FROM python:3.12.10-alpine3.22

ENV DTRACK_API_URL=""
ENV DTRACK_TOKEN=""
ENV DEFECTDOJO_URL=""
ENV DEFECTDOJO_TOKEN=""

ARG APP_DIR=/opt/app
ARG ADDITIONAL_CA_URL="x"
ARG ADDITIONAL_CA_CHECKSUM="y"

RUN \
  apk add --no-cache syft &&\
  adduser -s /bin/sh -D user &&\
  mkdir -p $APP_DIR &&\
  chown user:user $APP_DIR &&\
  echo $ADDITIONAL_CA_URL &&\
  echo $ADDITIONAL_CA_CHECKSUM &&\
  if [ "$ADDITIONAL_CA_URL" != "x" ]; then \
    cd /usr/share/ca-certificates; \
    wget --no-check-certificate -O custom-ca.crt $ADDITIONAL_CA_URL; \
    echo "a921e440a742f1e67c7714306e2c0d76  custom-ca.crt" | md5sum -c; \
    /usr/sbin/update-ca-certificates; \
    echo "custom ca added"; \
  else \
    echo "no additional ca"; \
  fi 

USER user
WORKDIR $APP_DIR

COPY src/requirements.txt .
COPY src/sbom-dt-dd.py .
COPY src/entrypoint.sh .
COPY dependencytrack-client/ ./dependencytrack-client
COPY defectdojo-client/ ./defectdojo-client

RUN \
  python -m venv .venv &&\
  . ./.venv/bin/activate &&\
  pip install -r requirements.txt &&\
  pip install -r dependencytrack-client/requirements.txt &&\
  pip install -r defectdojo-client/requirements.txt

ENTRYPOINT [ "./entrypoint.sh" ]