From 4749af221a28ed0a4294eb4ed2b699f3694a222b Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Fri, 17 Jun 2022 02:29:02 -0700
Subject: [PATCH 1/9] Push a continual "dev" image to dockerhub

---
 .github/workflows/docker.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index 2df412c6f3b..b2d71ead77e 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -4,6 +4,8 @@ on:
   push:
     tags:
       - "*"
+      
+# Push a 'dev' whenever there is a push to main
 
 env:
   DOCKER_USER: ethycaci

From 6cbb7b441e0eb1505db9c277dcad2314c0375cf3 Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Fri, 17 Jun 2022 16:32:41 +0700
Subject: [PATCH 2/9] checkpoint

---
 .github/workflows/docker.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index b2d71ead77e..e29ff578f48 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -2,14 +2,15 @@ name: Docker Build & Push
 
 on:
   push:
+    branches:
+      - main
     tags:
       - "*"
-      
-# Push a 'dev' whenever there is a push to main
 
 env:
   DOCKER_USER: ethycaci
   DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
+  TAG: ${{ github.event.release.tag_name }}
 
 jobs:
   push-fidesctl:
@@ -29,6 +30,7 @@ jobs:
         run: pip install -r dev-requirements.txt
 
       - name: Build Fidesctl
+        if: ${{ env.TAG }}
         run: nox -s build
 
       - name: Push Fidesctl

From e23324032f5989433b8f4a1497c5a81911a49185 Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Mon, 20 Jun 2022 20:33:59 +0700
Subject: [PATCH 3/9] add a dev tag to the nox constants and update the docker
 workflow to push latest on releases

---
 .github/workflows/docker.yaml | 11 +++++++----
 noxfiles/constants_nox.py     |  1 +
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index 5b248d69c09..a80ce74cf6a 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -29,9 +29,12 @@ jobs:
       - name: Install Dev Requirements
         run: pip install -r dev-requirements.txt
 
-      - name: Build Fidesctl
-        if: ${{ env.TAG }}
+      - name: Build Fidesctl Prod
         run: nox -s "build(prod)"
 
-      - name: Push Fidesctl
-        run: nox -s push
+      - name: Push Fidesctl Prod
+        run: nox -s "push(dev)"
+
+      - name: Push Fidesctl Prod
+        if: ${{ env.TAG }}
+        run: nox -s "push(prod)"
diff --git a/noxfiles/constants_nox.py b/noxfiles/constants_nox.py
index d72aa03367d..b70beabe617 100644
--- a/noxfiles/constants_nox.py
+++ b/noxfiles/constants_nox.py
@@ -24,6 +24,7 @@ def get_current_tag() -> str:
 IMAGE = f"{REGISTRY}/{IMAGE_NAME}"
 IMAGE_LOCAL = f"{IMAGE}:local"
 IMAGE_LOCAL_UI = f"{IMAGE}:local-ui"
+IMAGE_DEV = f"{IMAGE}:dev"
 IMAGE_LATEST = f"{IMAGE}:latest"
 
 # Disable TTY to perserve output within Github Actions logs

From 78bd845e5dcfa5f5821544ea3c2b15384e675173 Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Mon, 20 Jun 2022 20:54:39 +0700
Subject: [PATCH 4/9] parametrize the docker push command with dev and prod

---
 .dockerignore                 |  8 +++++++-
 .github/workflows/docker.yaml |  2 +-
 noxfiles/docker_nox.py        | 18 ++++++++++++++----
 3 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/.dockerignore b/.dockerignore
index 7f4d222715f..21bcc572039 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -3,11 +3,17 @@ build/
 dist/
 src/fidesctl.egg-info/
 
+# Ignore Python-Specific Files
+.mypy_cache/
+.pytest_cache/
+__pycache__/
+.coverage
+
 # Ignore the docs
 docs/
 
 # Ignore dev files
+.git/
 .github/
 .devcontainer/
-
 node_modules/
diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index a80ce74cf6a..cb987428402 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -32,7 +32,7 @@ jobs:
       - name: Build Fidesctl Prod
         run: nox -s "build(prod)"
 
-      - name: Push Fidesctl Prod
+      - name: Push Fidesctl Dev
         run: nox -s "push(dev)"
 
       - name: Push Fidesctl Prod
diff --git a/noxfiles/docker_nox.py b/noxfiles/docker_nox.py
index 4312499ff20..a83a4abeb95 100644
--- a/noxfiles/docker_nox.py
+++ b/noxfiles/docker_nox.py
@@ -2,6 +2,7 @@
 import nox
 from constants_nox import (
     IMAGE,
+    IMAGE_DEV,
     IMAGE_LATEST,
     IMAGE_LOCAL,
     IMAGE_LOCAL_UI,
@@ -49,8 +50,17 @@ def build(session: nox.Session, image: str) -> None:
 
