From fd2181c7d32c34aff6b89fff61c541779338e7c3 Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Mon, 24 Jul 2023 13:48:47 -0400
Subject: [PATCH 01/15] Update build script to support base builds

---
 build_deploy.sh | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/build_deploy.sh b/build_deploy.sh
index 94be6845..a615788a 100755
--- a/build_deploy.sh
+++ b/build_deploy.sh
@@ -17,7 +17,28 @@ fi
 
 DOCKER_CONF="$PWD/.docker"
 mkdir -p "$DOCKER_CONF"
+
 docker --config="$DOCKER_CONF" login -u="$QUAY_USER" -p="$QUAY_TOKEN" quay.io
 docker --config="$DOCKER_CONF" login -u="$RH_REGISTRY_USER" -p="$RH_REGISTRY_TOKEN" registry.redhat.io
-docker --config="$DOCKER_CONF" build -t "${IMAGE}:${IMAGE_TAG}" .
+
+
+### Start base image build and push
+BASE_TAG=`cat go.mod go.sum Dockerfile.base | sha256sum  | head -c 8`
+BASE_IMG=quay.io/cloudservices/frontend-operator-build-base:$BASE_TAG
+RESPONSE=$( \
+        curl -Ls -H "Authorization: Bearer $QUAY_TOKEN" \
+        "https://quay.io/api/v1/repository/cloudservices/frontend-operator-build-base/tag/?specificTag=$BASE_TAG" \
+    )
+echo "received HTTP response: $RESPONSE"
+# find all non-expired tags
+VALID_TAGS_LENGTH=$(echo $RESPONSE | jq '[ .tags[] | select(.end_ts == null) ] | length')
+
+if [[ "$VALID_TAGS_LENGTH" -eq 0 ]]; then
+    docker --config="$DOCKER_CONF" build -f Dockerfile.base . -t "$BASE_IMG"
+	docker --config="$DOCKER_CONF" push "$BASE_IMG"
+fi
+docker --config="$DOCKER_CONF" build  --build-arg BASE_IMAGE="$BASE_IMG" -t "${IMAGE}:${IMAGE_TAG}"
+#### End 
+
+docker --config="$DOCKER_CONF" build  --build-arg BASE_IMAGE="$BASE_IMG" -t "${IMAGE}:${IMAGE_TAG}" .
 docker --config="$DOCKER_CONF" push "${IMAGE}:${IMAGE_TAG}"

From b174781ce3844a27d96411deec9ca9e047681a74 Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 09:50:06 -0400
Subject: [PATCH 02/15] Update Dockerfile to use the new base image

---
 Dockerfile | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4d8ad467..4a43cb8c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,6 @@
 # Build the manager binary
-FROM registry.access.redhat.com/ubi8/go-toolset:1.19.9-2.1687187497 as builder
+ARG BASE_IMAGE=
+FROM $BASE_IMAGE as builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
@@ -14,12 +15,10 @@ COPY main.go main.go
 COPY api/ api/
 COPY controllers/ controllers/
 
-USER 0
-
 # Build
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o manager main.go
 
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.7-1031
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8-1014
 WORKDIR /
 COPY --from=builder /workspace/manager .
 USER 65534:65534

From a2134106d8a09b396a072e33004085ad29fae293 Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 13:15:35 -0400
Subject: [PATCH 03/15] Bump go in Dockerfile.pr. Slim down the pr check script
 to see if I can get a handle on it

---
 build/Dockerfile.pr |  2 +-
 pr_check.sh         | 24 +++++-------------------
 2 files changed, 6 insertions(+), 20 deletions(-)

diff --git a/build/Dockerfile.pr b/build/Dockerfile.pr
index 9bd39a83..11796a2c 100644
--- a/build/Dockerfile.pr
+++ b/build/Dockerfile.pr
@@ -1,4 +1,4 @@
-FROM registry.access.redhat.com/ubi8/go-toolset:1.17.7
+FROM registry.access.redhat.com/ubi8/go-toolset:1.19.9-2.1687187497
 USER 0
 RUN dnf install -y openssh-clients git podman make which go jq
 RUN mkdir /root/go -p
diff --git a/pr_check.sh b/pr_check.sh
index 48fa9a21..92a5caab 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -2,32 +2,18 @@
 
 set -exv
 
-# Note, this does not currently work with podman. pr_check_inner.sh has insufficient permissions
-RUNTIME="docker"
-DOCKER_CONF="$PWD/.docker"
-mkdir -p "$DOCKER_CONF"
-
-export IMAGE_TAG=`git rev-parse --short HEAD`
-export IMAGE_NAME=quay.io/cloudservices/frontend-operator
+mkdir -p "$PWD/.docker"
 
