feat: 更新 Submodule 版本，支持单段纯数字分支生成标签

.dockerignore

@@ -0,0 +1,12 @@
+.git
+.gitignore
+.gitmodules
+
+./Makefile
+
+*.yml
+*.yaml
+
+./LICENSE
+./README.md
+./img

.gitignore

@@ -0,0 +1,26 @@
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+
+Icon\r\r
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk

.gitmodules

@@ -0,0 +1,3 @@
+[submodule ".ci/common"]
+	path = .ci/common
+	url = https://git.colovu.com/docker/common.git

.woodpecker.yml

@@ -0,0 +1,55 @@
+# 注意：
+#   1. git commit 信息中包含"[CI SKIP]"或"[SKIP CI]"则不触发工作流（注意大小写）
+#   2. 工作步骤中包含 volumes 挂载时，需在 Woodpecker 配置中添加 volumes 挂载信任（Trust）
+#   3. lables 配置项，可配置多个；如果存在，则必须完全符合 Runner 创建时设置的 Lables 配置项
+#   4. command 中，引用自定义变量不能使用`${VAR}`方式，需要使用`$VAR`方式；带花括号的变量，会在 Woodpecker 模板引擎解析阶段被替换（此时变量为空）
+#   5. 多架构编译后推送至 SWR 报错，或单架构编译后必须在推送时明确指定架构信息才能推送；可通过在编译命令中增加参数`--provenance=false --sbom=false`解决
+#   6. 使用 Git Submodule 管理通用脚本时，需手动更新 Submodule
+
+when:
+  # 匹配 main
+  - event: push
+    branch: main
+  # 匹配 master
+  - event: push
+    branch: master
+  # 匹配数字开头的分支，如 1.0, 2, 3.2.1
+  - event: push
+    branch: "[0-9]*"
+  # 匹配 v 开头的版本分支，如 v1, v2.0
+  - event: push
+    branch: "v[0-9]*"
+  # 匹配 tag 事件
+  - event: tag
+    ref: "refs/tags/(v?[0-9].*)"
+
+labels:
+  runtime: docker
+  arch: amd64
+  multiarch: "true"
+
+steps:
+  - name: 初始化子模块
+    image: alpine/git
+    commands:
+      - git submodule update --init --recursive
+
+  - name: 编译并推送镜像
+    image: docker:cli
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      SWR_REGISTRY: "swr.cn-north-4.myhuaweicloud.com"
+      DOCKER_CLI_EXPERIMENTAL: enabled
+      SWR_USERNAME:
+        from_secret: swr_colovu_user
+      SWR_PASSWORD:
+        from_secret: swr_colovu_passwd
+    commands:
+      - |
+        # 直接执行 Submodule .ci/common 下的构建推送脚本
+        if [ ! -f ".ci/common/build_push.sh" ]; then
+          echo "错误: 未找到 .ci/common/build_push.sh 脚本"
+          exit 1
+        fi
+      - sh ./.ci/common/build_push.sh

