FROM python:3.12.2-slim-bullseye AS compile-image
RUN apt-get update
RUN apt-get install -y --no-install-recommends build-essential gcc libffi-dev git vim ssh
RUN mkdir ~/.ssh
COPY ./resources/known_hosts ~/.ssh/known_hosts
RUN python -m venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
COPY requirements.yml .
RUN pip install hcloud ansible
RUN ansible-galaxy install -r ./requirements.yml --force

FROM ghcr.io/allanger/dumb-downloader as dudo
ARG SOPS_VERSION=v3.8.1
ENV RUST_LOG=info
RUN mkdir -p /out
RUN dudo -l "https://github.com/getsops/sops/releases/download/{{ version }}/sops-{{ version }}.{{ os }}.{{ arch }}" -d /out/sops -p $SOPS_VERSION
RUN chmod +x /out/sops

FROM mikefarah/yq as yq
WORKDIR /out
RUN cp $(which yq) .

FROM python:3.12.2-slim-bullseye AS build-image
COPY --from=compile-image /opt/venv /opt/venv
RUN apt-get update  && \
	 apt-get install age ssh git -y
COPY . /src
COPY --from=yq /out/yq /usr/bin/yq
COPY --from=dudo /out/sops /usr/bin/sops
ENV PATH="/opt/venv/bin:$PATH"
RUN ansible-galaxy install -r /src/requirements.yml --force
CMD ['ansible']