From da53e93ef4337410eec78b3ad86d45ba67c1010c Mon Sep 17 00:00:00 2001
From: Tristan <tristan@mangadex.org>
Date: Mon, 6 Jun 2022 08:14:11 +0100
Subject: [PATCH] Add docker publication back

---
 .dockerignore    |  1 +
 .gitlab-ci.yml   | 61 ++++++++++++++++++++++++++++++++++++++++++++++--
 Dockerfile       | 40 +++++++++++++++++++++++++++++++
 haproxy/Makefile |  1 +
 4 files changed, 101 insertions(+), 2 deletions(-)
 create mode 100644 Dockerfile

diff --git a/.dockerignore b/.dockerignore
index fe19c3f..c6fd7f4 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,3 +1,4 @@
 **/dist
 **/src
 **/*.tar.gz
+!**/*-dist.tar.gz
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index df4485e..d62d048 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,6 +1,7 @@
 stages:
   - dependencies
-  - haproxy
+  - build
+  - publish
 
 variables:
   TZ: "UTC"
@@ -39,7 +40,7 @@ quictls:
 
 haproxy:
   <<: *build-job
-  stage: haproxy
+  stage: build
   script:
     - apt install -y --no-install-recommends -qq git
     - make -C haproxy
@@ -53,3 +54,59 @@ haproxy:
   artifacts:
     expire_in: 14 days
     paths: [ "haproxy/dist", "haproxy/haproxy-*-dist.tar.gz" ]
+
+docker:
+  stage: publish
+  image:
+    name: gcr.io/kaniko-project/executor:debug
+    entrypoint: [ "" ]
+  before_script:
+    - mkdir -p /kaniko/.docker
+    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"gitlab-ci-token\",\"password\":\"$CI_JOB_TOKEN\"}}}" > /kaniko/.docker/config.json
+  script: |
+    set -eu
+
+    export HAPROXY_VER="2.6"
+    export JOB_TIMESTAMP="$(date -D '%Y-%m-%dT%H:%M:%S%Z' -d "$CI_JOB_STARTED_AT" +'%Y%m%d-%H%M')"
+
+    echo "Building image with"
+    echo "  -> haproxy version: 2.6"
+    echo "  -> debian codename: $DEBIAN_CODENAME"
+    echo "  -> git commit hash: $CI_COMMIT_SHORT_SHA"
+    echo "  -> build timestamp: $JOB_TIMESTAMP"
+
+    export IMAGE_TAG_UNIQUE="$HAPROXY_VER-$DEBIAN_CODENAME-$CI_COMMIT_SHORT_SHA-$JOB_TIMESTAMP"
+    export IMAGE_TAG_ROLLING_COMMIT="git-$CI_COMMIT_SHORT_SHA"
+    export IMAGE_TAG_ROLLING_GITREF="$CI_COMMIT_REF_SLUG"
+
+    export IMAGE_TAG_VERSIONS="$HAPROXY_VER-$DEBIAN_CODENAME"
+    if [ "$CI_COMMIT_REF_NAME" != "$CI_DEFAULT_BRANCH" ]; then
+      export IMAGE_TAG_VERSIONS="branch-$CI_COMMIT_REF_SLUG-$IMAGE_TAG_VERSIONS"
+      echo "Git reference $CI_COMMIT_REF_NAME is not the default branch. Rewriting git rolling tag as $IMAGE_TAG_VERSIONS"
+    fi
+
+    echo "***"
+    echo "Will build and push image as:"
+    echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_UNIQUE"
+    echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_ROLLING_COMMIT"
+    echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_ROLLING_GITREF"
+    echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_VERSIONS"
+    echo "***"
+
+    (
+      set -x;
+      /kaniko/executor \
+        --context . \
+        --dockerfile Dockerfile \
+        --build-arg   "CANONICAL_VERSION=$IMAGE_TAG_UNIQUE" \
+        --destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_UNIQUE" \
+        --destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_ROLLING_COMMIT" \
+        --destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_ROLLING_GITREF" \
+        --destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_VERSIONS" \
+        --single-snapshot
+    )
+  needs:
+    - job: quictls
+      artifacts: true
+    - job: haproxy
+      artifacts: true
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..48cdbc8
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,40 @@
+FROM docker.io/library/debian:bullseye as base
+
+# This stage is mostly to import and unpack the dists
+FROM base as dists
+
+RUN apt -qq update && apt install -qq -y bzip2
+
+WORKDIR /tmp/quictls
+COPY ./deps/quictls/quictls-OpenSSL_1_1_1o-dist.tar.gz /tmp/quictls/quictls.tar.gz
+RUN ls -alh && tar xf quictls.tar.gz
+
+WORKDIR /tmp/haproxy
+COPY ./haproxy/haproxy-2.6-dist.tar.gz /tmp/haproxy/haproxy.tar.gz
+RUN ls -alh && tar xf haproxy.tar.gz
+
+FROM base
+
+LABEL Name=HAProxy
+LABEL Vendor=MangaDex
+MAINTAINER MangaDex <opensource@mangadex.org>
+
+ARG CANONICAL_VERSION="local-SNAPSHOT"
+LABEL Version=${CANONICAL_VERSION}
+
+COPY --chown=root:root --from=dists /tmp/quictls/opt /opt
+COPY --chown=root:root --from=dists /tmp/haproxy/usr /usr
+
+RUN apt -q update && \
+    apt -qq -y --no-install-recommends install \
+      ca-certificates \
+      curl \
+      libatomic1 \
+      libssl1.1 \
+      libsystemd0 \
+      procps \
+      socat \
+      zlib1g && \
+    apt -qq -y --purge autoremove && \
+    apt -qq -y clean && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /var/cache/* /var/log/*
diff --git a/haproxy/Makefile b/haproxy/Makefile
index c2f242f..39d530a 100644
--- a/haproxy/Makefile
+++ b/haproxy/Makefile
@@ -25,6 +25,7 @@ HAPROXY_MAKE_ARGS := DEBUG="-DDEBUG_STRICT -DDEBUG_MEMORY_POOLS" \
                      USE_OPENSSL=1 \
                      SSL_INC="../$(DEP_ROOT_QUICTLS)/dist/opt/quictls/include" \
                      SSL_LIB="../$(DEP_ROOT_QUICTLS)/dist/opt/quictls/lib" \
+                     ADDINC="-lcrypt" \
                      USE_PCRE2=1 \
                      USE_PCRE2_JIT=1 \
                      USE_STATIC_PCRE2=1 \