# This Dockerfile is a minimal example for a Ubuntu 22.04 test suite target container.
FROM ubuntu:22.04

ENV AUTH_KEYS=/root/.ssh/authorized_keys

ARG CLIENT_PUBLIC_KEY
ARG ADDITIONAL_PACKAGES
ARG DEBIAN_FRONTEND=noninteractive

# Install Python so Ansible remediations can work
# Don't clean all, as the test scenario may require package install.
RUN true \
        && apt update \
	&& apt install -y cmake g++ libacl1-dev libblkid-dev libbz2-dev libcap-dev libcurl4-openssl-dev libdbus-1-dev libdbus-glib-1-dev \
        libgconf2-dev libgcrypt20-dev libldap2-dev libpcre2-dev libperl-dev librpm-dev libselinux1-dev libxml2-dev libxml-parser-perl \
        libxmlsec1-dev libxmlsec1-openssl libxml-xpath-perl libxslt1-dev libyaml-dev openssh-server python3-dev python3-apt swig wget \
	   $ADDITIONAL_PACKAGES \
        && true

RUN true \
        && wget https://github.com/OpenSCAP/openscap/releases/download/1.3.10/openscap-1.3.10.tar.gz \
        && tar xf openscap-1.3.10.tar.gz && cd openscap-1.3.10 \
        && cmake -Bbuild -DCMAKE_INSTALL_PREFIX=/usr . \
        && cmake --build build --target install

RUN true \
        && ssh-keygen -A \
        && mkdir -p /root/.ssh \
        && printf "%s\n" "$CLIENT_PUBLIC_KEY" >> "$AUTH_KEYS" \
        && chmod og-rw /root/.ssh "$AUTH_KEYS" \
        && sed -i '/session\s\+required\s\+pam_loginuid.so/d' /etc/pam.d/sshd \
        && echo CPE_NAME="cpe:/o:canonical:ubuntu_linux:22.04" >> /etc/os-release \
&& true

RUN mkdir /run/sshd
CMD ["/usr/sbin/sshd", "-D"]
