# Base Containerfile for Debcraft
FROM debian:sid

ARG HOST_ARCH

ENV DEBIAN_FRONTEND=noninteractive

# Automatically remove 500MB+ of debug symbols that GCC maintainers have
# intentionally in unstable for bootstrapping new stack tracing, but which is
# unnecessary for Debcraft containers
COPY 80-strip-gcc-debug-symbols /etc/apt/apt.conf.d/

# Stretch is no longer available at deb.debian.org, use archive.debian.org instead
RUN if grep -q 'PRETTY_NAME="Debian GNU/Linux 9 (stretch)"' /etc/os-release; \
    then \
      echo "deb http://archive.debian.org/debian stretch main\ndeb http://archive.debian.org/debian-security stretch/updates main" \
        > /etc/apt/sources.list; \
    fi

# Debian build essentials and Debcraft essentials
# Unfortunately this is almost 500 MB but here is no way around it. Luckily due
# to caching all rebuilds and all later containers will build much faster.
RUN apt-get update -q && \
    apt-get install -q --yes --no-install-recommends \
      blhc \
      ccache \
      curl \
      devscripts \
      eatmydata \
      equivs \
      fakeroot \
      git \
      git-buildpackage \
      lintian \
      pristine-tar \
      quilt

# Validator dependencies
RUN apt-get update -q && \
    apt-get install -q --yes --no-install-recommends \
      apt-utils \
      autopkgtest \
      autodep8 \
      codespell \
      command-not-found \
      hunspell-en-us \
      python3-bs4 \
      python3-debian \
      python3-hunspell \
      python3-levenshtein \
      python3-setuptools \
      shellcheck \
      xxd

# The diffoscope-minimal package is available only since Debian 11 "Bullseye",
# and thus building containers of older Debian or Ubuntu releases will fail
# but can be ignored, as only diffoscope-features are affected
RUN apt-get update -q && \
    apt-get install -q --yes --no-install-recommends \
      diffoscope-minimal || true

# The lintianb-rush package is (consistently) available only since Debian 12
# "Bookworm" and thus building containers of older Debian or Ubuntu releases
# will fail, but that can be ignored
RUN apt-get update -q && \
    apt-get install -q --yes --no-install-recommends \
      lintian-brush || true

# The licenserecon package is available only since Debian 13 "Trixie",
# and thus building containers of older Debian or Ubuntu releases will fail
# but can be ignored
RUN apt-get update -q && \
    apt-get install -q --yes --no-install-recommends \
      licenserecon || true

# @TODO: The dh-debputy and python3-lsprotocol are available only in latest
# Debian Sid 2024, and thus building containers of older Debian and Ubuntu
# releases will fail and thus an override to return a successful exit code is
# needed. This can be removed once dh-debputy with dependencies is available via
# backports: https://salsa.debian.org/debian/debputy/-/issues/76#note_512583
RUN apt-get update -q && \
    apt-get install -q --yes --no-install-recommends \
      dh-debputy \
      python3-lsprotocol || true

# Install sccache (available in Debian/Ubuntu since December 2022) so C/C++ and
# Rust builds can use it
RUN apt-get update -q && \
    apt-get install -q --yes --no-install-recommends \
      sccache || true

# Activate source repositories in the Containerfile so that the large download
# is cached in the container and the validator can run quickly
COPY enable-source-repositories.sh enable-extra-repositories.sh output.inc.sh /
RUN /enable-source-repositories.sh

# Insert extra repositories and keys right before build dependencies are to be
# installed following convention set in Salsa CI
# (https://salsa.debian.org/salsa-ci-team/pipeline#add-private-repositories-to-the-builds)
COPY ci /ci
COPY extra_repository_dir /debcraft/extra_repository_dir
RUN /enable-extra-repositories.sh

RUN echo "Package: *" >> /etc/apt/preferences.d/99experimental-force && \
    echo "Pin: release a=experimental" >> /etc/apt/preferences.d/99experimental-force && \
    echo "Pin-Priority: 900" >> /etc/apt/preferences.d/99experimental-force && \
    echo "" >> /etc/apt/preferences.d/99experimental-force && \
    echo "Package: libcrack2 libcrack2-dev cracklib-runtime" >> /etc/apt/preferences.d/99experimental-force && \
    echo "Pin: release a=unstable" >> /etc/apt/preferences.d/99experimental-force && \
    echo "Pin-Priority: 999" >> /etc/apt/preferences.d/99experimental-force

# Install dependencies
#@TODO: Use 'apt-get build-dep .' as all modern Debian/Ubuntu versions support it
COPY control /
RUN [ -z $HOST_ARCH ] || dpkg --add-architecture $HOST_ARCH; \
    apt-get update -q && \
    DEBIAN_FRONTEND=noninteractive mk-build-deps -r -i ${HOST_ARCH:+--host-arch $HOST_ARCH} /control \
      -t 'apt-get -y -o Debug::pkgProblemResolver=yes --no-install-recommends'

# Should be automatic and not needed at all, but run one more time just to be sure
RUN update-ccache-symlinks

# Older ccache does not support '--verbose' but will print stats anyway, just
# followed by help section. Newer ccache 4.0+ (Ubuntu 22.04 "Focal", Debian 12
# "Bullseye") however require '--verbose' to show any cache hit stats at all.
RUN ccache --show-stats --verbose || true; sccache --show-stats || true

# All Debcraft commands and libraries are copied to the container root as it is
# a throw-away environment and strict adherense to LSB does not matter. Do not
# put any scripts into the /debcraft folder, as it is dedicated for build
# artifacts that will be stored.
COPY *.sh /
