From 02d3e9061041a9b880331d58992c7f45595984c5 Mon Sep 17 00:00:00 2001
From: Boris Glimcher <36732377+glimchb@users.noreply.github.com>
Date: Thu, 16 Feb 2023 08:36:31 -0500
Subject: [PATCH] Create Dockerfile

Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com>
---
 .github/CODEOWNERS                   |  1 +
 .github/workflows/docker-publish.yml | 60 ++++++++++++++++++++++++++++
 .github/workflows/linters.yml        | 31 ++++++++++++++
 .github/workflows/release.yaml       | 11 +++++
 Dockerfile                           | 13 ++++++
 README.md                            | 37 +++++++++++++++++
 renovate.json                        |  6 +++
 requirements.txt                     |  2 +
 8 files changed, 161 insertions(+)
 create mode 100644 .github/CODEOWNERS
 create mode 100644 .github/workflows/docker-publish.yml
 create mode 100644 .github/workflows/linters.yml
 create mode 100644 .github/workflows/release.yaml
 create mode 100644 Dockerfile
 create mode 100644 README.md
 create mode 100644 renovate.json
 create mode 100644 requirements.txt

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..97ec8f7
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+*       @opiproject/opi-maintainers
diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
new file mode 100644
index 0000000..8d2bcaa
--- /dev/null
+++ b/.github/workflows/docker-publish.yml
@@ -0,0 +1,60 @@
+---
+name: Docker
+
+on:
+  workflow_dispatch:
+  workflow_call:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      # This is used to complete the identity challenge
+      # with sigstore/fulcio when running outside of PRs.
+      id-token: write
+
+    steps:
+      - uses: actions/checkout@v3
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-buildx-action@v2.4.1
+
+      - name: Log in to Docker Hub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2.1.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Log in to the GH Container registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2.1.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v4.3.0
+        with:
+          images: |
+            ${{ github.repository }}
+            ghcr.io/${{ github.repository }}
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@v4.0.0
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
new file mode 100644
index 0000000..511d68b
--- /dev/null
+++ b/.github/workflows/linters.yml
@@ -0,0 +1,31 @@
+name: Linters
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  markdown-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Run tests
+        run: docker run -v $PWD:/workdir ghcr.io/igorshubovych/markdownlint-cli:latest --ignore=minutes --disable=MD013 "**/*.md"
+
+  docker-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: hadolint/hadolint-action@v3.1.0
+        with:
+          recursive: true
+          ignore: DL3008
+
+  shellcheck:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: azohra/shell-linter@v0.6.0
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
new file mode 100644
index 0000000..5ebf68d
--- /dev/null
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,11 @@
+name: Release
+
+on:
+  workflow_dispatch:
+  release:
+    types: [published]
+
+jobs:
+  release-docker:
+    uses: ./.github/workflows/docker-publish.yml
+    secrets: inherit
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..1cc477b
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,13 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright (c) 2022 Dell Inc, or its subsidiaries.
+
+FROM docker.io/library/python:3.10.8-slim
+
+RUN apt-get update && apt-get install -y --no-install-recommends gettext libsqlite3-dev curl gcc && rm -rf /var/lib/apt/lists/*
+
+COPY requirements.txt /tmp/requirements.txt
+RUN pip install --no-cache-dir --requirement /tmp/requirements.txt
+
+ENTRYPOINT ["sztpd"]
+CMD ["sqlite:///:memory:"]
+HEALTHCHECK CMD curl --fail -H Accept:application/yang-data+json http://127.0.0.1:8080/.well-known/host-meta || exit 1
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..9e8aad6
--- /dev/null
+++ b/README.md
@@ -0,0 +1,37 @@
+# Secure Zero Touch Provisioning (sZTP)
+
+[![Linters](https://github.com/opiproject/sztpd/actions/workflows/linters.yml/badge.svg)](https://github.com/opiproject/sztpd/actions/workflows/linters.yml)
+[![Docker](https://github.com/opiproject/sztpd/actions/workflows/docker-publish.yml/badge.svg)](https://github.com/opiproject/sztpd/actions/workflows/docker-publish.yml)
+[![License](https://img.shields.io/github/license/opiproject/sztpd?style=flat-square&color=blue&label=License)](https://github.com/opiproject/sztpd/blob/master/LICENSE)
+[![Pulls](https://img.shields.io/docker/pulls/opiproject/sztpd.svg?logo=docker&style=flat&label=Pulls)](https://hub.docker.com/r/opiproject/sztpd)
+[![Last Release](https://img.shields.io/github/v/release/opiproject/sztpd?label=Latest&style=flat-square&logo=go)](https://github.com/opiproject/sztpd/releases)
+
+This project contains Dockerfile for <https://pypi.org/project/sztpd>
+
+## I Want To Contribute
+
+This project welcomes contributions and suggestions.  We are happy to have the Community involved via submission of **Issues and Pull Requests** (with substantive content or even just fixes). We are hoping for the documents, test framework, etc. to become a community process with active engagement.  PRs can be reviewed by by any number of people, and a maintainer may accept.
+
+See [CONTRIBUTING](https://github.com/opiproject/opi/blob/main/CONTRIBUTING.md) and [GitHub Basic Process](https://github.com/opiproject/opi/blob/main/doc-github-rules.md) for more details.
+
+## Installation
+
+There are several ways of running sztpd.
+
+### Docker
+
+```sh
+docker pull opiproject/sztpd:<version>
+```
+
+You can specify a version like `0.0.11` or use `latest` to get the most up-to-date version.
+
+```sh
+docker run --rm -e SZTPD_INIT_MODE=1 -e SZTPD_ACCEPT_CONTRACT=Yes -e SZTPD_INIT_PORT=8080 -e SZTPD_INIT_ADDR=127.0.0.1 opiproject/sztpd:<version>
+```
+
+### PyPI
+
+```sh
+pip install sztpd==0.0.11
+```
diff --git a/renovate.json b/renovate.json
new file mode 100644
index 0000000..39a2b6e
--- /dev/null
+++ b/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base"
+  ]
+}
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..f7f28fb
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,2 @@
+sqlalchemy<2.0.0
+sztpd==0.0.11