From 555c031a051b8fa0083fc8c3bae3b833e3019023 Mon Sep 17 00:00:00 2001
From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com>
Date: Sun, 5 Feb 2023 05:39:37 -0500
Subject: [PATCH 1/7] Create the unprivileged user's home directory

As part of user creation we create the home directory for the user as
well.
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 54e3cd0..522d390 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,7 +28,7 @@ RUN apt-get update --quiet --quiet \
 # Create unprivileged user
 ###
 RUN groupadd --system --gid ${CISA_GID} ${CISA_GROUP} \
-    && useradd --system --uid ${CISA_UID} --gid ${CISA_GROUP} --comment "${CISA_USER} user" ${CISA_USER}
+    && useradd --system --uid ${CISA_UID} --gid ${CISA_GROUP} --comment "${CISA_USER} user" --create-home ${CISA_USER}
 
 ###
 # Install everything we need

From 71671833f13f1754663088c6d79228f5bd4f4c6f Mon Sep 17 00:00:00 2001
From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com>
Date: Sun, 5 Feb 2023 05:53:07 -0500
Subject: [PATCH 2/7] Change method of installing cisagov/domain-scan

Instead of cloning the repo and acquiring history we do not need we
instead download a tarball of the latest state of the repository on
GitHub and extract it to the desired location. This mirrors how we
install cisagov/domain-scan in the cisagov/scanner image and nets us
~300MiB of saved space between installing curl instead of git and
elminating the unneeded git history (~110MiB are just the git history).
---
 Dockerfile | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 522d390..b127644 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -44,7 +44,7 @@ ENV DEPS \
     redis-tools \
     wget
 ENV INSTALL_DEPS \
-    git
+    curl
 RUN apt-get install --quiet --quiet --yes \
     --no-install-recommends --no-install-suggests \
     $DEPS $INSTALL_DEPS
@@ -60,9 +60,15 @@ RUN pip install --no-cache-dir --upgrade pip setuptools
 
 ###
 # Install domain-scan
-###
-RUN git clone https://github.com/cisagov/domain-scan \
-    ${CISA_HOME}/domain-scan/
+#
+# The SHELL command is used to ensure that if either the curl call or
+# the tar call fail then the image build fails. Source:
+# https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#using-pipes
+###
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+RUN mkdir ${CISA_HOME}/domain-scan \
+    && curl --location https://github.com/cisagov/domain-scan/tarball/master \
+    | tar --extract --gzip --strip-components 1 --directory ${CISA_HOME}/domain-scan/
 RUN pip install --no-cache-dir --upgrade \
     --requirement ${CISA_HOME}/domain-scan/requirements.txt
 

From 4c09ae55cdc3effbfbd921951caf1affb89fd881 Mon Sep 17 00:00:00 2001
From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com>
Date: Sun, 5 Feb 2023 05:55:54 -0500
Subject: [PATCH 3/7] Use the bugfix branch of cisagov/domain-scan

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index b127644..1b921da 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -67,7 +67,7 @@ RUN pip install --no-cache-dir --upgrade pip setuptools
 ###
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN mkdir ${CISA_HOME}/domain-scan \
-    && curl --location https://github.com/cisagov/domain-scan/tarball/master \
+    && curl --location https://github.com/cisagov/domain-scan/tarball/bugfix/fix_issues_with_psl_updating \
     | tar --extract --gzip --strip-components 1 --directory ${CISA_HOME}/domain-scan/
 RUN pip install --no-cache-dir --upgrade \
     --requirement ${CISA_HOME}/domain-scan/requirements.txt

From 09b88bc64dcadcbe72f127873f51f6462af4c60c Mon Sep 17 00:00:00 2001
From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com>
Date: Sun, 5 Feb 2023 05:59:48 -0500
Subject: [PATCH 4/7] Bump version from 1.5.11 to 1.5.12

---
 README.md       | 20 ++++++++++----------
 src/version.txt |  2 +-
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 017fcb7..14f2309 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@ expects the secrets in a different location.
 To run the `cisagov/gatherer` image via Docker:
 
 ```console
-docker run cisagov/gatherer:1.5.11
+docker run cisagov/gatherer:1.5.12
 ```
 
 ### Running with Docker Compose ###
@@ -47,7 +47,7 @@ docker run cisagov/gatherer:1.5.11
 
     services:
       gatherer:
-        image: cisagov/gatherer:1.5.11
+        image: cisagov/gatherer:1.5.12
         volumes:
           - type: bind
             source: <your_output_dir>
@@ -93,7 +93,7 @@ environment variables.  See the
 
     services:
       gatherer:
-        image: cisagov/gatherer:1.5.11
+        image: cisagov/gatherer:1.5.12
         volumes:
           - type: bind
             source: <your_output_dir>
@@ -130,7 +130,7 @@ environment variables.  See the
 1. Pull the new image:
 
     ```console
-    docker pull cisagov/gatherer:1.5.11
+    docker pull cisagov/gatherer:1.5.12
     ```
 
