From 6ede7a05bd978f829b66a774ae5fb041c3ee064c Mon Sep 17 00:00:00 2001
From: Przemek Rzad <przemek@parity.io>
Date: Mon, 3 Jun 2024 12:44:01 +0200
Subject: [PATCH] Add Dockerfiles to the templates (#4637)

As requested
[here](https://github.com/paritytech/polkadot-sdk/issues/3155#issuecomment-2126934939).

The Dockerfiles are inspired by [this
one](https://github.com/paritytech/polkadot-sdk/blob/aa32faaebf64426becb2feeede347740eb7a3908/docker/dockerfiles/polkadot/polkadot_builder.Dockerfile).
---
 templates/minimal/.dockerignore   |  3 +++
 templates/minimal/Dockerfile      | 28 ++++++++++++++++++++++++++++
 templates/parachain/.dockerignore |  3 +++
 templates/parachain/Dockerfile    | 28 ++++++++++++++++++++++++++++
 templates/solochain/.dockerignore |  3 +++
 templates/solochain/Dockerfile    | 28 ++++++++++++++++++++++++++++
 6 files changed, 93 insertions(+)
 create mode 100644 templates/minimal/.dockerignore
 create mode 100644 templates/minimal/Dockerfile
 create mode 100644 templates/parachain/.dockerignore
 create mode 100644 templates/parachain/Dockerfile
 create mode 100644 templates/solochain/.dockerignore
 create mode 100644 templates/solochain/Dockerfile

diff --git a/templates/minimal/.dockerignore b/templates/minimal/.dockerignore
new file mode 100644
index 000000000000..da6a8f2620d6
--- /dev/null
+++ b/templates/minimal/.dockerignore
@@ -0,0 +1,3 @@
+target/
+Dockerfile
+.dockerignore
diff --git a/templates/minimal/Dockerfile b/templates/minimal/Dockerfile
new file mode 100644
index 000000000000..0c59192208fe
--- /dev/null
+++ b/templates/minimal/Dockerfile
@@ -0,0 +1,28 @@
+FROM docker.io/paritytech/ci-unified:latest as builder
+
+WORKDIR /polkadot
+COPY . /polkadot
+
+RUN cargo fetch
+RUN cargo build --locked --release
+
+FROM docker.io/parity/base-bin:latest
+
+COPY --from=builder /polkadot/target/release/minimal-template-node /usr/local/bin
+
+USER root
+RUN useradd -m -u 1001 -U -s /bin/sh -d /polkadot polkadot && \
+	mkdir -p /data /polkadot/.local/share && \
+	chown -R polkadot:polkadot /data && \
+	ln -s /data /polkadot/.local/share/polkadot && \
+# unclutter and minimize the attack surface
+	rm -rf /usr/bin /usr/sbin && \
+# check if executable works in this container
+	/usr/local/bin/minimal-template-node --version
+
+USER polkadot
+
+EXPOSE 30333 9933 9944 9615
+VOLUME ["/data"]
+
+ENTRYPOINT ["/usr/local/bin/minimal-template-node"]
diff --git a/templates/parachain/.dockerignore b/templates/parachain/.dockerignore
new file mode 100644
index 000000000000..da6a8f2620d6
--- /dev/null
+++ b/templates/parachain/.dockerignore
@@ -0,0 +1,3 @@
+target/
+Dockerfile
+.dockerignore
diff --git a/templates/parachain/Dockerfile b/templates/parachain/Dockerfile
new file mode 100644
index 000000000000..72a8f19fe79a
--- /dev/null
+++ b/templates/parachain/Dockerfile
@@ -0,0 +1,28 @@
+FROM docker.io/paritytech/ci-unified:latest as builder
+
+WORKDIR /polkadot
+COPY . /polkadot
+
+RUN cargo fetch
+RUN cargo build --locked --release
+
+FROM docker.io/parity/base-bin:latest
+
+COPY --from=builder /polkadot/target/release/parachain-template-node /usr/local/bin
+
+USER root
+RUN useradd -m -u 1001 -U -s /bin/sh -d /polkadot polkadot && \
+	mkdir -p /data /polkadot/.local/share && \
+	chown -R polkadot:polkadot /data && \
+	ln -s /data /polkadot/.local/share/polkadot && \
+# unclutter and minimize the attack surface
+	rm -rf /usr/bin /usr/sbin && \
+# check if executable works in this container
+	/usr/local/bin/parachain-template-node --version
+
+USER polkadot
+
+EXPOSE 30333 9933 9944 9615
+VOLUME ["/data"]
+
+ENTRYPOINT ["/usr/local/bin/parachain-template-node"]
diff --git a/templates/solochain/.dockerignore b/templates/solochain/.dockerignore
new file mode 100644
index 000000000000..da6a8f2620d6
--- /dev/null
+++ b/templates/solochain/.dockerignore
@@ -0,0 +1,3 @@
+target/
+Dockerfile
+.dockerignore
diff --git a/templates/solochain/Dockerfile b/templates/solochain/Dockerfile
new file mode 100644
index 000000000000..97e6dd29107a
--- /dev/null
+++ b/templates/solochain/Dockerfile
@@ -0,0 +1,28 @@
+FROM docker.io/paritytech/ci-unified:latest as builder
+
+WORKDIR /polkadot
+COPY . /polkadot
+
+RUN cargo fetch
+RUN cargo build --locked --release
+
+FROM docker.io/parity/base-bin:latest
+
+COPY --from=builder /polkadot/target/release/solochain-template-node /usr/local/bin
+
+USER root
+RUN useradd -m -u 1001 -U -s /bin/sh -d /polkadot polkadot && \
+	mkdir -p /data /polkadot/.local/share && \
+	chown -R polkadot:polkadot /data && \
+	ln -s /data /polkadot/.local/share/polkadot && \
+# unclutter and minimize the attack surface
+	rm -rf /usr/bin /usr/sbin && \
+# check if executable works in this container
+	/usr/local/bin/solochain-template-node --version
+
+USER polkadot
+
+EXPOSE 30333 9933 9944 9615
+VOLUME ["/data"]
+
+ENTRYPOINT ["/usr/local/bin/solochain-template-node"]