FROM python:3.11-alpine

RUN apk --no-cache add ansible openssh-client tini su-exec socat

RUN adduser \
    --disabled-password \
    --gecos "" \
    api-server

RUN mkdir -p /var/run/ansible

USER api-server
WORKDIR /opt/api-server

COPY requirements.txt .
RUN pip install -r requirements.txt 

COPY . .

ENV API_PROJECT_DIR=/var/project \
    API_GALAXY_REQUIREMENTS=/var/project/galaxy-requirements.yml \
    API_PIP_REQUIREMENTS=/var/project/requirements.txt \
    API_RUNAS=api-server \
    PATH="/home/api-server/.local/bin:${PATH}"


VOLUME [ "${API_PROJECT_DIR}" ]
VOLUME [ "/var/run/ansible" ]

WORKDIR ${API_PROJECT_DIR}

# switch to root as it must be available
USER root
ENTRYPOINT [ "tini", "--", "/opt/api-server/bin/docker-entrypoint.sh" ]