ARG GOLANG=golang:1.25.7-alpine3.23
FROM ${GOLANG}

# Install necessary packages
RUN apk -U --no-cache add \
    bash git gcc musl-dev docker vim less file curl wget ca-certificates jq linux-headers \
    zlib-dev tar zip squashfs-tools npm coreutils python3 py3-pip openssl-dev libffi-dev libseccomp \
    libseccomp-dev libseccomp-static make libuv-static sqlite-dev sqlite-static libselinux \
    libselinux-dev zlib-dev zlib-static zstd pigz alpine-sdk btrfs-progs-dev \
    btrfs-progs-static gawk yq pipx \
    && [ "$(go env GOARCH)" = "arm64" ] && apk -U --no-cache add binutils-gold || true \
    && [ "$(go env GOARCH)" = "amd64" ] && apk -U --no-cache add mingw-w64-gcc || true

# Install AWS CLI
RUN PIPX_BIN_DIR=/usr/local/bin pipx install awscli

# Install Trivy
ENV TRIVY_VERSION="0.59.0"
RUN case "$(go env GOARCH)" in \
    arm64) TRIVY_ARCH="ARM64" ;; \
    amd64) TRIVY_ARCH="64bit" ;; \
    s390x) TRIVY_ARCH="s390x" ;; \
    *) TRIVY_ARCH="" ;; \
    esac && \
    if [ -n "${TRIVY_ARCH}" ]; then \
        wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" \
        && tar -zxvf "trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" \
        && mv trivy /usr/local/bin; \
    fi

# Install goimports
RUN GOPROXY=direct go install golang.org/x/tools/cmd/goimports@gopls/v0.20.0

# Cleanup
RUN rm -rf /go/src /go/pkg

# Install golangci-lint for amd64
RUN if [ "$(go env GOARCH)" = "amd64" ]; then \
    curl -sL https://raw.githubusercontent.com/golangci/golangci-lint/refs/tags/v2.7.2/install.sh | sh -s -- v2.7.2; \
    fi

# Set SELINUX environment variable
ARG SELINUX=true
ENV SELINUX=${SELINUX}

# Set Dapper configuration variables
ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.cache -v trivy-cache:/root/.cache/trivy" \
    DAPPER_ENV="REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE SKIP_IMAGE SKIP_AIRGAP AWS_SECRET_ACCESS_KEY AWS_ACCESS_KEY_ID GITHUB_TOKEN GOLANG GOCOVER GOOS DEBUG" \
    DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \
    DAPPER_OUTPUT="./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy" \
    DAPPER_DOCKER_SOCKET=true \
    CROSS=true \
    STATIC_BUILD=true
# Set $HOME separately because it refers to $DAPPER_SOURCE, set above
ENV HOME=${DAPPER_SOURCE}

WORKDIR ${DAPPER_SOURCE}

ENTRYPOINT ["./scripts/entry.sh"]
CMD ["ci"]