CONFIG "$USER_HOME_DIR/.m2"
-
 WORKDIR /opt/chen
 
 COPY . .
@@ -99,6 +27,7 @@ ARG VERSION
 ENV VERSION=$VERSION
 
 ARG MAVEN_MIRROR=https://repo.maven.apache.org/maven2
+
 RUN --mount=type=cache,target=/root/.m2,id=chen \
     set -ex \
     && mkdir -p /root/.m2 \
@@ -108,30 +37,42 @@ RUN --mount=type=cache,target=/root/.m2,id=chen \
 
 RUN chmod +x entrypoint.sh
 
-FROM debian:bullseye-slim
+FROM registry.fit2cloud.com/jumpserver/openjdk:17-slim-bullseye
 ARG TARGETARCH
-ENV LANG=en_US.UTF-8
+ENV LANG=zh_CN.UTF-8
 
 ARG DEPENDENCIES="                    \
         ca-certificates               \
-        openjdk-17-jre-headless"
+        curl                          \
+        locales                       \
+        wget"
 
 ARG APT_MIRROR=http://mirrors.ustc.edu.cn
 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=chen \
-    --mount=type=cache,target=/var/lib/apt,sharing=locked,id=chen \
     sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
+    && sed -i "[email protected]=SSLv3, TLSv1, [email protected]=SSLv3@" /opt/java/openjdk/conf/security/java.security \
+    || sed -i "[email protected]=SSLv3, TLSv1, [email protected]=SSLv3@" /usr/local/openjdk-17/conf/security/java.security \
     && rm -f /etc/apt/apt.conf.d/docker-clean \
     && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
     && apt-get update \
     && apt-get install -y --no-install-recommends ${DEPENDENCIES} \
     && echo "no" | dpkg-reconfigure dash \
-    && sed -i "[email protected]=SSLv3, TLSv1, [email protected]=SSLv3@" /etc/java-17-openjdk/security/java.security \
-    && sed -i "s@# export @export @g" ~/.bashrc \
-    && sed -i "s@# alias @alias @g" ~/.bashrc
+    && echo "zh_CN.UTF-8" | dpkg-reconfigure locales \
+    && apt-get clean all \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /opt
+
+ARG WISP_VERSION=v0.1.21
+RUN set -ex \
+    && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
+    && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \
+    && chown root:root /usr/local/bin/wisp \
+    && chmod 755 /usr/local/bin/wisp \
+    && rm -f /opt/*.tar.gz
 
 WORKDIR /opt/chen
 
-COPY --from=stage-wisp-build /usr/local/bin /usr/local/bin
 COPY --from=stage-chen-build /opt/chen/backend/web/target/web-*.jar /opt/chen/chen.jar
 COPY --from=stage-chen-build /opt/chen/entrypoint.sh .
 COPY --from=stage-chen-build /opt/chen/drivers /opt/chen/drivers
@@ -140,12 +81,6 @@ COPY --from=stage-chen-build /opt/chen/config/application.yml /opt/chen/config/a
 ARG VERSION
 ENV VERSION=$VERSION
 
-VOLUME /opt/chen/data
-
-ENTRYPOINT ["./entrypoint.sh"]
-
 EXPOSE 8082
 
-STOPSIGNAL SIGQUIT
-
-CMD [ "wisp" ]
+CMD ["./entrypoint.sh"]

Dockerfile-ee

@@ -1,28 +1 @@
-# Chen
-
-Chen 是 JumpServer 的 WebDB 连接组件，支持多种数据库协议。
-
-Chen 使用 Java 实现，名字来源于 Dota 英雄 [陈](https://www.dota2.com/hero/chen) 。
-
-# UI 展示
-
-![UI展示](https://download.jumpserver.org/images/chen.png)
-
-
-## 支持的功能
-
-- [x] 安全认证
-- [x] SQL 过滤
-- [x] SQL 录像
-- [x] SQL 阻断
-
-## 支持的数据库
-
-- [x] MySQL 5.7/8.0+
-- [x] MariaDB
-- [x] PostgreSQL (X-Pack)
-- [x] SQL Server (X-Pack)
-- [x] Oracle (X-Pack)
-- [x] DB2 (X-Pack)
- 
-
+# chen

