.PHONY: build-image build sign clean veryclean keyfile

# If you run:
#   docker run --rm --name squid adricu/alpine-squid
# and set DOCKER_SQUID_CONTAINER=squid
# then you can avoid repeated downloads of a lot of alpine packages.
#
DOCKER_SQUID_CONTAINER?=squid
ifeq ($(DOCKER_SQUID_CONTAINER),)
DOCKER_SQUID_OPTS=
else
DOCKER_SQUID_OPTS=--link $(DOCKER_SQUID_CONTAINER):squid -e http_proxy=http://squid:3128/
HTTP_PROXY=http://$(shell docker inspect squid | preserves-tool convert -o unquoted --select '/ . "NetworkSettings" . "IPAddress"'):3128/
endif

ARCH?=aarch64
DOCKER_ARCH=$(shell ./map_docker_arch.sh $(ARCH))
KEYFILE?=$(CURDIR)/synit-apk-key
UID:=$(shell id -u)
GID:=$(shell id -g)
BUILD_USER?=build

DOCKER_CMD=\
	mkdir -p $(CURDIR)/distfiles && \
	docker run --platform linux/$(DOCKER_ARCH) -it --rm \
		$(DOCKER_SQUID_OPTS) \
		-v `pwd`:/data \
		-v $(KEYFILE):/home/$(BUILD_USER)/.abuild/signing-key.rsa \
		-v $(CURDIR)/distfiles:/var/cache/distfiles \
		synit-build:$(ARCH)

build: build-image
	$(DOCKER_CMD) make -f Makefile.internal build

sign: build-image
	$(DOCKER_CMD) make -f Makefile.internalsign

%.apk:

clean:
	rm -f .build-image.*
	-docker rmi synit-build:aarch64
	-docker rmi synit-build:x86_64
	-docker rmi synit-build:armv7

veryclean: clean
	rm -rf target

build-image: .build-image.$(ARCH)

.build-image.$(ARCH): $(KEYFILE)
	docker buildx build \
		--platform=linux/$(DOCKER_ARCH) \
		--build-arg http_proxy=$(HTTP_PROXY) \
		--build-arg DOCKER_ARCH=$(DOCKER_ARCH) \
		--build-arg KEYFILE=$(KEYFILE:$(abspath $(dir $(KEYFILE)))/%=%) \
		--build-arg UID=$(UID) \
		--build-arg BUILD_USER=$(BUILD_USER) \
		-t synit-build:$(ARCH) .
	touch $@

keyfile: $(KEYFILE)

$(KEYFILE):
	docker run -it --rm \
		-v $(abspath $(dir $(KEYFILE))):/data \
		alpine \
		sh -c "apk add abuild && echo /data/$(notdir $(KEYFILE)) | abuild-keygen && chown $(UID):$(GID) /data/$(notdir $(KEYFILE))*"