#*******************************************************************************
# Copyright (c) 2019 IBM Corporation and others.
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Eclipse Public License v2.0
# which accompanies this distribution, and is available at
# http://www.eclipse.org/legal/epl-v20.html
#
# Contributors:
#     IBM Corporation - initial API and implementation
#*******************************************************************************
#FROM centos:7

FROM centos@sha256:b5e66c4651870a1ad435cd75922fe2cb943c9e973a9673822d1414824a1d0475 as codewind-pfe-base
LABEL org.label-schema.name="Codewind PFE" org.label-schema.description="Codewind PFE" \
      org.label-schema.url="https://codewind.dev/" \
      org.label-schema.vcs-url="https://github.com/eclipse/codewind" org.label-schema.vendor="IBM"

ARG BUILDAH_RPM=https://cbs.centos.org/kojifiles/packages/buildah/1.11.2/2.git0bafbfe.el7/x86_64/buildah-1.11.2-2.git0bafbfe.el7.x86_64.rpm

# Download the buildah RPM
RUN curl -f -o buildah.rpm $BUILDAH_RPM

# Download and set up Node 10.x RPM
RUN curl -sL https://rpm.nodesource.com/setup_10.x | bash -

RUN yum install -y epel-release \
    && yum -y --enablerepo=epel install zip unzip sudo ca-certificates openssl nodejs buildah.rpm \
    && yum clean all \
    && rm -rf /var/cache/yum

# Install docker client only
RUN cd /tmp \
    && curl -O https://download.docker.com/linux/static/stable/x86_64/docker-18.09.6.tgz \
    && echo '1f3f6774117765279fce64ee7f76abbb5f260264548cf80631d68fb2d795bb09  docker-18.09.6.tgz' | sha256sum -c - \
    && tar -xvf docker-18.09.6.tgz docker/docker \
    && cp /tmp/docker/docker /usr/bin/docker \
    && rm -rf /tmp/docker /tmp/docker-18.09.6.tgz \
    && chown root:root /usr/bin/docker

# Download OpenJ9 JRE, fixed to jre8u212-b04_openj9-0.14.2 version
RUN cd /tmp \
    && curl -sL -O https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u222-b10_openj9-0.15.1/OpenJDK8U-jre_x64_linux_openj9_8u222b10_openj9-0.15.1.tar.gz \
    && echo 'ae56994a7c8e8c19939c0c2ff8fe5a850eb2f23845c499aa5ede26deb3d5ad28  OpenJDK8U-jre_x64_linux_openj9_8u222b10_openj9-0.15.1.tar.gz' | sha256sum -c - \
    && tar -xvf OpenJDK8U-jre_x64_linux_openj9_8u222b10_openj9-0.15.1.tar.gz \
    && OPENJ9_JRE=$(find *jre | head -n 1) \
    && mkdir -p /opt/java \
    && cp -r /tmp/$OPENJ9_JRE /opt/java/jre \
    && rm -rf /tmp/$OPENJ9_JRE /tmp/OpenJDK8U-jre_x64_linux_openj9_8u222b10_openj9-0.15.1.tar.gz

# Set up PFE container environment variables
ENV JAVA_HOME=/opt/java/jre \
    PATH=/opt/java/jre/bin:$PATH \
    HELM_HOME=/root/.helm

# Install the latest version of yq
RUN LATEST_RELEASE=$(curl -L -s -H 'Accept: application/json' https://github.com/mikefarah/yq/releases/latest) \
    && LATEST_VERSION=$(echo $LATEST_RELEASE | sed -e 's/.*"tag_name":"\([^"]*\)".*/\1/') \
    && curl -sL -O https://github.com/mikefarah/yq/releases/download/$LATEST_VERSION/yq_linux_amd64 \
    && mv ./yq_linux_amd64 /usr/local/bin/yq \
    && chmod +x /usr/local/bin/yq

# Install kubectl
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl \
    && chmod +x ./kubectl \
    && mv ./kubectl /usr/local/bin/kubectl

