DM-40673: Docker build of nginx container with Gatsby static site

.dockerignore

@@ -0,0 +1,3 @@
+.cache/
+node_modules/
+public/

.github/workflows/ci.yaml

@@ -60,3 +60,14 @@ jobs:
 
       - name: Build Gatsby site
         run: npm run build
+
+      - name: List build directory
+        run: ls -l public
+
+      - uses: lsst-sqre/build-and-push-to-ghcr@v1
+        id: build
+        with:
+          image: ${{ github.repository }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+
+      - run: echo Pushed ghcr.io/${{ github.repository }}:${{ steps.build.outputs.tag }}

Dockerfile

@@ -0,0 +1,20 @@
+FROM nginx:alpine as server
+# # Set working directory to nginx asset directory
+# WORKDIR /usr/share/nginx/html
+# # Remove default nginx static assets
+# RUN rm -rf ./*
+# # Copy static assets from builder stage
+# COPY --from=builder /app/public .
+# # Containers run nginx with global directives and daemon off
+# ENTRYPOINT ["nginx", "-g", "daemon off;"]
+
+COPY nginx-boot.bash /sbin/nginx-boot
+RUN chmod +x /sbin/nginx-boot
+
+RUN apk --update add nginx bash && \
+    rm -fR /var/cache/apk/*
+
+COPY public/ /pub
+
+CMD [ "/sbin/nginx-boot" ]
+EXPOSE 80

nginx-boot.bash

@@ -0,0 +1,118 @@
+#!/bin/bash
+
+# Check for variables
+export CHARSET=${CHARSET:-utf-8}
+
+export WORKER_CONNECTIONS=${WORKER_CONNECTIONS:-1024}
+export HTTP_PORT=${HTTP_PORT:-80}
+export NGINX_CONF=/etc/nginx/mushed.conf
+
+export PUBLIC_PATH=${PUBLIC_PATH:-/pub}
+
+export GZIP_TYPES=${GZIP_TYPES:-application/javascript application/x-javascript application/rss+xml text/javascript text/css image/svg+xml}
+export GZIP_LEVEL=${GZIP_LEVEL:-6}
+
+export CACHE_IGNORE=${CACHE_IGNORE:-html}
+export CACHE_PUBLIC=${CACHE_PUBLIC:-ico|jpg|jpeg|png|gif|svg|js|jsx|css|less|swf|eot|ttf|otf|woff|woff2}
+export CACHE_PUBLIC_EXPIRATION=${CACHE_PUBLIC_EXPIRATION:-1y}
+
+if [ "$TRAILING_SLASH" = false ]; then
+  REWRITE_RULE="rewrite ^(.+)/+\$ \$1 permanent"
+  TRY_FILES="try_files \$uri \$uri/index.html =404"
+else
+  REWRITE_RULE="rewrite ^([^.]*[^/])\$ \$1/ permanent"
+  TRY_FILES="try_files \$uri \$uri/ \$uri/index.html =404"
+fi
+
+if [ "$DISABLE_FILE_CACHE" != true ]; then
+  read -r -d '' FILE_CACHE <<'EOF'
+
+  ## Cache open FD
+  open_file_cache max=10000 inactive=3600s;
+  open_file_cache_valid 7200s;
+  open_file_cache_min_uses 2;
+
+EOF
+fi
+
+if [ -f /etc/nginx/server.conf ]; then
+  CUSTOM_SERVER_CONFIG=$(</etc/nginx/server.conf)
+else
+  CUSTOM_SERVER_CONFIG=${CUSTOM_SERVER_CONFIG:-};
+fi
+
+# Build config
+cat <<EOF > $NGINX_CONF
+daemon              off;
+worker_processes    1;
+user                root;
+
+events {
+  worker_connections $WORKER_CONNECTIONS;
+}
+
+http {
+  include       mime.types;
+  default_type  application/octet-stream;
+
+  keepalive_timeout  15;
+  autoindex          off;
+  server_tokens      off;
+  port_in_redirect   off;
+  absolute_redirect  off;
+  sendfile           off;
+  tcp_nopush         on;
+  tcp_nodelay        on;
+
+  client_max_body_size 64k;
+  client_header_buffer_size 16k;
+  large_client_header_buffers 4 16k;
+
+  $FILE_CACHE
+
+  ## Gzipping is an easy way to reduce page weight
+  gzip                on;
+  gzip_vary           on;
+  gzip_proxied        any;
+  gzip_types          $GZIP_TYPES;
+  gzip_buffers        16 8k;
+  gzip_comp_level     $GZIP_LEVEL;
+
+  access_log         /dev/stdout;
+  error_log          /dev/stderr error;
+
+  server {
+    listen $HTTP_PORT;
+    root $PUBLIC_PATH;
+
+    index index.html;
+    autoindex off;
+    charset $CHARSET;
+
+    error_page 404 /404.html;
+
+    location ~* \.($CACHE_IGNORE)$ {
+      add_header Cache-Control "no-store";
+      expires    off;
+    }
+    location ~* \.($CACHE_PUBLIC)$ {
+      add_header Cache-Control "public";
+      expires +$CACHE_PUBLIC_EXPIRATION;
+    }
+
+    $REWRITE_RULE;
+
+    $TRY_FILES;
+
+    $CUSTOM_SERVER_CONFIG
+  }
+}
+
+EOF
+
+[ "" != "$DEBUG" ] && cat $NGINX_CONF;
+
+mkdir -p /run/nginx/
+chown -R root:root /var/lib/nginx
+
+exec nginx -c $NGINX_CONF