# =========================
# Stage 1: Builder
# =========================
FROM debian:trixie-slim@sha256:c85a2732e97694ea77237c61304b3bb410e0e961dd6ee945997a06c788c545bb AS builder

ENV DEBIAN_FRONTEND=noninteractive \
    LANG=C.UTF-8

# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
    curl \
    git \
    bash \
    openssh-client \
    ca-certificates \
    procps \
    iproute2 \
    netcat-traditional \
    unzip \
    iputils-ping \
    python3 \
    python3-venv \
    build-essential \
    zlib1g-dev \
    libffi-dev \
    libssl-dev \
    ruby-full \
    && rm -rf /var/lib/apt/lists/*

# Install Node.js 22
RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
    && apt-get install -y nodejs \
    && npm install -g npm \
    && rm -rf /var/lib/apt/lists/*

# Create Python virtual environment for Ansible
RUN python3 -m venv /opt/venv \
    && /opt/venv/bin/pip install --no-cache-dir --upgrade pip ansible

# =========================
# Stage 2: Final runtime image
# =========================
FROM debian:trixie-slim@sha256:c85a2732e97694ea77237c61304b3bb410e0e961dd6ee945997a06c788c545bb

ENV DEBIAN_FRONTEND=noninteractive \
    LANG=C.UTF-8 \
    PATH=/opt/venv/bin:$PATH

# Install runtime dependencies only
RUN apt-get update && apt-get install -y --no-install-recommends \
    bash \
    openssh-client \
    ca-certificates \
    iputils-ping \
    python3 \
    python3-venv \
    ruby-full \
    nodejs \
    git \
    && rm -rf /var/lib/apt/lists/*

# Copy built Python venv from builder
COPY --from=builder /opt/venv /opt/venv

# Set working directory
WORKDIR /workspace

# Default shell
SHELL ["/bin/bash", "-c"]