Dockerfile

@@ -0,0 +1,79 @@
+# Ver: 1.11 by Endial Fang (endial@126.com)
+#
+
+# 系统默认变量 ====================================================================
+# 该部分变量为系统根据编译命令默认设置
+# `TARGETPLATFORM`：构建后的目标平台信息。如 `linux/amd64`，`linux/arm/v7`，`windows/amd64`
+# `TARGETOS`：目标平台信息（TARGETPLATFORM）中的操作系统部分，如：`linux`、`windows`
+# `TARGETARCH`：目标平台信息（TARGETPLATFORM）中的平台架构部分，如：`amd64`、`arm`
+# `TARGETVARIANT`：目标平台信息（TARGETPLATFORM）中的版本变体部分，如：`v7`
+# `BUILDPLATFORM`：用于构建的节点平台信息
+# `BUILDOS`：用于构建的节点平台信息（BUILDPLATFORM）中的操作系统部分
+# `BUILDARCH`：用于构建的节点平台信息（BUILDPLATFORM）中的平台架构部分
+# `BUILDVARIANT`：用于构建的节点平台信息（BUILDPLATFORM）中的版本变体部分
+
+# 可变参数 ========================================================================
+# 该部分变量，在编译命令中通过 `--build-arg` 传入；如果未设置，则使用下面对应的默认值
+
+ARG APP_NAME=dBuilder
+ARG APP_VER=12
+ARG REGISTRY_URL="docker.io/"
+ARG APT_SOURCE=aliyun
+
+# 1. 生成镜像 =====================================================================
+FROM ${REGISTRY_URL}debian:${APP_VER}
+
+# 声明需要使用的全局可变参数（ARG声明的变量仅编译打包阶段有效）
+ARG APP_NAME
+ARG APP_VER
+ARG APT_SOURCE
+
+# 镜像元数据标签 - 符合OCI镜像规范
+LABEL org.opencontainers.image.title="${APP_NAME}" \
+      org.opencontainers.image.version="${APP_VER}" \
+      org.opencontainers.image.description="Docker image for Debian Builder." \
+      org.opencontainers.image.authors="Endial Fang <endial@126.com>" \
+      org.opencontainers.image.url="https://gitee.com/colovu/docker-${APP_NAME}" \
+      org.opencontainers.image.vendor="Endial Fang (colovu)" \
+      org.opencontainers.image.licenses="Apache-2.0" \
+      org.opencontainers.image.source="https://gitee.com/colovu/docker-${APP_NAME}" \
+      org.opencontainers.image.documentation="https://gitee.com/colovu/docker-${APP_NAME}/blob/main/README.md" \
+      maintainer="Endial Fang <endial@126.com>"
+
+# 拷贝源仓库配置文件
+COPY customer /
+
+# 拷贝默认的通用脚本文件
+COPY .ci/common/debian /
+
+# 以下命令安装的软件包
+# apt-transport-https apt-utils binutils binutils-common
+#  binutils-x86-64-linux-gnu build-essential bzip2 ca-certificates cmake
+#  cmake-data cpp cpp-8 curl dirmngr distro-info-data dpkg-dev g++ g++-8 gcc
+#  gcc-8 git git-man gnupg gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client
+#  gpg-wks-server gpgconf gpgsm iproute2 iputils-ping libapt-inst2.0
+#  libarchive13 libasan5 libassuan0 libatomic1 libbinutils libc-dev-bin
+#  libc6-dev libcap2 libcap2-bin libcc1-0 libcmocka-dev libcmocka0
+#  libcurl3-gnutls libcurl4 libdpkg-perl libelf1 liberror-perl libexpat1
+#  libgcc-8-dev libgdbm-compat4 libgdbm6 libglib2.0-0 libgomp1 libgssapi-krb5-2
+#  libicu63 libisl19 libitm1 libjsoncpp1 libk5crypto3 libkeyutils1 libkrb5-3
+#  libkrb5support0 libksba8 libldap-2.4-2 libldap-common liblsan0 libmnl0
+#  libmpc3 libmpdec2 libmpfr6 libmpx2 libncurses6 libnghttp2-14 libnpth0
+#  libpcre2-8-0 libperl5.28 libprocps7 libpsl5 libpython3-stdlib
+#  libpython3.7-minimal libpython3.7-stdlib libquadmath0 libreadline7 librhash0
+#  librtmp1 libsasl2-2 libsasl2-modules-db libsqlite3-0 libssh2-1 libssl-dev
+#  libssl3 libstdc++-8-dev libtsan0 libubsan1 libuv1 libxml2 libxtables12
+#  linux-libc-dev lsb-base lsb-release make mime-support nano net-tools openssl
+#  patch perl perl-modules-5.28 pinentry-curses pkg-config procps python3
+#  python3-minimal python3.7 python3.7-minimal readline-common sudo wget
+#  xz-utils
+RUN set -eux; \
+	select_source ${APT_SOURCE}; \
+	\
+	install_pkg sudo wget curl git ca-certificates iproute2 net-tools nano dpkg gnupg \
+	dirmngr apt-utils apt-transport-https lsb-release iputils-ping \
+	build-essential cmake libcmocka-dev pkg-config \
+	libssl3 libssl-dev \
+	libtool libltdl7 libltdl-dev;
+
+CMD []

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Endial Fang (endial@126.com)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,3 +1,96 @@
-# Builder
+# dBuilder
 
