# Copyright (c) 2015-2021 Contributors to the Eclipse Foundation
# 
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
# 
# This program and the accompanying materials are made available under the
# terms of the Eclipse Public License 2.0 which is available at
# http://www.eclipse.org/legal/epl-2.0
# 
# SPDX-License-Identifier: EPL-2.0
#

#Choose a base image that matches the type of build we are using...
# To use a different disto change the from EG:
# FROM quay.io/centos/centos:7
# FROM quay.io/almalinuxorg/almalinux:8
# FROM quay.io/almalinuxorg/almalinux:9
# FROM quay.io/almalinuxorg/almalinux:10
# For Fedora, the verion changes very often due to their short life
# FROM quay.io/fedora/fedora:43-x86_64
FROM quay.io/almalinuxorg/almalinux:8

WORKDIR /usr/share/amlen-webui/bin

# For RHEL8+ and compatible distros, openldap-servers is not in the default repo
# and that is a prereq so one of:
#  1) CodeReady Builder/PowerTools stream for RHEL/Almalinux 8
#  2) EPEL for RHEL/Almalinux 9+
#  3) Symas repo
# Needs to be enabled e.g. we enable symas:
#RUN curl -o /etc/yum.repos.d/sofl.repo https://repo.symas.com/configs/SOFL/rhel8/sofl.repo
# We make this step optional as not all distros will support the commands

RUN dnf install dnf-plugins-core -y
RUN dnf config-manager --set-enabled powertools || true
RUN dnf config-manager --set-enabled crb || true
RUN dnf install epel-release -y || true

# Add RPM in a temporary directory inside the container
# Make sure that imawebui.rpm is available in the directory where "docker build" command
# is being executed
ADD ./imawebui.rpm /tmp/

# Update all packages
RUN yum -y upgrade 


#To run as a non-root user
# 1) Create the user and group outside the container with a selected uid/gid
#        groupadd -r -g 463 ima
#        useradd -r  -s /sbin/nologin -g ima -u 463 ima
# 2) Give that user read/write access to any volumes that will be used
# 3) Create a config file so the RPM knows the user
#        RUN echo 'user=ima' >/etc/messagesight-user.cfg
# 4) Uncomment the RUN group/useradd setup lines:
#      (Ensure the numeric uid/gid below match step 1 above)
#        RUN groupadd -r -g 463 ima
#        RUN useradd -r  -s /sbin/nologin -g ima -u 463 ima
# 5) Uncomment the USER line above the Entrypoint before the entrypoint

# We see a bug where if the WebUI is installed in the same transaction as the java
# it depends on, java is not in the path when the postinstall scripts are run.
# We work around this by finding the required version of java and installing it first:
RUN yum deplist /tmp/imawebui.rpm |  awk '/provider:/ {print $2}' | grep java | sort -u |  xargs yum -y install

#Install the WebUI intself
RUN yum -y install /tmp/imawebui.rpm

# Delete imawebui.rpm from temporary directory
RUN rm -f /tmp/imawebui.rpm

#Uncomment below USER line to run as a non-root user (but do the above steps 1-4 as well!)
#USER ima:ima

# Set file permissions
RUN chmod -R +x /usr/share/amlen-webui/wlp

ENTRYPOINT [ "/usr/share/amlen-webui/bin/startWebUI.sh" ]
