FROM golang AS base
ARG SASS_VERSION=
ARG GOLANG_CI_VERSION=
ARG COMMIT_SHA=
ARG VERSION=
RUN apt-get update && apt-get install -y npm && npm install -g sass@${SASS_VERSION}
RUN curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/HEAD/install.sh | sh -s -- -b $(go env GOPATH)/bin v${GOLANG_CI_VERSION}
WORKDIR /app
COPY go.mod go.sum buf.gen.yaml buf.work.yaml main.go ./
COPY docs/apis/assets/assets.md docs/apis/assets/assets.md
COPY cmd/ cmd/
COPY internal/ internal/
COPY openapi/ openapi/
COPY pkg/ pkg/
COPY proto/ proto/
COPY statik/ statik/
RUN go version
RUN go mod download \
    && go install tool \
    && buf generate && cp -r .artifacts/grpc/github.com/zitadel/zitadel/pkg/grpc/* pkg/grpc/ \
    && go generate ./... \
    && go run internal/api/assets/generator/asset_generator.go -directory=internal/api/assets/generator/ -assets=docs/apis/assets/assets.md

FROM scratch AS generate
COPY --from=base /app/pkg/grpc/ /pkg/grpc/
COPY --from=base /app/openapi/ /openapi/
COPY --from=base /app/internal/api/assets/generator/ /internal/api/assets/generator/

FROM base AS build-linux-amd64
COPY --from=console ./ internal/api/ui/console/static
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o zitadel -v -ldflags="-s -w -X 'github.com/zitadel/zitadel/cmd/build.commit=${COMMIT_SHA}' -X 'github.com/zitadel/zitadel/cmd/build.date=${now}' -X 'github.com/zitadel/zitadel/cmd/build.version=${VERSION}' " \
    && chmod +x zitadel
FROM base AS build-linux-arm64
COPY --from=console ./ internal/api/ui/console/static
RUN CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o zitadel -v -ldflags="-s -w -X 'github.com/zitadel/zitadel/cmd/build.commit=${COMMIT_SHA}' -X 'github.com/zitadel/zitadel/cmd/build.date=${now}' -X 'github.com/zitadel/zitadel/cmd/build.version=${VERSION}' " \
    && chmod +x zitadel
FROM base AS build-darwin-amd64
COPY --from=console ./ internal/api/ui/console/static
RUN CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o zitadel -v -ldflags="-s -w -X 'github.com/zitadel/zitadel/cmd/build.commit=${COMMIT_SHA}' -X 'github.com/zitadel/zitadel/cmd/build.date=${now}' -X 'github.com/zitadel/zitadel/cmd/build.version=${VERSION}' " \
    && chmod +x zitadel
FROM base AS build-darwin-arm64
COPY --from=console ./ internal/api/ui/console/static
RUN CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -o zitadel -v -ldflags="-s -w -X 'github.com/zitadel/zitadel/cmd/build.commit=${COMMIT_SHA}' -X 'github.com/zitadel/zitadel/cmd/build.date=${now}' -X 'github.com/zitadel/zitadel/cmd/build.version=${VERSION}' " \
    && chmod +x zitadel
FROM base AS build-windows-amd64
COPY --from=console ./ internal/api/ui/console/static
RUN CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o zitadel -v -ldflags="-s -w -X 'github.com/zitadel/zitadel/cmd/build.commit=${COMMIT_SHA}' -X 'github.com/zitadel/zitadel/cmd/build.date=${now}' -X 'github.com/zitadel/zitadel/cmd/build.version=${VERSION}' " \
    && chmod +x zitadel
FROM base AS build-windows-arm64
COPY --from=console ./ internal/api/ui/console/static
RUN CGO_ENABLED=0 GOOS=windows GOARCH=arm64 go build -o zitadel -v -ldflags="-s -w -X 'github.com/zitadel/zitadel/cmd/build.commit=${COMMIT_SHA}' -X 'github.com/zitadel/zitadel/cmd/build.date=${now}' -X 'github.com/zitadel/zitadel/cmd/build.version=${VERSION}' " \
    && chmod +x zitadel
FROM scratch AS build
COPY --from=build-linux-amd64 /app/zitadel zitadel-linux-amd64
COPY --from=build-linux-arm64 /app/zitadel zitadel-linux-arm64
COPY --from=build-darwin-amd64 /app/zitadel zitadel-darwin-amd64
COPY --from=build-darwin-arm64 /app/zitadel zitadel-darwin-arm64
COPY --from=build-windows-amd64 /app/zitadel zitadel-windows-amd64
COPY --from=build-windows-arm64 /app/zitadel zitadel-windows-arm64

FROM base AS lint
COPY --from=console ./ internal/api/ui/console/static
COPY .golangci.yaml ./
COPY .git/ ./.git/
RUN golangci-lint run \
    --timeout 10m \
    --config ./.golangci.yaml \
    --out-format=github-actions \
    --concurrency=$$(getconf _NPROCESSORS_ONLN)

FROM base AS unit-test
COPY --from=console ./ internal/api/ui/console/static
RUN go test -race -coverprofile=profile.cov -coverpkg=./internal/...  ./...

FROM scratch AS unit
COPY --from=unit-test /app/profile.cov .

FROM debian:latest AS base-image
ENV ZITADEL_ARGS=
ARG TARGETOS
ARG TARGETARCH
RUN apt-get update && apt-get install ca-certificates -y
COPY --from=build /zitadel-${TARGETOS}-${TARGETARCH} /app/zitadel
RUN echo hodor /zitadel-${TARGETOS}-${TARGETARCH}
RUN useradd -s "" --home / zitadel && \
    chown zitadel /app/zitadel && \
    chmod +x /app/zitadel
WORKDIR /app
ENV PATH="/app:${PATH}"
USER zitadel 

FROM scratch AS image
COPY --from=base-image /etc/passwd /etc/passwd
COPY --from=base-image /etc/ssl/certs /etc/ssl/certs
COPY --from=base-image /app/zitadel /app/zitadel
HEALTHCHECK NONE
USER zitadel
ENTRYPOINT ["/app/zitadel"]