# Install helm, fixed to the 2.9.1 version
RUN cd /tmp \ 
    && curl -O https://get.helm.sh/helm-v2.9.1-linux-amd64.tar.gz \
    && echo '56ae2d5d08c68d6e7400d462d6ed10c929effac929fedce18d2636a9b4e166ba  helm-v2.9.1-linux-amd64.tar.gz' | sha256sum -c - \
    && tar -xvf helm-v2.9.1-linux-amd64.tar.gz \
    && cp /tmp/linux-amd64/helm /usr/local/bin/helm \
    && chmod +x /usr/local/bin/helm \
    && rm -rf /tmp/linux-amd64 /tmp/helm-v2.9.1-linux-amd64.tar.gz

WORKDIR /
# Softlink to /codewind-workspace to /projects so paths
# match in che.
RUN chmod 644 /etc/sudoers \
    && mkdir -m 777 -p /codewind-workspace \
    && ln -s /codewind-workspace /projects \
    && adduser mcuser

######### Extensions setup.
RUN mkdir /extensions
COPY /extensions /extensions

######### File watcher setup.
RUN mkdir /file-watcher
WORKDIR /file-watcher

COPY /file-watcher/dockerfiles /file-watcher/dockerfiles
COPY /file-watcher/scripts /file-watcher/scripts
COPY /file-watcher/server /file-watcher/server

WORKDIR /file-watcher/server

# Install w/ dev dependencies and do linting first, then delete node_modules and reinstall using production flag
RUN npm ci \
    && npm run build \
    && rm -rf node_modules \
    && npm ci --production \
    && mkdir /file-watcher/fwdata \
    && npm cache clean -f

# Copy translation files to the distribution directory
RUN cp -r src/utils/locales dist/utils/locales

######### Portal setup
# This is copied in a later build stage.
# Changes outside /portal will be lost.
FROM codewind-pfe-base as codewind-pfe-portal

# Install and build the initialization module.
RUN mkdir /initialize
COPY /initialize /initialize
WORKDIR /initialize
RUN npm ci \
    && npm run build \
    && rm -rf node_modules \
    && npm ci --production \

RUN mkdir /portal

WORKDIR /portal
COPY /portal/package.json /portal/package-lock.json /portal/
COPY /portal/sudoers /etc/sudoers

COPY /portal/npm-start.sh /portal/nodemon.json /portal/
COPY /portal/eslint-rules /portal/eslint-rules
RUN chmod -R +rx /portal/npm-start.sh

COPY /portal/server.js /portal/
COPY /portal/modules /portal/modules
COPY /portal/routes /portal/routes
COPY /portal/config /portal/config
COPY /portal/middleware /portal/middleware
COPY /portal/docs /portal/docs

FROM codewind-pfe-base

# Don't force a file-watcher rebuild on a portal change.
# (Improves development builds significantly.)
COPY --from=codewind-pfe-portal /initialize /initialize
COPY --from=codewind-pfe-portal /portal /portal

# Copy the license files to the root directory
# to satisfy requirement from legal
COPY /portal/LICENSE /
COPY /portal/NOTICE.md /

WORKDIR /portal
ARG NODE_ENV
ENV NODE_ENV=${NODE_ENV}
RUN npm ci \
    && npm cache clean -f

# Do the idc copy at the end since IDC is rebuilt as part of the build process and will cause the docker cache at this step to change
# and trigger all steps after this one to be executed instead of using the docker image cache. All steps after this one should be short
# to save time on local builds.
COPY /file-watcher/idc /file-watcher/idc
RUN chmod -R +rx /file-watcher/idc

WORKDIR /codewind-workspace

EXPOSE 9090

# Moved the FORCE_COLOR env var for colored logs from root-watcher.sh to the Dockerfile
ENV FORCE_COLOR=1

# USER mcuser
# TODO, work out how to start everything.
WORKDIR /
CMD [ "sh", "-c", " /file-watcher/scripts/root-watcher.sh ${HOST_WORKSPACE_DIRECTORY} ${CONTAINER_WORKSPACE_DIRECTORY} ; cd /portal ; npm start ;" ]
