# syntax=docker.io/docker/dockerfile:1.7-labs
FROM --platform=${TARGETPLATFORM} ubuntu:24.04 AS base-avx512

ENV PATH="${PATH}:/root/.cargo/bin/"

ARG TARGETOS
ARG TARGETARCH

# Install GMP 6.2 (6.3 which MacOS is using only available on Debian unstable)
RUN apt-get update && apt-get install -y \
    build-essential \
    curl \
    git \
    cmake \
    libgmp-dev \
    libmpfr-dev \
    libmpfr6 \
    wget \
    m4 \
    pkg-config \
    gcc \
    g++ \
    make \
    autoconf \
    automake \
    libtool \
    libssl-dev \
    python3 \
    python-is-python3 \
    && rm -rf /var/lib/apt/lists/*

ARG GO_VERSION=1.23.5
RUN apt update && apt install -y wget && \
    ARCH=$(dpkg --print-architecture) && \
    case ${ARCH} in \
        amd64) GOARCH=amd64 ;; \
        arm64) GOARCH=arm64 ;; \
        *) echo "Unsupported architecture: ${ARCH}" && exit 1 ;; \
    esac && \
    wget https://go.dev/dl/go${GO_VERSION}.linux-${GOARCH}.tar.gz && \
    rm -rf /usr/local/go && \
    tar -C /usr/local -xzf go${GO_VERSION}.linux-${GOARCH}.tar.gz && \
    rm go${GO_VERSION}.linux-${GOARCH}.tar.gz

ENV PATH=$PATH:/usr/local/go/bin

# Build FLINT from source with AVX-512
RUN git clone https://github.com/flintlib/flint.git && \
    cd flint && \
    git checkout flint-3.0 && \
    ./bootstrap.sh && \
    ./configure \
        --prefix=/usr/local \
        --with-gmp=/usr/local \
        --with-mpfr=/usr/local \
	      --enable-avx512 \
        --enable-static \
        --disable-shared \
        CFLAGS="-march=skylake-avx512 -mtune=skylake-avx512 -O3" && \
    make -j$(nproc) && \
    make install && \
    cd .. && \
    rm -rf flint

COPY docker/rustup-init.sh /opt/rustup-init.sh

RUN /opt/rustup-init.sh -y --profile minimal

# Install uniffi-bindgen-go
RUN cargo install uniffi-bindgen-go --git https://github.com/NordSecurity/uniffi-bindgen-go --tag v0.4.0+v0.28.3

# -----------------------------------------------------------------------------
# Stage: gen-avx512
# Purpose: Build EMP and generate Rust bindings. Only Rust/gen sources are
#          copied here so that Go source changes don't bust the cache.
# -----------------------------------------------------------------------------
FROM base-avx512 AS gen-avx512

ENV GOEXPERIMENT=arenas
ENV QUILIBRIUM_SIGNATURE_CHECK=false

# Install grpcurl before building the node and client
# as to avoid needing to redo it on rebuilds
RUN go install github.com/fullstorydev/grpcurl/cmd/grpcurl@latest

WORKDIR /opt/ceremonyclient

# Rust workspace files (rarely change)
COPY Cargo.toml Cargo.lock ./

# Rust crate sources (needed by cargo build in generate.sh)
COPY crates crates

# EMP toolkit sources
COPY install-emp.sh .
COPY emp-tool emp-tool
COPY emp-ot emp-ot

# Gen-* module directories (Go wrappers + generate.sh scripts)
COPY channel channel
COPY vdf vdf
COPY ferret ferret
COPY bls48581 bls48581
COPY rpm rpm
COPY verenc verenc
COPY bulletproofs bulletproofs

# go.mod/go.sum stubs for replace directive targets across all gen-* modules.
# Only module metadata is needed for go mod download; full Go source is deferred
# to build-avx512 so that source changes don't bust gen stage caches.
COPY nekryptology/go.mod nekryptology/go.sum nekryptology/
COPY protobufs/go.mod protobufs/go.sum protobufs/
COPY consensus/go.mod consensus/go.sum consensus/
COPY types/go.mod types/go.sum types/
COPY utils/go.mod utils/go.sum utils/
COPY config/go.mod config/go.sum config/
COPY lifecycle/go.mod lifecycle/go.sum lifecycle/
COPY go-multiaddr/go.mod go-multiaddr/go.sum go-multiaddr/
COPY go-multiaddr-dns/go.mod go-multiaddr-dns/go.sum go-multiaddr-dns/
COPY go-libp2p/go.mod go-libp2p/go.sum go-libp2p/
COPY go-libp2p-kad-dht/go.mod go-libp2p-kad-dht/go.sum go-libp2p-kad-dht/
COPY go-libp2p-blossomsub/go.mod go-libp2p-blossomsub/go.sum go-libp2p-blossomsub/

RUN bash install-emp.sh

ENV CFLAGS="-march=skylake-avx512 -mtune=skylake-avx512"
RUN cd emp-tool && sed -i 's/add_library(${NAME} SHARED ${sources})/add_library(${NAME} STATIC ${sources})/g' CMakeLists.txt && mkdir build && cd build && cmake .. -DCMAKE_INSTALL_PREFIX=/usr/local && cd .. && make && make install && cd ..

