[rewrite] Docker build and run (nginx) logic

- Upgrade to latest images
- Use an S2I-ish build, as per [the nginx image's documentation](https://catalog.redhat.com/software/containers/ubi8/nginx-122/627245493b950f9f4eb01218?architecture=amd64&image=65cba48e6e4e02d0baaab056)
- Remove the responsibility of setting `nginx.conf` from the Helm chart, and put the file directly as a static file (i.e. no more `ConfigMap/nginx-conf`)

Dockerfile

@@ -1,16 +1,17 @@
-FROM registry.access.redhat.com/ubi8/nodejs-16:latest AS build
+FROM registry.access.redhat.com/ubi8/nodejs-20:latest AS build
 USER root
-RUN command -v yarn || npm i -g yarn
+RUN npm i -g yarn
 
 ADD . /usr/src/app
 WORKDIR /usr/src/app
 RUN yarn install && yarn build
 
-FROM registry.access.redhat.com/ubi8/nginx-120:latest
+FROM registry.access.redhat.com/ubi8/nginx-122:latest
 
-COPY --from=build /usr/src/app/dist /usr/share/nginx/html
-COPY docker/entrypoint.sh /
+COPY --from=build /usr/src/app/dist /tmp/src
+COPY docker/nginx.conf .
 
 USER 1001
+RUN /usr/libexec/s2i/assemble
 
-ENTRYPOINT ["/entrypoint.sh"]
+CMD /usr/libexec/s2i/run

charts/okd-epfl-hubble-ui/templates/openshift-console-plugin/configmap.yaml

@@ -7,18 +7,3 @@ metadata:
     {{- include ".labels" . | nindent 4 }}
 data:
   nginx.conf: |
-    error_log /dev/stdout info;
-    events {}
-    http {
-      access_log         /dev/stdout;
-      include            /etc/nginx/mime.types;
-      default_type       application/octet-stream;
-      keepalive_timeout  65;
-      server {
-        listen              {{ .Values.plugin.port }} ssl;
-        listen              [::]:{{ .Values.plugin.port }} ssl;
-        ssl_certificate     /var/cert/tls.crt;
-        ssl_certificate_key /var/cert/tls.key;
-        root                /usr/share/nginx/html;
-      }
-    }

charts/okd-epfl-hubble-ui/templates/openshift-console-plugin/deployment.yaml

@@ -20,7 +20,7 @@ spec:
         - name: {{ template ".name" . }}
           image: {{ required "Plugin image must be specified!" .Values.plugin.image }}
           ports:
-            - containerPort: {{ .Values.plugin.port }}
+            - containerPort: 8443
               protocol: TCP
           imagePullPolicy: {{ .Values.plugin.imagePullPolicy }}
           {{- if and (.Values.plugin.securityContext.enabled) (.Values.plugin.containerSecurityContext) }}
@@ -32,19 +32,11 @@ spec:
             - name: {{ template ".certificateSecret" . }}
               readOnly: true
               mountPath: /var/cert
-            - name: nginx-conf
-              readOnly: true
-              mountPath: /etc/nginx/nginx.conf
-              subPath: nginx.conf
       volumes:
         - name: {{ template ".certificateSecret" . }}
           secret:
             secretName: {{ template ".certificateSecret" . }}
             defaultMode: 420
-        - name: nginx-conf
-          configMap:
-            name: {{ template ".name" . }}
-            defaultMode: 420
       restartPolicy: Always
       dnsPolicy: ClusterFirst
       {{- if and (.Values.plugin.securityContext.enabled) (.Values.plugin.podSecurityContext) }}

charts/okd-epfl-hubble-ui/templates/openshift-console-plugin/service.yaml

@@ -14,7 +14,7 @@ spec:
     - name: {{ .Values.plugin.port }}-tcp
       protocol: TCP
       port: {{ .Values.plugin.port }}
-      targetPort: {{ .Values.plugin.port }}
+      targetPort: 8443
   selector:
     {{- include ".selectorLabels" . | nindent 4 }}
   type: ClusterIP

docker/nginx.conf

@@ -0,0 +1,15 @@
+error_log /dev/stdout info;
+events {}
+http {
+  access_log         /dev/stdout;
+  include            /etc/nginx/mime.types;
+  default_type       application/octet-stream;
+  keepalive_timeout  65;
+  server {
+    listen              8443 ssl;
+    listen              [::]:8443 ssl;
+    ssl_certificate     /var/cert/tls.crt;
+    ssl_certificate_key /var/cert/tls.key;
+    root                /opt/app-root/src;
+  }
+}