From 60cf07174cdc0028a88bf7d90340a2d7eb9a1bcf Mon Sep 17 00:00:00 2001
From: Erik Frey <slimpurt@gmail.com>
Date: Thu, 30 Oct 2025 07:25:25 +0000
Subject: [PATCH 1/8] Update Dockerfile.release

---
 Dockerfile.release | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/Dockerfile.release b/Dockerfile.release
index b2d05283850f8..0807867e69e7b 100644
--- a/Dockerfile.release
+++ b/Dockerfile.release
@@ -15,10 +15,12 @@ RUN apk add -U --no-cache ca-certificates && \
     go install aead.dev/minisign/cmd/minisign@v0.2.1
 
 # Download minio binary and signature files
-RUN curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE} -o /go/bin/minio && \
-    curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE}.minisig -o /go/bin/minio.minisig && \
-    curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE}.sha256sum -o /go/bin/minio.sha256sum && \
-    chmod +x /go/bin/minio
+#RUN curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE} -o /go/bin/minio && \
+#    curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE}.minisig -o /go/bin/minio.minisig && \
+#    curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE}.sha256sum -o /go/bin/minio.sha256sum && \
+#    chmod +x /go/bin/minio
+
+go install github.com/minio/minio@latest
 
 # Download mc binary and signature files
 RUN curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc -o /go/bin/mc && \

From 42af1043aeb8e60fce68df9b04ba32577d6daa77 Mon Sep 17 00:00:00 2001
From: Erik Frey <slimpurt@gmail.com>
Date: Thu, 30 Oct 2025 07:27:16 +0000
Subject: [PATCH 2/8] Update Dockerfile.release

---
 Dockerfile.release | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile.release b/Dockerfile.release
index 0807867e69e7b..5c0819bdc0b98 100644
--- a/Dockerfile.release
+++ b/Dockerfile.release
@@ -20,7 +20,8 @@ RUN apk add -U --no-cache ca-certificates && \
 #    curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE}.sha256sum -o /go/bin/minio.sha256sum && \
 #    chmod +x /go/bin/minio
 
-go install github.com/minio/minio@latest
+RUN go install github.com/minio/minio@latest
+RUN chmod +x /go/bin/minio
 
 # Download mc binary and signature files
 RUN curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc -o /go/bin/mc && \

From 5272c27e393e8042aaa24ff7512207b541270ef6 Mon Sep 17 00:00:00 2001
From: Erik Frey <slimpurt@gmail.com>
Date: Thu, 30 Oct 2025 07:31:38 +0000
Subject: [PATCH 3/8] Create docker-build.yaml

---
 .github/workflows/docker-build.yaml | 39 +++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 .github/workflows/docker-build.yaml

diff --git a/.github/workflows/docker-build.yaml b/.github/workflows/docker-build.yaml
new file mode 100644
index 0000000000000..0ce5a8986849d
--- /dev/null
+++ b/.github/workflows/docker-build.yaml
@@ -0,0 +1,39 @@
+name: docker-build
+on:
+  pull_request: {}
+  push:
+    branches:
+      - "elx-vault-main"
+
+env:
+  IMAGE_NAME: elx-vault
+
+jobs:
+  push:
+    runs-on: self-hosted
+    permissions:
+      packages: write
+      contents: read
+
+    steps:
+      - uses: actions/checkout@v5
+      - name: Build image
+        run: docker build . --file Dockerfile --tag $IMAGE_NAME --label "runnumber=${GITHUB_RUN_ID}"
+      - name: Log in to registry
+        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+
+      - name: Push image
+        run: |
+          IMAGE_ID=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME
+
+          IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
+
+          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
+
+          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
+
+          [ "$VERSION" == "main" ] && VERSION=latest
+          echo IMAGE_ID=$IMAGE_ID
+          echo VERSION=$VERSION
+          docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
+          docker push $IMAGE_ID:$VERSION

From b485a81fae4e23788f75a1cc58ca978dc8dc0f1e Mon Sep 17 00:00:00 2001
From: Erik Frey <slimpurt@gmail.com>
Date: Thu, 30 Oct 2025 07:39:32 +0000
Subject: [PATCH 4/8] Update docker-build.yaml

Changed from Dockerfile to Dockerfile.release
---
 .github/workflows/docker-build.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-build.yaml b/.github/workflows/docker-build.yaml
index 0ce5a8986849d..5779c418782b8 100644
--- a/.github/workflows/docker-build.yaml
+++ b/.github/workflows/docker-build.yaml
@@ -18,7 +18,7 @@ jobs:
     steps:
       - uses: actions/checkout@v5
       - name: Build image
-        run: docker build . --file Dockerfile --tag $IMAGE_NAME --label "runnumber=${GITHUB_RUN_ID}"
+        run: docker build . --file Dockerfile.release --tag $IMAGE_NAME --label "runnumber=${GITHUB_RUN_ID}"
       - name: Log in to registry
         run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
 

