FROM alpine:3.13.10 as builder

# ignore warning about pining version
# hadolint ignore=DL3018
RUN set -eux \
  && apk add --no-cache \
       bc \
       cargo \
       gcc \
       libffi-dev \
       musl-dev \
       openssl-dev \
       py3-pip \
       py3-wheel \
       python3 \
       python3-dev \
       rust

COPY requirements.txt /

# hadolint ignore=DL4006
RUN set -eux \
  && pip3 install \
         --no-cache-dir --no-warn-script-location -r /requirements.txt \
  && ansible-lint --version | head -1 | grep -E 'ansible-lint[[:space:]]+[0-9]+' \
  && rm -f /requirements.txt \
  && find /usr/lib/ -name '__pycache__' -print0 | xargs -0 -n1 rm -rf \
  && find /usr/lib/ -name '*.pyc' -print0 | xargs -0 -n1 rm -rf


# hadolint ignore=DL3059
# RUN mkdir -p /kaniko/0/usr/lib/python3.8/
# hadolint ignore=DL3059
# RUN cp -r /usr/lib/python3.8/site-packages /kaniko/0/usr/lib/python3.8/

FROM alpine:3.13.10 as production

# define ARG variable after FROM
ARG DOCKER_USER="nonroot"
ARG DOCKER_HOME="/home/$DOCKER_USER"
ARG DOCKER_WORKDIR="/work"
ARG ENTRYPOINT="ansible-lint"

# https://github.com/opencontainers/image-spec/blob/master/annotations.md
LABEL org.opencontainers.image.title="tuhh/e-17/weyer/ansiblelint"
LABEL org.opencontainers.image.source="https://collaborating.tuhh.de/e-17/staff/weyer/gitlab/ci-cd/ci-ansible-lint"
#LABEL org.opencontainers.image.version=""
#LABEL org.opencontainers.image.commit=""
LABEL org.opencontainers.image.description="Ansible Lint - A Docker image for GitLab CI"
LABEL org.opencontainers.image.authors="Christoph Weyer <c.weyer@tuhh.de>"

RUN set -eux && \
    addgroup "$DOCKER_USER" && \
    adduser "$DOCKER_USER" -G "$DOCKER_USER" -h "$DOCKER_HOME" -D

# ignore warning about pining version
# hadolint ignore=DL3018,DL4006
RUN set -eux && \
    apk add --no-cache \
            bash \
            git \
            python3 \
    && \
    ln -sf ansible /usr/bin/ansible-config && \
    ln -sf ansible /usr/bin/ansible-console && \
    ln -sf ansible /usr/bin/ansible-doc && \
    ln -sf ansible /usr/bin/ansible-galaxy && \
    ln -sf ansible /usr/bin/ansible-inventory && \
    ln -sf ansible /usr/bin/ansible-playbook && \
    ln -sf ansible /usr/bin/ansible-pull && \
    ln -sf ansible /usr/bin/ansible-test && \
    ln -sf ansible /usr/bin/ansible-vault && \
    find /usr/lib/ -name '__pycache__' -print0 | xargs -0 -n1 rm -rf && \
    find /usr/lib/ -name '*.pyc' -print0 | xargs -0 -n1 rm -rf

COPY --from=builder /usr/lib/python3.8/site-packages/ /usr/lib/python3.8/site-packages/
COPY --from=builder /usr/bin/ansible-lint /usr/bin/ansible-lint
COPY --from=builder /usr/bin/ansible /usr/bin/ansible
COPY --from=builder /usr/bin/ansible-connection /usr/bin/ansible-connection

USER ${DOCKER_USER}

ENV ENTRYPOINT="${ENTRYPOINT}"

COPY entrypoint.sh /

WORKDIR ${DOCKER_WORKDIR}

ENTRYPOINT ["/entrypoint.sh"]
CMD ["--version"]