FROM    alpine:3.21
ARG     ALPINE="v3.21"
ARG     BUILDUSER=alpine

RUN     echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main" > /etc/apk/repositories && \
        echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/community" >> /etc/apk/repositories && \
        echo "@edge-main http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
        #echo "http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
        echo "@edge-community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories

RUN     apk -U --no-cache upgrade && \
        apk --no-cache add \
        alpine-sdk \
        lua-aports \
        doas \
        pigz \
        xz
        # gcc-gnat \

RUN     adduser -D $BUILDUSER && \
        addgroup $BUILDUSER abuild && \
        echo "permit nopass :abuild" > /etc/doas.d/doas.conf && \
        install -d -g abuild -m 775 /var/cache/distfiles && \
        install -d -g abuild -m 775 /packages && \
        echo -e "$BUILDUSER:1001:64535" > /etc/subuid && \
        echo -e "$BUILDUSER:1001:64535" > /etc/subgid && \
        echo "@kubezero https://cdn.zero-downtime.net/alpine/${ALPINE}/kubezero" >> /etc/apk/repositories && \
        wget -q -O /etc/apk/keys/stefan@zero-downtime.net-61bb6bfb.rsa.pub https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub

COPY    abuilder aarch64-toolchain.sh /usr/bin/

WORKDIR /home/$BUILDUSER
USER    $BUILDUSER

ENTRYPOINT ["abuilder"]