 1. Recreate and run the container by following the [previous instructions](#running-with-docker).
@@ -140,11 +140,11 @@ environment variables.  See the
 The images of this container are tagged with [semantic
 versions](https://semver.org) of the underlying gatherer project that they
 containerize.  It is recommended that most users use a version tag (e.g.
-`:1.5.11`).
+`:1.5.12`).
 
 | Image:tag | Description |
 |-----------|-------------|
-|`cisagov/gatherer:1.5.11`| An exact release version. |
+|`cisagov/gatherer:1.5.12`| An exact release version. |
 |`cisagov/gatherer:1.5`| The most recent release matching the major and minor version numbers. |
 |`cisagov/gatherer:1`| The most recent release matching the major version number. |
 |`cisagov/gatherer:edge` | The most recent image built from a merge into the `develop` branch of this repository. |
@@ -207,8 +207,8 @@ Build the image locally using this git repository as the [build context](https:/
 
 ```console
 docker build \
-  --build-arg VERSION=1.5.11 \
-  --tag cisagov/gatherer:1.5.11 \
+  --build-arg VERSION=1.5.12 \
+  --tag cisagov/gatherer:1.5.12 \
   https://github.com/cisagov/gatherer.git#develop
 ```
 
@@ -238,9 +238,9 @@ Docker:
     docker buildx build \
       --file Dockerfile-x \
       --platform linux/amd64 \
-      --build-arg VERSION=1.5.11 \
+      --build-arg VERSION=1.5.12 \
       --output type=docker \
-      --tag cisagov/gatherer:1.5.11 .
+      --tag cisagov/gatherer:1.5.12 .
     ```
 
 ## Contributing ##
diff --git a/src/version.txt b/src/version.txt
index 9e78465..da34e60 100644
--- a/src/version.txt
+++ b/src/version.txt
@@ -1 +1 @@
-__version__ = "1.5.11"
+__version__ = "1.5.12"

From f5f284d1930e89bc9933f31f3525f9c28fc7fdfd Mon Sep 17 00:00:00 2001
From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com>
Date: Sun, 5 Feb 2023 06:00:06 -0500
Subject: [PATCH 5/7] Bump version from 1.5.12 to 1.5.12-rc.1

---
 README.md       | 20 ++++++++++----------
 src/version.txt |  2 +-
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 14f2309..e479c88 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@ expects the secrets in a different location.
 To run the `cisagov/gatherer` image via Docker:
 
 ```console
-docker run cisagov/gatherer:1.5.12
+docker run cisagov/gatherer:1.5.12-rc.1
 ```
 
 ### Running with Docker Compose ###
@@ -47,7 +47,7 @@ docker run cisagov/gatherer:1.5.12
 
     services:
       gatherer:
-        image: cisagov/gatherer:1.5.12
+        image: cisagov/gatherer:1.5.12-rc.1
         volumes:
           - type: bind
             source: <your_output_dir>
@@ -93,7 +93,7 @@ environment variables.  See the
 
     services:
       gatherer:
-        image: cisagov/gatherer:1.5.12
+        image: cisagov/gatherer:1.5.12-rc.1
         volumes:
           - type: bind
             source: <your_output_dir>
@@ -130,7 +130,7 @@ environment variables.  See the
 1. Pull the new image:
 
     ```console
-    docker pull cisagov/gatherer:1.5.12
+    docker pull cisagov/gatherer:1.5.12-rc.1
     ```
 
 1. Recreate and run the container by following the [previous instructions](#running-with-docker).
@@ -140,11 +140,11 @@ environment variables.  See the
 The images of this container are tagged with [semantic
 versions](https://semver.org) of the underlying gatherer project that they
 containerize.  It is recommended that most users use a version tag (e.g.
-`:1.5.12`).
+`:1.5.12-rc.1`).
 
 | Image:tag | Description |
 |-----------|-------------|
-|`cisagov/gatherer:1.5.12`| An exact release version. |
+|`cisagov/gatherer:1.5.12-rc.1`| An exact release version. |
 |`cisagov/gatherer:1.5`| The most recent release matching the major and minor version numbers. |
 |`cisagov/gatherer:1`| The most recent release matching the major version number. |
 |`cisagov/gatherer:edge` | The most recent image built from a merge into the `develop` branch of this repository. |
@@ -207,8 +207,8 @@ Build the image locally using this git repository as the [build context](https:/
 
 ```console
 docker build \
-  --build-arg VERSION=1.5.12 \
-  --tag cisagov/gatherer:1.5.12 \
+  --build-arg VERSION=1.5.12-rc.1 \
+  --tag cisagov/gatherer:1.5.12-rc.1 \
   https://github.com/cisagov/gatherer.git#develop
 ```
 
@@ -238,9 +238,9 @@ Docker:
     docker buildx build \
       --file Dockerfile-x \
       --platform linux/amd64 \
-      --build-arg VERSION=1.5.12 \
+      --build-arg VERSION=1.5.12-rc.1 \
       --output type=docker \
-      --tag cisagov/gatherer:1.5.12 .
+      --tag cisagov/gatherer:1.5.12-rc.1 .
     ```
 
