# Single version tag to maintain for reproducible builds.
# This multi-arch index digest resolves to the correct arch-specific image at build time.
# To update: run `docker manifest inspect rust:X.Y-bullseye --verbose` and replace the digest below.
# rust:1.88-bullseye
ARG RUST_IMAGE="rust:1.88-bullseye@sha256:60c95b78b164bc809090509235ab00797a07740fe8733b48593cd42de72b5ee1"
FROM ${RUST_IMAGE} AS builder

# Install specific version of the build dependencies
RUN apt-get update && apt-get install -y libclang-dev=1:11.0-51+nmu5 cmake=3.18.4-2+deb11u1 libjemalloc-dev=5.2.1-3

ARG RUST_TARGET="x86_64-unknown-linux-gnu"

# Copy the project to the container
COPY ./ /app
WORKDIR /app

# Build the project with the reproducible settings
RUN make build-reproducible

# Move the binary to a standard location
RUN mv /app/target/${RUST_TARGET}/release/lighthouse /lighthouse

# Create a minimal final image with just the binary
FROM gcr.io/distroless/cc-debian12:nonroot-6755e21ccd99ddead6edc8106ba03888cbeed41a
COPY --from=builder /lighthouse /lighthouse

ENTRYPOINT [ "/lighthouse" ]