# Debian Koji Container
# Koji build system environment with database connections and caching

FROM debian:trixie-slim

# Install system dependencies for koji
RUN apt-get update && apt-get install -y \
    python3 \
    python3-pip \
    python3-setuptools \
    python3-wheel \
    python3-dev \
    python3-psycopg2 \
    python3-ldap \
    python3-kerberos \
    python3-gssapi \
    ca-certificates \
    curl \
    postgresql-client \
    && rm -rf /var/lib/apt/lists/*

# Install koji from the local source
COPY . /tmp/koji
RUN cd /tmp/koji && \
    python3 -m pip install --no-cache-dir -e . && \
    rm -rf /tmp/koji

# Create non-root user for security
RUN useradd -r -s /bin/bash -u 1000 koji

# Set up koji directories
RUN mkdir -p /var/lib/koji /var/log/koji /etc/koji && \
    chown -R koji:koji /var/lib/koji /var/log/koji /etc/koji

# Set working directory
WORKDIR /var/lib/koji

# Switch to non-root user
USER koji

# Expose koji hub port
EXPOSE 80

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
    CMD python3 -c "import koji; print('Koji available')" || exit 1

# Default command - koji hub
CMD ["python3", "-m", "koji", "hub", "--config", "/etc/koji/koji.conf"]

# Labels for container management
LABEL org.opencontainers.image.title="Debian Koji"
LABEL org.opencontainers.image.description="Debian Koji - Build system coordination"
LABEL org.opencontainers.image.vendor="Debian Forge Team"
LABEL org.opencontainers.image.source="https://git.raines.xyz/particle-os/debian-koji"