 CONTAINER_NAME="${FEO_CONTAINER_NAME:-frontend-operator-pr-check-$ghprbPullId}"
-# NOTE: Make sure this volume is mounted 'ro', otherwise Jenkins cannot clean up the workspace due to file permission errors
-set +e
-# Run the pr check container (stored in the build dir) and invoke the
-# pr_check_inner as its command
-$RUNTIME run -i \
---name $CONTAINER_NAME \
--v $PWD:/workspace:ro \
-quay.io/bholifie/frontend-op-pr-check:v0.0.8 \
-/workspace/build/pr_check_inner.sh
+
+docker run -i --name $CONTAINER_NAME -v $PWD:/workspace:ro quay.io/bholifie/frontend-op-pr-check:v0.0.8 /workspace/build/pr_check_inner.sh
 
 TEST_RESULT=$?
 
 mkdir -p artifacts
 
-$RUNTIME cp $CONTAINER_NAME:/container_workspace/artifacts/ $PWD
+docker cp $CONTAINER_NAME:/container_workspace/artifacts/ $PWD
 
-$RUNTIME rm -f $CONTAINER_NAME
-set -e
+docker rm -f $CONTAINER_NAME
 
 exit $TEST_RESULT

From 36fcfde55ba09e6376c2be56623047bff801bc3c Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 14:14:03 -0400
Subject: [PATCH 04/15] I think this is a rough approximation of what clowder
 does.

---
 Dockerfile          | 2 +-
 build/Dockerfile.pr | 3 +--
 pr_check.sh         | 8 +++++++-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4a43cb8c..6908288c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,7 +18,7 @@ COPY controllers/ controllers/
 # Build
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o manager main.go
 
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8-1014
+FROM registry.access.redhat.com/ubi8/go-toolset:1.19.9-2.1687187497
 WORKDIR /
 COPY --from=builder /workspace/manager .
 USER 65534:65534
diff --git a/build/Dockerfile.pr b/build/Dockerfile.pr
index 11796a2c..293bf2a3 100644
--- a/build/Dockerfile.pr
+++ b/build/Dockerfile.pr
@@ -9,5 +9,4 @@ RUN GOBIN=/root/go go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0
     && rm -rf /root/go/pkg
 ENV GOBIN="/root/go"
 RUN ln -s /usr/bin/podman /usr/bin/docker
-COPY pr_check_inner.sh .
-RUN chmod 775 pr_check_inner.sh
+
diff --git a/pr_check.sh b/pr_check.sh
index 92a5caab..beb5c33e 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -6,7 +6,13 @@ mkdir -p "$PWD/.docker"
 
 CONTAINER_NAME="${FEO_CONTAINER_NAME:-frontend-operator-pr-check-$ghprbPullId}"
 
-docker run -i --name $CONTAINER_NAME -v $PWD:/workspace:ro quay.io/bholifie/frontend-op-pr-check:v0.0.8 /workspace/build/pr_check_inner.sh
+# We're mounting the jenkins workspace over the root of the container
+# This means that the pr_check_inner.sh script will be run in the context of the jenkins workspace
+# This confused me for a while because pr_check_inner.sh is also copied into the pr check container at build time
+# but the template_check.sh isn't. I couldn't figure out how it was sourcing it
+#docker run -i --name $CONTAINER_NAME -v $PWD:/workspace:ro quay.io/bholifie/frontend-op-pr-check:v0.0.8 /workspace/build/pr_check_inner.sh
+
+docker build -t $CONTAINER_NAME -f build/Dockerfile.pr 
 
 TEST_RESULT=$?
 

From f05b83e2e1ee4f3ad55185d658f85003b89e17fd Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 14:23:42 -0400
Subject: [PATCH 05/15] This should change the pr script

---
 pr_check.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/pr_check.sh b/pr_check.sh
index beb5c33e..baa6d5d2 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -10,10 +10,11 @@ CONTAINER_NAME="${FEO_CONTAINER_NAME:-frontend-operator-pr-check-$ghprbPullId}"
 # This means that the pr_check_inner.sh script will be run in the context of the jenkins workspace
 # This confused me for a while because pr_check_inner.sh is also copied into the pr check container at build time
 # but the template_check.sh isn't. I couldn't figure out how it was sourcing it
-#docker run -i --name $CONTAINER_NAME -v $PWD:/workspace:ro quay.io/bholifie/frontend-op-pr-check:v0.0.8 /workspace/build/pr_check_inner.sh
 
 docker build -t $CONTAINER_NAME -f build/Dockerfile.pr 
 
+docker run -i --name $CONTAINER_NAME -v $PWD:/workspace:ro $CONTAINER_NAME /workspace/build/pr_check_inner.sh
+
 TEST_RESULT=$?
 
