container-image: provide a Monocle container based on UBI 8

The Monocle build is done with ghc 9.4.6 Using 9.6.x was made difficult
due to dependencies requierments issues.

This patch includes changes:

- Remove usage of `isLowerCase` as only available in base >= 4.18
- Add some overrides in cabal-override.project
- Cap effectful-core to monocle.cabal to match the version used
  via Nix. 2.3.0.0 brings functions type changes.

DockerfileUBI

@@ -0,0 +1,108 @@
+# Monocle.
+# Copyright (C) 2023 Monocle authors
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+# This Container file builds an an alternative image based on the Universal Base Image
+# maintained by Red Hat. This Monocle build might be slightly different than
+# the build from the official Monocle base image based on Nix (ghc version and some
+# dependencies version might differ).
+
+
+##### Monocle binary build #####
+
+FROM registry.access.redhat.com/ubi8/ubi as ubi-builder
+
+# Install gpg keys
+RUN gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 7D1E8AFD1D4A16D71FADA2F2CCC85C0E40C06A8C
+RUN gpg --batch --keyserver keyserver.ubuntu.com --recv-keys FE5AB6C91FEA597C3B31180B73EDE9E8CFBAEF01
+RUN gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 88B57FCF7DB53B4DB3BFA4B1588764FBE22D19C4
+RUN gpg --batch --keyserver keyserver.ubuntu.com --recv-keys EAF2A9A722C0C96F2B431CA511AAD8CEDEE0CAEF
+
+# Install ghcup
+RUN \
+    curl https://downloads.haskell.org/~ghcup/x86_64-linux-ghcup > /usr/bin/ghcup && \
+    chmod +x /usr/bin/ghcup && \
+    ghcup config set gpg-setting GPGStrict
+
+# Install build deps for ghcup
+RUN dnf install -y \
+    make \
+    gcc \
+    gcc-c++
+
+
+ARG GHC=9.4.6
+ARG CABAL=latest
+
+# Install GHC and cabal
+RUN \
+    ghcup -v install ghc --isolate /usr/local --force ${GHC} && \
+    ghcup -v install cabal --isolate /usr/local/bin --force ${CABAL}
+
+# Install build deps for Monocle
+RUN dnf install -y \
+    git \
+    openssl-devel \
+    gmp-devel \
+    ncurses-devel \
+    ncurses-compat-libs \
+    zlib-devel
+
+# Copy source tree
+COPY . /build
+
+# Build Monocle
+RUN cd /build && \
+    cabal update && \
+    cabal build --project-file=cabal-override.project && \
+    cp $(find dist-newstyle/build/*/*/*/*/monocle/build/ -name monocle -type f) /
+
+##### Monocle Web UI build #####
+
+FROM registry.fedoraproject.org/fedora:35 as web-builder
+
+RUN dnf update -y && dnf install -y nodejs git
+
+# set working directory
+WORKDIR /monocle-webapp
+ENV PATH /monocle-webapp/node_modules/.bin:$PATH
+
+# copy files to install js modules
+COPY web/package.json /monocle-webapp/
+COPY web/bsconfig.json /monocle-webapp/
+COPY web/package-lock.json /monocle-webapp/
+
+# install dependencies
+RUN npm install
+
+# copy source files
+COPY web/build.js /monocle-webapp/
+COPY web/public /monocle-webapp/public/
+COPY web/src /monocle-webapp/src/
+
+# install dependencies (sed is ugly hack to make warning errors)
+RUN sed -e 's|-bs-no-version-header|-bs-no-version-header", "-warn-error -a+5+6+27+101+109|' -i bsconfig.json && npm run build
+
+##### Setup final image #####
+
+FROM registry.access.redhat.com/ubi8/ubi
+
+COPY --from=ubi-builder /monocle /bin/
+COPY --from=web-builder /monocle-webapp/build /usr/share/monocle/webapp/
+
+# Ensure runtime commands
+RUN dnf install -y curl && \
+    dnf clean all && \
+    rm -rf /var/cache/yum

cabal-override.project

@@ -3,8 +3,33 @@ package proto3-suite
 
 packages: .
 
