chore: 更新Docker和CI配置

- 更新Woodpecker CI配置
- 更新Docker Compose配置
- 更新应用主类配置
- 更新网关路由服务
- 更新审计日志相关代码

novalon-manage-api/Dockerfile

@@ -1,22 +1,49 @@
-FROM maven:3.9-eclipse-temurin-17 AS builder
+# 多阶段构建优化Dockerfile
+FROM maven:3.9-eclipse-temurin-21 AS builder
 
 WORKDIR /app
 
+# 复制Maven配置文件和源码
 COPY pom.xml .
 COPY mvnw .
 COPY mvnw.cmd .
 COPY .mvn .mvn
-COPY src ./src
 
-RUN chmod +x mvnw
+# 下载依赖（利用Docker缓存层）
+RUN ./mvnw dependency:go-offline -B
+
+# 复制源码并构建
+COPY src ./src
 RUN ./mvnw clean package -DskipTests
 
-FROM openjdk:17-slim
+# 运行时镜像
+FROM eclipse-temurin:21-jre-jammy
+
+# 设置时区和语言环境
+RUN apt-get update && apt-get install -y \
+    curl \
+    && rm -rf /var/lib/apt/lists/*
+
+# 创建非root用户运行应用
+RUN groupadd -r novalon && useradd -r -g novalon novalon
 
 WORKDIR /app
 
-COPY --from=builder /app/target/*.jar app.jar
+# 复制构建产物
+COPY --from=builder --chown=novalon:novalon /app/target/*.jar app.jar
 
+# 设置JVM参数优化
+ENV JAVA_OPTS="-Xmx512m -Xms256m -XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:+UseContainerSupport -Djava.security.egd=file:/dev/./urandom"
+
+# 暴露端口
 EXPOSE 8084
 
-ENTRYPOINT ["java", "-jar", "app.jar"]
+# 切换用户
+USER novalon
+
+# 健康检查
+HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
+    CMD curl -f http://localhost:8084/actuator/health || exit 1
+
+# 启动命令
+ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -jar app.jar"]