From a519db3312e6be7aee796db8fda7489d014ff5c6 Mon Sep 17 00:00:00 2001
From: tidnav <90849097+tidnav@users.noreply.github.com>
Date: Thu, 31 Oct 2024 09:21:36 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=91=B7=20Distroless=20image=20=20+=20dock?=
 =?UTF-8?q?er=20config=20updater=20+=20PR=20build=20workflow=20(#166)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* :construction_worker: distroless image og docker config updater

* :construction_worker: bygg pull requester
---
 .github/workflows/build-pr.yaml                | 18 ++++++++++++++++++
 .github/workflows/update-dependabot-config.yml | 15 +++++++++++++++
 Dockerfile                                     | 14 +++++---------
 3 files changed, 38 insertions(+), 9 deletions(-)
 create mode 100644 .github/workflows/build-pr.yaml
 create mode 100644 .github/workflows/update-dependabot-config.yml

diff --git a/.github/workflows/build-pr.yaml b/.github/workflows/build-pr.yaml
new file mode 100644
index 00000000..4cd38195
--- /dev/null
+++ b/.github/workflows/build-pr.yaml
@@ -0,0 +1,18 @@
+name: Build pull request
+
+on:
+  workflow_dispatch:
+  pull_request:
+    paths-ignore:
+      - '**.md'
+
+jobs:
+  buildDev:
+    uses: navikt/aap-workflows/.github/workflows/frontend-next-only-build.yml@main
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+    secrets: inherit
+    with:
+      cluster: dev-gcp
diff --git a/.github/workflows/update-dependabot-config.yml b/.github/workflows/update-dependabot-config.yml
new file mode 100644
index 00000000..57c40df4
--- /dev/null
+++ b/.github/workflows/update-dependabot-config.yml
@@ -0,0 +1,15 @@
+name: Update dependabot config
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 7 * * 3'
+
+jobs:
+  checkForConfigUpdate:
+    uses: navikt/aap-workflows/.github/workflows/dependabot-frontend-next-config-updater.yml@main
+    permissions:
+      contents: write
+      id-token: write
+      packages: write
+      pull-requests: write
diff --git a/Dockerfile b/Dockerfile
index 5258fb18..d169099c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,18 +1,14 @@
-FROM node:20-alpine
+FROM gcr.io/distroless/nodejs20-debian12@sha256:f912a7599e5338df6527a669def29bddc9469fdac9ab22c4cc9282c1b64c868b
 
-ENV NODE_ENV production
-
-RUN addgroup --system --gid 1069 nodejs
-RUN adduser --system --uid 1069 nextjs
 
 WORKDIR /app
-COPY --chown=nextjs:nodejs .next/standalone ./
-COPY --chown=nextjs:nodejs .next/static ./.next/static
+COPY .next/standalone ./
+COPY .next/static ./.next/static
 
-USER nextjs
+ENV NODE_ENV production
 
 EXPOSE 3000
 
 ENV PORT 3000
 
-CMD ["node", "server.js"]
+CMD ["server.js"]