RUN cd emp-ot && mkdir build && cd build && cmake .. -DCMAKE_INSTALL_PREFIX=/usr/local && cd .. && make && make install && cd ..

## Generate Rust bindings for channel
WORKDIR /opt/ceremonyclient/channel

RUN go mod download

RUN ./generate.sh


## Generate Rust bindings for VDF
WORKDIR /opt/ceremonyclient/vdf

RUN go mod download

RUN ./generate.sh

## Generate Rust bindings for Ferret
WORKDIR /opt/ceremonyclient/ferret

RUN go mod download

RUN ./generate.sh

## Generate Rust bindings for BLS48581
WORKDIR /opt/ceremonyclient/bls48581

RUN go mod download

RUN ./generate.sh

## Generate Rust bindings for RPM
WORKDIR /opt/ceremonyclient/rpm

RUN go mod download

RUN ./generate.sh

## Generate Rust bindings for VerEnc
WORKDIR /opt/ceremonyclient/verenc

RUN go mod download

RUN ./generate.sh

## Generate Rust bindings for Bulletproofs
WORKDIR /opt/ceremonyclient/bulletproofs

RUN go mod download

RUN ./generate.sh

# -----------------------------------------------------------------------------
# Stage: build-avx512
# Purpose: Add full source tree for Go builds. Changes here only bust
#          build cache, not the expensive gen stage above.
# -----------------------------------------------------------------------------
FROM gen-avx512 AS build-avx512

WORKDIR /opt/ceremonyclient

# Copy full source tree for Go builds
COPY --exclude=node \
    --exclude=client \
    --exclude=sidecar . .

FROM build-avx512 AS build-node-avx512

# Build and install the node
COPY ./node /opt/ceremonyclient/node
WORKDIR /opt/ceremonyclient/node

RUN ./build.sh && cp node /usr/bin

FROM build-avx512 AS build-qclient-avx512
ARG TARGETOS
ARG TARGETARCH
# Build and install qclient
COPY ./node /opt/ceremonyclient/node

WORKDIR /opt/ceremonyclient/node

RUN go mod download

COPY ./client /opt/ceremonyclient/client
WORKDIR /opt/ceremonyclient/client

RUN go mod download

ARG BINARIES_DIR=/opt/ceremonyclient/target/release
RUN GOOS=${TARGETOS} GOARCH=${TARGETARCH} ./build.sh -o qclient
RUN cp qclient /usr/bin

# Allows exporting single binary
FROM scratch AS node
COPY --from=build-node-avx512 /usr/bin/node /node
ENTRYPOINT [ "/node" ]

# Allows exporting single binary
FROM scratch AS qclient-unix
COPY --from=build-qclient-avx512 /usr/bin/qclient /qclient
ENTRYPOINT [ "/qclient" ]

FROM qclient-unix AS qclient-linux
FROM qclient-unix AS qclient-darwin
FROM qclient-${TARGETOS} AS qclient

FROM ubuntu:24.04

RUN apt-get update && apt-get install libflint-dev -y

ARG NODE_VERSION
ARG GIT_REPO
ARG GIT_BRANCH
ARG GIT_COMMIT

ENV GOEXPERIMENT=arenas

LABEL org.opencontainers.image.title="Quilibrium Network Node"
LABEL org.opencontainers.image.description="Quilibrium is a decentralized alternative to platform as a service providers."
LABEL org.opencontainers.image.version=$NODE_VERSION
LABEL org.opencontainers.image.vendor=Quilibrium
LABEL org.opencontainers.image.url=https://quilibrium.com/
LABEL org.opencontainers.image.documentation=https://quilibrium.com/docs
LABEL org.opencontainers.image.source=$GIT_REPO
LABEL org.opencontainers.image.ref.name=$GIT_BRANCH
LABEL org.opencontainers.image.revision=$GIT_COMMIT

RUN apt-get update && apt-get install -y ca-certificates

COPY --from=build-node-avx512 /usr/bin/node /usr/local/bin
COPY --from=build-qclient-avx512 /opt/ceremonyclient/client/qclient /usr/local/bin

WORKDIR /root

ENTRYPOINT ["node"]