FROM ubuntu:24.04

# Prevent interactive prompts during package installation
ENV DEBIAN_FRONTEND=noninteractive
ENV APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn

# Update package lists and install basic tools
RUN apt-get update && apt-get install -y --no-install-recommends \
    curl \
    wget \
    git \
    unzip \
    ca-certificates \
    gnupg \
    lsb-release \
    xz-utils \
    && rm -rf /var/lib/apt/lists/*

# Create a non-root user for running tools
RUN groupadd -r qadocker && useradd -r -g qadocker -m -s /bin/bash qadocker

# Install Hadolint for Dockerfile linting
RUN curl -sL https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint \
    && chmod 755 /usr/local/bin/hadolint

# Install ShellCheck for shell script linting
RUN curl -sL https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.x86_64.tar.xz -o /tmp/shellcheck.tar.xz \
    && tar -xJf /tmp/shellcheck.tar.xz -C /tmp \
    && cp /tmp/shellcheck-*/shellcheck /usr/local/bin/ \
    && rm -rf /tmp/shellcheck*

# Install Docker client
RUN curl -sL https://download.docker.com/linux/static/stable/x86_64/docker-24.0.7.tgz -o /tmp/docker.tgz \
    && tar -xzf /tmp/docker.tgz -C /tmp \
    && cp /tmp/docker/* /usr/local/bin/ \
    && rm -rf /tmp/docker*

# Install Dive for Docker image analysis
RUN curl -sL https://github.com/wagoodman/dive/releases/download/v0.11.0/dive_0.11.0_linux_amd64.deb -o /tmp/dive.deb \
    && apt-get update && apt-get install -y --no-install-recommends /tmp/dive.deb \
    && rm /tmp/dive.deb

# Install additional auditing tools
RUN curl -sL https://github.com/aquasecurity/trivy/releases/download/v0.67.2/trivy_0.67.2_Linux-64bit.tar.gz -o /tmp/trivy.tar.gz \
    && tar -xzf /tmp/trivy.tar.gz -C /tmp \
    && cp /tmp/trivy /usr/local/bin/trivy \
    && rm -rf /tmp/trivy*

# Install Dockerfile optimization and analysis tools
RUN curl -sL https://github.com/moby/buildkit/releases/download/v0.11.0/buildkit-v0.11.0.linux-amd64.tar.gz -o /tmp/buildkit.tar.gz \
    && tar -xzf /tmp/buildkit.tar.gz -C /tmp \
    && find /tmp -name buildctl -exec cp {} /usr/local/bin/ \; \
    && find /tmp -name buildkitd -exec cp {} /usr/local/bin/ \; \
    && rm -rf /tmp/buildkit*

# Install Node.js to run additional linting tools
RUN curl -sL https://deb.nodesource.com/setup_18.x | bash - && \
    apt-get update && apt-get install -y --no-install-recommends nodejs && \
    rm -rf /var/lib/apt/lists/*

# Install dockerlint for additional Dockerfile checking
RUN npm install -g dockerlint

# Set working directory
WORKDIR /workspace

# Change ownership of workspace directory to qadocker user
RUN chown -R qadocker:qadocker /workspace

# Switch to non-root user
USER qadocker

# Set default command
CMD ["/bin/bash"]