From 598be2a4d3589d215c6b51377fb6a85561364a9a Mon Sep 17 00:00:00 2001 From: 3for <287494524@qq.com> Date: Mon, 9 Mar 2026 17:53:44 +0800 Subject: [PATCH 1/4] fix(docker): fix Docker security vulnerabilities such as SA-002 --- build_trond.sh | 31 ++++++++- download_trond.sh | 56 ----------------- tools/docker/Dockerfile | 12 ++-- tools/docker/Dockerfile.arm64 | 8 ++- tools/docker/Dockerfile.nile | 12 ++-- tools/docker/Dockerfile.nile.arm64 | 8 ++- tools/docker/README.md | 4 +- .../docker/docker_env/check-install-docker.sh | 38 ++++++++++- tools/trond/cmd/docker/build.go | 12 +--- tools/trond/cmd/docker/gradle.go | 63 +++++++++++++++++++ tools/trond/cmd/docker/test.go | 12 +--- 11 files changed, 157 insertions(+), 99 deletions(-) delete mode 100755 download_trond.sh create mode 100644 tools/trond/cmd/docker/gradle.go diff --git a/build_trond.sh b/build_trond.sh index 6f8fae8e..183e3405 100755 --- a/build_trond.sh +++ b/build_trond.sh @@ -6,15 +6,30 @@ ARCH=$(uname -m) # Set Go version to 1.23.6 GO_VERSION="1.23.6" +GO_SHA256="" + +calculate_sha256() { + local file="$1" + if command -v sha256sum &> /dev/null; then + sha256sum "$file" | awk '{print $1}' + elif command -v shasum &> /dev/null; then + shasum -a 256 "$file" | awk '{print $1}' + else + echo "No SHA-256 checksum tool found (sha256sum or shasum)." + exit 1 + fi +} # Determine download URL and archive filename based on OS and ARCH if [[ "$OS" == "Linux" ]]; then if [[ "$ARCH" == "x86_64" ]]; then GO_ARCHIVE="go$GO_VERSION.linux-amd64.tar.gz" GO_URL="https://go.dev/dl/$GO_ARCHIVE" + GO_SHA256="9379441ea310de000f33a4dc767bd966e72ab2826270e038e78b2c53c2e7802d" elif [[ "$ARCH" == "arm64" || "$ARCH" == "aarch64" ]]; then GO_ARCHIVE="go$GO_VERSION.linux-arm64.tar.gz" GO_URL="https://go.dev/dl/$GO_ARCHIVE" + GO_SHA256="561c780e8f4a8955d32bf72e46af0b5ee5e0debe1e4633df9a03781878219202" else echo "Unsupported architecture: $ARCH" exit 1 @@ -23,9 +38,11 @@ elif [[ "$OS" == "Darwin" ]]; then if [[ "$ARCH" == "x86_64" ]]; then GO_ARCHIVE="go$GO_VERSION.darwin-amd64.tar.gz" GO_URL="https://go.dev/dl/$GO_ARCHIVE" + GO_SHA256="782da50ce8ec5e98fac2cd3cdc6a1d7130d093294fc310038f651444232a3fb0" elif [[ "$ARCH" == "arm64" ]]; then GO_ARCHIVE="go$GO_VERSION.darwin-arm64.tar.gz" GO_URL="https://go.dev/dl/$GO_ARCHIVE" + GO_SHA256="5cae2450a1708aeb0333237a155640d5562abaf195defebc4306054565536221" else echo "Unsupported architecture: $ARCH" exit 1 @@ -106,8 +123,20 @@ if [[ "$SYSTEM_GO" == false ]]; then echo "go/$GO_ARCHIVE already exists. Skipping download." else echo "Downloading Go from $GO_URL..." - curl -Lo "go/$GO_ARCHIVE" "$GO_URL" + curl -fL -o "go/$GO_ARCHIVE" "$GO_URL" + fi + + # Verify the downloaded archive checksum + echo "Verifying SHA-256 for go/$GO_ARCHIVE..." + ACTUAL_SHA256="$(calculate_sha256 "go/$GO_ARCHIVE")" + if [[ "$ACTUAL_SHA256" != "$GO_SHA256" ]]; then + echo "SHA-256 mismatch for go/$GO_ARCHIVE" + echo "Expected: $GO_SHA256" + echo "Actual: $ACTUAL_SHA256" + rm -f "go/$GO_ARCHIVE" + exit 1 fi + echo "SHA-256 verification passed." # Extract Golang to the go directory if [[ -d "go/bin" ]]; then diff --git a/download_trond.sh b/download_trond.sh deleted file mode 100755 index e5f15058..00000000 --- a/download_trond.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -set -euo pipefail - -# Configuration -REPO_OWNER="tronprotocol" -REPO_NAME="tron-docker" -RELEASE_TAG="v0.1.1" -CHECKSUM_FILE="checksums.txt" -RACKAGE_PREFIX="trond" - -# Determine the OS and architecture, then set the ASSET_NAME -OS=$(uname -s) -ARCH=$(uname -m) -case "$OS" in - Linux*) - case "$ARCH" in - x86_64) ASSET_NAME="${RACKAGE_PREFIX}_${RELEASE_TAG}_Linux_x86_64.tar.gz";; - arm64) ASSET_NAME="${RACKAGE_PREFIX}_${RELEASE_TAG}_Linux_arm64.tar.gz";; - *) echo "Unsupported architecture: $ARCH"; exit 1;; - esac - ;; - Darwin*) - case "$ARCH" in - x86_64) ASSET_NAME="${RACKAGE_PREFIX}_${RELEASE_TAG}_Darwin_x86_64.tar.gz";; - arm64) ASSET_NAME="${RACKAGE_PREFIX}_${RELEASE_TAG}_Darwin_arm64.tar.gz";; - *) echo "Unsupported architecture: $ARCH"; exit 1;; - esac - ;; - *) echo "Unsupported OS: $OS"; exit 1;; -esac - -# Download URLs -DOWNLOAD_URL="https://github.com/${REPO_OWNER}/${REPO_NAME}/releases/download/${RELEASE_TAG}/${ASSET_NAME}" -CHECKSUM_URL="https://github.com/${REPO_OWNER}/${REPO_NAME}/releases/download/${RELEASE_TAG}/${CHECKSUM_FILE}" - -# Download files -echo "Downloading ${ASSET_NAME}..." -echo ${DOWNLOAD_URL} -curl -L -O "${DOWNLOAD_URL}" --fail --progress-bar - -echo "Downloading checksum file..." -echo ${DOWNLOAD_URL} -curl -L -O "${CHECKSUM_URL}" --fail --progress-bar - -# Verify checksum -echo "Verifying checksum..." -if ! sha256sum --check --ignore-missing "${CHECKSUM_FILE}"; then - echo "Checksum validation failed!" - exit 1 -fi - -echo "✅ Success! ${ASSET_NAME} is valid." - -tar -xvzf ${ASSET_NAME} - -echo "Download completed successfully." diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile index 9cc5f947..57d9d380 100644 --- a/tools/docker/Dockerfile +++ b/tools/docker/Dockerfile @@ -1,18 +1,20 @@ -FROM ubuntu:24.04 +FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 ARG VERSION="dev" ENV NO_PROXY_CACHE="-o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0" ENV TMP_DIR="/tron-build" ENV JDK_TAR="jdk-8u202-linux-x64.tar.gz" ENV JDK_DIR="jdk1.8.0_202" -ENV JDK_MD5="0029351f7a946f6c05b582100c7d45b7" +ENV JDK_SHA256="9a5c32411a6a06e22b69c495b7975034409fa1652d03aeb8eb5b6f59fd4594e0" ENV BASE_DIR="/java-tron" +ENV TRON_DEPLOYMENT_COMMIT="c615658921c3a00d81a5ff7c68ef239a8b9e5172" +ENV MAIN_NET_CONFIG_SHA256="1b00084ab1f8c965fdaa22981ac73b458e0c2e86c240454b70321af4b07a2740" # Update and install dependencies without using any cache RUN apt-get update $NO_PROXY_CACHE && \ apt-get --quiet --yes install git wget 7zip curl jq libtcmalloc-minimal4 && \ wget -P /usr/local https://github.com/frekele/oracle-java/releases/download/8u202-b08/$JDK_TAR \ - && echo "$JDK_MD5 /usr/local/$JDK_TAR" | md5sum -c \ + && echo "$JDK_SHA256 /usr/local/$JDK_TAR" | sha256sum -c \ && tar -zxf /usr/local/$JDK_TAR -C /usr/local\ && rm /usr/local/$JDK_TAR \ && export JAVA_HOME=/usr/local/$JDK_DIR \ @@ -32,8 +34,8 @@ RUN apt-get update $NO_PROXY_CACHE && \ && rm -rf ~/.gradle \ && mv /usr/local/$JDK_DIR/jre /usr/local \ && rm -rf /usr/local/$JDK_DIR \ - && wget -P $BASE_DIR/config https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/main_net_config.conf \ - && mv $BASE_DIR/config/main_net_config.conf $BASE_DIR/config.conf \ + && wget -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/$TRON_DEPLOYMENT_COMMIT/main_net_config.conf \ + && echo "$MAIN_NET_CONFIG_SHA256 $BASE_DIR/config.conf" | sha256sum -c \ # Clean apt cache && apt-get clean \ && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* \ diff --git a/tools/docker/Dockerfile.arm64 b/tools/docker/Dockerfile.arm64 index 5ae9aee4..04190a71 100644 --- a/tools/docker/Dockerfile.arm64 +++ b/tools/docker/Dockerfile.arm64 @@ -1,9 +1,11 @@ -FROM ubuntu:24.04 +FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 ARG VERSION="dev" ENV NO_PROXY_CACHE="-o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0" ENV TMP_DIR="/tron-build" ENV BASE_DIR="/java-tron" +ENV TRON_DEPLOYMENT_COMMIT="c615658921c3a00d81a5ff7c68ef239a8b9e5172" +ENV MAIN_NET_CONFIG_SHA256="1b00084ab1f8c965fdaa22981ac73b458e0c2e86c240454b70321af4b07a2740" # Update and install dependencies without using any cache RUN apt-get update $NO_PROXY_CACHE \ @@ -20,8 +22,8 @@ RUN apt-get update $NO_PROXY_CACHE \ && mv java-tron-1.0.0 $BASE_DIR \ && rm -rf $TMP_DIR \ && rm -rf ~/.gradle \ - && wget -4 -P $BASE_DIR/config https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/main_net_config.conf \ - && mv $BASE_DIR/config/main_net_config.conf $BASE_DIR/config.conf \ + && wget -4 -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/$TRON_DEPLOYMENT_COMMIT/main_net_config.conf \ + && echo "$MAIN_NET_CONFIG_SHA256 $BASE_DIR/config.conf" | sha256sum -c \ # Clean apt cache && apt-get clean \ && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* \ diff --git a/tools/docker/Dockerfile.nile b/tools/docker/Dockerfile.nile index d3512283..d59c87a3 100644 --- a/tools/docker/Dockerfile.nile +++ b/tools/docker/Dockerfile.nile @@ -1,18 +1,20 @@ -FROM ubuntu:24.04 +FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 ARG VERSION="dev" ENV NO_PROXY_CACHE="-o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0" ENV TMP_DIR="/tron-build" ENV JDK_TAR="jdk-8u202-linux-x64.tar.gz" ENV JDK_DIR="jdk1.8.0_202" -ENV JDK_MD5="0029351f7a946f6c05b582100c7d45b7" +ENV JDK_SHA256="9a5c32411a6a06e22b69c495b7975034409fa1652d03aeb8eb5b6f59fd4594e0" ENV BASE_DIR="/java-tron" +ENV TRON_DEPLOYMENT_COMMIT="c615658921c3a00d81a5ff7c68ef239a8b9e5172" +ENV TEST_NET_CONFIG_SHA256="081931d4de63b7bc29045b2f8fd7df98b2c498f5abfecb9b04fca589737f3949" # Update and install dependencies without using any cache RUN apt-get update $NO_PROXY_CACHE && \ apt-get --quiet --yes install git wget 7zip curl jq libtcmalloc-minimal4 && \ wget -P /usr/local https://github.com/frekele/oracle-java/releases/download/8u202-b08/$JDK_TAR \ - && echo "$JDK_MD5 /usr/local/$JDK_TAR" | md5sum -c \ + && echo "$JDK_SHA256 /usr/local/$JDK_TAR" | sha256sum -c \ && tar -zxf /usr/local/$JDK_TAR -C /usr/local\ && rm /usr/local/$JDK_TAR \ && export JAVA_HOME=/usr/local/$JDK_DIR \ @@ -32,8 +34,8 @@ RUN apt-get update $NO_PROXY_CACHE && \ && rm -rf ~/.gradle \ && mv /usr/local/$JDK_DIR/jre /usr/local \ && rm -rf /usr/local/$JDK_DIR \ - && wget -P $BASE_DIR/config https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/test_net_config.conf \ - && mv $BASE_DIR/config/test_net_config.conf $BASE_DIR/config.conf \ + && wget -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/$TRON_DEPLOYMENT_COMMIT/test_net_config.conf \ + && echo "$TEST_NET_CONFIG_SHA256 $BASE_DIR/config.conf" | sha256sum -c \ # Clean apt cache && apt-get clean \ && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* \ diff --git a/tools/docker/Dockerfile.nile.arm64 b/tools/docker/Dockerfile.nile.arm64 index e807a97a..275fc3e2 100644 --- a/tools/docker/Dockerfile.nile.arm64 +++ b/tools/docker/Dockerfile.nile.arm64 @@ -1,9 +1,11 @@ -FROM ubuntu:24.04 +FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 ARG VERSION="dev" ENV NO_PROXY_CACHE="-o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0" ENV TMP_DIR="/tron-build" ENV BASE_DIR="/java-tron" +ENV TRON_DEPLOYMENT_COMMIT="c615658921c3a00d81a5ff7c68ef239a8b9e5172" +ENV TEST_NET_CONFIG_SHA256="081931d4de63b7bc29045b2f8fd7df98b2c498f5abfecb9b04fca589737f3949" # Update and install dependencies without using any cache RUN apt-get update $NO_PROXY_CACHE \ @@ -20,8 +22,8 @@ RUN apt-get update $NO_PROXY_CACHE \ && mv java-tron-1.0.0 $BASE_DIR \ && rm -rf $TMP_DIR \ && rm -rf ~/.gradle \ - && wget -4 -P $BASE_DIR/config https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/test_net_config.conf \ - && mv $BASE_DIR/config/test_net_config.conf $BASE_DIR/config.conf \ + && wget -4 -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/$TRON_DEPLOYMENT_COMMIT/test_net_config.conf \ + && echo "$TEST_NET_CONFIG_SHA256 $BASE_DIR/config.conf" | sha256sum -c \ # Clean apt cache && apt-get clean \ && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* \ diff --git a/tools/docker/README.md b/tools/docker/README.md index 16319b4d..06a7048b 100644 --- a/tools/docker/README.md +++ b/tools/docker/README.md @@ -86,14 +86,14 @@ Building for default linux/amd64 platform #3 transferring context: 2B done #3 DONE 0.0s -#4 [1/5] FROM docker.io/library/ubuntu:24.04@sha256:80dd3c3b9c6cecb9f1667e9290b3bc61b78c2678c02cbdae5f0fea92cc6734ab +#4 [1/5] FROM docker.io/library/ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 #4 DONE 0.0s #5 [internal] load build context #5 transferring context: 160B done #5 DONE 0.0s -#6 [2/5] RUN apt-get update -o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0 && apt-get --quiet --yes install git wget 7zip curl jq && wget -P /usr/local https://github.com/frekele/oracle-java/releases/download/8u202-b08/jdk-8u202-linux-x64.tar.gz && echo "0029351f7a946f6c05b582100c7d45b7 /usr/local/jdk-8u202-linux-x64.tar.gz" | md5sum -c && tar -zxf /usr/local/jdk-8u202-linux-x64.tar.gz -C /usr/local && rm /usr/local/jdk-8u202-linux-x64.tar.gz && export JAVA_HOME=/usr/local/jdk1.8.0_202 && export CLASSPATH=$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar && export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$JAVA_HOME/bin && echo "git clone" && mkdir -p /tron-build && cd /tron-build && git clone https://github.com/tronprotocol/java-tron.git && cd java-tron && git checkout master && ./gradlew build -x test && cd build/distributions && 7z x -y java-tron-1.0.0.zip && mv java-tron-1.0.0 /java-tron && rm -rf /tron-build && rm -rf ~/.gradle && mv /usr/local/jdk1.8.0_202/jre /usr/local && rm -rf /usr/local/jdk1.8.0_202 apt-get clean && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* && rm -rf /var/lib/apt/lists/* +#6 [2/5] RUN apt-get update -o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0 && apt-get --quiet --yes install git wget 7zip curl jq && wget -P /usr/local https://github.com/frekele/oracle-java/releases/download/8u202-b08/jdk-8u202-linux-x64.tar.gz && echo "9a5c32411a6a06e22b69c495b7975034409fa1652d03aeb8eb5b6f59fd4594e0 /usr/local/jdk-8u202-linux-x64.tar.gz" | md5sum -c && tar -zxf /usr/local/jdk-8u202-linux-x64.tar.gz -C /usr/local && rm /usr/local/jdk-8u202-linux-x64.tar.gz && export JAVA_HOME=/usr/local/jdk1.8.0_202 && export CLASSPATH=$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar && export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$JAVA_HOME/bin && echo "git clone" && mkdir -p /tron-build && cd /tron-build && git clone https://github.com/tronprotocol/java-tron.git && cd java-tron && git checkout master && ./gradlew build -x test && cd build/distributions && 7z x -y java-tron-1.0.0.zip && mv java-tron-1.0.0 /java-tron && rm -rf /tron-build && rm -rf ~/.gradle && mv /usr/local/jdk1.8.0_202/jre /usr/local && rm -rf /usr/local/jdk1.8.0_202 apt-get clean && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* && rm -rf /var/lib/apt/lists/* #6 CACHED #7 [3/5] RUN wget -P /java-tron/config https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/main_net_config.conf diff --git a/tools/docker/docker_env/check-install-docker.sh b/tools/docker/docker_env/check-install-docker.sh index 9352aa3f..376f3fda 100755 --- a/tools/docker/docker_env/check-install-docker.sh +++ b/tools/docker/docker_env/check-install-docker.sh @@ -31,8 +31,42 @@ check_docker_compose() { exit 1 elif [[ "$OSTYPE" == "linux-gnu"* ]]; then # Linux - sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose - sudo chmod +x /usr/local/bin/docker-compose + compose_os="$(uname -s | tr '[:upper:]' '[:lower:]')" + compose_arch="$(uname -m)" + compose_binary="docker-compose-${compose_os}-${compose_arch}" + compose_version="$(curl -fsSLI https://github.com/docker/compose/releases/latest \ + | awk -F'/' '/^location:/ {gsub(/\r/,"",$NF); print $NF}')" + + if [[ -z "$compose_version" ]]; then + echo "Failed to determine latest Docker Compose version" + exit 1 + fi + + tmp_dir="$(mktemp -d)" + compose_url="https://github.com/docker/compose/releases/download/${compose_version}/${compose_binary}" + checksums_url="https://github.com/docker/compose/releases/download/${compose_version}/checksums.txt" + + if ! curl -fsSL "$compose_url" -o "${tmp_dir}/${compose_binary}"; then + rm -rf "$tmp_dir" + echo "Failed to download Docker Compose binary: ${compose_url}" + exit 1 + fi + + if ! curl -fsSL "$checksums_url" -o "${tmp_dir}/checksums.txt"; then + rm -rf "$tmp_dir" + echo "Failed to download Docker Compose checksums: ${checksums_url}" + exit 1 + fi + + if ! grep -E "[[:space:]]\\*${compose_binary}$" "${tmp_dir}/checksums.txt" \ + | (cd "$tmp_dir" && sha256sum -c -); then + rm -rf "$tmp_dir" + echo "Docker Compose checksum verification failed" + exit 1 + fi + + sudo install -m 0755 "${tmp_dir}/${compose_binary}" /usr/local/bin/docker-compose + rm -rf "$tmp_dir" fi fi } diff --git a/tools/trond/cmd/docker/build.go b/tools/trond/cmd/docker/build.go index 3605e877..92cc2e73 100644 --- a/tools/trond/cmd/docker/build.go +++ b/tools/trond/cmd/docker/build.go @@ -2,11 +2,9 @@ package docker import ( "fmt" - "strings" "github.com/MakeNowJust/heredoc/v2" "github.com/spf13/cobra" - "github.com/tronprotocol/tron-docker/utils" ) // buildCmd represents the snapshot source command @@ -59,15 +57,7 @@ var buildCmd = &cobra.Command{ fmt.Println("The default result will be: tronprotocol/java-tron:latest") fmt.Println("Start building...") - cmd1 := fmt.Sprintf("./gradlew --no-daemon sourceDocker -PdockerOrgName=%s -PdockerArtifactName=%s -Prelease.releaseVersion=%s", org, artifact, version) - if len(network) > 0 { - cmd1 = fmt.Sprintf("./gradlew --no-daemon sourceDocker -PdockerOrgName=%s -PdockerArtifactName=%s -Prelease.releaseVersion=%s -Pnetwork=%s", org, artifact, version, network) - } - if len(platform) > 0 { - cmd1 = fmt.Sprintf("%s -Pplatform=%s", cmd1, platform) - } - cmds := []string{cmd1} - if err := utils.RunMultipleCommands(strings.Join(cmds, " && "), "./tools/gradlew"); err != nil { + if err := runGradleDockerTask("sourceDocker", org, artifact, version, network, platform); err != nil { fmt.Println("Error: ", err) return } diff --git a/tools/trond/cmd/docker/gradle.go b/tools/trond/cmd/docker/gradle.go new file mode 100644 index 00000000..5c21dba0 --- /dev/null +++ b/tools/trond/cmd/docker/gradle.go @@ -0,0 +1,63 @@ +package docker + +import ( + "fmt" + "os" + "os/exec" + "regexp" +) + +var ( + dockerNamePattern = regexp.MustCompile(`^[a-z0-9]+(?:[._-][a-z0-9]+)*$`) + versionTagPattern = regexp.MustCompile(`^[A-Za-z0-9_][A-Za-z0-9_.-]{0,127}$`) +) + +func validateDockerGradleFlags(org, artifact, version, network, platform string) error { + if !dockerNamePattern.MatchString(org) { + return fmt.Errorf("invalid org %q: only lowercase letters, digits, '.', '_' and '-' are allowed", org) + } + if !dockerNamePattern.MatchString(artifact) { + return fmt.Errorf("invalid artifact %q: only lowercase letters, digits, '.', '_' and '-' are allowed", artifact) + } + if !versionTagPattern.MatchString(version) { + return fmt.Errorf("invalid version %q: must match Docker tag format", version) + } + if network != "mainnet" && network != "nile" && network != "" { + return fmt.Errorf("invalid network %q: allowed values are mainnet or nile", network) + } + if platform != "linux/amd64" && platform != "linux/arm64" && platform != "" { + return fmt.Errorf("invalid platform %q: allowed values are linux/amd64 or linux/arm64", platform) + } + return nil +} + +func