FROM golang:alpine AS builder

COPY cacert-gosigner /src/

RUN set -ex ; \
    cd /src/cmd/signer ; \
    CGO_ENABLED=0 go build .

# need to use Debian because we need xdelta 1.x to support signer protocol
# version 1
FROM debian:buster-slim

RUN apt-get update \
    && DEBIAN_FRONTEND=noninteractive \
    apt-get install -y --no-install-recommends \
    socat \
    xdelta \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

COPY --from=builder /src/cmd/signer/signer /app/

COPY docker/run-gosigner usr/local/bin/
COPY docker/signer-config/* /srv/caconfig/
COPY testca /srv/testca/

VOLUME /srv/ca

ENTRYPOINT []
CMD ["/usr/local/bin/run-gosigner"]