From 24099230b0e8851a7e2da0c0852c963bc93fef43 Mon Sep 17 00:00:00 2001
From: Erik Frey <slimpurt@gmail.com>
Date: Thu, 30 Oct 2025 07:43:27 +0000
Subject: [PATCH 5/8] Remove minisig verify of binary

---
 Dockerfile.release | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/Dockerfile.release b/Dockerfile.release
index 5c0819bdc0b98..bad0450809e15 100644
--- a/Dockerfile.release
+++ b/Dockerfile.release
@@ -30,8 +30,7 @@ RUN curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc -o /go
     chmod +x /go/bin/mc
 
 # Verify binary signature using public key "RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGavRUN"
-RUN minisign -Vqm /go/bin/minio -x /go/bin/minio.minisig -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav && \
-    minisign -Vqm /go/bin/mc -x /go/bin/mc.minisig -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav
+RUN minisign -Vqm /go/bin/mc -x /go/bin/mc.minisig -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav
 
 COPY dockerscripts/download-static-curl.sh /build/download-static-curl
 RUN chmod +x /build/download-static-curl && \

From 52228870c67a2e10c6456029e3b162ddf39d90c1 Mon Sep 17 00:00:00 2001
From: Erik Frey <slimpurt@gmail.com>
Date: Thu, 30 Oct 2025 07:47:02 +0000
Subject: [PATCH 6/8] Removed minisig entirely

---
 Dockerfile.release | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/Dockerfile.release b/Dockerfile.release
index bad0450809e15..fcb4cfcb06556 100644
--- a/Dockerfile.release
+++ b/Dockerfile.release
@@ -25,13 +25,8 @@ RUN chmod +x /go/bin/minio
 
 # Download mc binary and signature files
 RUN curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc -o /go/bin/mc && \
-    curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc.minisig -o /go/bin/mc.minisig && \
-    curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc.sha256sum -o /go/bin/mc.sha256sum && \
     chmod +x /go/bin/mc
 
-# Verify binary signature using public key "RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGavRUN"
-RUN minisign -Vqm /go/bin/mc -x /go/bin/mc.minisig -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav
-
 COPY dockerscripts/download-static-curl.sh /build/download-static-curl
 RUN chmod +x /build/download-static-curl && \
     /build/download-static-curl

From 9165e4714875169f3073ae795dde25ae4df3dad4 Mon Sep 17 00:00:00 2001
From: Erik Frey <slimpurt@gmail.com>
Date: Thu, 30 Oct 2025 07:53:35 +0000
Subject: [PATCH 7/8] Removed fluff and environment variable from static-curl

---
 dockerscripts/download-static-curl.sh | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/dockerscripts/download-static-curl.sh b/dockerscripts/download-static-curl.sh
index 0f12464c8ce64..2cd4154c17fe1 100644
--- a/dockerscripts/download-static-curl.sh
+++ b/dockerscripts/download-static-curl.sh
@@ -2,19 +2,7 @@
 
 function download_arch_specific_executable {
 	curl -f -L -s -q \
-		https://github.com/moparisthebest/static-curl/releases/latest/download/curl-$1 \
+		https://github.com/moparisthebest/static-curl/releases/latest/download/curl-amd64 \
 		-o /go/bin/curl || exit 1
 	chmod +x /go/bin/curl
 }
-
-case $TARGETARCH in
-"arm64")
-	download_arch_specific_executable aarch64
-	;;
-"s390x")
-	echo "Not downloading static cURL because it does not exist for the $TARGETARCH architecture."
-	;;
-*)
-	download_arch_specific_executable "$TARGETARCH"
-	;;
-esac

From 8b38121d00e8c5c0c880216b49ed2fa0fcd07567 Mon Sep 17 00:00:00 2001
From: Erik Frey <slimpurt@gmail.com>
Date: Thu, 30 Oct 2025 08:13:30 +0000
Subject: [PATCH 8/8] Removed docker build script and moved it into RUN
 commands

---
 Dockerfile.release | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/Dockerfile.release b/Dockerfile.release
index fcb4cfcb06556..7bae72b2c110d 100644
--- a/Dockerfile.release
+++ b/Dockerfile.release
@@ -27,9 +27,8 @@ RUN chmod +x /go/bin/minio
 RUN curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc -o /go/bin/mc && \
     chmod +x /go/bin/mc
 
-COPY dockerscripts/download-static-curl.sh /build/download-static-curl
-RUN chmod +x /build/download-static-curl && \
-    /build/download-static-curl
+RUN curl -f -L -s -q https://github.com/moparisthebest/static-curl/releases/latest/download/curl-amd64 -o /go/bin/curl
+RUN chmod +x /go/bin/curl
 
 FROM registry.access.redhat.com/ubi9/ubi-micro:latest