FROM golang:1.26-alpine AS build

WORKDIR /src
COPY go.mod go.sum ./
RUN go mod download

COPY cmd/    ./cmd/
COPY pkg/    ./pkg/

# Tests run inside the build container — Gitea/act DinD makes mount-based
# `docker run -v $PWD:/src` unreliable for native go test from the runner job.
RUN go test -count=1 ./...

ARG GIT_SHA=unknown
RUN CGO_ENABLED=0 go build -trimpath \
        -ldflags="-s -w -X main.gitSHA=${GIT_SHA}" \
        -o /out/flock ./cmd/flock \
 && CGO_ENABLED=0 go build -trimpath \
        -ldflags="-s -w -X main.gitSHA=${GIT_SHA}" \
        -o /out/flock-agent ./cmd/flock-agent

FROM alpine:3.21
RUN apk add --no-cache iproute2 ca-certificates
COPY --from=build /out/flock        /usr/local/bin/flock
COPY --from=build /out/flock-agent  /usr/local/bin/flock-agent
ENTRYPOINT ["/usr/local/bin/flock-agent"]
