# Koji-OSBuild Integration Container
# Optimized for integration performance between koji and osbuild

FROM debian:trixie-slim

# Install system dependencies
RUN apt-get update && apt-get install -y \
    python3 \
    python3-pip \
    python3-setuptools \
    python3-wheel \
    python3-dev \
    python3-psycopg2 \
    ca-certificates \
    curl \
    postgresql-client \
    && rm -rf /var/lib/apt/lists/*

# Install koji-osbuild from the local source
COPY . /tmp/koji-osbuild
RUN cd /tmp/koji-osbuild && \
    python3 -m pip install --no-cache-dir -e . && \
    rm -rf /tmp/koji-osbuild

# Create non-root user for security
RUN useradd -r -s /bin/bash -u 1000 koji-osbuild

# Set up directories
RUN mkdir -p /var/lib/koji-osbuild /var/log/koji-osbuild /etc/koji-osbuild && \
    chown -R koji-osbuild:koji-osbuild /var/lib/koji-osbuild /var/log/koji-osbuild /etc/koji-osbuild

# Set working directory
WORKDIR /var/lib/koji-osbuild

# Switch to non-root user
USER koji-osbuild

# Expose koji-osbuild port
EXPOSE 8080

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
    CMD python3 -c "import koji_osbuild; print('Koji-OSBuild available')" || exit 1

# Default command - koji-osbuild integration service
CMD ["python3", "-m", "koji_osbuild", "--config", "/etc/koji-osbuild/koji-osbuild.conf"]

# Labels for container management
LABEL org.opencontainers.image.title="Koji-OSBuild Integration"
LABEL org.opencontainers.image.description="Koji-OSBuild - Integration layer between koji and osbuild"
LABEL org.opencontainers.image.vendor="Debian Forge Team"
LABEL org.opencontainers.image.source="https://git.raines.xyz/particle-os/koji-osbuild"