From bb9f548ad1ab43f0aba043d1da7fd97e19105318 Mon Sep 17 00:00:00 2001
From: Tommy Dalton <59835082+tommyd450@users.noreply.github.com>
Date: Tue, 5 Dec 2023 19:51:35 +0000
Subject: [PATCH] Configuring dockerfile for rhtap build (#61)

* Configuring dockerfile for rhtap build

* Changes based upon feedback

* Added mod = read only to the build
---
 ...tamp-authority-1-0-gamma-pull-request.yaml |  6 +++++
 .../timestamp-authority-1-0-gamma-push.yaml   |  6 +++++
 Dockerfile                                    | 24 +++++++------------
 3 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/.tekton/timestamp-authority-1-0-gamma-pull-request.yaml b/.tekton/timestamp-authority-1-0-gamma-pull-request.yaml
index e40b1d94..6803a76b 100644
--- a/.tekton/timestamp-authority-1-0-gamma-pull-request.yaml
+++ b/.tekton/timestamp-authority-1-0-gamma-pull-request.yaml
@@ -30,6 +30,12 @@ spec:
     value: .
   - name: revision
     value: '{{revision}}'
+  - name: prefetch-input
+    value: '[{"type": "gomod", "path": "."}, {"type": "gomod", "path": "hack/tools"}]'
+  - name: hermetic
+    value: "true"
+  - name: build-source-image
+    value: "true"
   pipelineSpec:
     finally:
     - name: show-sbom
diff --git a/.tekton/timestamp-authority-1-0-gamma-push.yaml b/.tekton/timestamp-authority-1-0-gamma-push.yaml
index 74859780..f035eb46 100644
--- a/.tekton/timestamp-authority-1-0-gamma-push.yaml
+++ b/.tekton/timestamp-authority-1-0-gamma-push.yaml
@@ -27,6 +27,12 @@ spec:
     value: .
   - name: revision
     value: '{{revision}}'
+  - name: prefetch-input
+    value: '[{"type": "gomod", "path": "."}, {"type": "gomod", "path": "hack/tools"}]'
+  - name: hermetic
+    value: "true"
+  - name: build-source-image
+    value: "true"
   pipelineSpec:
     finally:
     - name: show-sbom
diff --git a/Dockerfile b/Dockerfile
index a9041dd4..1cef1003 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,34 +12,26 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM golang:1.21.3@sha256:02d7116222536a5cf0fcf631f90b507758b669648e0f20186d2dc94a9b419a9b AS builder
+FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.21@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 AS builder
 ENV APP_ROOT=/opt/app-root
 ENV GOPATH=$APP_ROOT
+RUN mkdir /opt/app-root && mkdir /opt/app-root/src
 
 WORKDIR $APP_ROOT/src/
-ADD go.mod go.sum $APP_ROOT/src/
-RUN go mod download
 
-# Add source code
+ADD go.mod go.sum $APP_ROOT/src/
 ADD ./cmd/ $APP_ROOT/src/cmd/
 ADD ./pkg/ $APP_ROOT/src/pkg/
 
-ARG SERVER_LDFLAGS
-RUN go build -ldflags "${SERVER_LDFLAGS}" ./cmd/timestamp-server
-RUN CGO_ENABLED=0 go build -gcflags "all=-N -l" -ldflags "${SERVER_LDFLAGS}" -o timestamp-server_debug ./cmd/timestamp-server
+RUN git config --global --add safe.directory /opt/app-root/src && \
+    go mod download && \
+    CGO_ENABLED=0 go build -mod=readonly -ldflags "${SERVER_LDFLAGS}" ./cmd/timestamp-server
 
 # Multi-Stage production build
-FROM golang:1.21.3@sha256:02d7116222536a5cf0fcf631f90b507758b669648e0f20186d2dc94a9b419a9b as deploy
+FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.21@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 as deploy
 
 # Retrieve the binary from the previous stage
 COPY --from=builder /opt/app-root/src/timestamp-server /usr/local/bin/timestamp-server
 
 # Set the binary as the entrypoint of the container
-CMD ["timestamp-server", "serve"]
-
-# debug compile options & debugger
-FROM deploy as debug
-RUN go install github.com/go-delve/delve/cmd/dlv@v1.9.0
-
-# overwrite server and include debugger
-COPY --from=builder /opt/app-root/src/timestamp-server_debug /usr/local/bin/timestamp-server
+CMD ["timestamp-server", "serve"]
\ No newline at end of file