runGradleDockerTask(task, org, artifact, version, network, platform string) error { + if err := validateDockerGradleFlags(org, artifact, version, network, platform); err != nil { + return err + } + + args := []string{ + "--no-daemon", + task, + fmt.Sprintf("-PdockerOrgName=%s", org), + fmt.Sprintf("-PdockerArtifactName=%s", artifact), + fmt.Sprintf("-Prelease.releaseVersion=%s", version), + } + + if network != "" { + args = append(args, fmt.Sprintf("-Pnetwork=%s", network)) + } + if platform != "" { + args = append(args, fmt.Sprintf("-Pplatform=%s", platform)) + } + + cmd := exec.Command("./gradlew", args...) + cmd.Dir = "./tools/gradlew" + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + + if err := cmd.Run(); err != nil { + return fmt.Errorf("gradle task %s failed: %w", task, err) + } + return nil +} diff --git a/tools/trond/cmd/docker/test.go b/tools/trond/cmd/docker/test.go index 3d4efd88..56b1b1e5 100644 --- a/tools/trond/cmd/docker/test.go +++ b/tools/trond/cmd/docker/test.go @@ -2,11 +2,9 @@ package docker import ( "fmt" - "strings" "github.com/MakeNowJust/heredoc/v2" "github.com/spf13/cobra" - "github.com/tronprotocol/tron-docker/utils" ) // testCmd represents the snapshot source command @@ -54,15 +52,7 @@ var testCmd = &cobra.Command{ fmt.Println("The default result will be: tronprotocol/java-tron:latest") fmt.Println("Start testing...") - cmd1 := fmt.Sprintf("./gradlew --no-daemon testDocker -PdockerOrgName=%s -PdockerArtifactName=%s -Prelease.releaseVersion=%s", org, artifact, version) - if len(network) > 0 { - cmd1 = fmt.Sprintf("./gradlew --no-daemon testDocker -PdockerOrgName=%s -PdockerArtifactName=%s -Prelease.releaseVersion=%s -Pnetwork=%s", org, artifact, version, network) - } - if len(platform) > 0 { - cmd1 = fmt.Sprintf("%s -Pplatform=%s", cmd1, platform) - } - cmds := []string{cmd1} - if err := utils.RunMultipleCommands(strings.Join(cmds, " && "), "./tools/gradlew"); err != nil { + if err := runGradleDockerTask("testDocker", org, artifact, version, network, platform); err != nil { fmt.Println("Error: ", err) } }, From 3dd8abfcdfcbf7a4a5caeddb04ec20acffb20009 Mon Sep 17 00:00:00 2001 From: 3for <287494524@qq.com> Date: Mon, 9 Mar 2026 18:00:30 +0800 Subject: [PATCH 2/4] fix(doc): fix mismatch --- tools/docker/README.md | 2 +- tools/trond/docs/trond.md | 1 + tools/trond/docs/trond_docker.md | 1 + tools/trond/docs/trond_docker_build.md | 1 + tools/trond/docs/trond_docker_install-docker.md | 1 + tools/trond/docs/trond_docker_test.md | 1 + tools/trond/docs/trond_gen-docs.md | 1 + tools/trond/docs/trond_node.md | 1 + tools/trond/docs/trond_node_env-multi.md | 1 + tools/trond/docs/trond_node_env.md | 1 + tools/trond/docs/trond_node_run-multi.md | 1 + tools/trond/docs/trond_node_run-multi_stop.md | 1 + tools/trond/docs/trond_node_run-single.md | 3 ++- tools/trond/docs/trond_node_run-single_stop.md | 1 + tools/trond/docs/trond_snapshot.md | 1 + tools/trond/docs/trond_snapshot_download.md | 1 + tools/trond/docs/trond_snapshot_download_default-main.md | 1 + tools/trond/docs/trond_snapshot_download_default-nile.md | 1 + tools/trond/docs/trond_snapshot_list.md | 1 + tools/trond/docs/trond_snapshot_source.md | 1 + 20 files changed, 21 insertions(+), 2 deletions(-) diff --git a/tools/docker/README.md b/tools/docker/README.md index 06a7048b..0ad08e57 100644 --- a/tools/docker/README.md +++ b/tools/docker/README.md @@ -93,7 +93,7 @@ Building for default linux/amd64 platform #5 transferring context: 160B done #5 DONE 0.0s -#6 [2/5] RUN apt-get update -o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0 && apt-get --quiet --yes install git wget 7zip curl jq && wget -P /usr/local https://github.com/frekele/oracle-java/releases/download/8u202-b08/jdk-8u202-linux-x64.tar.gz && echo "9a5c32411a6a06e22b69c495b7975034409fa1652d03aeb8eb5b6f59fd4594e0 /usr/local/jdk-8u202-linux-x64.tar.gz" | md5sum -c && tar -zxf /usr/local/jdk-8u202-linux-x64.tar.gz -C /usr/local && rm /usr/local/jdk-8u202-linux-x64.tar.gz && export JAVA_HOME=/usr/local/jdk1.8.0_202 && export CLASSPATH=$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar && export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$JAVA_HOME/bin && echo "git clone" && mkdir -p /tron-build && cd /tron-build && git clone https://github.com/tronprotocol/java-tron.git && cd java-tron && git checkout master && ./gradlew build -x test && cd build/distributions && 7z x -y java-tron-1.0.0.zip && mv java-tron-1.0.0 /java-tron && rm -rf /tron-build && rm -rf ~/.gradle && mv /usr/local/jdk1.8.0_202/jre /usr/local && rm -rf /usr/local/jdk1.8.0_202 apt-get clean && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* && rm -rf /var/lib/apt/lists/* +#6 [2/5] RUN apt-get update -o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0 && apt-get --quiet --yes install git wget 7zip curl jq && wget -P /usr/local https://github.com/frekele/oracle-java/releases/download/8u202-b08/jdk-8u202-linux-x64.tar.gz && echo "9a5c32411a6a06e22b69c495b7975034409fa1652d03aeb8eb5b6f59fd4594e0 /usr/local/jdk-8u202-linux-x64.tar.gz" | sha256sum -c && tar -zxf /usr/local/jdk-8u202-linux-x64.tar.gz -C /usr/local && rm /usr/local/jdk-8u202-linux-x64.tar.gz && export JAVA_HOME=/usr/local/jdk1.8.0_202 && export CLASSPATH=$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar && export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$JAVA_HOME/bin && echo "git clone" && mkdir -p /tron-build && cd /tron-build && git clone https://github.com/tronprotocol/java-tron.git && cd java-tron && git checkout master && ./gradlew build -x test && cd build/distributions && 7z x -y java-tron-1.0.0.zip && mv java-tron-1.0.0 /java-tron && rm -rf /tron-build && rm -rf ~/.gradle && mv /usr/local/jdk1.8.0_202/jre /usr/local && rm -rf /usr/local/jdk1.8.0_202 apt-get clean && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* && rm -rf /var/lib/apt/lists/* #6 CACHED #7 [3/5] RUN wget -P /java-tron/config https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/main_net_config.conf diff --git a/tools/trond/docs/trond.md b/tools/trond/docs/trond.md index a4ec3900..7526922b 100644 --- a/tools/trond/docs/trond.md +++ b/tools/trond/docs/trond.md @@ -33,3 +33,4 @@ $ ./trond node * [trond gen-docs](trond_gen-docs.md) - Generate markdown documentation