From 680adbff1e91398bbed7072577ac648ea28b690c Mon Sep 17 00:00:00 2001
From: "M. Scott Ford" <scott@corgibytes.com>
Date: Tue, 1 Nov 2022 15:26:13 -0400
Subject: [PATCH 1/2] Only builds and publishes docker container for release
 tags

---
 .github/workflows/ci.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index cbc5ec464..c39460b19 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -67,22 +67,22 @@ jobs:
         run: dotnet build --configuration Release
 
       - name: "[Build, Docker] - Set up QEMU"
-        if: github.event_name != 'pull_request'
+        if: startsWith(github.ref, 'refs/tags/v')
         uses: docker/setup-qemu-action@v2
 
       - name: "[Build, Docker] - Set up Docker Buildx"
-        if: github.event_name != 'pull_request'
+        if: startsWith(github.ref, 'refs/tags/v')
         uses: docker/setup-buildx-action@v2
 
       - name: "[Build, Docker] - Login to DockerHub"
-        if: github.event_name != 'pull_request'
+        if: startsWith(github.ref, 'refs/tags/v')
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: "[Build, Docker] - Build and push"
-        if: github.event_name != 'pull_request'
+        if: startsWith(github.ref, 'refs/tags/v')
         uses: docker/build-push-action@v3
         with:
           context: .

From 005b40ddda2b37f2745c9cc8038ba94185da7deb Mon Sep 17 00:00:00 2001
From: "M. Scott Ford" <scott@corgibytes.com>
Date: Tue, 1 Nov 2022 15:30:26 -0400
Subject: [PATCH 2/2] Ensures that /root/.m2 is pre-populated

If the local maven repository, the `/root/.m2` directory in this case, is empty, then the first time that `mvn` runs a plugin, such as `org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom` or `com.corgibytes:versions-maven-plugin:resolve-ranges-historical`, then the `mvn` process downloads all of the dependencies and stores them in the local repository. This can create problems if there are two instances of `mvn` running at the same time, both attempting to download the same files, but at different times. By forcing the two plugins that are run by `freshli-agent-java` to run on a minimal `pom.xml` file while the container is being built, this change ensures that the `/root/.m2` directory is populated. Hopefully, this means that the `mvn` process won't need to download those files, and instead will just run using the copies that are already stored locally. This will avoid issues with having two instances of `mvn` running at the same time.
---
 Dockerfile | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 58115becf..b8b885e33 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -68,6 +68,18 @@ ENV MAVEN_HOME /usr/share/maven
 ENV MAVEN_CONFIG "$USER_HOME_DIR/.m2"
 RUN mkdir -p $MAVEN_CONFIG
 
+# Bootstrap contents of .m2 directory
+RUN mkdir /root/bootstrap
+RUN echo "<project> \
+    <groupId>com.corgibytes</groupId> \
+    <artifactId>freshli-java-bootstrap</artifactId> \
+    <version>1.0</version> \
+    <modelVersion>4.0.0</modelVersion> \
+</project>" > /root/bootstrap/pom.xml
+RUN cd /root/bootstrap && \
+    mvn org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom && \
+    mvn com.corgibytes:versions-maven-plugin:resolve-ranges-historical
+
 # Copy `freshli` executable from the `dotnet_build` image
 RUN mkdir -p /usr/local/share/freshli
 COPY --from=dotnet_build /app/freshli/exe/ /usr/local/share/freshli/