From 3057105a5393dab304fa03adcc2b439577ae2c4f Mon Sep 17 00:00:00 2001
From: Ashleigh Carr <ashcorr20@gmail.com>
Date: Tue, 30 Jan 2024 12:24:45 +0000
Subject: [PATCH] Add new steps to publish a containerized CyberChef to GHCR

---
 .github/workflows/pull_requests.yml |  4 +++
 .github/workflows/releases.yml      | 47 ++++++++++++++++++++++++++++-
 Containerfile                       |  3 ++
 3 files changed, 53 insertions(+), 1 deletion(-)
 create mode 100644 Containerfile

diff --git a/.github/workflows/pull_requests.yml b/.github/workflows/pull_requests.yml
index b485edad62..42027c93a9 100644
--- a/.github/workflows/pull_requests.yml
+++ b/.github/workflows/pull_requests.yml
@@ -38,3 +38,7 @@ jobs:
       run: |
         sudo apt-get install xvfb
         xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+  image:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml
index b1be78f96d..8fbac9f32d 100644
--- a/.github/workflows/releases.yml
+++ b/.github/workflows/releases.yml
@@ -6,6 +6,12 @@ on:
     tags:
     - 'v*'
 
+env:
+  REGISTRY: ghcr.io
+  REGISTRY_USER: ${{ github.actor }}
+  REGISTRY_PASSWORD: ${{ github.token }}
+  IMAGE_NAME: ${{ github.repository }}
+
 jobs:
   main:
     runs-on: ubuntu-latest
@@ -16,10 +22,14 @@ jobs:
       uses: actions/setup-node@v3
       with:
         node-version: '18.x'
+    - name: Install qemu dependency
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y qemu-user-static
 
     - name: Install
       run: |
-        npm install
+        npm ci
         npm run setheapsize
 
     - name: Lint
@@ -40,6 +50,31 @@ jobs:
         sudo apt-get install xvfb
         xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
 
+    - name: Image Metadata
+      if: success()
+      id: image-metadata
+      uses: docker/metadata-action@v4
+      with:
+        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+        tags: |
+          type=semver,pattern={{major}}
+          type=semver,pattern={{major}}.{{minor}}
+          type=semver,pattern={{version}}
+
+    - name: Production Image Build
+      if: success()
+      id: build-image
+      uses: redhat-actions/buildah-build@v2
+      with:
+        image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+        tags: ${{ steps.image-metadata.outputs.tags }}
+        labels: ${{ steps.image-metadata.outputs.labels }}
+        containerfiles: ./Containerfile
+        platforms: linux/arm64, linux/amd64
+        oci: true
+        extra-args: |
+          --ulimit nofile=4096:4096
+
     - name: Upload Release Assets
       if: success()
       id: upload-release-assets
@@ -57,3 +92,13 @@ jobs:
       uses: JS-DevTools/npm-publish@v1
       with:
         token: ${{ secrets.NPM_TOKEN }}
+
+    - name: Publish to GHCR
+      if: success()
+      uses: redhat-actions/push-to-registry@v2
+      with:
+        image: ${{ steps.build-image.outputs.image }}
+        tags: ${{ steps.build-image.outputs.tags }}
+        registry: ${{ env.REGISTRY }}
+        username: ${{ env.REGISTRY_USER }}
+        password: ${{ env.REGISTRY_PASSWORD }}
diff --git a/Containerfile b/Containerfile
new file mode 100644
index 0000000000..7727754d1c
--- /dev/null
+++ b/Containerfile
@@ -0,0 +1,3 @@
+FROM ghcr.io/static-web-server/static-web-server:2.25-alpine
+
+COPY ./build/prod /public