 ## Contributing ##
diff --git a/src/version.txt b/src/version.txt
index da34e60..e502ce8 100644
--- a/src/version.txt
+++ b/src/version.txt
@@ -1 +1 @@
-__version__ = "1.5.12"
+__version__ = "1.5.12-rc.1"

From e44a52e70e875ec166efb5b17a1b64beb68a7251 Mon Sep 17 00:00:00 2001
From: Jeremy Frasier <jeremy.frasier@trio.dhs.gov>
Date: Mon, 6 Feb 2023 10:25:06 -0500
Subject: [PATCH 6/7] Revert "Use the bugfix branch of cisagov/domain-scan"

This reverts commit 4c09ae55cdc3effbfbd921951caf1affb89fd881.
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 1b921da..b127644 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -67,7 +67,7 @@ RUN pip install --no-cache-dir --upgrade pip setuptools
 ###
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN mkdir ${CISA_HOME}/domain-scan \
-    && curl --location https://github.com/cisagov/domain-scan/tarball/bugfix/fix_issues_with_psl_updating \
+    && curl --location https://github.com/cisagov/domain-scan/tarball/master \
     | tar --extract --gzip --strip-components 1 --directory ${CISA_HOME}/domain-scan/
 RUN pip install --no-cache-dir --upgrade \
     --requirement ${CISA_HOME}/domain-scan/requirements.txt

From a13052bbfbe5a93b6ae633f5f96ab370bfc8ba5b Mon Sep 17 00:00:00 2001
From: Jeremy Frasier <jeremy.frasier@trio.dhs.gov>
Date: Wed, 8 Feb 2023 15:02:05 -0500
Subject: [PATCH 7/7] Finalize version from 1.5.12-rc.1 to 1.5.12

---
 README.md       | 20 ++++++++++----------
 src/version.txt |  2 +-
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index e479c88..14f2309 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@ expects the secrets in a different location.
 To run the `cisagov/gatherer` image via Docker:
 
 ```console
-docker run cisagov/gatherer:1.5.12-rc.1
+docker run cisagov/gatherer:1.5.12
 ```
 
 ### Running with Docker Compose ###
@@ -47,7 +47,7 @@ docker run cisagov/gatherer:1.5.12-rc.1
 
     services:
       gatherer:
-        image: cisagov/gatherer:1.5.12-rc.1
+        image: cisagov/gatherer:1.5.12
         volumes:
           - type: bind
             source: <your_output_dir>
@@ -93,7 +93,7 @@ environment variables.  See the
 
     services:
       gatherer:
-        image: cisagov/gatherer:1.5.12-rc.1
+        image: cisagov/gatherer:1.5.12
         volumes:
           - type: bind
             source: <your_output_dir>
@@ -130,7 +130,7 @@ environment variables.  See the
 1. Pull the new image:
 
     ```console
-    docker pull cisagov/gatherer:1.5.12-rc.1
+    docker pull cisagov/gatherer:1.5.12
     ```
 
 1. Recreate and run the container by following the [previous instructions](#running-with-docker).
@@ -140,11 +140,11 @@ environment variables.  See the
 The images of this container are tagged with [semantic
 versions](https://semver.org) of the underlying gatherer project that they
 containerize.  It is recommended that most users use a version tag (e.g.
-`:1.5.12-rc.1`).
+`:1.5.12`).
 
 | Image:tag | Description |
 |-----------|-------------|
-|`cisagov/gatherer:1.5.12-rc.1`| An exact release version. |
+|`cisagov/gatherer:1.5.12`| An exact release version. |
 |`cisagov/gatherer:1.5`| The most recent release matching the major and minor version numbers. |
 |`cisagov/gatherer:1`| The most recent release matching the major version number. |
 |`cisagov/gatherer:edge` | The most recent image built from a merge into the `develop` branch of this repository. |
@@ -207,8 +207,8 @@ Build the image locally using this git repository as the [build context](https:/
 
 ```console
 docker build \
-  --build-arg VERSION=1.5.12-rc.1 \
-  --tag cisagov/gatherer:1.5.12-rc.1 \
+  --build-arg VERSION=1.5.12 \
+  --tag cisagov/gatherer:1.5.12 \
   https://github.com/cisagov/gatherer.git#develop
 ```
 
@@ -238,9 +238,9 @@ Docker:
     docker buildx build \
       --file Dockerfile-x \
       --platform linux/amd64 \
-      --build-arg VERSION=1.5.12-rc.1 \
+      --build-arg VERSION=1.5.12 \
       --output type=docker \
-      --tag cisagov/gatherer:1.5.12-rc.1 .
+      --tag cisagov/gatherer:1.5.12 .
     ```
 
 ## Contributing ##
diff --git a/src/version.txt b/src/version.txt
index e502ce8..da34e60 100644
--- a/src/version.txt
+++ b/src/version.txt
@@ -1 +1 @@
-__version__ = "1.5.12-rc.1"
+__version__ = "1.5.12"