-停止维护 v11 版本.
+预安装常用工具及编译工具的镜像。
+
+该镜像为基于 Debian 系统的 Builder 环境，主要用于在使用多阶段方式制作镜像时，进行软件源代码的下载、编译等预处理操作。预安装软件包节省软件包下载及更新时间。
+
+
+**版本信息：**
+
+- 12（bookworm）
+
+**镜像信息：**
+
+* 镜像地址：
+  * 华为云: swr.cn-north-4.myhuaweicloud.com/colovu/dBuilder:latest
+  * Colovu: registry.colovu.com/library/dBuilder:latest
+  * 依赖镜像：registry.colovu.com/library/debian:12
+            swr.cn-north-4.myhuaweicloud.com/colovu/debian:12
+
+> 后续相关命令行默认使用华为云 SWR 镜像服务器做说明。
+
+## TL;DR
+
+Docker 快速启动命令：
+
+```shell
+# 从 Registry 服务器下载镜像并启动
+docker run -it swr.cn-north-4.myhuaweicloud.com/colovu/dbuilder:latest /bin/bash
+```
+
+## 数据卷
+
+镜像默认提供以下数据卷定义：
+
+```shell
+ /srv/data			# 工作目录
+ /srv/conf		    # 配置文件目录
+```
+
+## 使用方式
+
+使用`--from=0`方式：
+
+```dockerfile
+# 预编译阶段 ===============================
+FROM swr.cn-north-4.myhuaweicloud.com/colovu/dbuilder:latest
+
+WORKDIR /tmp
+
+# 相关下载/解压/编译操作
+
+# ... 省略
+
+# 镜像生成阶段 ==============================
+FROM scratch
+# 从编译阶段的中拷贝编译结果到当前镜像中(例如:编译的应用直接安装至/usr/local时)
+COPY --from=0 /usr/local/ /usr/local
+
+# ... 省略其它操作
+
+# 镜像命令
+CMD []
+```
+
+使用`--from=name`方式：
+
+```dockerfile
+# 预编译阶段。命名为`builder` ==================
+FROM swr.cn-north-4.myhuaweicloud.com/colovu/dbuilder:latest as builder
+
+WORKDIR /tmp
+
+# 相关下载/解压/编译操作
+
+# ... 省略
+
+# 镜像生成阶段 ==============================
+FROM scratch
+# 从编译阶段的中拷贝编译结果到当前镜像中(例如:编译的应用直接安装至/usr/local时)
+COPY --from=builder /usr/local/ /usr/local
+
+# ... 省略其它操作
+
+# 镜像命令
+CMD []
+```
+
+使用该方式的优势：
+
+- 因系统相关软件包已更新，工具已经预先安装，不需要在每次编译镜像时耗费大量时间在类似重复工作上
+- 不用安装、删除临时软件，放置生成多余的垃圾文件；预编译阶段的内容使用完即丢弃，不会对镜像大小产生影响
+- 没有相关的中间操作步骤,不会产生多余的镜像分层
+
+----
+
+本文原始来源 [Endial Fang](https://gitee.com/colovu) @ [Gitee.com](https://gitee.com)

build.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+# Ver: 3.0 by Endial Fang (endial@126.com)
+#
+# Docker 镜像构建脚本 - 主入口
+
+# 编译后镜像名称
+export IMAGE_NAME="debian-builder"
+# 依赖镜像的仓库地址(本镜像需要依赖原生 debian 镜像)
+export REGISTRY_URL="swr.cn-north-4.myhuaweicloud.com/img-sync/docker.io/"
+# 源仓库地址(本地编译时,使用阿里云源仓库)
+export APT_SOURCE="aliyun"
+# 针对无法直接下载到软件包，本地变异时，使用缓存的软件包
+export LOCAL_URL="http://pkgs.colovu.com/dist"
+
+# 引入本地构建脚本
+if [ -f ".ci/common/build_local.sh" ]; then
+    # 执行本地构建脚本并传递参数
+    exec ".ci/common/build_local.sh" "$@"
+else
+    echo "Error: .ci/common/build_local.sh script not found!"
+    exit 1
+fi

customer/etc/apt/sources/aliyun.sources

@@ -0,0 +1,13 @@
+Types: deb
+# http://snapshot.debian.org/archive/debian/20230703T000000Z
+URIs: http://mirrors.aliyun.com/debian
+Suites: bookworm bookworm-updates
+Components: main
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
+
+Types: deb
+# http://snapshot.debian.org/archive/debian-security/20230703T000000Z
+URIs: http://mirrors.aliyun.com/debian-security
+Suites: bookworm-security
+Components: main
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

customer/etc/apt/sources/default.sources

@@ -0,0 +1,13 @@
+Types: deb
+# http://snapshot.debian.org/archive/debian/20230703T000000Z
+URIs: http://deb.debian.org/debian
+Suites: bookworm bookworm-updates
+Components: main
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
+
+Types: deb
+# http://snapshot.debian.org/archive/debian-security/20230703T000000Z
+URIs: http://deb.debian.org/debian-security
+Suites: bookworm-security
+Components: main
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

customer/etc/apt/sources/ustc.sources

@@ -0,0 +1,13 @@
+Types: deb
+# http://snapshot.debian.org/archive/debian/20230703T000000Z
+URIs: http://mirrors.ustc.edu.cn/debian
+Suites: bookworm bookworm-updates
+Components: main
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
+
+Types: deb
+# http://snapshot.debian.org/archive/debian-security/20230703T000000Z
+URIs: http://mirrors.ustc.edu.cn/debian-security
+Suites: bookworm-security
+Components: main
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg