FROM scratch AS base
ENV VERSION=27.1.2
ENV MOBY_COMMIT=f9522e5e96c3ab5a6b8a643d15a92700ca864da6
ENV CLI_COMMIT=d01f264bccd8bed2e3c038054a04b99533478ab8
ENV SRC_FILE=v${VERSION}.tar.gz
ENV SRC_SITE_CLI=https://github.com/docker/cli/archive/${SRC_FILE}
ENV SRC_HASH_CLI=e60fddb2bd2b4e19790d26b786c930e70fa935168373ef08055f74bbc450bce8
ENV SRC_SITE_MOBY=https://github.com/moby/moby/archive/${SRC_FILE}
ENV SRC_HASH_MOBY=8c9b5fa44f0272726484c925d4d05f0aa189053ed8be9b27447bc116df1e99c9

FROM base AS fetch
ADD --checksum=sha256:${SRC_HASH_MOBY} ${SRC_SITE_MOBY} moby-${SRC_FILE}
ADD --checksum=sha256:${SRC_HASH_CLI} ${SRC_SITE_CLI} cli-${SRC_FILE}

FROM fetch AS build
COPY --from=stagex/musl . /
COPY --from=stagex/bash . /
COPY --from=stagex/busybox . /
COPY --from=stagex/go . /
COPY --from=stagex/make . /
COPY --from=stagex/gcc . /
COPY --from=stagex/binutils . /
COPY --from=stagex/linux-headers . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/libseccomp . /
COPY --from=stagex/ca-certificates . /
RUN tar -xf moby-${SRC_FILE}
RUN tar -xf cli-${SRC_FILE}
ENV GO11MODULE=off
ENV CGO_ENABLED=1
ENV AUTO_GOPATH=1
ENV GITCOMMIT=${CLI_COMMIT}
ENV DOCKER_GITCOMMIT=${MOBY_COMMIT}
ENV DOCKER_BUILDTAGS=seccomp
ENV DISABLE_WARN_OUTSIDE_CONTAINER=1
ENV GOPROXY=https://proxy.golang.org,direct
ENV GOSUMDB=sum.golang.org
ENV GOPATH=/cache/go
ENV GOBIN=${GOPATH}/bin
ENV PATH=${GOBIN}:${PATH}
ENV SOURCE_DATE_EPOCH=1
ENV LDFLAGS="-w -s -buildid="
ENV GO_LDFLAGS=${LDFLAGS}
WORKDIR /moby-${VERSION}
RUN <<-EOF
    set -eux
    sed -i '98iLDFLAGS=${GO_LDFLAGS}' hack/make.sh
    hack/make.sh dynbinary
EOF
WORKDIR /cli-${VERSION}
RUN <<-EOF
    set -eux
    mkdir -p "$GOPATH"/src/github.com/docker/
    ln -sf /cli-${VERSION} "$GOPATH"/src/github.com/docker/cli
    make -j "$(nproc)" VERSION=${VERSION} dynbinary
    make manpages
EOF

FROM build AS install
WORKDIR /
RUN <<-EOF
    set -eux
	install -Dm644 cli-${VERSION}/contrib/completion/fish/docker.fish \
		/rootfs/usr/share/fish/vendor_completions.d/docker.fish

	install -Dm644 cli-${VERSION}/contrib/completion/zsh/_docker \
		/rootfs/usr/share/zsh/site-functions/_docker

	install -Dm644 cli-${VERSION}/contrib/completion/bash/docker \
		/rootfs/usr/share/bash-completion/completions/docker

	install -Dm644 cli-${VERSION}/man/man1/* \
		-t /rootfs/usr/share/man/man1/

	# 'build/docker' is a symlink to 'docker-linux-$arch' e.g. 'docker-linux-amd64'
	install -Dm755 cli-${VERSION}/build/docker \
		/rootfs/usr/bin/docker

	install -Dm755 -t /rootfs/usr/bin \
		moby-${VERSION}/bundles/dynbinary-daemon/dockerd \
		moby-${VERSION}/bundles/dynbinary-daemon/docker-proxy

	# symlink externally provided tini-static binary
	ln -sf /sbin/tini-static /rootfs/usr/bin/docker-init
EOF

FROM stagex/filesystem AS package
COPY --from=install /rootfs/. /