--- Enable bytestring-11
+-- dhall expects aeson < 2.2
+constraints: aeson < 2.2
+
+source-repository-package
+    type: git
+    location: https://github.com/awakesecurity/proto3-suite
+    tag: 88ca7ae30f3ab45a1ca09e348cbeb2c0afac2bb5
+
+source-repository-package
+    type: git
+    location: https://github.com/awakesecurity/proto3-wire
+    tag: 6dcc557fc9d3ffcbfe45c6bea4969830f9e0de9c
+
+source-repository-package
+    type: git
+    location: https://github.com/softwarefactory-project/gerrit-haskell
+    tag: daa44c450f819f3af2879099ec065c1efb973ef8
+
+-- Need Relax bounds: servant, servant-server
+source-repository-package
+    type: git
+    location: https://github.com/haskell-servant/servant-lucid
+    tag: 28faa2b57ab01b105c35f30908630900f55b5576
+
+-- Need Relax bounds: default base version due to ghc version
 source-repository-package
-  type: git
-  location: https://github.com/klangner/text-time
-  tag: 1ff65c2c8845e3fdd99900054f0596818a95c316
+    type: git
+    location: https://github.com/well-typed/cborg
+    tag: c8013b3474d876f4da56c869d57e3f3ac7f42dc6
+    subdir: cborg-json

monocle.cabal

@@ -108,7 +108,7 @@ common codegen
                      , containers                 >= 0.6
                      , deepseq                    >= 1.4
                      , proto3-suite               >= 0.5.0
-                     , proto3-wire                >= 1.2.0
+                     , proto3-wire                >= 1.4.0
                      , text
                      , vector                     >= 0.12
 
@@ -137,7 +137,7 @@ library
                      , dhall-yaml                 >= 1.2
                      , directory
                      , either                     >= 5
-                     , effectful
+                     , effectful                  < 2.3.0.0
                      , effectful-core
                      -- , effectful-plugin
                      , envparse                   >= 0.4
@@ -152,7 +152,7 @@ library
                      , http-client                >= 0.6
                      , http-client-openssl        >= 0.3
                      , http-mock                  >= 0.1
-                     , http-types                 >=0.12
+                     , http-types                 >= 0.12
                      , json-syntax                >= 0.2
                      , jose                       >= 0.9
                      , list-t
@@ -170,7 +170,7 @@ library
                      , parser-combinators         >= 1.2
                      , prometheus-client          >= 1.0
                      , prometheus-metrics-ghc     >= 1.0
-                     , proto3-suite               >= 0.5.0
+                     , proto3-suite               >= 0.6.0
                      , qq-literals
                      , relude                     >= 1.0
                      , retry-effectful

src/Monocle/Config.hs

@@ -87,7 +87,7 @@ module Monocle.Config (
 
 import Data.Aeson qualified as Aeson
 import Data.ByteString qualified as BS
-import Data.Char (isLetter, isLowerCase)
+import Data.Char (isLetter, isLower)
 import Data.Either.Validation (Validation (Failure, Success))
 import Data.Map qualified as Map
 import Data.Text qualified as T
@@ -502,7 +502,7 @@ mkIndexName name = do
   let check explanation p = if p then Right () else Left explanation
   check "Is empty" $ not $ T.null name
   check "Is longer than 255 bytes" $ BS.length (T.encodeUtf8 name) < 256
-  check "Contains uppercase letter(s)" $ T.all (\x -> not (isLetter x) || isLowerCase x) name
+  check "Contains uppercase letter(s)" $ T.all (\x -> not (isLetter x) || isLower x) name
   check "Includes [\\/*?\"<>| ,#:]" $ T.all (flip @_ @String notElem "\\/*?\"<>| ,#:") name
   check "Is (.|..)" $ notElem name [".", ".."]
   check "Starts with [-_+.]" $ maybe False (flip @_ @String notElem "-_+." . fst) $ T.uncons name