ARG VERSION

# --------------------------------------------------------------------------------------------------
# Builder Image
# --------------------------------------------------------------------------------------------------
FROM cytopia/ansible:${VERSION}-tools as builder

# Required tools for building Python packages
RUN set -eux \
	&& apk add --no-cache \
		# build tools
		coreutils \
		g++ \
		gcc \
		make \
		musl-dev \
		openssl-dev \
		python3-dev \
		# misc tools
		git \
		# go tools
		cargo \
		go

# Python packages (copied to final image)
RUN set -eux \
	&& pip3 install --no-cache-dir --no-compile \
		awscli \
		botocore \
		boto \
		boto3 \
	&& aws --version 2>&1 | grep -E '^aws-cli/[.0-9]+' \
	&& find /usr/lib/ -name '__pycache__' -print0 | xargs -0 -n1 rm -rf \
	&& find /usr/lib/ -name '*.pyc' -print0 | xargs -0 -n1 rm -rf

# aws-iam-authemticator (copied to final image)
RUN set -eux \
	&& if [ "$(uname -m)" = "aarch64" ]; then \
		ARCH="arm64"; \
	elif [ "$(uname -m)" = "x86_64" ]; then \
		ARCH="amd64"; \
	else \
		fail; \
	fi \
	\
	&& git clone https://github.com/kubernetes-sigs/aws-iam-authenticator /tmp/aws-iam-authenticator \
	&& cd /tmp/aws-iam-authenticator \
	&& IAM_AUTH_VERSION="$( git tag --sort=-creatordate \
		| sort -V \
		| grep -E 'v[0-9]+\.[0-9]+\.[0-9]+$' \
		| tail -1 \
	)" \
	&& git checkout "${IAM_AUTH_VERSION}" \
	&& make build-all-bins \
	&& mv _output/bin/aws-iam-authenticator_${IAM_AUTH_VERSION}_linux_${ARCH} /usr/bin/aws-iam-authenticator \
	&& chmod +x /usr/bin/aws-iam-authenticator \
	&& aws-iam-authenticator version | grep -E "\"(${IAM_AUTH_VERSION}|unversioned)\"" \
	&& find /usr/lib/ -name '__pycache__' -print0 | xargs -0 -n1 rm -rf \
	&& find /usr/lib/ -name '*.pyc' -print0 | xargs -0 -n1 rm -rf


# --------------------------------------------------------------------------------------------------
# Final Image
# --------------------------------------------------------------------------------------------------
FROM cytopia/ansible:${VERSION}-tools as production
ARG VERSION
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.vendor"="cytopia"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.url"="https://github.com/cytopia/docker-ansible"
LABEL "org.opencontainers.image.documentation"="https://github.com/cytopia/docker-ansible"
LABEL "org.opencontainers.image.source"="https://github.com/cytopia/docker-ansible"
LABEL "org.opencontainers.image.ref.name"="Ansible ${VERSION} aws"
LABEL "org.opencontainers.image.title"="Ansible ${VERSION} aws"
LABEL "org.opencontainers.image.description"="Ansible ${VERSION} aws"

COPY --from=builder /usr/lib/python3.10/site-packages/ /usr/lib/python3.10/site-packages/
COPY --from=builder /usr/bin/aws /usr/bin/aws
COPY --from=builder /usr/bin/aws-iam-authenticator /usr/bin/aws-iam-authenticator

WORKDIR /data
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["/bin/bash"]
