FROM rust:1.85-bookworm AS builder

WORKDIR /usr/src/vault-hier
COPY Cargo.toml .
COPY src src

# Create a dummy main.rs to build dependencies
RUN mkdir -p .cargo && \
    cargo build --release && \
    rm -rf src target/release/deps/vault_hier*

# Build the actual application
COPY . .
RUN cargo build --release

FROM debian:bookworm-slim

RUN apt-get update && apt-get install -y \
    ca-certificates \
    curl \
    gnupg \
    lsb-release \
    wget \
    && rm -rf /var/lib/apt/lists/*

# Install Vault
RUN wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
RUN echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/hashicorp.list
RUN apt-get update && apt-get install -y vault

WORKDIR /usr/local/bin

COPY --from=builder /usr/src/vault-hier/target/release/vault-hier .

# Set the entrypoint to directly run the Rust binary with the server command by default
ENTRYPOINT ["/usr/local/bin/vault-hier"]
CMD ["server"]