From 1e3998d5d8a181a24492b478fb8c6e172154f218 Mon Sep 17 00:00:00 2001
From: Antonio Escalera <antonio.escalera@circonus.com>
Date: Tue, 23 Aug 2022 10:54:06 -0400
Subject: [PATCH 1/2] feat(ci/container): First crack at building a statically
 linked fqd container

Add github actions workflow to build fqd container with Dockerfile and
upload container to GCR
Add Dockerfile with multi-stage-build and static linking to output a
minimal container
Add Circonus.repo (dependency for Dockerfile)

Add build steps to create a minimal container.

* Tags: container gcr dockerfile podman buildah
---
 .../workflows/build-push-container-image.yaml | 37 +++++++++++++++++++
 Circonus.repo                                 |  7 ++++
 Dockerfile                                    | 23 ++++++++++++
 3 files changed, 67 insertions(+)
 create mode 100644 .github/workflows/build-push-container-image.yaml
 create mode 100644 Circonus.repo
 create mode 100644 Dockerfile

diff --git a/.github/workflows/build-push-container-image.yaml b/.github/workflows/build-push-container-image.yaml
new file mode 100644
index 0000000..4dccf62
--- /dev/null
+++ b/.github/workflows/build-push-container-image.yaml
@@ -0,0 +1,37 @@
+name: Build and Push Image
+on:
+  push:
+    tags:
+      - '*'
+
+env:
+  # TODO: change this to the actual registry
+  IMAGE_NAME: "us-central1-docker.pkg.dev/circonus.com/circonus/fq-images/fqd"
+
+jobs:
+  build:
+    name: Build and push image
+    runs-on: ubuntu-20.04
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Build Image
+      id: build-image
+      uses: redhat-actions/buildah-build@v2
+      with:
+        image: ${{ env.IMAGE_NAME }}
+        tags: latest ${{ github.ref_name }} ${{ github.sha }} 
+        containerfiles: |
+          ./Dockerfile
+
+    - name: Push To registry
+      id: push-to-registry
+      uses: redhat-actions/push-to-registry@v2
+      with:
+        tags: ${{ env.IMAGE_NAME }}:latest ${{ env.IMAGE_NAME }}:${{ github.ref_name }} ${{ env.IMAGE_NAME }}:${{ github.sha }}
+        username: ${{ secrets.REGISTRY_USER }}
+        password: ${{ secrets.REGISTRY_PASSWORD }}
+
+    - name: Print image url
+      run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
diff --git a/Circonus.repo b/Circonus.repo
new file mode 100644
index 0000000..ca90e4b
--- /dev/null
+++ b/Circonus.repo
@@ -0,0 +1,7 @@
+[Circonus]
+name=Circonus CentOS 7 Pilot repo
+baseurl=https://updates.circonus.net/centos/7/x86_64/
+enabled=1
+fastestmirror_enabled=0
+gpgcheck=1
+metadata_expire=1m
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..12028b5
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,23 @@
+FROM centos:centos7.9.2009 AS centos
+
+WORKDIR /src/fq
+COPY . ./
+
+RUN yum -y install gcc make
+
+RUN yum -y install sqlite
+COPY Circonus.repo /etc/yum.repos.d/
+RUN rpm --import https://keybase.io/circonuspkg/pgp_keys.asc?fingerprint=14ff6826503494d85e62d2f22dd15eba6d4fa648
+RUN yum -y install circonus-platform-library-bcd circonus-platform-library-jlog circonus-platform-library-liblz4 circonus-platform-library-uuid circonus-platform-runtime-luajit
+
+RUN LDFLAGS="-static -static-libgcc -static-libstdc++" make
+
+RUN useradd -u 65534 nobody
+
+FROM scratch
+WORKDIR /
+COPY --from=centos /etc/passwd /etc/passwd
+COPY --from=centos /src/fq/fqd /fqd
+USER nobody
+ENTRYPOINT ["/fqd"]
+CMD ["-D"]

From f61678322f7a5e844be6d1c50f13178f4f839ef3 Mon Sep 17 00:00:00 2001
From: Antonio Escalera <antonio.escalera@circonus.com>
Date: Mon, 29 Aug 2022 17:45:35 -0400
Subject: [PATCH 2/2] fix(build/docker): Reorder dockerfile

Update dockerfile build order to ensure objects changed the most are
built last (following best practices)

* Tags: dockerfile build order
---
 Dockerfile | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 12028b5..84df0a9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,6 @@
 FROM centos:centos7.9.2009 AS centos
 
-WORKDIR /src/fq
-COPY . ./
+RUN useradd -u 65534 nobody
 
 RUN yum -y install gcc make
 
@@ -10,14 +9,14 @@ COPY Circonus.repo /etc/yum.repos.d/
 RUN rpm --import https://keybase.io/circonuspkg/pgp_keys.asc?fingerprint=14ff6826503494d85e62d2f22dd15eba6d4fa648
 RUN yum -y install circonus-platform-library-bcd circonus-platform-library-jlog circonus-platform-library-liblz4 circonus-platform-library-uuid circonus-platform-runtime-luajit
 
+WORKDIR /src/fq
+COPY . ./
 RUN LDFLAGS="-static -static-libgcc -static-libstdc++" make
 
-RUN useradd -u 65534 nobody
-
 FROM scratch
+USER nobody
 WORKDIR /
 COPY --from=centos /etc/passwd /etc/passwd
 COPY --from=centos /src/fq/fqd /fqd
-USER nobody
 ENTRYPOINT ["/fqd"]
 CMD ["-D"]