From 00e93985ce7d5f859c9889f424f5ab23e3ae6fca Mon Sep 17 00:00:00 2001
From: Gianmauro Cuccuru <gianmauro.cuccuru@fht.org>
Date: Thu, 15 Feb 2024 15:19:05 +0100
Subject: [PATCH] use Docker multistage build

---
 .github/workflows/docker-publish.yml | 12 ++++++++++--
 Dockerfile                           | 14 +++++++++++++-
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index b1f6cc2..392e236 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -12,7 +12,6 @@ env:
   REGISTRY: ghcr.io
   # github.repository as <account>/<repo>
   IMAGE_NAME: ${{ github.repository }}
-  IMAGE_TAG: 0.1.0
 
 
 jobs:
@@ -33,6 +32,15 @@ jobs:
         with:
           dockerfile: 'Dockerfile'
 
+      - name: Set short git commit SHA
+        id: vars
+        run: |
+          calculatedSha=$(git rev-parse --short ${{ github.sha }})
+          echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV
+
+      - name: Confirm git commit SHA output
+        run: echo ${{ env.COMMIT_SHORT_SHA }}
+
       # Workaround: https://github.com/docker/build-push-action/issues/461
       - name: Setup Docker buildx
         uses: docker/setup-buildx-action@v3
@@ -55,6 +63,6 @@ jobs:
         with:
           context: .
           push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.COMMIT_SHORT_SHA }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
diff --git a/Dockerfile b/Dockerfile
index c9c5b33..96f3355 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,8 @@
-FROM condaforge/mambaforge:latest
+# -----------------
+# Builder container
+# -----------------
+
+FROM condaforge/mambaforge:latest as builder
 LABEL io.github.snakemake.containerized="true"
 LABEL io.github.snakemake.conda_env_hash="c656609b7061aaac2e06e4657068c68e6e7f78eda29ceca74574347aed3b15a2"
 
@@ -65,3 +69,11 @@ RUN mamba env create --prefix /conda-envs/6e056d31662ab0bd2fd3fba49416042f --fil
     mamba env create --prefix /conda-envs/a160f42d06f9d24b41c5cbece52b682d --file /conda-envs/a160f42d06f9d24b41c5cbece52b682d/environment.yaml && \
     mamba env create --prefix /conda-envs/ab67c3cfb8e1a5ad9d9cb7824966853e --file /conda-envs/ab67c3cfb8e1a5ad9d9cb7824966853e/environment.yaml && \
     mamba clean --all -y
+
+
+# -----------------
+# Primary container
+# -----------------
+FROM gcr.io/distroless/base-debian11:latest
+# copy over the generated environment
+COPY --from=builder /conda-envs /conda-envs