FROM python:2-alpine3.7 as common

CMD ["/bin/sh"]

RUN apk --no-cache --update add git bash yaml sed lsof findutils
RUN apk --no-cache --update add libxslt


FROM common as builder

RUN apk --update add curl

## would love to use args... but I need it as an environment variable
ENV KAL_SHLIB_ARRAY_VERSION="0.2.0" \
    KAL_SHLIB_CACHE_VERSION="0.0.1" \
    KAL_SHLIB_CHARM_VERSION="0.5.1" \
    KAL_SHLIB_CMDLINE_VERSION="0.0.5" \
    KAL_SHLIB_COMMON_VERSION="0.4.17" \
    KAL_SHLIB_CONFIG_VERSION="0.0.2" \
    KAL_SHLIB_CORE_VERSION="0.7.0" \
    KAL_SHLIB_FIREWALL_VERSION="0.2.0" \
    KAL_SHLIB_DOCKER_VERSION="0.0.6" \
    KAL_SHLIB_OTHER_VERSION="0.2.2" \
    KAL_SHLIB_PRETTY_VERSION="0.4.3"

ARG DOCKER_CLI_VERSION="17.06.2-ce"
ARG DOCKER_COMPOSE_VERSION="1.24.0"

## install docker
ENV DOCKER_DOWNLOAD_URL="https://download.docker.com/linux/static/stable/x86_64/docker-$DOCKER_CLI_VERSION.tgz"
RUN mkdir -p /tmp/docker \
    && curl -L "$DOCKER_DOWNLOAD_URL" | tar -xz -C /tmp/docker \
    && mv /tmp/docker/docker/docker /usr/local/bin/ \
    && rm -rf /tmp/docker


## install docker-compose
# ENV DOCKER_COMPOSE_DOWNLOAD_URL="https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-Linux-x86_64"
# RUN curl -L "$DOCKER_COMPOSE_DOWNLOAD_URL" > /usr/local/bin/docker-compose \
#     && chmod +x /usr/local/bin/docker-compose
 

## install kal-shlibs
RUN apk --update add binutils && \
    mkdir /tmp/kal-shlibs && cd /tmp/kal-shlibs && \
    export pkg && \
    for pkg in core common array cache charm cmdline config firewall other pretty docker; do \
        echo "Installing kal-shlib-$pkg" ; \
        bash -c -- 'eval curl -L http://deb.kalysto.org/pool/no-dist/kal-alpha/kal-shlib-${pkg}_\${KAL_SHLIB_${pkg^^}_VERSION}-1_all.deb' > pkg.deb || exit 1 ; \
        ar x pkg.deb || exit 1; \
        tar xf /tmp/kal-shlibs/data.tar.* -C / || exit 1; \
        rm /tmp/kal-shlibs/data.tar.* ; \
    done


## install shyaml
RUN apk add python-dev build-base
RUN apk add yaml-dev cython cython-dev && \
    pip install shyaml

RUN pip install crudini

RUN apk add libffi-dev openssl-dev && \
    pip install pip==19.3.1 cffi==1.12.3 pyrsistent==0.16.0 docker==4.3.0 cryptography==3.0 \
        git+https://github.com/0k/compose@run_ignore_orphans
    # docker-compose==$DOCKER_COMPOSE_VERSION
    # pip install git+https://github.com/vaab/colour@master

RUN curl -L https://git.0k.io/0k-charm.git/plain/bin/charm > /usr/local/bin/charm && \
    chmod +x /usr/local/bin/charm

RUN curl -L https://git.0k.io/git-sub.git/plain/bin/git-sub > /usr/local/bin/git-sub && \
    chmod +x /usr/local/bin/git-sub

RUN curl -L https://git.0k.io/0k-docker.git/plain/src/bin/dupd > /usr/local/bin/dupd && \
    chmod +x /usr/local/bin/dupd


RUN curl http://docker.0k.io/get/ca.0k.io.pem > /usr/local/share/ca-certificates/ca.0k.io.pem

##force install pyyaml with libyaml
RUN cd /tmp && \
    wget https://github.com/yaml/pyyaml/archive/4.1.tar.gz && \
    tar xvzf 4.1.tar.gz && \
    cd pyyaml-4.1 && \
    PYTHONPATH=/usr/lib/python2.7/site-packages python setup.py --with-libyaml install

## needed by 'xpath' script from kal-scripts for parsing html output
RUN apk add libxslt-dev && \
    pip install lxml==4.5.2 html5lib==1.1 webencodings==0.5.1 && \
    wget "https://git.0k.io/kal-scripts.git/plain/src/bin/xpath?h=0k/dev/master&id=e04a1b7942cb39ff2515c7f666abd33bf621b119" -O /usr/local/bin/xpath && \
    chmod +x /usr/local/bin/xpath


FROM common

COPY --from=builder /etc/shlib /etc/shlib
COPY --from=builder /usr/bin/bash-shlib /usr/bin/bash-shlib
COPY --from=builder /usr/lib/shlib /usr/lib/shlib
COPY --from=builder /usr/local /usr/local

RUN cp /usr/local/share/ca-certificates/ca.0k.io.pem /etc/ssl/ca.0k.io.pem && \
    apk add ca-certificates && update-ca-certificates && \
    mkdir -p /etc/docker/certs.d/docker.0k.io && \
    ln -sfn /etc/ssl/ca.0k.io.pem /etc/docker/certs.d/docker.0k.io/ca.crt

## requiring ``stdbuf`` for actions
RUN apk add coreutils

## requiring ``openssl`` command for certificate generation in charms
RUN apk add openssl

## requiring ``htpasswd`` command for BCrypt encryption
RUN apk add apache2-utils

## requiring ``jq`` command for json querying/modifying in charms
RUN apk add jq

## requiring ``getfacl/setfacl`` command for allowing to setup some permissions in charms
RUN apk add acl

## required by git through ssh (for host-resources for instance)
RUN apk add openssh-client

## handy in some charms to poke at some services
RUN apk add curl

## handy yaml2json converter for charm
RUN wget https://github.com/bronze1man/yaml2json/releases/download/v1.3/yaml2json_linux_amd64 \
    -O /usr/local/bin/yaml2json && \
    chmod +x /usr/local/bin/yaml2json

## Fixing Let's encrypt CA issue from 2021-10-01, probably can remove
## with newer alpine version (was added with alpine 3.7.1)
RUN sed -ri 's%^(mozilla/DST_Root_CA_X3.crt)%!\\1%g' /etc/ca-certificates.conf && \
    update-ca-certificates

## install compose
COPY ./bin/ /usr/local/bin/

## Fixes Ctrl-C handling:
##   see https://github.com/moby/moby/issues/2838#issuecomment-402491110
RUN apk add --no-cache tini
# Tini is now available at /sbin/tini
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/compose-core"]