 mkdir -p artifacts

From ca434590cda5d145dfa6279b8e2fe0027c8fc93e Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 14:25:04 -0400
Subject: [PATCH 06/15] lil dot

---
 pr_check.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pr_check.sh b/pr_check.sh
index baa6d5d2..4a3cce54 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -11,7 +11,7 @@ CONTAINER_NAME="${FEO_CONTAINER_NAME:-frontend-operator-pr-check-$ghprbPullId}"
 # This confused me for a while because pr_check_inner.sh is also copied into the pr check container at build time
 # but the template_check.sh isn't. I couldn't figure out how it was sourcing it
 
-docker build -t $CONTAINER_NAME -f build/Dockerfile.pr 
+docker build -t $CONTAINER_NAME -f build/Dockerfile.pr .
 
 docker run -i --name $CONTAINER_NAME -v $PWD:/workspace:ro $CONTAINER_NAME /workspace/build/pr_check_inner.sh
 

From afdcad41a3a7c76ef1a940098d993280fed03225 Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 14:30:50 -0400
Subject: [PATCH 07/15] Add python to pr check container.

---
 build/Dockerfile.pr | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/Dockerfile.pr b/build/Dockerfile.pr
index 293bf2a3..f1c76418 100644
--- a/build/Dockerfile.pr
+++ b/build/Dockerfile.pr
@@ -1,6 +1,6 @@
 FROM registry.access.redhat.com/ubi8/go-toolset:1.19.9-2.1687187497
 USER 0
-RUN dnf install -y openssh-clients git podman make which go jq
+RUN dnf install -y openssh-clients git podman make which go jq python
 RUN mkdir /root/go -p
 RUN GOBIN=/root/go go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0 \
     && GOBIN=/root/go go install sigs.k8s.io/kustomize/kustomize/v4@v4.5.2 \

From a93f12f45e4956ca0d181e324b9b8f31b08fa05c Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 14:31:43 -0400
Subject: [PATCH 08/15] Maybe this?

---
 build/Dockerfile.pr | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/Dockerfile.pr b/build/Dockerfile.pr
index f1c76418..498d8b45 100644
--- a/build/Dockerfile.pr
+++ b/build/Dockerfile.pr
@@ -1,6 +1,6 @@
 FROM registry.access.redhat.com/ubi8/go-toolset:1.19.9-2.1687187497
 USER 0
-RUN dnf install -y openssh-clients git podman make which go jq python
+RUN dnf install -y openssh-clients git podman make which go jq python3
 RUN mkdir /root/go -p
 RUN GOBIN=/root/go go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0 \
     && GOBIN=/root/go go install sigs.k8s.io/kustomize/kustomize/v4@v4.5.2 \

From 5546a6433f154b3f272bd0cbac590749aebf7e12 Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 14:33:51 -0400
Subject: [PATCH 09/15] Different container name?

---
 pr_check.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pr_check.sh b/pr_check.sh
index 4a3cce54..a2b8a13f 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -13,7 +13,7 @@ CONTAINER_NAME="${FEO_CONTAINER_NAME:-frontend-operator-pr-check-$ghprbPullId}"
 
 docker build -t $CONTAINER_NAME -f build/Dockerfile.pr .
 
-docker run -i --name $CONTAINER_NAME -v $PWD:/workspace:ro $CONTAINER_NAME /workspace/build/pr_check_inner.sh
+docker run -i --name $CONTAINER_NAME-run -v $PWD:/workspace:ro $CONTAINER_NAME /workspace/build/pr_check_inner.sh
 
 TEST_RESULT=$?
 

From b410c554dbfbac9d6f74657e71be62216aa96c14 Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 14:43:23 -0400
Subject: [PATCH 10/15] Maybe this?

