# Copyright (c) 2015-2022 Contributors to the Eclipse Foundation
# 
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
# 
# This program and the accompanying materials are made available under the
# terms of the Eclipse Public License 2.0 which is available at
# http://www.eclipse.org/legal/epl-2.0
# 
# SPDX-License-Identifier: EPL-2.0
#

#Choose a base image that matches the type of build we are using...
#By default we use: centos7
FROM quay.io/centos/centos:7
# For a RHEL8/CentOS8 distro, we use AlmaLinux:
#FROM quay.io/almalinux/almalinux:8
# For Fedora, the verion changes very often due to their short life
#FROM quay.io/fedora/fedora:35-x86_64

#File author / Maintainer
MAINTAINER ISM Build

WORKDIR /usr/share/amlen-server/bin

# Add RPM in a temporary directory inside the container
# Make sure that imaserver.rpm is available in the directory where "docker build" command
# is being executed
ADD ./EclipseAmlenServer-*.rpm /tmp/imaserver.rpm

# Update packages
RUN yum -y upgrade 

#By default run as ima:ima this requires:
# 1) Create the user and group outside the container with a selected uid/gid
#        groupadd -r -g 463 ima
#        useradd -r  -s /sbin/nologin -g ima -u 463 ima
# 2) Give that user read/write access to any volumes that will be used
#      (Ensure the numeric uid/gid below match step 1 above)

RUN echo "user=ima" > /etc/messagesight-user.cfg
RUN echo "group=ima" > /etc/messagesight-user.cfg
RUN groupadd -r -g 463 ima
RUN useradd -r  -s /sbin/nologin -g ima -u 463 ima

#Install the Server
RUN yum -y install /tmp/imaserver.rpm

# Delete imaserver.rpm from temporary directory
RUN rm -f /tmp/imaserver.rpm

RUN yum install -y python3

ADD ./requirements.txt /tmp/
RUN pip3 install --upgrade -r /tmp/requirements.txt && \
    rm /tmp/requirements.txt

# scripts contains the scripts necessary for the readiness probe
ADD ./scripts/* /usr/share/amlen-server/bin/
# add settings to allow HA to work in a virtual environment more robustly
RUN sed -i "/HA.AllowSingleNIC/d" /usr/share/amlen-server/config/server.cfg && \
    sed -i "/HA.SplitBrainPolicy/d" /usr/share/amlen-server/config/server.cfg && \
    echo "HA.AllowSingleNIC = 1" >> /usr/share/amlen-server/config/server.cfg && \
    echo "HA.SplitBrainPolicy = 1" >> /usr/share/amlen-server/config/server.cfg

#Comment out the line below to run as root user
USER ima:ima

ENTRYPOINT [ "/usr/share/amlen-server/bin/startServer.sh" ]
