# SPDX-License-Identifier: MIT
#!BuildTag: suse/manager/5.0/%ARCH%/server-attestation:5.0.5 suse/manager/5.0/%ARCH%/server-attestation:5.0.5.%RELEASE% suse/manager/5.0/%ARCH%/server-attestation:latest

ARG BASE=registry.suse.com/bci/bci-base:15.5
FROM $BASE

# Architecture specific attestation modules are specified via project configuration
ARG ARCH_SPECIFIC_MODULES

# Main packages
RUN zypper ref && zypper --non-interactive up
RUN zypper --gpg-auto-import-keys --non-interactive install --auto-agree-with-licenses --force-resolution \
    uyuni-coco-attestation-core \
    uyuni-coco-attestation-module-secureboot \
    ${ARCH_SPECIFIC_MODULES} \
    javassist apache-commons-ognl procps

ARG PRODUCT="SUSE Manager"
ARG VENDOR="SUSE LLC"
ARG URL="https://www.uyuni-project.org/"
ARG REFERENCE_PREFIX="registry.opensuse.org/uyuni"
ARG PRODUCT_VERSION="5.0.5"

# Build Service required labels
# labelprefix=com.suse.manager.server-attestation
LABEL com.suse.supportlevel="l3"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle/"
LABEL com.suse.release-stage="released"
LABEL com.suse.eula="sle-eula"
LABEL org.opencontainers.image.name=server-attestation-image
LABEL org.opencontainers.image.title="${PRODUCT} Confidential Computing attestation container"
LABEL org.opencontainers.image.description="${PRODUCT} Confidential Computing attestation container"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="${VENDOR}"
LABEL org.opencontainers.image.url="${URL}"
LABEL org.opencontainers.image.version=5.0.11
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL org.opensuse.reference="${REFERENCE_PREFIX}/%ARCH%/server-attestation:5.0.5.%RELEASE%"
# endlabelprefix

HEALTHCHECK --interval=5m --timeout=5s --retries=1 CMD ["pgrep", "-f", "com.suse.coco.CoCoAttestation"]

CMD ["/usr/sbin/coco-attestation"]