From 5bd974976315e1e02003408fd0ef4648efd7f74e Mon Sep 17 00:00:00 2001
From: GoliathLabs <git@xdfr.de>
Date: Mon, 1 Apr 2024 20:20:59 +0200
Subject: [PATCH 1/2] feat: Docker builds

---
 .github/dependabot.yml               |  7 ++++
 .github/workflows/build-docker.yml   | 49 +++++++++++++++++++++++++
 .github/workflows/publish-docker.yml | 54 ++++++++++++++++++++++++++++
 Dockerfile                           | 15 ++++++++
 4 files changed, 125 insertions(+)
 create mode 100644 .github/workflows/build-docker.yml
 create mode 100644 .github/workflows/publish-docker.yml
 create mode 100644 Dockerfile

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 98e03e99..e667d949 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -15,3 +15,10 @@ updates:
     commit-message:
       # Prefix all commit messages with "npm: "
       prefix: "npm"
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    commit-message:
+      # Prefix all commit messages with "npm: "
+      prefix: "npm"
diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml
new file mode 100644
index 00000000..45440c51
--- /dev/null
+++ b/.github/workflows/build-docker.yml
@@ -0,0 +1,49 @@
+name: Build Docker image
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          config: .github/buildkitd.toml
+      - name: Retrieve author data
+        run: |
+          echo AUTHOR=$(curl -sSL ${{ github.event.repository.owner.url }} | jq -r '.name') >> $GITHUB_ENV
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          labels: |
+            org.opencontainers.image.authors=${{ env.AUTHOR }}
+      - name: Build Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64
+          push: false
+          load: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Inspect Docker image
+        run: docker image inspect ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/publish-docker.yml b/.github/workflows/publish-docker.yml
new file mode 100644
index 00000000..30be4e51
--- /dev/null
+++ b/.github/workflows/publish-docker.yml
@@ -0,0 +1,54 @@
+name: Publish Docker image
+on:
+  push:
+    branches:
+      - "main"
+    tags:
+      - "v*.*.*"
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  push_to_registry:
+    name: Push Docker image to GitHub Packages
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: all
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Retrieve author data
+        run: |
+          echo AUTHOR=$(curl -sSL ${{ github.event.repository.owner.url }} | jq -r '.name') >> $GITHUB_ENV
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          labels: |
+            org.opencontainers.image.authors=${{ env.AUTHOR }}
+      - name: Build container image
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64/v8,linux/arm/v7,linux/ppc64le,linux/s390x
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..91af0895
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,15 @@
+### Build stage for the website frontend
+FROM --platform=$BUILDPLATFORM node:20-bookworm-slim as build
+RUN apt-get update && \
+apt-get install -y python3
+WORKDIR /code
+COPY . ./
+RUN npm install
+RUN npm audit
+RUN npm run lint
+RUN npm run build
+
+FROM nginx:1.25.4-alpine
+COPY --from=build /code/build/ /usr/share/nginx/html
+COPY --from=build /code/config.example.json /usr/share/nginx/html/
+EXPOSE 80

From 9fe3ee9268838a74f7063e8191f0352d13e7c0d4 Mon Sep 17 00:00:00 2001
From: GoliathLabs <git@xdfr.de>
Date: Mon, 1 Apr 2024 20:27:03 +0200
Subject: [PATCH 2/2] fix: don't use .github/buildkitd.toml

---
 .github/workflows/build-docker.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml
index 45440c51..f585d1fe 100644
--- a/.github/workflows/build-docker.yml
+++ b/.github/workflows/build-docker.yml
@@ -22,7 +22,6 @@ jobs:
       - name: Setup Docker buildx
         uses: docker/setup-buildx-action@v2
         with:
-          config: .github/buildkitd.toml
       - name: Retrieve author data
         run: |
           echo AUTHOR=$(curl -sSL ${{ github.event.repository.owner.url }} | jq -r '.name') >> $GITHUB_ENV