From 859f490b3a1a1bd5bbb36d969e2e88c22a2caf09 Mon Sep 17 00:00:00 2001
From: Tim Rowe <tim@tjsr.id.au>
Date: Sat, 20 Apr 2024 22:25:26 +1000
Subject: [PATCH] Log in to github got package repo.

---
 .github/dependabot.yml      |   5 +++++
 .github/workflows/build.yml |   6 ++++++
 Dockerfile                  |  20 ++++++++++++++------
 Dockerfile.dbmigrate        |  14 ++++++++------
 README.md                   | Bin 796 -> 1996 bytes
 package.json                |   4 ++--
 6 files changed, 35 insertions(+), 14 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index db9ba41..5bf9403 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,3 +4,8 @@ updates:
     directory: '/'
     schedule:
       interval: 'weekly'
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every week
+      interval: "weekly"
\ No newline at end of file
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index c45ed85..2343773 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -9,6 +9,8 @@ jobs:
       BUILDKIT_PROGRESS: plain
       DBMIGRATE_IMAGE: tjsrowe/tagtool:dbmigrate-${{ github.sha }}
       API_IMAGE: tjsrowe/tagtool:${{ github.sha }}
+      TAGTOOL_GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }}
+      TAGTOOL_GITHUB_PAT_2: ${{ secrets.TAGTOOL_GITHUB_PAT }}
 
     steps:
     - name: Check out repositofy code
@@ -42,6 +44,8 @@ jobs:
       with:
         context: .
         builder: ${{ steps.buildx.outputs.name }}
+        secrets: |
+          id=github,env=TAGTOOL_GITHUB_PAT
         file: Dockerfile.dbmigrate
         push: ${{ github.actor != 'dependabot[bot]' }}
         tags: ${{ github.actor != 'dependabot[bot]' && format('{0}/', steps.login-ecr-public.outputs.registry) || ''}}${{ env.DBMIGRATE_IMAGE }}
@@ -53,6 +57,8 @@ jobs:
       with:
         context: .
         builder: ${{ steps.buildx.outputs.name }}
+        secrets: |
+          id=github,env=TAGTOOL_GITHUB_PAT
         file: Dockerfile
         push: ${{ github.actor != 'dependabot[bot]' }}
         tags: ${{ github.actor != 'dependabot[bot]' && format('{0}/', steps.login-ecr-public.outputs.registry) || ''}}${{ env.API_IMAGE }}
diff --git a/Dockerfile b/Dockerfile
index df7356d..e44e2ee 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
-ARG NODE_VERSION=18.13.0
-FROM node:${NODE_VERSION}-alpine3.17 as tagtool-build-preflight
-ARG NPM_VERSION=9.6.3
-RUN npm install -g npm@${NPM_VERSION}
+ARG NODE_VERSION=20.12.2
+ARG ALPINE_VERSION=3.19
+ARG NPM_VERSION=10.5.2
+FROM ghcr.io/tjsr/node_patched_npm:${NODE_VERSION}-alpine${ALPINE_VERSION}-npm${NPM_VERSION} as tagtool-build-preflight
 
 RUN mkdir /opt/tagtool
 
@@ -18,14 +18,22 @@ COPY babel.config.js /opt/tagtool
 COPY tsconfig.json /opt/tagtool
 COPY .npmrc /opt/tagtool
 
-RUN npm i && npm run build
+RUN --mount=type=secret,id=github,target=/root/.npm/github_pat \
+  echo "//npm.pkg.github.com/:_authToken=$(cat /root/.npm/github_pat)" >> /root/.npmrc && \
+  npm install && \
+  npm run build && \
+  rm -f /root/.npmrc
 
 FROM tagtool-build-preflight as tagtool
 
 COPY package*.json /opt/tagtool
 COPY .npmrc /opt/tagtool
 
-RUN npm i --production
+RUN --mount=type=secret,id=github,target=/root/.npm/github_pat \
+  echo "//npm.pkg.github.com/:_authToken=$(cat /root/.npm/github_pat)" >> /root/.npmrc && \
+  npm install --omit=dev && \
+  rm -f /root/.npmrc
+
 COPY --from=tagtool-build /opt/tagtool/dist /opt/tagtool/dist
 COPY --from=tagtool-build /opt/tagtool/build /opt/tagtool/dist/build
 WORKDIR /opt/tagtool/dist
diff --git a/Dockerfile.dbmigrate b/Dockerfile.dbmigrate
index 1aa9b1b..ca2cb90 100644
--- a/Dockerfile.dbmigrate
+++ b/Dockerfile.dbmigrate
@@ -1,8 +1,7 @@
-ARG NODE_VERSION=18.13.0
-FROM node:${NODE_VERSION}-alpine3.17 as tagtool-dbmigrate
-ARG NPM_VERSION=9.6.3
-
-RUN npm install -g npm@${NPM_VERSION}
+ARG NODE_VERSION=20.12.2
+ARG ALPINE_VERSION=3.19
+ARG NPM_VERSION=10.5.2
+FROM ghcr.io/tjsr/node_patched_npm:${NODE_VERSION}-alpine${ALPINE_VERSION}-npm${NPM_VERSION} as tagtool-dbmigrate
 