README.md

@@ -76,7 +76,7 @@ public void handle(Packet packet) {
     }
 
     public void onConnect(Connect connect) {
-        this.getConsoleLogger().info("Websocket" + MessageUtils.get("Connected"));
+        this.getConsoleLogger().info("Websocket" + MessageUtils.get("state.connected"));
         this.getConsoleLogger().info("view table: %s", this.getTitle());
 
         this.createDataView(this.schema, this.table);
@@ -87,7 +87,7 @@ public void onConnect(Connect connect) {
 
             this.tableDataView.loadData();
         } catch (SQLException e) {
-            this.getMessager().send(Message.error(MessageUtils.get("FetchError"), e.getMessage()));
+            this.getMessager().send(Message.error(MessageUtils.get("msg.error.fetch_error"), e.getMessage()));
         } finally {
             this.tableDataView.getStateManager().getState().setLoading(false);
             this.tableDataView.getStateManager().commit();
@@ -112,14 +112,14 @@ public void createDataView(String schemaName, String tableName) {
             var sql = plan.getTargetSQL();
             var aclResult = session.checkACL(sql);
             if (aclResult != null && (aclResult.getRiskLevel() == Common.RiskLevel.Reject || aclResult.getRiskLevel() == Common.RiskLevel.ReviewReject)) {
-                this.getConsoleLogger().error("%s", MessageUtils.get("ACLRejectError"));
+                this.getConsoleLogger().error("%s", MessageUtils.get("msg.error.acl_reject"));
                 CommandRecord commandRecord = new CommandRecord(sql);
                 commandRecord.setRiskLevel(aclResult.getRiskLevel());
                 session.recordCommand(commandRecord);
 
                 this.stateManager.getState().setLoading(false);
                 this.stateManager.commit();
-                throw new SQLException(MessageUtils.get("ACLRejectError"));
+                throw new SQLException(MessageUtils.get("msg.error.acl_reject"));
             }
             plan.setSqlQueryParams(sqlQueryParams);
             plan.generateTargetSQL();
@@ -146,7 +146,7 @@ public void onDataViewAction(DataViewAction action) {
             this.getPacketIO().sendPacket("update_data_view", new UpdateDataView(this.tableDataView.getTitle(), this.tableDataView.getData()));
             this.tableDataView.getStateManager().commit();
         } catch (SQLException e) {
-            this.getMessager().send(Message.error(MessageUtils.get("FetchError"), e.getMessage()));
+            this.getMessager().send(Message.error(MessageUtils.get("msg.error.fetch_error"), e.getMessage()));
         } finally {
             this.tableDataView.getStateManager().getState().setLoading(false);
             this.tableDataView.getStateManager().commit();

backend/framework/src/main/java/org/jumpserver/chen/framework/console/DataViewConsole.java

@@ -44,7 +44,7 @@ public class QueryConsole extends AbstractConsole {
 
     public QueryConsole(Datasource datasource, WebSocketSession ws, String nodeKey) {
         super(datasource, ws, nodeKey);
-        this.setTitle(String.format(MessageUtils.get("Query") + "-%d", generateConsoleName()));
+        this.setTitle(String.format(MessageUtils.get("title.query") + "-%d", generateConsoleName()));
         this.datasource = datasource;
     }
 
@@ -69,7 +69,7 @@ public void onInit(Connect connect) {
     }
 
     public void onConnect(Connect connect) {
-        this.getConsoleLogger().info("Websocket" + MessageUtils.get("Connected"));
+        this.getConsoleLogger().info("Websocket" + MessageUtils.get("state.connected"));
 
         this.stateManager = new StateManager<>(new QueryConsoleState(this.getTitle())
                 , this.getPacketIO());
@@ -93,7 +93,7 @@ public void onConnect(Connect connect) {
             this.getState().setCurrentContext(context);
 
