From 97be8f46673b76e645138f2c0b6102993f935e5f Mon Sep 17 00:00:00 2001
From: Brain <brain@wtf-eg.de>
Date: Wed, 21 Aug 2024 20:46:49 +0200
Subject: [PATCH 1/5] Ditch builder and base Docker images

This should make dependency upgrades easier and bring more clarity to the CI pipelines
---
 .drone.yml | 17 ++++++++++++-----
 Dockerfile | 17 +++++++++++++++--
 2 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 1af29d9..8dbe1fa 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -15,16 +15,18 @@ trigger:
 
 steps:
   - name: install-lint-test
-    image: git.wtf-eg.de/kompetenzinventar/builder:1.0.2
+    image: python:3.8.18-alpine
+    env:
+      PYROOT: '/pyroot'
+      PYTHONUSERBASE: '/pyroot'
     commands:
+      - apk add --no-cache gcc g++ musl-dev python3-dev
+      - pip3 install pipenv
       - pipenv install --dev
       - pipenv run flake8
       - pipenv run reuse lint
       - pipenv run python -m unittest discover ki
 
-image_pull_secrets:
-  - dockerconfig
-
 ---
 kind: pipeline
 type: docker
@@ -91,8 +93,13 @@ trigger:
 
 steps:
   - name: install-lint-test
-    image: git.wtf-eg.de/kompetenzinventar/builder:1.0.2
+    image: python:3.8.18-alpine
+    env:
+      PYROOT: '/pyroot'
+      PYTHONUSERBASE: '/pyroot'
     commands:
+      - apk add --no-cache gcc g++ musl-dev python3-dev
+      - pip3 install pipenv
       - pipenv install --dev
       - pipenv run flake8
       - pipenv run reuse lint
diff --git a/Dockerfile b/Dockerfile
index dd0efbc..5ec9d45 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,17 @@
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
-FROM git.wtf-eg.de/kompetenzinventar/builder:1.0.2 as builder
+FROM python:3.8.18-alpine as builder
+
+ENV PYROOT /pyroot
+ENV PYTHONUSERBASE $PYROOT
+
+RUN apk add --no-cache \
+    gcc \
+    g++ \
+    musl-dev \
+    python3-dev && \
+    pip3 install pipenv
 
 COPY Pipfile* ./
 
@@ -10,7 +20,10 @@ RUN PIP_USER=1 PIP_IGNORE_INSTALLED=1 pipenv install --system --deploy --ignore-
 RUN pip3 uninstall --yes pipenv
 
 
-FROM git.wtf-eg.de/kompetenzinventar/base:1.0.2 as ki-backend
+FROM python:3.8.18-alpine as ki-backend
+
+ENV PYROOT /pyroot
+ENV PYTHONUSERBASE $PYROOT
 
 # Install six explicitly. Otherwise Python complains about it missing.
 RUN pip3 install six

From 6a3458a596e0db85f17e344ec12261fa953ed574 Mon Sep 17 00:00:00 2001
From: Brain <brain@wtf-eg.de>
Date: Wed, 21 Aug 2024 20:53:59 +0200
Subject: [PATCH 2/5] Pin Docker images in CI

---
 .drone.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 8dbe1fa..42b0b8a 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -43,7 +43,7 @@ depends_on:
 
 steps:
   - name: docker-publish
-    image: plugins/docker
+    image: plugins/docker:20.17.3
     settings:
       registry: git.wtf-eg.de
       repo: git.wtf-eg.de/kompetenzinventar/backend
@@ -70,7 +70,7 @@ depends_on:
 
 steps:
   - name: deploy-dev
-    image: appleboy/drone-ssh
+    image: appleboy/drone-ssh:1.7.5
     settings:
       host:
         - dev01.wtf-eg.net
@@ -105,7 +105,7 @@ steps:
       - pipenv run reuse lint
       - pipenv run python -m unittest discover ki
   - name: docker-publish
-    image: plugins/docker
+    image: plugins/docker:20.17.3
     settings:
       registry: git.wtf-eg.de
       repo: git.wtf-eg.de/kompetenzinventar/backend

From a5a85e6032cabf4c1065367b82c00710a2c7e4d8 Mon Sep 17 00:00:00 2001
From: Brain <brain@wtf-eg.de>
Date: Wed, 21 Aug 2024 21:08:52 +0200
Subject: [PATCH 3/5] Fix Dockerfile warnings

---
 Dockerfile | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 5ec9d45..304abf6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,10 +2,10 @@
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
-FROM python:3.8.18-alpine as builder
+FROM python:3.8.18-alpine AS builder
 
-ENV PYROOT /pyroot
-ENV PYTHONUSERBASE $PYROOT
+ENV PYROOT=/pyroot
+ENV PYTHONUSERBASE=$PYROOT
 
 RUN apk add --no-cache \
     gcc \
@@ -20,10 +20,10 @@ RUN PIP_USER=1 PIP_IGNORE_INSTALLED=1 pipenv install --system --deploy --ignore-
 RUN pip3 uninstall --yes pipenv
 
 
-FROM python:3.8.18-alpine as ki-backend
+FROM python:3.8.18-alpine AS ki-backend
 
-ENV PYROOT /pyroot
-ENV PYTHONUSERBASE $PYROOT
+ENV PYROOT=/pyroot
+ENV PYTHONUSERBASE=$PYROOT
 
 # Install six explicitly. Otherwise Python complains about it missing.
 RUN pip3 install six

From 155ddc556cd6f32d3506dcc0cffe4f1938351103 Mon Sep 17 00:00:00 2001
From: Brain <brain@wtf-eg.de>
Date: Wed, 21 Aug 2024 21:09:12 +0200
Subject: [PATCH 4/5] Add .dockerignore file

---
 .dockerignore | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..436bce5
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,9 @@
+*
+!Pipfile
+!Pipfile.lock
+!data/
+!ki/
+!LICENSES/
+!migrations/
+!app.py
+!run_prod.py

From 6f04d23e6ccf18bec11162eec60157dbc9fab39e Mon Sep 17 00:00:00 2001
From: Brain <brain@wtf-eg.de>
Date: Wed, 21 Aug 2024 21:17:33 +0200
Subject: [PATCH 5/5] Add license information to .dockerignore file

---
 .dockerignore | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.dockerignore b/.dockerignore
index 436bce5..6a48e8e 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: WTF Kooperative eG <https://wtf-eg.de/>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 *
 !Pipfile
 !Pipfile.lock