From c8f69e554e5de97eeb81049b72614362fbb18cdd Mon Sep 17 00:00:00 2001
From: gitadmin <gitadmin@163.com>
Date: Thu, 18 Sep 2025 22:18:55 +0800
Subject: [PATCH] =?UTF-8?q?=E7=AD=BE=E5=85=A5=E7=89=88=E6=9C=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../python/3.9.13-debian12-dos/Dockerfile     | 162 ++++++++++++++
 .../python/3.9.13-debian12-dos/deploy.sh      | 203 ++++++++++++++++++
 2 files changed, 365 insertions(+)
 create mode 100644 dockerfiles/python/3.9.13-debian12-dos/Dockerfile
 create mode 100644 dockerfiles/python/3.9.13-debian12-dos/deploy.sh

diff --git a/dockerfiles/python/3.9.13-debian12-dos/Dockerfile b/dockerfiles/python/3.9.13-debian12-dos/Dockerfile
new file mode 100644
index 0000000..c6b7d07
--- /dev/null
+++ b/dockerfiles/python/3.9.13-debian12-dos/Dockerfile
@@ -0,0 +1,162 @@
+# 使用 Debian 12 (bookworm-slim) 作为基础镜像
+FROM debian:bookworm-slim
+
+# 设置元数据标签
+LABEL maintainer="小蚂蚁云团队" \
+      version="1.0" \
+      description="基于Debian的Python 3.9.13运行环境" \
+      python.version="3.9.13"
+
+# 设置环境变量
+ENV PYTHON_VERSION=3.9.13 \
+    PYTHON_HOME=/usr/local/python3.9.13 \
+    TZ=Asia/Shanghai \
+    LANG=en_US.UTF-8 \
+    DEBIAN_FRONTEND=noninteractive
+
+# 设置工作目录
+WORKDIR /tmp
+
+# 第一步：安装编译工具和系统依赖
+RUN set -eux; \
+    \
+    # 配置阿里云Debian镜像源
+    echo "deb http://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware" > /etc/apt/sources.list; \
+    echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware" >> /etc/apt/sources.list; \
+    echo "deb http://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware" >> /etc/apt/sources.list; \
+    echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main non-free non-free-firmware" >> /etc/apt/sources.list; \
+    \
+    # 更新软件包列表并安装必要的开发工具
+    apt-get update && \
+    apt-get install -y --no-install-recommends \
+        build-essential \
+        libssl-dev \
+        libbz2-dev \
+        libffi-dev \
+        zlib1g-dev \
+        libreadline-dev \
+        libsqlite3-dev \
+        liblzma-dev \
+        libncursesw5-dev \
+        # 系统工具
+        curl \
+        wget \
+        tar \
+        xz-utils \
+        gzip \
+        git \
+        locales \
+        tzdata \
+        make \
+        gcc \
+        g++ \
+        && \
+    \
+    # 清理缓存以减少镜像大小
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*; \
+    \
+    # 配置时区
+    ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
+    echo $TZ > /etc/timezone; \
+    \
+    # 设置语言环境
+    echo "en_US.UTF-8 UTF-8" > /etc/locale.gen; \
+    locale-gen; \
+    update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8;
+
+# 第二步：验证编译器安装
+RUN set -eux; \
+    \
+    # 检查编译器是否安装成功
+    echo "=== 检查编译工具 ==="; \
+    make --version; \
+    gcc --version; \
+    g++ --version;
+
+# 添加Python安装包（确保Python-3.9.13.tar.xz在构建上下文）
+ADD Python-3.9.13.tar.xz /tmp/
+
+# 第三步：编译和安装Python
+RUN set -eux; \
+    \
+    # 进入解压后的Python目录
+    cd /tmp/Python-3.9.13 && \
+    \
+    # 配置编译选项
+    ./configure \
+        --prefix=${PYTHON_HOME} \
+        --enable-optimizations \
+        --enable-shared \
+        --with-system-ffi \
+        --with-ensurepip=install \
+        --enable-loadable-sqlite-extensions \
+        && \
+    \
+    # 编译和安装
+    make -j$(nproc) && \
+    make install && \
+    \
+    # 创建软链接
+    ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/local/bin/python3 && \
+    ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/local/bin/python && \
+    ln -sf ${PYTHON_HOME}/bin/pip3 /usr/local/bin/pip && \
+    \
+    # 配置动态链接库路径
+    echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \
+    ldconfig && \
+    \
+    # 清理编译文件和源码
+    cd /tmp && \
+    rm -rf /tmp/Python-3.9.13;
+
+# 设置全局PATH环境变量
+ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+# 第四步：验证Python安装
+RUN set -eux; \
+    \
+    # 检查Python版本
+    echo "=== Python版本 ==="; \
+    python3 --version; \
+    python --version; \
+    \
+    # 检查pip版本
+    echo "=== Pip版本 ==="; \
+    pip --version;
+
+# 第五步：升级pip和安装常用工具
+RUN set -eux; \
+    \
+    # 升级pip
+    pip install --upgrade pip setuptools wheel && \
+    \
+    # 安装常用Python工具
+    pip install virtualenv;
+
+# 设置工作目录（Python项目目录）
+WORKDIR /opt/apps
+
+# 创建非root用户用于运行Python应用
+RUN set -eux; \
+    \
+    # 创建用户和组
+    groupadd -r esxi && \
+    useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
+    \
+    # 安装bash（Debian slim可能不包含）
+    apt-get update && \
+    apt-get install -y --no-install-recommends bash && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*; \
+    \
+    # 设置目录权限
+    chown -R esxi:esxi /opt/apps && \
+    chown -R esxi:esxi ${PYTHON_HOME};
+
+# 设置健康检查
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+  CMD python3 --version > /dev/null 2>&1 || exit 1
+
+# 设置默认启动命令
+CMD ["python3", "--version"]
\ No newline at end of file
diff --git a/dockerfiles/python/3.9.13-debian12-dos/deploy.sh b/dockerfiles/python/3.9.13-debian12-dos/deploy.sh
new file mode 100644
index 0000000..404c741
--- /dev/null
+++ b/dockerfiles/python/3.9.13-debian12-dos/deploy.sh
@@ -0,0 +1,203 @@
+#!/bin/bash
+set -euo pipefail
+
+# 配置参数
+IMAGE_NAME="python"
+VERSION="3.9.13-debian12-dos"
+HARBOR_REGISTRY="192.168.10.102:8001"  # 替换为实际的Harbor地址
+HARBOR_PROJECT="xiaomayi-base"                  # 替换为实际的Harbor项目名
+HARBOR_USERNAME="deploy"           # 替换为Harbor用户名
+HARBOR_PASSWORD="Harbor20240330"           # 替换为Harbor密码
+
+# 完整的镜像标签
+FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
+TAG_VERSION="${VERSION}"
+TAG_LATEST="latest"
+
+# 颜色输出函数
+red() { echo -e "\033[31m$*\033[0m"; }
+green() { echo -e "\033[32m$*\033[0m"; }
+yellow() { echo -e "\033[33m$*\033[0m"; }
+blue() { echo -e "\033[34m$*\033[0m"; }
+
+# 检查必要文件
+check_requirements() {
+    blue "检查构建所需文件..."