 RUN mkdir /opt/tagtool
 COPY package.json /opt/tagtool
@@ -10,6 +9,9 @@ COPY package-lock.json /opt/tagtool
 COPY prisma /opt/tagtool
 
 WORKDIR /opt/tagtool
-RUN npm i
+RUN --mount=type=secret,id=github,target=/root/.npm/github_pat \
+  echo "//npm.pkg.github.com/:_authToken=$(cat /root/.npm/github_pat)" >> /root/.npmrc && \
+  npm install && \
+  rm -f /root/.npmrc
 
 CMD ["npm", "run", "db:upgrade:deploy"]
diff --git a/README.md b/README.md
index 0b6d16febfe3b9be15a59dea7c2587b6b96647be..472f1ce2e368db70aa0bedb83de19b6771fbec07 100644
GIT binary patch
literal 1996
zcmb`IOK;Oq5QS%r#DB2pqEJzn1wtYc67)fec(kJFB0?ynZqlU9!`MlxZusfIckcMs
zPN8Chtl0N4b7tnuBfoxbSYiw7+Xe4A&%_?ugYfIDohCN664^e#lJ(SbWC!e~>@q9R
zE!h{g3VYoQIV<>P0awx)R>n5NnviC8&bQ$FyDfQ_joW2~7QK`0IT{H%{orwehA^l6
zW}HZ382p&Biu$Fcw-IgF1~<FhjnO=>JgMWIb9;7sE6XEfgqsK4ODrjZ#BT6q$@e-S
zO;`<C6(NEIZw5SyO>DKf5z-Ru#E$Kab@*Nf?2LE9uOF<4iGHP*VM&b0x-yf%SraD@
zcoWVt?sD`pyW)L;mUEh;rA$e?;48G6i#B`tS)j8BI%3zerd*0cd99NzuqVjL8`;|m
zcXR9sL!LFU#%SwQKDjrtkk}W{7Cbp9E!*K~MwEgpt2^8df}Gb$$%!IxTiVIXYx`=C
z|0~`TJp5Zu+;`QP;#V9oORYPsd!2|;b%b*zCYr2wi9~gifhLZeVXc&RRgCf#GwxNU
z4vN*B*bf*;(ao_^fa5hN9IrN2gy&H!v8MX|79Op{yKARlT#<wHo;)n<65k8tTh_zB
zW$?Chn~PWIjlk$p(Yv;1`*vV&?^u&XX^6FDBjN;q>P~AB`J7nfZNZJ=@3T_%sIQ-L
z5<6}hxDZEPCy_%TcJQRl`-tZQezol#yF)w0zh2dOLRYnFN~z9g@Tk2ISHbF-_gOXD
zRC(T?E2L^$v5TcK!6V&?_gbQa8_g%p2KRjvdy;b|W<g$a(6dp`uDVBkUhSi$Svv<O
z`Wk1J*VATYM|t<T<9@IArEF^+iRBx<aXQB?&+#bduC5?QQD4q@;_UNNA&t0EPbfce
zn!B{7;RU=X;#R1MZDdp-$7JTny7rOvC$iHcKSy@LN-^Cpb&AY^eg22k2~vk(zDKr;
zMdAI)f~K~2jQ53lb%d-l<MPt=ZZ89C+hKY?w`ca!UIgSl-j6`9r?NDf|D@a0^?<5+
hedj!_&eM=p&4LL?vN+^D=C%iOvb)}!_u+dKzX9(hS2zFw

delta 11
ScmX@ZKZk9?m(5F9HJAV&DFlcB

diff --git a/package.json b/package.json
index dbfe108..202fa01 100644
--- a/package.json
+++ b/package.json
@@ -15,8 +15,8 @@
     "start:dev": "nodemon index.ts && cross-env PORT=3008 react-scripts start",
     "start:prod": "node index.js",
     "build": "cross-env NODE_OPTIONS=--openssl-legacy-provider react-scripts build && tsc",
-    "docker:build": "docker build -t tagtool -f Dockerfile .",
-    "docker:build:dbmigrate": "docker build -t tagtool-dbmigrate -f Dockerfile.dbmigrate .",
+    "docker:build": "docker build --secret id=github,env=TAGTOOL_GITHUB_PAT -t tagtool -f Dockerfile .",
+    "docker:build:dbmigrate": "docker build --secret id=github,env=TAGTOOL_GITHUB_PAT -t tagtool-dbmigrate -f Dockerfile.dbmigrate .",
     "docker:test": "npm run docker:build && docker run --rm --name tagtool-test -it tagtool npm i && npm test",
     "lint": "eslint --fix \"./src/**/*.{ts,tsx}\"",
     "prettier": "prettier --single-quote --write \"./src/**/*.{ts,tsx}\"",