FROM debian:bookworm-slim

ARG DEBIAN_FRONTEND=noninteractive
ARG TERRAFORM_VERSION=1.8.5

RUN apt-get update && apt-get install -y --no-install-recommends \
    ca-certificates curl unzip git \
    make openssh-client \
    python3 python3-pip python3-venv \
    locales gnupg \
  && rm -rf /var/lib/apt/lists/*

# Генерируем UTF-8 локаль
RUN sed -i 's/^# *\(en_US.UTF-8 UTF-8\)/\1/' /etc/locale.gen \
  && locale-gen

ENV LANG=en_US.UTF-8 \
    LANGUAGE=en_US:en \
    LC_ALL=en_US.UTF-8

# --- Packer (через HashiCorp APT repo) ---
RUN set -eux; \
    curl -fsSL https://apt.releases.hashicorp.com/gpg | gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg; \
    codename="$(. /etc/os-release && echo "$VERSION_CODENAME")"; \
    echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com ${codename} main" > /etc/apt/sources.list.d/hashicorp.list; \
    apt-get update; \
    apt-get install -y --no-install-recommends packer; \
    rm -rf /var/lib/apt/lists/*; \
    packer version

# --- Ansible (в venv) ---
RUN python3 -m venv /opt/ansible \
  && /opt/ansible/bin/pip install --no-cache-dir --upgrade pip \
  && /opt/ansible/bin/pip install --no-cache-dir ansible \
  && ln -sf /opt/ansible/bin/ansible /usr/local/bin/ansible \
  && ln -sf /opt/ansible/bin/ansible-playbook /usr/local/bin/ansible-playbook \
  && ln -sf /opt/ansible/bin/ansible-galaxy /usr/local/bin/ansible-galaxy \
  && ansible --version

# --- Terraform ---
RUN set -eux; \
    arch="$(dpkg --print-architecture)"; \
    case "$arch" in \
      amd64) tf_arch="amd64" ;; \
      arm64) tf_arch="arm64" ;; \
      *) echo "Unsupported arch: $arch"; exit 1 ;; \
    esac; \
    curl -fsSL "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_${tf_arch}.zip" -o /tmp/terraform.zip; \
    unzip /tmp/terraform.zip -d /usr/local/bin; \
    rm -f /tmp/terraform.zip; \
    terraform version

WORKDIR /work