# =============================================================================
# pgpipe — minimal Docker image
# =============================================================================
# Pulls the published pgpipe binary from pghorizon.com and ships it inside a
# small Alpine image. No source code or Go toolchain required.
#
# Build (current host architecture):
#   docker build -t pgpipe:1.0.0 .
#
# Build a different version:
#   docker build --build-arg PGPIPE_VERSION=1.1.4 -t pgpipe:1.0.0 .
#
# Multi-arch build (amd64 + arm64) — requires buildx:
#   docker buildx build --platform linux/amd64,linux/arm64 -t pgpipe:1.0.0 .
#
# Run:
#   docker run --rm -p 8080:8080 \
#     -v "$(pwd)/pgpipe.yaml:/etc/pgpipe/pgpipe.yaml:ro" \
#     pgpipe:1.0.0
# =============================================================================

FROM alpine:3.20

ARG PGPIPE_VERSION=1.1.4
# TARGETARCH is set automatically by Docker buildx (amd64 / arm64 / arm / 386).
ARG TARGETARCH=amd64

LABEL org.opencontainers.image.title="pgpipe"
LABEL org.opencontainers.image.description="PostgreSQL CDC pipeline — 57% faster than native logical replication"
LABEL org.opencontainers.image.url="https://www.pghorizon.com/pgpipe/"
LABEL org.opencontainers.image.source="https://www.pghorizon.com/downloads/pgpipe/"
LABEL org.opencontainers.image.vendor="PG Horizon Limited"
LABEL org.opencontainers.image.licenses="Proprietary (free for v1)"

RUN apk add --no-cache ca-certificates tzdata curl \
 && curl -fsSL "https://www.pghorizon.com/downloads/pgpipe/v${PGPIPE_VERSION}/pgpipe-linux-${TARGETARCH}" \
        -o /usr/local/bin/pgpipe \
 && curl -fsSL "https://www.pghorizon.com/downloads/pgpipe/v${PGPIPE_VERSION}/checksums.txt" \
        -o /tmp/checksums.txt \
 && (cd /usr/local/bin && \
     grep "pgpipe-linux-${TARGETARCH}\$" /tmp/checksums.txt | \
     awk -v f=pgpipe '{print $1"  "f}' | sha256sum -c -) \
 && rm /tmp/checksums.txt \
 && chmod +x /usr/local/bin/pgpipe \
 && apk del curl \
 && mkdir -p /etc/pgpipe /var/lib/pgpipe \
 && addgroup -S pgpipe \
 && adduser  -S -G pgpipe -h /var/lib/pgpipe pgpipe \
 && chown -R pgpipe:pgpipe /etc/pgpipe /var/lib/pgpipe

# Bound Go heap growth so GC runs under memory pressure rather than
# only when the live heap doubles. Override at run time if you have a
# larger host: docker run -e GOMEMLIMIT=6GiB ...
ENV GOMEMLIMIT=2GiB

USER pgpipe
WORKDIR /var/lib/pgpipe

EXPOSE 8080

# Healthcheck against the dashboard
HEALTHCHECK --interval=30s --timeout=5s --start-period=15s --retries=3 \
  CMD wget -qO- http://127.0.0.1:8080/health >/dev/null 2>&1 || exit 1

ENTRYPOINT ["pgpipe"]
CMD ["start", "-c", "/etc/pgpipe/pgpipe.yaml"]