         } catch (SQLException e) {
-            this.getConsoleLogger().error(MessageUtils.get("ConnectError") + ": %s", e.getMessage());
+            this.getConsoleLogger().error(MessageUtils.get("msg.error.connect_error") + ": %s", e.getMessage());
         }
 
         this.getState().setLoading(false);
@@ -189,7 +189,7 @@ private void onDataViewAction(DataViewAction action) {
             this.getPacketIO().sendPacket("update_data_view", new UpdateDataView(action.getDataView(), dataView.getData()));
 
         } catch (SQLException e) {
-            this.getMessager().send(Message.error(MessageUtils.get("FetchError"), e.getMessage()));
+            this.getMessager().send(Message.error(MessageUtils.get("msg.error.fetch_error"), e.getMessage()));
         } finally {
             dataView.getStateManager().getState().setLoading(false);
             dataView.getStateManager().commit();
@@ -219,7 +219,7 @@ public void onManualChangeContext(String context) {
             this.getState().setCurrentContext(context);
 
         } catch (SQLException e) {
-            this.getConsoleLogger().error(MessageUtils.get("ChangeContextError") + ": %s", e.getMessage());
+            this.getConsoleLogger().error(MessageUtils.get("msg.error.change_context_error") + ": %s", e.getMessage());
         } finally {
             this.getState().setEditorLoading(false);
             this.stateManager.commit();
@@ -263,7 +263,7 @@ public void onSQL(String sql) {
         var aclResult = session.checkACL(sql, this.getConnection());
         if (aclResult != null) {
             if (aclResult.getRiskLevel() == Common.RiskLevel.Reject || aclResult.getRiskLevel() == Common.RiskLevel.ReviewReject) {
-                this.getConsoleLogger().error("%s", MessageUtils.get("ACLRejectError"));
+                this.getConsoleLogger().error("%s", MessageUtils.get("msg.error.acl_reject"));
                 CommandRecord commandRecord = new CommandRecord(sql);
                 commandRecord.setRiskLevel(aclResult.getRiskLevel());
                 session.recordCommand(commandRecord);
@@ -282,20 +282,20 @@ public void onSQL(String sql) {
                 var dataView = this.runSingleSQL(stmt, aclResult);
                 if (!dataView.isHasTable()) {
                     this.getConsoleLogger().success("%s , %s: %d",
-                            MessageUtils.get("ExecuteSuccess"),
-                            MessageUtils.get("AffectedRows"), dataView.getUpdateCount());
+                            MessageUtils.get("msg.success.execute_success"),
+                            MessageUtils.get("msg.info.affected_rows"), dataView.getUpdateCount());
                 } else {
                     this.sendDataView(dataView, clearOthers);
                     clearOthers = false;
                 }
             }
             this.ensureCurrentSchema();
         } catch (ParserException e) {
-            this.getConsoleLogger().error("%s: %s", MessageUtils.get("ParseError"), e.getMessage());
-            this.getPacketIO().sendPacket("message", Message.error(MessageUtils.get("ParseError"), e.getMessage()));
+            this.getConsoleLogger().error("%s: %s", MessageUtils.get("msg.error.parse_error"), e.getMessage());
+            this.getPacketIO().sendPacket("message", Message.error(MessageUtils.get("msg.error.parse_error"), e.getMessage()));
         } catch (SQLException e) {
-            this.getConsoleLogger().error("%s: %s", MessageUtils.get("ExecuteError"), e.getMessage());
-            this.getPacketIO().sendPacket("message", Message.error(MessageUtils.get("ExecuteError"), e.getMessage()));
+            this.getConsoleLogger().error("%s: %s", MessageUtils.get("msg.error.execute_error"), e.getMessage());
+            this.getPacketIO().sendPacket("message", Message.error(MessageUtils.get("msg.error.execute_error"), e.getMessage()));
         } finally {
             this.getState().setInQuery(false);
             this.getState().setCanCancel(false);