# Copyright (c) 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.

FROM docker.io/library/openjdk:8

# It's not 100% clear that unzip and libmysql-java are needed
RUN apt-get update \
  && apt-get install -y dumb-init wget unzip libmysql-java \
  && apt-get clean \
  && rm -rf /var/lib/apt/lists/*

# 3000 is what the existing opendev gerrit2 user is
RUN addgroup gerrit --gid 3000 --system \
  && adduser \
    --uid 3000 \
    --system \
    --home /var/gerrit \
    --shell /bin/bash \
    --ingroup gerrit \
    gerrit

USER gerrit

# Download the gerrit war
RUN mkdir /var/gerrit/bin \
  && mkdir /var/gerrit/hooks \
  && mkdir /var/gerrit/static \
  && wget https://tarballs.openstack.org/gerrit/gerrit-v2.13.12.11.1707fec.war -O /var/gerrit/bin/gerrit.war

# Install plugins
RUN mkdir /var/gerrit/plugins && \
  wget https://tarballs.openstack.org/ci/gerrit/plugins/javamelody/javamelody-v2.13.3.e4233d6.jar -O /var/gerrit/plugins/javamelody.jar && \
  wget https://tarballs.openstack.org/ci/gerrit/plugins/its-storyboard/its-storyboard-805f9ac.jar -O /var/gerrit/plugins/its-storyboard.jar

# Force gerrit to use bouncycastle for security things.
# Also use the distro-provided mysql-connector.
RUN mkdir /var/gerrit/lib && \
  unzip -jo /var/gerrit/bin/gerrit.war WEB-INF/plugins/* -d /var/gerrit/plugins && \
  wget https://repo1.maven.org/maven2/org/bouncycastle/bcprov-jdk15on/1.52/bcprov-jdk15on-1.52.jar -O /var/gerrit/lib/bcprov-1.52.jar && \
  wget https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-jdk15on/1.52/bcpkix-jdk15on-1.52.jar -O /var/gerrit/lib/bcpkix-1.52.jar && \
  ln -s /usr/share/java/mysql-connector-java.jar /var/gerrit/lib/mysql-connector-java.jar

# Allow incoming traffic
EXPOSE 29418 8080

VOLUME /var/gerrit/git /var/gerrit/index /var/gerrit/cache /var/gerrit/db /var/gerrit/etc /var/log/gerrit /var/gerrit/tmp

RUN ln -s /var/log/gerrit /var/gerrit/logs

# container.javaOptions
# Also include container.heapLimit - but with -Xmx prefixing it
ENV JAVA_OPTIONS ""

# Ulimits should be set on command line or in docker-compose.yaml
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD /usr/local/openjdk-8/bin/java ${JAVA_OPTIONS} -jar /var/gerrit/bin/gerrit.war daemon -d /var/gerrit