From d225c52bde8dda6e851f1ded5b4de5adac91872b Mon Sep 17 00:00:00 2001
From: Fabrizio Sestito <fabrizio.sestito@suse.com>
Date: Fri, 30 Sep 2022 15:51:41 +0200
Subject: [PATCH] Add dockerfile (#37)

* Pin credentials_obfuscation dep

* Add dockerfile

* Add container creation in the github action

Co-authored-by: arbulu89 <xarbulu@suse.com>
---
 .dockerignore             |  5 +++++
 .github/workflows/ci.yaml | 38 ++++++++++++++++++++++++++++++++++++++
 Dockerfile                | 34 ++++++++++++++++++++++++++++++++++
 mix.exs                   |  4 +++-
 mix.lock                  |  2 +-
 5 files changed, 81 insertions(+), 2 deletions(-)
 create mode 100644 .dockerignore
 create mode 100644 Dockerfile

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..cde2becd
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+/_build/
+/deps/
+/doc/
+/test/
+/tmp/
\ No newline at end of file
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 9326ad94..977c6494 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -141,3 +141,41 @@ jobs:
 
       - name: Run test
         run: mix test --color --trace --slowest 10
+
+  build-and-push-container-images:
+    name: Build and push container images
+    runs-on: ubuntu-latest
+    if: github.event_name == 'release' || (github.event_name == 'push' && github.ref_name == 'main') || github.event_name == 'workflow_dispatch'
+    needs: [static-code-analysis, test]
+    permissions:
+      contents: read
+      packages: write
+    env:
+      REGISTRY: ghcr.io
+      IMAGE_REPOSITORY: ghcr.io/${{ github.repository_owner }}/wanda
+      IMAGE_TAG: "${{ (github.event_name == 'release' && github.event.release.tag_name) || (github.event_name == 'push' && github.ref_name == 'main' && 'rolling') || github.sha }}"
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - uses: docker/setup-buildx-action@v2
+      - name: Log in to the Container registry
+        uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@69f6fc9d46f2f8bf0d5491e4aabe0bb8c6a4678a
+        with:
+          images: ${{ env.IMAGE_REPOSITORY }}
+      - name: Build and push container image
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          push: true
+          tags: ${{ env.IMAGE_REPOSITORY }}:${{ env.IMAGE_TAG }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..c86cd6af
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,34 @@
+FROM opensuse/leap AS elixir-build
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV LC_ALL en_US.UTF-8
+RUN zypper -n addrepo https://download.opensuse.org/repositories/devel:/languages:/erlang/SLE_15_SP3/devel:languages:erlang.repo
+RUN zypper -n --gpg-auto-import-keys ref -s
+RUN zypper -n in elixir
+COPY . /build
+WORKDIR /build
+ARG MIX_ENV=prod
+ENV MIX_ENV=$MIX_ENV
+RUN mix local.rebar --force \
+    && mix local.hex --force \
+    && mix deps.get
+
+FROM elixir-build AS release
+COPY --from=elixir-build /build /build
+WORKDIR /build
+ARG MIX_ENV=prod
+ENV MIX_ENV=$MIX_ENV
+RUN mix phx.digest
+RUN mix release
+
+FROM registry.suse.com/bci/bci-base:15.3 AS wanda
