FROM alpine:3.20

# --- Metadaten / OCI Labels ---
LABEL org.opencontainers.image.title="Drone Publish Tool" \
      org.opencontainers.image.description="Automatisiertes Drone CI Tool zum Signieren (Cosign) und Erstellen von Gitea-Releases" \
      org.opencontainers.image.authors="Patrick Buchhorst <patrick@buchhorster.de>" \
      org.opencontainers.image.vendor="Buchhorster IT" \
      org.opencontainers.image.source="https://gitea.buchhorster.de/patrick/drone-publish-tool" \
      org.opencontainers.image.licenses="MIT"

# Optionaler Build-ARG für Versionstag (falls über Drone gesetzt)
ARG VERSION=1.0.0
LABEL org.opencontainers.image.version=$VERSION

# --- Systemabhängigkeiten ---
RUN apk add --no-cache \
      bash \
      curl \
      git \
      jq \
      tini \
      wget \
      ca-certificates \
      docker-cli && \
    update-ca-certificates

# --- Cosign installieren ---
RUN wget -qO /usr/local/bin/cosign \
      https://github.com/sigstore/cosign/releases/download/v3.0.2/cosign-linux-amd64 && \
    chmod +x /usr/local/bin/cosign

# --- Entrypoint-Skript ---
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh

# --- Saubere Startumgebung ---
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/entrypoint.sh"]