From d132e8b8e008f83bf6eba6b9df4f7a7372ace514 Mon Sep 17 00:00:00 2001
From: clayton <hello@claytonc.dev>
Date: Wed, 27 Mar 2024 02:25:06 -0700
Subject: [PATCH 1/4] add: Dockerfile

---
 Dockerfile | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 Dockerfile

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..9c1e00de
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,25 @@
+FROM golang:1.21-alpine AS builder
+RUN apk add make bash
+RUN apk add --no-cache ca-certificates
+
+COPY . /build
+WORKDIR /build
+RUN make build
+
+RUN echo "hauler:x:1001:1001::/home:" > /etc/passwd \
+&& echo "hauler:x:1001:hauler" > /etc/group \
+&& mkdir /store \
+&& mkdir /store-files \
+&& mkdir /registry
+
+FROM scratch
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=builder /etc/passwd /etc/passwd
+COPY --from=builder /etc/group /etc/group
+COPY --from=builder --chown=hauler:hauler /home/. /home
+COPY --from=builder --chown=hauler:hauler /store/. /store
+COPY --from=builder --chown=hauler:hauler /registry/. /registry
+COPY --from=builder --chown=hauler:hauler /store-files/. /store-files
+COPY --from=builder --chown=hauler:hauler /build/bin/hauler /
+USER hauler
+ENTRYPOINT [ "/hauler" ]

From 0657fd80fe89771c9291b7dc3afc700e5aee7468 Mon Sep 17 00:00:00 2001
From: clayton <hello@claytonc.dev>
Date: Wed, 27 Mar 2024 02:25:12 -0700
Subject: [PATCH 2/4] add: dockerignore

---
 .dockerignore | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..0bab537c
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,8 @@
+*
+!cmd
+!go.mod
+!go.sum
+!internal
+!Makefile
+!pkg
+!static

From e8fb37c6edb7bc87162d134eca2aa3712a8d6b0e Mon Sep 17 00:00:00 2001
From: clayton <hello@claytonc.dev>
Date: Thu, 28 Mar 2024 13:49:01 -0700
Subject: [PATCH 3/4] fix: ensure /tmp for hauler store load

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 9c1e00de..f5d99e4e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,6 +17,7 @@ COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=builder /etc/passwd /etc/passwd
 COPY --from=builder /etc/group /etc/group
 COPY --from=builder --chown=hauler:hauler /home/. /home
+COPY --from=builder --chown=hauler:hauler /tmp/. /tmp
 COPY --from=builder --chown=hauler:hauler /store/. /store
 COPY --from=builder --chown=hauler:hauler /registry/. /registry
 COPY --from=builder --chown=hauler:hauler /store-files/. /store-files

From 82aedc867a3cc5581467b3e077b53b68ebaf69fc Mon Sep 17 00:00:00 2001
From: clayton <hello@claytonc.dev>
Date: Thu, 28 Mar 2024 13:53:22 -0700
Subject: [PATCH 4/4] switch to using bci-golang as builder image

---
 Dockerfile | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f5d99e4e..fab7901d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,5 @@
-FROM golang:1.21-alpine AS builder
-RUN apk add make bash
-RUN apk add --no-cache ca-certificates
+FROM registry.suse.com/bci/golang:1.21 AS builder
+RUN zypper --non-interactive install make bash wget ca-certificates
 
 COPY . /build
 WORKDIR /build
@@ -13,7 +12,7 @@ RUN echo "hauler:x:1001:1001::/home:" > /etc/passwd \
 && mkdir /registry
 
 FROM scratch
-COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=builder /var/lib/ca-certificates/ca-bundle.pem /etc/ssl/certs/ca-certificates.crt
 COPY --from=builder /etc/passwd /etc/passwd
 COPY --from=builder /etc/group /etc/group
 COPY --from=builder --chown=hauler:hauler /home/. /home