From fdc8d700001be4a28924063081bfc2c773560509 Mon Sep 17 00:00:00 2001
From: Nathan Poirier <nathan@poirier.io>
Date: Sat, 26 Aug 2023 11:51:17 +0200
Subject: [PATCH] Add docker image

---
 .dockerignore                        | 11 +++++++
 .github/dependabot.yml               | 16 +++++++++
 .github/workflows/docker-images.yaml | 49 ++++++++++++++++++++++++++++
 Dockerfile                           | 12 +++++++
 4 files changed, 88 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/docker-images.yaml
 create mode 100644 Dockerfile

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..1440867
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,11 @@
+Dockerfile
+.dockerignore
+.env
+.git
+.gitignore
+LICENSE
+node_modules
+.prettierignore
+.prettierrc.yaml
+.readme
+README.md
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..f8b1172
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: weekly
+
+  - package-ecosystem: docker
+    directory: /
+    schedule:
+      interval: weekly
diff --git a/.github/workflows/docker-images.yaml b/.github/workflows/docker-images.yaml
new file mode 100644
index 0000000..60bccb5
--- /dev/null
+++ b/.github/workflows/docker-images.yaml
@@ -0,0 +1,49 @@
+name: Docker Image CI
+
+on:
+  push:
+    tags: ['v*']
+
+env:
+  IMAGE: ghcr.io/${{ github.repository }}
+  PROJECT_URL: https://github.com/${{ github.repository }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions: write-all # required to push to GitHub Container Registry
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Login to GitHub Container Registry
+        run: |
+          buildah login -u "$REGISTRY_USER" --password-stdin <<<"$REGISTRY_PASSWORD" "${IMAGE%%/*}"
+        env:
+          REGISTRY_USER: ${{ github.actor }}
+          REGISTRY_PASSWORD: ${{ github.token }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+        with:
+          platforms: arm64
+
+      - name: Build
+        run: |
+          set -ex
+          tags=("${IMAGE}:${GITHUB_REF_NAME}" "${IMAGE}:latest")
+          buildah build \
+            --platform linux/amd64,linux/arm64 \
+            --manifest "${tags[0]}" \
+            --timestamp="$(git show -s --format=%ct HEAD)" \
+            --label="org.opencontainers.image.url=${PROJECT_URL}" \
+            --label="org.opencontainers.image.source=${PROJECT_URL}" \
+            --label="org.opencontainers.image.version=${GITHUB_REF_NAME}" \
+            --label="org.opencontainers.image.revision=${GITHUB_SHA}"
+          for tag in "${tags[@]:1}"; do
+            buildah tag -- "${tags[0]}" "$tag"
+          done
+          for tag in "${tags[@]}"; do
+            buildah push -- "$tag"
+          done
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..b0f5ef2
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,12 @@
+FROM docker.io/library/node:18.17.1-alpine3.18
+
+ENV NODE_ENV=production
+
+COPY . /app/
+
+WORKDIR /app
+
+RUN npm ci --no-audit --no-fund --logs-dir=/dev/null && { npm cache clean --force --logs-dir=/dev/null || true; }
+
+USER node
+CMD [ "node", "/app/src/index.js" ]