load("@aspect_bazel_lib//lib:tar.bzl", "tar")
load("@container_structure_test//:defs.bzl", "container_structure_test")
load("@rules_distroless//distroless:defs.bzl", "group", "passwd")
load("@rules_oci//oci:defs.bzl", "oci_image", "oci_load", "oci_push")
load("@rules_pkg//:pkg.bzl", "pkg_tar")

COMPATIBLE_WITH = select({
    "@platforms//cpu:x86_64": ["@platforms//cpu:x86_64"],
    "@platforms//cpu:arm64": ["@platforms//cpu:arm64"],
}) + [
    "@platforms//os:linux",
]

genrule(
    name = "copy_bazelisk",
    srcs = select({
        "@platforms//cpu:arm64": ["@bazelisk_linux_arm64//file"],
        "//conditions:default": ["@bazelisk_linux_amd64//file"],
    }),
    outs = ["bazel"],
    cmd = "cp $(SRCS) $(OUTS)",
)

pkg_tar(
    name = "bazelisk_tar",
    srcs = [":copy_bazelisk"],
    mode = "0755",
    package_dir = "/usr/bin",
)

passwd(
    name = "passwd",
    entries = [
        {
            "uid": 0,
            "gid": 0,
            "home": "/root",
            "shell": "/bin/bash",
            "username": "r00t",
        },
        {
            "uid": 100,
            "gid": 65534,
            "home": "/home/_apt",
            "shell": "/usr/sbin/nologin",
            "username": "_apt",
        },
    ],
)

group(
    name = "group",
    entries = [
        {
            "name": "root",
            "gid": 0,
        },
        {
            "name": "_apt",
            "gid": 65534,
        },
    ],
)

tar(
    name = "sh",
    mtree = [
        # needed as dpkg assumes sh is installed in a typical debian installation.
        "./bin/sh type=link link=/bin/bash",
    ],
)

oci_image(
    name = "noble",
    architecture = select({
        "@platforms//cpu:arm64": "arm64",
        "@platforms//cpu:x86_64": "amd64",
    }),
    os = "linux",
    tags = ["manual"],
    # NOTE: this is needed because, otherwise, bazel test //... fails, even
    # when container_structure_test already has target_compatible_with.
    # See 136
    target_compatible_with = COMPATIBLE_WITH,
    tars = [
        "@noble//:noble",
        ":sh",
        ":passwd",
        ":group",
        ":bazelisk_tar",
    ],
    visibility = ["//visibility:public"],
)

oci_load(
    name = "tarball",
    image = ":noble",
    repo_tags = [
        "distroless/noble:latest",
    ],
    tags = ["manual"],
    # NOTE: this is needed because, otherwise, bazel test //... fails, even
    # when container_structure_test already has target_compatible_with.
    # See 136
    target_compatible_with = COMPATIBLE_WITH,
)

container_structure_test(
    name = "test",
    configs = select({
        "@platforms//cpu:arm64": ["test_linux_arm64.yaml"],
        "@platforms//cpu:x86_64": ["test_linux_amd64.yaml"],
    }),
    image = ":noble",
    tags = ["manual"],
    target_compatible_with = COMPATIBLE_WITH,
)

oci_push(
    name = "push",
    image = ":noble",
    remote_tags = ["5"],
    repository = "forgejo.csbx.dev/acmcarther/coder-dev-base-image",
)