+LABEL org.opencontainers.image.source="https://github.com/trento-project/wanda"
+ARG MIX_ENV=prod
+ENV MIX_ENV=$MIX_ENV
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV LC_ALL en_US.UTF-8
+WORKDIR /app
+COPY --from=release /build/_build/$MIX_ENV/rel/wanda .
+EXPOSE 4000/tcp
+ENTRYPOINT ["/app/bin/wanda"]
\ No newline at end of file
diff --git a/mix.exs b/mix.exs
index 798a5567..085053b0 100644
--- a/mix.exs
+++ b/mix.exs
@@ -34,8 +34,10 @@ defmodule Wanda.MixProject do
   defp deps do
     [
       {:abacus, "~> 0.4.2"},
-      {:elixir_uuid, "~> 1.2"},
       {:gen_rmq, "~> 4.0"},
+      # this is pinned since the 3.1.0 version requires OTP 23.2
+      # overrides gen_rmq dependency
+      {:credentials_obfuscation, "3.0.0", override: true},
       {:jason, "~> 1.3"},
       {:yaml_elixir, "~> 2.9"},
       {:miss, "~> 0.1.5"},
diff --git a/mix.lock b/mix.lock
index 6617ebd9..6b1594e6 100644
--- a/mix.lock
+++ b/mix.lock
@@ -9,7 +9,7 @@
   "cowboy": {:hex, :cowboy, "2.9.0", "865dd8b6607e14cf03282e10e934023a1bd8be6f6bacf921a7e2a96d800cd452", [:make, :rebar3], [{:cowlib, "2.11.0", [hex: :cowlib, repo: "hexpm", optional: false]}, {:ranch, "1.8.0", [hex: :ranch, repo: "hexpm", optional: false]}], "hexpm", "2c729f934b4e1aa149aff882f57c6372c15399a20d54f65c8d67bef583021bde"},
   "cowboy_telemetry": {:hex, :cowboy_telemetry, "0.4.0", "f239f68b588efa7707abce16a84d0d2acf3a0f50571f8bb7f56a15865aae820c", [:rebar3], [{:cowboy, "~> 2.7", [hex: :cowboy, repo: "hexpm", optional: false]}, {:telemetry, "~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "7d98bac1ee4565d31b62d59f8823dfd8356a169e7fcbb83831b8a5397404c9de"},
   "cowlib": {:hex, :cowlib, "2.11.0", "0b9ff9c346629256c42ebe1eeb769a83c6cb771a6ee5960bd110ab0b9b872063", [:make, :rebar3], [], "hexpm", "2b3e9da0b21c4565751a6d4901c20d1b4cc25cbb7fd50d91d2ab6dd287bc86a9"},
-  "credentials_obfuscation": {:hex, :credentials_obfuscation, "3.1.0", "2c405ea0c5db7b3344aa5a99f86c33e7b6ecea97d2cb613371e1cf0d192ef2c6", [:rebar3], [], "hexpm", "04884e62b1c6cdfba999d4d6b3e99bc0a59d5e439517bc5c01767255afb7b778"},
+  "credentials_obfuscation": {:hex, :credentials_obfuscation, "3.0.0", "cb1bcff1b7d33286efdbc9f73a1f40adb1e64501e81bb9c00b67e61611bee56a", [:rebar3], [], "hexpm", "bf2060c7058d4e765cdb4319ec94ad71c00d102931d667415b2cd5e991d9d038"},
   "credo": {:hex, :credo, "1.6.6", "f51f8d45db1af3b2e2f7bee3e6d3c871737bda4a91bff00c5eec276517d1a19c", [:mix], [{:bunt, "~> 0.2.0", [hex: :bunt, repo: "hexpm", optional: false]}, {:file_system, "~> 0.2.8", [hex: :file_system, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}], "hexpm", "625520ce0984ee0f9f1f198165cd46fa73c1e59a17ebc520038b8fce056a5bdc"},
   "db_connection": {:hex, :db_connection, "2.4.2", "f92e79aff2375299a16bcb069a14ee8615c3414863a6fef93156aee8e86c2ff3", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "4fe53ca91b99f55ea249693a0229356a08f4d1a7931d8ffa79289b145fe83668"},
   "decimal": {:hex, :decimal, "2.0.0", "a78296e617b0f5dd4c6caf57c714431347912ffb1d0842e998e9792b5642d697", [:mix], [], "hexpm", "34666e9c55dea81013e77d9d87370fe6cb6291d1ef32f46a1600230b1d44f577"},