+    
+    if [ ! -f "Python-3.9.13.tar.xz" ]; then
+        red "错误: Python-3.9.13.tar.xz 不存在"
+        echo "请从Python官网下载并放置在当前目录"
+        exit 1
+    fi
+
+    green "✓ 文件检查完成"
+}
+
+# 登录Harbor仓库
+login_to_harbor() {
+    blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
+    
+    if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
+        green "✓ Harbor登录成功"
+    else
+        red "✗ Harbor登录失败"
+        exit 1
+    fi
+}
+
+# 构建Docker镜像
+build_image() {
+    blue "开始构建Docker镜像..."
+    
+    local build_cmd=(
+        docker build
+        # --pull
+        # --no-cache
+        -t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
+        # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
+        .
+    )
+    
+    echo "执行命令: ${build_cmd[*]}"
+    
+    if "${build_cmd[@]}"; then
+        green "✓ 镜像构建成功"
+    else
+        red "✗ 镜像构建失败"
+        exit 1
+    fi
+}
+
+# 显示镜像信息
+show_image_info() {
+    blue "镜像构建信息:"
+    echo "----------------------------------------"
+    docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
+    echo "----------------------------------------"
+    
+    # 显示详细大小信息
+    local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
+    green "镜像大小: ${image_size}"
+}
+
+# 测试镜像功能
+test_image() {
+    blue "测试镜像功能..."
+    
+    echo "1. 测试Python版本:"
+    if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" python3 --version; then
+        green "✓ 测试通过"
+    else
+        red "✗ 测试失败"
+        exit 1
+    fi
+    
+    echo "2. 测试区域设置:"
+    if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
+        green "✓ 区域设置测试通过"
+    else
+        red "✗ 区域设置测试失败"
+        exit 1
+    fi
+    
+    echo "3. 测试时区设置:"
+    if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
+        green "✓ 时区测试通过"
+    else
+        red "✗ 时区测试失败"
+        exit 1
+    fi
+}
+
+# 推送镜像到Harbor
+push_to_harbor() {
+    blue "推送镜像到Harbor仓库..."
+    
+    # 推送版本标签
+    if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
+        green "✓ 版本标签推送成功: ${TAG_VERSION}"
+    else
+        red "✗ 版本标签推送失败"
+        exit 1
+    fi
+    
+    # # 推送latest标签
+    # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
+    #     green "✓ latest标签推送成功"
+    # else
+    #     red "✗ latest标签推送失败"
+    #     exit 1
+    # fi
+}
+
+# 清理本地镜像
+cleanup_local() {
+    blue "清理本地镜像..."
+    
+    docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
+    green "✓ 本地镜像清理完成"
+}
+
+# 验证远程镜像
+verify_remote_image() {
+    blue "验证远程镜像..."
+    
+    # 尝试拉取验证
+    if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
+        green "✓ 远程镜像验证成功"
+        docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
+    else
+        red "✗ 远程镜像验证失败"
+        exit 1
+    fi
+}
+
+# 生成使用说明
+generate_usage() {
+    cat << EOF
+
+$(green "=== 镜像构建和推送完成 ===")
+$(blue "镜像名称:") ${FULL_IMAGE_NAME}
+$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
+
+$(yellow "使用方法:")
+1. 拉取镜像:
+   docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
+
+2. 运行测试:
+   docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} python3 --version
+
+3. 作为基础镜像使用:
+   FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
+
+$(green "镜像已成功推送到Harbor仓库!")
+EOF
+}
+
+# 主函数
+main() {
+    echo "$(blue '=== Debian 12 Python 3.9.13 基础镜像构建脚本 ===')"
+    echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
+    echo "$(blue "镜像名称: ${IMAGE_NAME}")"
+    echo "$(blue "版本标签: ${VERSION}")"
+    echo "----------------------------------------"
+    
+    # 执行步骤
+    check_requirements
+    login_to_harbor
+    build_image
+    show_image_info
+    test_image
+    push_to_harbor
+    cleanup_local
+    verify_remote_image
+    generate_usage
+    
+    green "✅ 所有步骤完成!"
+}
+
+# 异常处理
+trap 'red "脚本执行被中断"; exit 1' INT TERM
+
+# 执行主函数
+main "$@"
\ No newline at end of file