add minimal quickstart docker project

dist/cloudfront/get.openziti.io/routes.yml

@@ -37,3 +37,7 @@
 - get: /zdew/
   raw: /openziti/desktop-edge-win/main/release-streams/
   file: latest.json
+
+- get: /minimal/
+  raw: /openziti/ziti/{{GITHUB_SHA}}/quickstart/docker/minimal/
+  file: compose.yml

quickstart/docker/.gitignore

@@ -1 +1,2 @@
-ziti-bin
+*/ziti-bin/**
+*/persistent/**

quickstart/docker/minimal/Dockerfile

@@ -0,0 +1,5 @@
+FROM debian:bookworm-slim
+
+COPY ./build/ziti /usr/local/bin/
+
+CMD ["ziti"]

quickstart/docker/minimal/README.md

@@ -0,0 +1,113 @@
+# minimal Docker quickstart
+
+Run `ziti edge quickstart` in a container while persisting configs, PKI, database, etc. in the same directory `./persistent/`.
+
+## Run Ziti
+
+1. In this "minimal" sub-directory, pull the container images.
+
+    ```bash
+    docker compose pull
+    ```
+
+2. Run the project.
+
+    ```bash
+    docker compose up --detach
+    ```
+
+3. Modify the state in `./persistent/`, and bounce the container.
+
+    ```bash
+    docker compose up --force-recreate --detach
+    ```
+
+4. Observe the logs
+
+    ```bash
+    docker compose logs quickstart --follow
+    ```
+
+5. Run the CLI inside the quickstart environment.
+
+    ```bash
+    docker compose exec quickstart ziti edge list identities
+    ```
+
+    ```buttonless title="Output"
+    ╭────────────┬───────────────────┬─────────┬────────────┬─────────────╮
+    │ ID         │ NAME              │ TYPE    │ ATTRIBUTES │ AUTH-POLICY │
+    ├────────────┼───────────────────┼─────────┼────────────┼─────────────┤
+    │ ZS1YAo4Gnj │ quickstart-router │ Router  │            │ Default     │
+    │ cOmDAo4Gb  │ Default Admin     │ Default │            │ Default     │
+    ╰────────────┴───────────────────┴─────────┴────────────┴─────────────╯
+    results: 1-2 of 2
+    ```
+
+## Develop Ziti
+
+This replaces the `ziti` binary that's running the quickstart.
+
+1. In the top-level directory of the `ziti` project, build the binary.
+
+    ```bash
+    go build -o ./build ./...
+    ```
+
+    The build command can also be run from this "minimal" sub-directory.
+
+    ```bash
+    go build -o ../../../build ../../../...
+    ```
+
+2. In the "minimal" sub-directory, with `Dockerfile` present:
+
+    ```bash
+    docker compose up --detach --build
+    ```
+
+### Troubleshooting
+
+#### Changing File Locations
+
+The Compose project file `compose.yml` and `Dockerfile` have file paths that represent the assumption they're placed in
+a sub-directory three levels deep in a checked-out copy of the `openziti/ziti` source repository. This allows the Dockerfile
+to copy the built binary from the top-level directory `./build`. You can move these files outside the source tree if you
+adjust the paths in both files.
+
+#### Building `ziti` in the Dockerfile
+
+If the binary you build on your host doesn't run in the container due to an environment issue, such as a GLIBC version
+mismatch, you have the option to build `ziti` in the container every time you run `up --build`.
+
+Change `Dockerfile` like this, and run `docker compose up --detach --build` to build the checked-out source tree and run
+the quickstart with the build.
+
+```dockerfile
+FROM golang:1.20-bookworm AS builder
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+COPY . .
+RUN go build -o ./build/ ./...
+
+FROM debian:bookworm-slim
+COPY --from=builder /app/build/ziti /usr/local/bin/
+
+CMD ["ziti"]
+```
+
+#### Gotcha - Clobbering the Container Image
+
+With `docker compose up --build`, the container image specified in `image` is replaced with the one built from the Dockerfile.
+This clobbers any image you may have pulled from the registry unless you change the value of `image` or comment the line.
+
+```yaml
+    # commenting "image" avoids clobbering the image pulled from the registry
+    # image: ${ZITI_QUICK_IMAGE:-docker.io/openziti/ziti-cli}:${ZITI_QUICK_TAG:-latest}
+    build:
+      context: ${ZITI_SRC_ROOT:-../../../} 
+      dockerfile: ./quickstart/docker/minimal/Dockerfile
+```
+
+Next time you run `docker compose pull` the image from the registry will be refreshed in the local cache.

quickstart/docker/minimal/compose.yml

@@ -0,0 +1,45 @@
+services:
+  initialize:
+    image: busybox
+    command: chown -Rc ${ZIGGY_UID:-1000} /persistent
+    user: root
+    environment:
+      HOME: /persistent
+      # PFXLOG_NO_JSON: "true"
+    volumes:
+    - ./persistent:/persistent
+  quickstart:
+    depends_on:
+      initialize:
+        condition: service_completed_successfully
+    image: ${ZITI_QUICK_IMAGE:-docker.io/openziti/ziti-cli}:${ZITI_QUICK_TAG:-latest}
+    build:
+      context: ${ZITI_SRC_ROOT:-../../../} 
+      dockerfile: ./quickstart/docker/minimal/Dockerfile
+      args: {}
+    entrypoint:
+    - bash
+    - -euc
+    - |
+      if [[ -d /persistent/db ]]
+      then
+        echo "INFO: not initializing. Delete state directory ./persistent/ to reset quickstart."
+        ZITI_CMD+=" --already-initialized"
+      else
+        echo "INFO: initializing quickstart in state directory ./persistent/"
+        ZITI_CMD+=" --ctrl-address 127.0.0.1"\
+      " --router-address 127.0.0.1"\
+      " --password ${ZITI_PWD:-admin}"
+      fi
+      echo "DEBUG: run command is: ziti $${@} $${ZITI_CMD}"
+      exec ziti "$${@}" $${ZITI_CMD}
+    command: -- edge quickstart --home /persistent
+    user: ${ZIGGY_UID:-1000}
+    environment:
+      HOME: /persistent
+      PFXLOG_NO_JSON: "true"
+    volumes:
+    - ./persistent:/persistent
+    ports:
+    - ${ZITI_INTERFACE:-0.0.0.0}:${ZITI_CTRL_EDGE_ADVERTISED_PORT:-1280}:${ZITI_CTRL_EDGE_ADVERTISED_PORT:-1280}
+    - ${ZITI_INTERFACE:-0.0.0.0}:${ZITI_ROUTER_PORT:-3022}:${ZITI_ROUTER_PORT:-3022}