From d456800865ec935b9d1aa0b701424ab54824dfac Mon Sep 17 00:00:00 2001
From: Jonathan Giroux <giroux.jo@gmail.com>
Date: Fri, 4 Oct 2024 02:08:32 +0200
Subject: [PATCH 1/2] ci: add Dockerfile

---
 .dockerignore     |  1 +
 Dockerfile        |  9 +++++++++
 headerConfig.json | 18 ++++++++++++++++++
 3 files changed, 28 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 Dockerfile
 create mode 100644 headerConfig.json

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..a48cf0d
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1 @@
+public
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..497704f
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,9 @@
+FROM node:22-alpine AS builder
+WORKDIR /app
+ADD . /app
+RUN npm ci --legacy-peer-deps && \
+    npm run build
+
+FROM pierrezemb/gostatic
+COPY headerConfig.json /config/
+COPY --from=builder /app/public /srv/http
diff --git a/headerConfig.json b/headerConfig.json
new file mode 100644
index 0000000..7ac83d4
--- /dev/null
+++ b/headerConfig.json
@@ -0,0 +1,18 @@
+{
+	"configs": [
+		{
+			"path": "*",
+			"fileExtension": "*",
+			"headers": [
+				{
+					"key": "Cache-Control",
+					"value": "public, max-age=30, must-revalidate"
+				},
+				{
+					"key": "Strict-Transport-Security",
+					"value": "max-age=31536000; includeSubDomains;"
+				}
+			]
+		}
+	]
+}

From 76c0415dfb969e8eaf18c96e76f0c225863b46bf Mon Sep 17 00:00:00 2001
From: Jonathan Giroux <giroux.jo@gmail.com>
Date: Fri, 4 Oct 2024 02:10:26 +0200
Subject: [PATCH 2/2] ci: add Concourse pipelines

---
 .gitattributes    |   4 +-
 .gitignore        |   5 +-
 concourse.jsonnet | 139 ++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 146 insertions(+), 2 deletions(-)
 create mode 100644 concourse.jsonnet

diff --git a/.gitattributes b/.gitattributes
index 6923ea2..d1f35c6 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,3 +1,5 @@
+/concourse.jsonnet eol=lf
+
 # https://gitattributes.io/api/web
 
 # Content
@@ -73,4 +75,4 @@
 *.eot             binary
 *.otf             binary
 *.woff            binary
-*.woff2           binary
\ No newline at end of file
+*.woff2           binary
diff --git a/.gitignore b/.gitignore
index 63908d9..88414f6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,4 +9,7 @@ public
 .log
 
 # macOS related files
-.DS_Store
\ No newline at end of file
+.DS_Store
+
+# CICD
+/.concourse
diff --git a/concourse.jsonnet b/concourse.jsonnet
new file mode 100644
index 0000000..e635baa
--- /dev/null
+++ b/concourse.jsonnet
@@ -0,0 +1,139 @@
+local GITEA_CREDENTIALS = {
+  password: '((gitea-access-token))',
+  username: 'concourse',
+};
+local GITEA_HOST = 'gitea.cookie.paris';
+
+local DOCKER_IMAGE_RESOURCE = {
+  name: 'docker-image',
+  source: GITEA_CREDENTIALS {
+    repository: GITEA_HOST + '/collective/ccc-website',
+    tag: 'latest',
+  },
+  type: 'registry-image',
+};
+
+local GIT_REPOSITORY_RESOURCE = {
+  name: 'git-repository',
+  source: {
+    uri: 'https://github.com/CookieCollective/ccc-website.git',
+  },
+  type: 'git',
+};
+
+local BUILD_DOCKER_IMAGE_TASK = {
+  caches: [
+    {
+      path: 'cache',
+    },
+  ],
+  image_resource: {
+    source: {
+      repository: 'concourse/oci-build-task',
+    },
+    type: 'registry-image',
+  },
+  inputs: [
+    {
+      name: GIT_REPOSITORY_RESOURCE.name,
+      path: '.',
+    },
+  ],
+  outputs: [
+    {
+      name: 'image',
+    },
+  ],
+  platform: 'linux',
+  run: {
+    path: 'build',
+  },
+};
+
+{
+  'pipelines-main.json': {
+    jobs: [
+      {
+        local JSONNET_OUTPUT = '.concourse',
+        name: 'update-pipelines',
+        plan: [
+          {
+            get: GIT_REPOSITORY_RESOURCE.name,
+            params: {
+              depth: 1,
+            },
+            trigger: true,
+          },
+          {
+            task: 'generate-concourse-files',
+            config: {
+              image_resource: {
+                source: {
+                  repository: 'bitnami/jsonnet',
+                },
+                type: 'registry-image',
+              },
+              inputs: [
+                {
+                  name: GIT_REPOSITORY_RESOURCE.name,
+                },
+              ],
+              outputs: [
+                {
+                  name: JSONNET_OUTPUT,
+                },
+              ],
+              platform: 'linux',
+              run: {
+                args: [
+                  '-m',
+                  JSONNET_OUTPUT,
+                  GIT_REPOSITORY_RESOURCE.name + '/concourse.jsonnet',
+                ],
+                path: 'jsonnet',
+                user: 'root',
+              },
+            },
+          },
+          {
+            file: JSONNET_OUTPUT + '/pipelines-main.json',
+            set_pipeline: 'ccc-website',
+          },
+        ],
+        public: true,
+      },
+      {
+        name: 'build',
+        plan: [
+          {
+            get: GIT_REPOSITORY_RESOURCE.name,
+            params: {
+              depth: 1,
+            },
+            passed: [
+              'update-pipelines',
+            ],
+            trigger: true,
+          },
+          {
+            config: BUILD_DOCKER_IMAGE_TASK,
+            privileged: true,
+            task: 'build-docker-image',
+          },
+          {
+            put: DOCKER_IMAGE_RESOURCE.name,
+            params: {
+              image: 'image/image.tar',
+            },
+          },
+        ],
+        public: true,
+      },
+    ],
+    resources: [
+      DOCKER_IMAGE_RESOURCE,
+      GIT_REPOSITORY_RESOURCE,
+    ],
+  },
+  'tasks-build-docker-image.json': BUILD_DOCKER_IMAGE_TASK,
+}