---
 pr_check.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pr_check.sh b/pr_check.sh
index a2b8a13f..cf37efa1 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -22,5 +22,6 @@ mkdir -p artifacts
 docker cp $CONTAINER_NAME:/container_workspace/artifacts/ $PWD
 
 docker rm -f $CONTAINER_NAME
+docker rm -f $CONTAINER_NAME-run
 
 exit $TEST_RESULT

From 61fb24ef159727fe83d6cefb9fe5b3abf749238d Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 14:57:38 -0400
Subject: [PATCH 11/15] This is temporary

---
 pr_check.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pr_check.sh b/pr_check.sh
index cf37efa1..a90d985c 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -5,6 +5,9 @@ set -exv
 mkdir -p "$PWD/.docker"
 
 CONTAINER_NAME="${FEO_CONTAINER_NAME:-frontend-operator-pr-check-$ghprbPullId}"
+docker rm -f $CONTAINER_NAME
+docker rm -f $CONTAINER_NAME-run
+
 
 # We're mounting the jenkins workspace over the root of the container
 # This means that the pr_check_inner.sh script will be run in the context of the jenkins workspace
@@ -19,7 +22,7 @@ TEST_RESULT=$?
 
 mkdir -p artifacts
 
-docker cp $CONTAINER_NAME:/container_workspace/artifacts/ $PWD
+docker cp $CONTAINER_NAME:/workspace/artifacts/ $PWD
 
 docker rm -f $CONTAINER_NAME
 docker rm -f $CONTAINER_NAME-run

From d07a6fc365b8a4ff72a1e5ce5678fb13dd9bff9c Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 15:07:42 -0400
Subject: [PATCH 12/15] Copy from correct container

---
 pr_check.sh | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/pr_check.sh b/pr_check.sh
index a90d985c..955cf6cb 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -5,9 +5,6 @@ set -exv
 mkdir -p "$PWD/.docker"
 
 CONTAINER_NAME="${FEO_CONTAINER_NAME:-frontend-operator-pr-check-$ghprbPullId}"
-docker rm -f $CONTAINER_NAME
-docker rm -f $CONTAINER_NAME-run
-
 
 # We're mounting the jenkins workspace over the root of the container
 # This means that the pr_check_inner.sh script will be run in the context of the jenkins workspace
@@ -22,7 +19,7 @@ TEST_RESULT=$?
 
 mkdir -p artifacts
 
-docker cp $CONTAINER_NAME:/workspace/artifacts/ $PWD
+docker cp $CONTAINER_NAME-run:/workspace/artifacts/ $PWD
 
 docker rm -f $CONTAINER_NAME
 docker rm -f $CONTAINER_NAME-run

From 0ab806d200a54d049bd971c1afe0c42b439894eb Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 15:08:55 -0400
Subject: [PATCH 13/15] Maybe it isn't temporary

---
 pr_check.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/pr_check.sh b/pr_check.sh
index 955cf6cb..ffb11427 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -5,6 +5,9 @@ set -exv
 mkdir -p "$PWD/.docker"
 
 CONTAINER_NAME="${FEO_CONTAINER_NAME:-frontend-operator-pr-check-$ghprbPullId}"
+docker rm -f $CONTAINER_NAME
+docker rm -f $CONTAINER_NAME-run
+
 
 # We're mounting the jenkins workspace over the root of the container
 # This means that the pr_check_inner.sh script will be run in the context of the jenkins workspace

From a978847c8f7bc14d550b0d203a88e721f6cdf623 Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 15:17:06 -0400
Subject: [PATCH 14/15] Maybe this?

---
 pr_check.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pr_check.sh b/pr_check.sh
index ffb11427..7a9cdfd0 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -22,7 +22,7 @@ TEST_RESULT=$?
 
 mkdir -p artifacts
 
-docker cp $CONTAINER_NAME-run:/workspace/artifacts/ $PWD
+docker cp $CONTAINER_NAME-run:/workspace/artifacts/ $PWD/artifacts/
 
 docker rm -f $CONTAINER_NAME
 docker rm -f $CONTAINER_NAME-run

From c30e38fe766603d3abc3b0e3f9c03e37626fd67b Mon Sep 17 00:00:00 2001
From: Adam Drew <addrew@redhat.com>
Date: Wed, 26 Jul 2023 15:25:44 -0400
Subject: [PATCH 15/15] I'm thrashing

---
 pr_check.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pr_check.sh b/pr_check.sh
index 7a9cdfd0..e163655c 100755
--- a/pr_check.sh
+++ b/pr_check.sh
@@ -22,7 +22,7 @@ TEST_RESULT=$?
 
 mkdir -p artifacts
 
-docker cp $CONTAINER_NAME-run:/workspace/artifacts/ $PWD/artifacts/
+docker cp $CONTAINER_NAME-run:/container_workspace/artifacts/ $PWD
 
 docker rm -f $CONTAINER_NAME
 docker rm -f $CONTAINER_NAME-run