FROM registry.hub.docker.com/library/python:3.10-slim-bullseye as wheels
# hadolint ignore=DL3008,DL3015
RUN apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -y \
        build-essential \
        git \
        libldap2-dev \
        libsasl2-dev \
    ;
WORKDIR /wheels
RUN python3 -m pip wheel https://github.com/python-ldap/python-ldap/releases/download/python-ldap-3.3.1/python-ldap-3.3.1.tar.gz
RUN python3 -m pip wheel git+https://github.com/adarnimrod/flask-simpleldap.git@ldapi-support#egg=flask-simpleldap

FROM registry.hub.docker.com/library/python:3.10-slim-bullsye
# hadolint ignore=DL3008
RUN apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        libldap-2.4-2 \
        libsasl2-2 \
        wget \
    && \
    rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
COPY --from=wheels /wheels/*.whl /wheels/
RUN pip install /wheels/*.whl
WORKDIR /app
COPY requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt
COPY * ./
USER nobody
EXPOSE 8080
ENV FORWARDED_ALLOW_IPS "*"
HEALTHCHECK CMD wget --spider --quiet http://localhost:8080/ping --user-agent 'Docker Healthcheck' || exit 1
CMD ["gunicorn", "--bind", "0.0.0.0:8080", "--log-file", "-", "--workers", "2", "app:app"]