for the CLI. * [trond node](trond_node.md) - Commands for operating java-tron docker node. * [trond snapshot](trond_snapshot.md) - Commands for getting java-tron node snapshots. + diff --git a/tools/trond/docs/trond_docker.md b/tools/trond/docs/trond_docker.md index d0082ce0..9c2e09fc 100644 --- a/tools/trond/docs/trond_docker.md +++ b/tools/trond/docs/trond_docker.md @@ -56,3 +56,4 @@ $ ./trond docker test -o tronnile -a java-tron -v latest -n nile * [trond docker build](trond_docker_build.md) - Build java-tron docker image. * [trond docker install-docker](trond_docker_install-docker.md) - Check and install docker and docker-compose (for Linux and Mac) * [trond docker test](trond_docker_test.md) - Test java-tron docker image. + diff --git a/tools/trond/docs/trond_docker_build.md b/tools/trond/docs/trond_docker_build.md index d85303c4..db509c44 100644 --- a/tools/trond/docs/trond_docker_build.md +++ b/tools/trond/docs/trond_docker_build.md @@ -53,3 +53,4 @@ $ ./trond docker build -o tronnile -a java-tron -v latest -n nile -p linux/arm64 ### SEE ALSO * [trond docker](trond_docker.md) - Commands for operating java-tron docker image. + diff --git a/tools/trond/docs/trond_docker_install-docker.md b/tools/trond/docs/trond_docker_install-docker.md index 1709a3e3..e32f5c67 100644 --- a/tools/trond/docs/trond_docker_install-docker.md +++ b/tools/trond/docs/trond_docker_install-docker.md @@ -30,3 +30,4 @@ $ ./trond docker install-docker ### SEE ALSO * [trond docker](trond_docker.md) - Commands for operating java-tron docker image. + diff --git a/tools/trond/docs/trond_docker_test.md b/tools/trond/docs/trond_docker_test.md index a88289a9..00db6ad7 100644 --- a/tools/trond/docs/trond_docker_test.md +++ b/tools/trond/docs/trond_docker_test.md @@ -49,3 +49,4 @@ $ ./trond docker test -o tronnile -a java-tron -v latest -n nile -p linux/arm64 ### SEE ALSO * [trond docker](trond_docker.md) - Commands for operating java-tron docker image. + diff --git a/tools/trond/docs/trond_gen-docs.md b/tools/trond/docs/trond_gen-docs.md index e87d9b25..e9a5582e 100644 --- a/tools/trond/docs/trond_gen-docs.md +++ b/tools/trond/docs/trond_gen-docs.md @@ -30,3 +30,4 @@ $ ./trond gen-docs ### SEE ALSO * [trond](trond.md) - Docker automation for TRON nodes + diff --git a/tools/trond/docs/trond_node.md b/tools/trond/docs/trond_node.md index a6e13280..bba02161 100644 --- a/tools/trond/docs/trond_node.md +++ b/tools/trond/docs/trond_node.md @@ -79,3 +79,4 @@ $ ./trond node run-single stop -t full-main -f ./docker-compose.fullnode.main.ym * [trond node env-multi](trond_node_env-multi.md) - Check and configure node environment across multiple nodes. * [trond node run-multi](trond_node_run-multi.md) - Run multi remote java-tron nodes according to the layout configuration file. * [trond node run-single](trond_node_run-single.md) - Run single java-tron node for different networks. + diff --git a/tools/trond/docs/trond_node_env-multi.md b/tools/trond/docs/trond_node_env-multi.md index 750c7fcd..b5d8ff53 100644 --- a/tools/trond/docs/trond_node_env-multi.md +++ b/tools/trond/docs/trond_node_env-multi.md @@ -77,3 +77,4 @@ $ scp -P 2222 local_file.txt remote_user@192.168.1.100:/home/user/ ### SEE ALSO * [trond node](trond_node.md) - Commands for operating java-tron docker node. + diff --git a/tools/trond/docs/trond_node_env.md b/tools/trond/docs/trond_node_env.md index 03cdee4f..9049c9b8 100644 --- a/tools/trond/docs/trond_node_env.md +++ b/tools/trond/docs/trond_node_env.md @@ -44,3 +44,4 @@ $ ./trond node env ### SEE ALSO * [trond node](trond_node.md) - Commands for operating java-tron docker node. + diff --git a/tools/trond/docs/trond_node_run-multi.md b/tools/trond/docs/trond_node_run-multi.md index 5c28316a..843eacb8 100644 --- a/tools/trond/docs/trond_node_run-multi.md +++ b/tools/trond/docs/trond_node_run-multi.md @@ -72,3 +72,4 @@ $ ./trond node run-multi * [trond node](trond_node.md) - Commands for operating java-tron docker node. * [trond node run-multi stop](trond_node_run-multi_stop.md) - Stop multi java-tron node for different networks. + diff --git a/tools/trond/docs/trond_node_run-multi_stop.md b/tools/trond/docs/trond_node_run-multi_stop.md index 340a410d..7cd40634 100644 --- a/tools/trond/docs/trond_node_run-multi_stop.md +++ b/tools/trond/docs/trond_node_run-multi_stop.md @@ -61,3 +61,4 @@ $ ./trond node run-multi stop ### SEE ALSO * [trond node run-multi](trond_node_run-multi.md) - Run multi remote java-tron nodes according to the layout configuration file. + diff --git a/tools/trond/docs/trond_node_run-single.md b/tools/trond/docs/trond_node_run-single.md index 307b7114..38979ee6 100644 --- a/tools/trond/docs/trond_node_run-single.md +++ b/tools/trond/docs/trond_node_run-single.md @@ -23,7 +23,7 @@ The following directory will be created after you start any type of java-tron fu - Log directory: ./logs/$type - Database directory: ./output-directory/$type - + ``` trond node run-single [flags] @@ -66,3 +66,4 @@ $./trond node run-single -t full-main -f ./docker-compose.fullnode.main.yml * [trond node](trond_node.md) - Commands for operating java-tron docker node. * [trond node run-single stop](trond_node_run-single_stop.md) - Stop single java-tron node for different networks. + diff --git a/tools/trond/docs/trond_node_run-single_stop.md b/tools/trond/docs/trond_node_run-single_stop.md index fcdafb21..3536eb0b 100644 --- a/tools/trond/docs/trond_node_run-single_stop.md +++ b/tools/trond/docs/trond_node_run-single_stop.md @@ -50,3 +50,4 @@ $ ./trond node run-single stop -t full-main -f ./docker-compose.fullnode.main.ym ### SEE ALSO * [trond node run-single](trond_node_run-single.md) - Run single java-tron node for different networks. + diff --git a/tools/trond/docs/trond_snapshot.md b/tools/trond/docs/trond_snapshot.md index def76953..515e1031 100644 --- a/tools/trond/docs/trond_snapshot.md +++ b/tools/trond/docs/trond_snapshot.md @@ -45,3 +45,4 @@ $ nohup ./trond snapshot download default-nile & * [trond snapshot download](trond_snapshot_download.md) - Download target backup snapshot to current directory * [trond snapshot list](trond_snapshot_list.md) - List available snapshots of target source. * [trond snapshot source](trond_snapshot_source.md) - Show