FROM scratch AS base
ENV VERSION=1.8.10
ENV SRC_FILE=iptables-${VERSION}.tar.xz
ENV SRC_SITE=https://netfilter.org/projects/iptables/files/${SRC_FILE}
ENV SRC_HASH=5cc255c189356e317d070755ce9371eb63a1b783c34498fb8c30264f3cc59c9c

FROM base AS fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .

FROM fetch AS build
COPY --from=stagex/busybox . /
COPY --from=stagex/gcc . /
COPY --from=stagex/binutils . /
COPY --from=stagex/make . /
COPY --from=stagex/musl . /
COPY --from=stagex/perl . /
COPY --from=stagex/libtool . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/autoconf . /
COPY --from=stagex/automake . /
COPY --from=stagex/m4 . /
COPY --from=stagex/linux-headers . /
COPY --from=stagex/libnftnl . /
COPY --from=stagex/libmnl . /
RUN tar -xf ${SRC_FILE}
WORKDIR /iptables-${VERSION}
RUN --network=none <<-EOF
	set -eux
	/usr/bin/autoreconf -vif
	./configure \
        --build=x86_64-linux-musl \
        --host=x86_64-linux-musl \
		--prefix=/usr \
		--mandir=/usr/share/man \
		--sysconfdir=/etc \
		--sbindir=/usr/sbin \
        --without-kernel \
        --enable-devel \
        --enable-libipq \
        --enable-shared
	make -j "$(nproc)"
EOF

FROM build AS install
RUN <<-EOF
	set -eux
    make install DESTDIR=/rootfs
EOF

FROM stagex/filesystem AS package
COPY --from=install /rootfs/. /