FROM python:3.6.6-alpine3.8 AS base

RUN apk update
RUN apk add openssh-client git
RUN mkdir /root/.ssh

COPY ssh_private_key /root/.ssh/id_rsa
COPY requirements.txt requirements.txt

RUN chmod 600 /root/.ssh/id_rsa
RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan github.com >> /root/.ssh/known_hosts

RUN python3 -m venv ./virtualenv
RUN ./virtualenv/bin/python3 -m pip install -r requirements.txt

RUN shred -u /root/.ssh/id_rsa

FROM python:3.6.6-stretch

RUN apt-get update && apt-get install host wget libssl-dev virt-what -y

ARG DOCKER_UID

RUN groupadd -g $DOCKER_UID stark && \
    useradd -r -u $DOCKER_UID -g stark stark

#We add the user in the container here so that they can own /etc/salt and write to a normally
# write-protected location

ENV SALT_VERSION=2018.3.2
ENV SALT_BOOTSTRAP_VERSION=2019.01.08

COPY bootstrap-salt.sha1 bootstrap-salt.sha1

RUN wget https://raw.githubusercontent.com/saltstack/salt-bootstrap/v${SALT_BOOTSTRAP_VERSION}/bootstrap-salt.sh
RUN chmod +x ./bootstrap-salt.sh

RUN sha1sum --strict --status -c bootstrap-salt.sha1

RUN ./bootstrap-salt.sh -L -N -M -P stable ${SALT_VERSION}

RUN chown -R stark:root /etc/salt

COPY . .
RUN shred -u ssh_private_key

USER stark

RUN mkdir -p /etc/salt/cloud.profiles.d
RUN mkdir -p /etc/salt/cloud.providers.d

COPY --from=base virtualenv virtualenv

RUN cp -r ./saltmaster/* /etc/salt

ARG BEBO_ENV
ENV BEBO_ENV=$BEBO_ENV
ARG BEBO_VERSION
ENV BEBO_VERSION=$BEBO_VERSION

CMD ["./entrypoint.sh"]