available snapshot source. + diff --git a/tools/trond/docs/trond_snapshot_download.md b/tools/trond/docs/trond_snapshot_download.md index 4dde6842..e7401a13 100644 --- a/tools/trond/docs/trond_snapshot_download.md +++ b/tools/trond/docs/trond_snapshot_download.md @@ -39,3 +39,4 @@ $ nohup ./trond snapshot download -d 34.143.247.77 -b backup20250205 -t lite & * [trond snapshot](trond_snapshot.md) - Commands for getting java-tron node snapshots. * [trond snapshot download default-main](trond_snapshot_download_default-main.md) - Download latest mainnet lite fullnode snapshot from default source to current directory * [trond snapshot download default-nile](trond_snapshot_download_default-nile.md) - Download latest nile testnet lite fullnode snapshot from default source to local current directory + diff --git a/tools/trond/docs/trond_snapshot_download_default-main.md b/tools/trond/docs/trond_snapshot_download_default-main.md index 82feef85..f0885b26 100644 --- a/tools/trond/docs/trond_snapshot_download_default-main.md +++ b/tools/trond/docs/trond_snapshot_download_default-main.md @@ -29,3 +29,4 @@ $ nohup ./trond snapshot download default-main & ### SEE ALSO * [trond snapshot download](trond_snapshot_download.md) - Download target backup snapshot to current directory + diff --git a/tools/trond/docs/trond_snapshot_download_default-nile.md b/tools/trond/docs/trond_snapshot_download_default-nile.md index d7965712..cee768ee 100644 --- a/tools/trond/docs/trond_snapshot_download_default-nile.md +++ b/tools/trond/docs/trond_snapshot_download_default-nile.md @@ -29,3 +29,4 @@ $ nohup ./trond snapshot download default-nile & ### SEE ALSO * [trond snapshot download](trond_snapshot_download.md) - Download target backup snapshot to current directory + diff --git a/tools/trond/docs/trond_snapshot_list.md b/tools/trond/docs/trond_snapshot_list.md index e7e5da1b..e9a35fed 100644 --- a/tools/trond/docs/trond_snapshot_list.md +++ b/tools/trond/docs/trond_snapshot_list.md @@ -31,3 +31,4 @@ $ ./trond snapshot list -d 34.143.247.77 ### SEE ALSO * [trond snapshot](trond_snapshot.md) - Commands for getting java-tron node snapshots. + diff --git a/tools/trond/docs/trond_snapshot_source.md b/tools/trond/docs/trond_snapshot_source.md index 8ee81fd8..48326952 100644 --- a/tools/trond/docs/trond_snapshot_source.md +++ b/tools/trond/docs/trond_snapshot_source.md @@ -28,3 +28,4 @@ $ ./trond snapshot source ### SEE ALSO * [trond snapshot](trond_snapshot.md) - Commands for getting java-tron node snapshots. + From a59d9d614e599681e8cb9e692296c275fc1012f9 Mon Sep 17 00:00:00 2001 From: 3for <287494524@qq.com> Date: Tue, 10 Mar 2026 10:45:20 +0800 Subject: [PATCH 3/4] fix(doc): add auto-generated trond docs --- tools/trond/docs/trond.md | 1 - tools/trond/docs/trond_docker.md | 1 - tools/trond/docs/trond_docker_build.md | 1 - tools/trond/docs/trond_docker_install-docker.md | 1 - tools/trond/docs/trond_docker_test.md | 1 - tools/trond/docs/trond_gen-docs.md | 1 - tools/trond/docs/trond_node.md | 1 - tools/trond/docs/trond_node_env-multi.md | 1 - tools/trond/docs/trond_node_env.md | 1 - tools/trond/docs/trond_node_run-multi.md | 1 - tools/trond/docs/trond_node_run-multi_stop.md | 1 - tools/trond/docs/trond_node_run-single.md | 3 +-- tools/trond/docs/trond_node_run-single_stop.md | 1 - tools/trond/docs/trond_snapshot.md | 1 - tools/trond/docs/trond_snapshot_download.md | 1 - tools/trond/docs/trond_snapshot_download_default-main.md | 1 - tools/trond/docs/trond_snapshot_download_default-nile.md | 1 - tools/trond/docs/trond_snapshot_list.md | 1 - tools/trond/docs/trond_snapshot_source.md | 1 - 19 files changed, 1 insertion(+), 20 deletions(-) diff --git a/tools/trond/docs/trond.md b/tools/trond/docs/trond.md index 7526922b..a4ec3900 100644 --- a/tools/trond/docs/trond.md +++ b/tools/trond/docs/trond.md @@ -33,4 +33,3 @@ $ ./trond node * [trond gen-docs](trond_gen-docs.md) - Generate markdown documentation for the CLI. * [trond node](trond_node.md) - Commands for operating java-tron docker node. * [trond snapshot](trond_snapshot.md) - Commands for getting java-tron node snapshots. - diff --git a/tools/trond/docs/trond_docker.md b/tools/trond/docs/trond_docker.md index 9c2e09fc..d0082ce0 100644 --- a/tools/trond/docs/trond_docker.md +++ b/tools/trond/docs/trond_docker.md @@ -56,4 +56,3 @@ $ ./trond docker test -o tronnile -a java-tron -v latest -n nile * [trond docker build](trond_docker_build.md) - Build java-tron docker image. * [trond docker install-docker](trond_docker_install-docker.md) - Check and install docker and docker-compose (for Linux and Mac) * [trond docker test](trond_docker_test.md) - Test java-tron docker image. - diff --git a/tools/trond/docs/trond_docker_build.md b/tools/trond/docs/trond_docker_build.md index db509c44..d85303c4 100644 --- a/tools/trond/docs/trond_docker_build.md +++ b/tools/trond/docs/trond_docker_build.md @@ -53,4 +53,3 @@ $ ./trond docker build -o tronnile -a java-tron -v latest -n nile -p linux/arm64 ### SEE ALSO * [trond docker](trond_docker.md) - Commands for operating java-tron docker image. - diff --git a/tools/trond/docs/trond_docker_install-docker.md b/tools/trond/docs/trond_docker_install-docker.md index e32f5c67..1709a3e3 100644 --- a/tools/trond/docs/trond_docker_install-docker.md +++ b/tools/trond/docs/trond_docker_install-docker.md @@ -30,4 +30,3 @@ $ ./trond docker install-docker ### SEE ALSO * [trond docker](trond_docker.md) - Commands for operating java-tron docker image. - diff --git a/tools/trond/docs/trond_docker_test.md b/tools/trond/docs/trond_docker_test.md index 00db6ad7..a88289a9 100644 --- a/tools/trond/docs/trond_docker_test.md +++ b/tools/trond/docs/trond_docker_test.md @@ -49,4 +49,3 @@ $ ./trond docker test -o tronnile -a java-tron -v latest -n nile -p linux/arm64 ### SEE ALSO * [trond docker](trond_docker.md) - Commands for operating java-tron docker image. - diff --git a/tools/trond/docs/trond_gen-docs.md b/tools/trond/docs/trond_gen-docs.md index e9a5582e..e87d9b25 100644 --- a/tools/trond/docs/trond_gen-docs.md +++ b/tools/trond/docs/trond_gen-docs.md @@ -30,4 +30,3 @@ $ ./trond gen-docs ### SEE ALSO * [trond](trond.md) - Docker automation for TRON nodes - diff --git a/tools/trond/docs/trond_node.md