 
 @nox.session()
-def push(session: nox.Session) -> None:
+@nox.parametrize(
+    "tag",
+    [
+        nox.param("prod", id="prod"),
+        nox.param("dev", id="dev"),
+    ],
+)
+def push(session: nox.Session, tag: str) -> None:
     """Push the fidesctl Docker image to Dockerhub."""
-    session.run("docker", "tag", get_current_image(), IMAGE_LATEST, external=True)
-    session.run("docker", "push", IMAGE, external=True)
-    session.run("docker", "push", IMAGE_LATEST, external=True)
+
+    tag_matrix = {"prod": IMAGE_LATEST, "dev": IMAGE_DEV}
+
+    session.run("docker", "tag", get_current_image(), tag_matrix[tag], external=True)
+    session.run("docker", "push", tag_matrix[tag], external=True)

From fc23042c2538759b27784f332da23f8b7e6b385e Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Mon, 20 Jun 2022 20:59:41 +0700
Subject: [PATCH 5/9] add comments to docker_nox and add a push for the version

---
 noxfiles/docker_nox.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/noxfiles/docker_nox.py b/noxfiles/docker_nox.py
index a83a4abeb95..4fe9436bc4a 100644
--- a/noxfiles/docker_nox.py
+++ b/noxfiles/docker_nox.py
@@ -62,5 +62,11 @@ def push(session: nox.Session, tag: str) -> None:
 
     tag_matrix = {"prod": IMAGE_LATEST, "dev": IMAGE_DEV}
 
+    # Push either "ethyca/fidesctl:dev" or "ethyca/fidesctl:latest"
     session.run("docker", "tag", get_current_image(), tag_matrix[tag], external=True)
     session.run("docker", "push", tag_matrix[tag], external=True)
+
+    # Only push the tagged version if its for prod
+    # Example: "ethyca/fidesctl:1.7.0"
+    if tag == "prod":
+        session.run("docker", "push", IMAGE, external=True)

From 215094fbd377ab009d14f79c7bd9465d2c8c3f9f Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Tue, 21 Jun 2022 00:32:10 +0700
Subject: [PATCH 6/9] update the changelog

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8bee10187b0..5a0e476f5eb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -42,6 +42,7 @@ The types of changes are:
   * Add a component for Identifiability tags
 * Okta, aws and database credentials can now come from `fidesctl.toml` config [#694](https://github.com/ethyca/fides/pull/694)
 * New `validate` endpoint to test aws and okta credentials [#722](https://github.com/ethyca/fides/pull/722)
+* There is now a new image tagged `ethyca/fidesctl:dev` pushed on each push to main [781](https://github.com/ethyca/fides/pull/781)
 
 ### Changed
 

From fe548402806d52a09b6576c60fd1ddb15a5966dc Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Mon, 20 Jun 2022 22:35:54 -0700
Subject: [PATCH 7/9] Flesh out docker ignore

Co-authored-by: Paul Sanders <psanders1@gmail.com>
---
 .dockerignore | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/.dockerignore b/.dockerignore
index 21bcc572039..d071ecf439d 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -5,10 +5,24 @@ src/fidesctl.egg-info/
 
 # Ignore Python-Specific Files
 .mypy_cache/
+.nox/
 .pytest_cache/
 __pycache__/
 .coverage
 
+# pyenv
+.python-version
+
+# Environments
+.env
+.venv
+env/
+venv/
+
+# Editors
+.vscode/
+.idea/
+
 # Ignore the docs
 docs/
 

From 647adc047308909b40e49941df9678847e23c237 Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Mon, 20 Jun 2022 22:38:14 -0700
Subject: [PATCH 8/9] Nit the changelog

Co-authored-by: Phil Salant <PSalant726@users.noreply.github.com>
---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5a0e476f5eb..fb7a34f80e7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -42,7 +42,7 @@ The types of changes are:
   * Add a component for Identifiability tags
 * Okta, aws and database credentials can now come from `fidesctl.toml` config [#694](https://github.com/ethyca/fides/pull/694)
 * New `validate` endpoint to test aws and okta credentials [#722](https://github.com/ethyca/fides/pull/722)
-* There is now a new image tagged `ethyca/fidesctl:dev` pushed on each push to main [781](https://github.com/ethyca/fides/pull/781)
+* A new image tagged `ethyca/fidesctl:dev` is published on each push to `main` [781](https://github.com/ethyca/fides/pull/781)
 
 ### Changed
 

From df185ff3a312c2adc102ca981e5147519fbfd6e9 Mon Sep 17 00:00:00 2001
From: Thomas <thomas.lapiana+github@pm.me>
Date: Tue, 21 Jun 2022 12:44:41 +0700
Subject: [PATCH 9/9] update workflow job names

---
 .github/workflows/docker.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index cb987428402..a5a2546085f 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -29,12 +29,12 @@ jobs:
       - name: Install Dev Requirements
         run: pip install -r dev-requirements.txt
 
-      - name: Build Fidesctl Prod
+      - name: Build Fidesctl Image
         run: nox -s "build(prod)"
 
-      - name: Push Fidesctl Dev
+      - name: Push Fidesctl Dev Tag
         run: nox -s "push(dev)"
 
-      - name: Push Fidesctl Prod
+      - name: Push Fidesctl Prod Tags
         if: ${{ env.TAG }}
         run: nox -s "push(prod)"