b/tools/trond/docs/trond_node.md index bba02161..a6e13280 100644 --- a/tools/trond/docs/trond_node.md +++ b/tools/trond/docs/trond_node.md @@ -79,4 +79,3 @@ $ ./trond node run-single stop -t full-main -f ./docker-compose.fullnode.main.ym * [trond node env-multi](trond_node_env-multi.md) - Check and configure node environment across multiple nodes. * [trond node run-multi](trond_node_run-multi.md) - Run multi remote java-tron nodes according to the layout configuration file. * [trond node run-single](trond_node_run-single.md) - Run single java-tron node for different networks. - diff --git a/tools/trond/docs/trond_node_env-multi.md b/tools/trond/docs/trond_node_env-multi.md index b5d8ff53..750c7fcd 100644 --- a/tools/trond/docs/trond_node_env-multi.md +++ b/tools/trond/docs/trond_node_env-multi.md @@ -77,4 +77,3 @@ $ scp -P 2222 local_file.txt remote_user@192.168.1.100:/home/user/ ### SEE ALSO * [trond node](trond_node.md) - Commands for operating java-tron docker node. - diff --git a/tools/trond/docs/trond_node_env.md b/tools/trond/docs/trond_node_env.md index 9049c9b8..03cdee4f 100644 --- a/tools/trond/docs/trond_node_env.md +++ b/tools/trond/docs/trond_node_env.md @@ -44,4 +44,3 @@ $ ./trond node env ### SEE ALSO * [trond node](trond_node.md) - Commands for operating java-tron docker node. - diff --git a/tools/trond/docs/trond_node_run-multi.md b/tools/trond/docs/trond_node_run-multi.md index 843eacb8..5c28316a 100644 --- a/tools/trond/docs/trond_node_run-multi.md +++ b/tools/trond/docs/trond_node_run-multi.md @@ -72,4 +72,3 @@ $ ./trond node run-multi * [trond node](trond_node.md) - Commands for operating java-tron docker node. * [trond node run-multi stop](trond_node_run-multi_stop.md) - Stop multi java-tron node for different networks. - diff --git a/tools/trond/docs/trond_node_run-multi_stop.md b/tools/trond/docs/trond_node_run-multi_stop.md index 7cd40634..340a410d 100644 --- a/tools/trond/docs/trond_node_run-multi_stop.md +++ b/tools/trond/docs/trond_node_run-multi_stop.md @@ -61,4 +61,3 @@ $ ./trond node run-multi stop ### SEE ALSO * [trond node run-multi](trond_node_run-multi.md) - Run multi remote java-tron nodes according to the layout configuration file. - diff --git a/tools/trond/docs/trond_node_run-single.md b/tools/trond/docs/trond_node_run-single.md index 38979ee6..307b7114 100644 --- a/tools/trond/docs/trond_node_run-single.md +++ b/tools/trond/docs/trond_node_run-single.md @@ -23,7 +23,7 @@ The following directory will be created after you start any type of java-tron fu - Log directory: ./logs/$type - Database directory: ./output-directory/$type - + ``` trond node run-single [flags] @@ -66,4 +66,3 @@ $./trond node run-single -t full-main -f ./docker-compose.fullnode.main.yml * [trond node](trond_node.md) - Commands for operating java-tron docker node. * [trond node run-single stop](trond_node_run-single_stop.md) - Stop single java-tron node for different networks. - diff --git a/tools/trond/docs/trond_node_run-single_stop.md b/tools/trond/docs/trond_node_run-single_stop.md index 3536eb0b..fcdafb21 100644 --- a/tools/trond/docs/trond_node_run-single_stop.md +++ b/tools/trond/docs/trond_node_run-single_stop.md @@ -50,4 +50,3 @@ $ ./trond node run-single stop -t full-main -f ./docker-compose.fullnode.main.ym ### SEE ALSO * [trond node run-single](trond_node_run-single.md) - Run single java-tron node for different networks. - diff --git a/tools/trond/docs/trond_snapshot.md b/tools/trond/docs/trond_snapshot.md index 515e1031..def76953 100644 --- a/tools/trond/docs/trond_snapshot.md +++ b/tools/trond/docs/trond_snapshot.md @@ -45,4 +45,3 @@ $ nohup ./trond snapshot download default-nile & * [trond snapshot download](trond_snapshot_download.md) - Download target backup snapshot to current directory * [trond snapshot list](trond_snapshot_list.md) - List available snapshots of target source. * [trond snapshot source](trond_snapshot_source.md) - Show available snapshot source. - diff --git a/tools/trond/docs/trond_snapshot_download.md b/tools/trond/docs/trond_snapshot_download.md index e7401a13..4dde6842 100644 --- a/tools/trond/docs/trond_snapshot_download.md +++ b/tools/trond/docs/trond_snapshot_download.md @@ -39,4 +39,3 @@ $ nohup ./trond snapshot download -d 34.143.247.77 -b backup20250205 -t lite & * [trond snapshot](trond_snapshot.md) - Commands for getting java-tron node snapshots. * [trond snapshot download default-main](trond_snapshot_download_default-main.md) - Download latest mainnet lite fullnode snapshot from default source to current directory * [trond snapshot download default-nile](trond_snapshot_download_default-nile.md) - Download latest nile testnet lite fullnode snapshot from default source to local current directory - diff --git a/tools/trond/docs/trond_snapshot_download_default-main.md b/tools/trond/docs/trond_snapshot_download_default-main.md index f0885b26..82feef85 100644 --- a/tools/trond/docs/trond_snapshot_download_default-main.md +++ b/tools/trond/docs/trond_snapshot_download_default-main.md @@ -29,4 +29,3 @@ $ nohup ./trond snapshot download default-main & ### SEE ALSO * [trond snapshot download](trond_snapshot_download.md) - Download target backup snapshot to current directory - diff --git a/tools/trond/docs/trond_snapshot_download_default-nile.md b/tools/trond/docs/trond_snapshot_download_default-nile.md index cee768ee..d7965712 100644 --- a/tools/trond/docs/trond_snapshot_download_default-nile.md +++ b/tools/trond/docs/trond_snapshot_download_default-nile.md @@ -29,4 +29,3 @@ $ nohup ./trond snapshot download default-nile & ### SEE ALSO * [trond snapshot download](trond_snapshot_download.md) - Download target backup snapshot to current directory - diff --git a/tools/trond/docs/trond_snapshot_list.md b/tools/trond/docs/trond_snapshot_list.md index e9a35fed..e7e5da1b 100644 --- a/tools/trond/docs/trond_snapshot_list.md +++ b/tools/trond/docs/trond_snapshot_list.md @@ -31,4 +31,3 @@ $ ./trond snapshot list -d 34.143.247.77 ### SEE ALSO * [trond snapshot](trond_snapshot.md) - Commands for getting java-tron node snapshots. - diff --git a/tools/trond/docs/trond_snapshot_source.md b/tools/trond/docs/trond_snapshot_source.md index 48326952..8ee81fd8 100644 --- a/tools/trond/docs/trond_snapshot_source.md +++ b/tools/trond/docs/trond_snapshot_source.md @@ -28,4 +28,3 @@ $ ./trond snapshot source ### SEE ALSO * [trond snapshot](trond_snapshot.md) - Commands for getting java-tron node snapshots. - From 07518410a6f524c840a279fb89bdbd7f9c60f1cd Mon Sep 17 00:00:00 2001 From: 3for <287494524@qq.com> Date: Fri, 27 Mar 2026 15:17:13 +0800 Subject: [PATCH 4/4] chore: remove unnecessary digest constraints in Dockerfile --- tools/docker/Dockerfile | 7 ++----- tools/docker/Dockerfile.arm64 | 7 ++----- tools/docker/Dockerfile.nile | 7 ++----- tools/docker/Dockerfile.nile.arm64 | 7 ++----- tools/docker/README.md | 2 +- 5 files changed, 9 insertions(+), 21 deletions(-) diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile index 57d9d380..8fde6122 100644 --- a/tools/docker/Dockerfile +++ b/tools/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 +FROM ubuntu:24.04 ARG VERSION="dev" ENV NO_PROXY_CACHE="-o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0" @@ -7,8 +7,6 @@ ENV JDK_TAR="jdk-8u202-linux-x64.tar.gz" ENV JDK_DIR="jdk1.8.0_202" ENV JDK_SHA256="9a5c32411a6a06e22b69c495b7975034409fa1652d03aeb8eb5b6f59fd4594e0" ENV BASE_DIR="/java-tron" -ENV TRON_DEPLOYMENT_COMMIT="c615658921c3a00d81a5ff7c68ef239a8b9e5172" -ENV MAIN_NET_CONFIG_SHA256="1b00084ab1f8c965fdaa22981ac73b458e0c2e86c240454b70321af4b07a2740" # Update and install dependencies without using any cache RUN apt-get update $NO_PROXY_CACHE && \ @@ -34,8 +32,7 @@ RUN apt-get update $NO_PROXY_CACHE && \ && rm -rf ~/.gradle \ && mv /usr/local/$JDK_DIR/jre /usr/local \ && rm -rf /usr/local/$JDK_DIR \ - && wget -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/$TRON_DEPLOYMENT_COMMIT/main_net_config.conf \ - && echo "$MAIN_NET_CONFIG_SHA256 $BASE_DIR/config.conf" | sha256sum -c \ + && wget -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/main_net_config.conf \ # Clean apt cache && apt-get clean \ && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* \ diff --git a/tools/docker/Dockerfile.arm64 b/tools/docker/Dockerfile.arm64 index 04190a71..280af0d6 100644 --- a/tools/docker/Dockerfile.arm64 +++ b/tools/docker/Dockerfile.arm64 @@ -1,11 +1,9 @@ -FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 +FROM ubuntu:24.04 ARG VERSION="dev" ENV NO_PROXY_CACHE="-o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0" ENV TMP_DIR="/tron-build" ENV BASE_DIR="/java-tron" -ENV TRON_DEPLOYMENT_COMMIT="c615658921c3a00d81a5ff7c68ef239a8b9e5172" -ENV MAIN_NET_CONFIG_SHA256="1b00084ab1f8c965fdaa22981ac73b458e0c2e86c240454b70321af4b07a2740" # Update and install dependencies without using any cache RUN apt-get update $NO_PROXY_CACHE \ @@ -22,8 +20,7 @@ RUN apt-get update $NO_PROXY_CACHE \ && mv java-tron-1.0.0 $BASE_DIR \ && rm -rf $TMP_DIR \ && rm -rf ~/.gradle \ - && wget -4 -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/$TRON_DEPLOYMENT_COMMIT/main_net_config.conf \ - && echo "$MAIN_NET_CONFIG_SHA256 $BASE_DIR/config.conf" | sha256sum -c \ + && wget -4 -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/main_net_config.conf \ # Clean apt cache && apt-get clean \ && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* \ diff --git a/tools/docker/Dockerfile.nile b/tools/docker/Dockerfile.nile index d59c87a3..fe3383aa 100644 --- a/tools/docker/Dockerfile.nile +++ b/tools/docker/Dockerfile.nile @@ -1,4 +1,4 @@ -FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 +FROM ubuntu:24.04 ARG VERSION="dev" ENV NO_PROXY_CACHE="-o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0" @@ -7,8 +7,6 @@ ENV JDK_TAR="jdk-8u202-linux-x64.tar.gz" ENV JDK_DIR="jdk1.8.0_202" ENV JDK_SHA256="9a5c32411a6a06e22b69c495b7975034409fa1652d03aeb8eb5b6f59fd4594e0" ENV BASE_DIR="/java-tron" -ENV TRON_DEPLOYMENT_COMMIT="c615658921c3a00d81a5ff7c68ef239a8b9e5172" -ENV TEST_NET_CONFIG_SHA256="081931d4de63b7bc29045b2f8fd7df98b2c498f5abfecb9b04fca589737f3949" # Update and install dependencies without using any cache RUN apt-get update $NO_PROXY_CACHE && \ @@ -34,8 +32,7 @@ RUN apt-get update $NO_PROXY_CACHE && \ && rm -rf ~/.gradle \ && mv /usr/local/$JDK_DIR/jre /usr/local \ && rm -rf /usr/local/$JDK_DIR \ - && wget -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/$TRON_DEPLOYMENT_COMMIT/test_net_config.conf \ - && echo "$TEST_NET_CONFIG_SHA256 $BASE_DIR/config.conf" | sha256sum -c \ + && wget -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/test_net_config.conf \ # Clean apt cache && apt-get clean \ && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* \ diff --git a/tools/docker/Dockerfile.nile.arm64 b/tools/docker/Dockerfile.nile.arm64 index 275fc3e2..7940c4de 100644 --- a/tools/docker/Dockerfile.nile.arm64 +++ b/tools/docker/Dockerfile.nile.arm64 @@ -1,11 +1,9 @@ -FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 +FROM ubuntu:24.04 ARG VERSION="dev" ENV NO_PROXY_CACHE="-o Acquire::BrokenProxy=true -o Acquire::http::No-Cache=true -o Acquire::http::Pipeline-Depth=0" ENV TMP_DIR="/tron-build" ENV BASE_DIR="/java-tron" -ENV TRON_DEPLOYMENT_COMMIT="c615658921c3a00d81a5ff7c68ef239a8b9e5172" -ENV TEST_NET_CONFIG_SHA256="081931d4de63b7bc29045b2f8fd7df98b2c498f5abfecb9b04fca589737f3949" # Update and install dependencies without using any cache RUN apt-get update $NO_PROXY_CACHE \ @@ -22,8 +20,7 @@ RUN apt-get update $NO_PROXY_CACHE \ && mv java-tron-1.0.0 $BASE_DIR \ && rm -rf $TMP_DIR \ && rm -rf ~/.gradle \ - && wget -4 -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/$TRON_DEPLOYMENT_COMMIT/test_net_config.conf \ - && echo "$TEST_NET_CONFIG_SHA256 $BASE_DIR/config.conf" | sha256sum -c \ + && wget -4 -O $BASE_DIR/config.conf https://raw.githubusercontent.com/tronprotocol/tron-deployment/master/test_net_config.conf \ # Clean apt cache && apt-get clean \ && rm -rf /var/cache/apt/archives/* /var/cache/apt/archives/partial/* \ diff --git a/tools/docker/README.md b/tools/docker/README.md index 0ad08e57..1f129115 100644 --- a/tools/docker/README.md +++ b/tools/docker/README.md @@ -86,7 +86,7 @@ Building for default linux/amd64 platform #3 transferring context: 2B done #3 DONE 0.0s -#4 [1/5] FROM docker.io/library/ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 +#4 [1/5] FROM docker.io/library/ubuntu:24.04 #4 DONE 0.0s #5 [internal] load build context