# 使用 Debian 12 (bookworm-slim) 作为基础镜像
FROM debian:bookworm-slim

# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
      version="1.0" \
      description="基于Debian的Python 3.9.13运行环境" \
      python.version="3.9.13"

# 设置环境变量
ENV PYTHON_VERSION=3.9.13 \
    PYTHON_HOME=/usr/local/python3.9.13 \
    TZ=Asia/Shanghai \
    LANG=en_US.UTF-8 \
    DEBIAN_FRONTEND=noninteractive

# 设置工作目录
WORKDIR /tmp

# 第一步：安装编译工具和系统依赖
RUN set -eux; \
    \
    # 配置阿里云Debian镜像源
    echo "deb http://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware" > /etc/apt/sources.list; \
    echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware" >> /etc/apt/sources.list; \
    echo "deb http://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware" >> /etc/apt/sources.list; \
    echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main non-free non-free-firmware" >> /etc/apt/sources.list; \
    \
    # 更新软件包列表并安装必要的开发工具
    apt-get update && \
    apt-get install -y --no-install-recommends \
        build-essential \
        libssl-dev \
        libbz2-dev \
        libffi-dev \
        zlib1g-dev \
        libreadline-dev \
        libsqlite3-dev \
        liblzma-dev \
        libncursesw5-dev \
        # 系统工具
        curl \
        wget \
        tar \
        xz-utils \
        gzip \
        git \
        locales \
        tzdata \
        make \
        gcc \
        g++ \
        && \
    \
    # 清理缓存以减少镜像大小
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*; \
    \
    # 配置时区
    ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
    echo $TZ > /etc/timezone; \
    \
    # 设置语言环境
    echo "en_US.UTF-8 UTF-8" > /etc/locale.gen; \
    locale-gen; \
    update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8;

# 第二步：验证编译器安装
RUN set -eux; \
    \
    # 检查编译器是否安装成功
    echo "=== 检查编译工具 ==="; \
    make --version; \
    gcc --version; \
    g++ --version;

# 添加Python安装包（确保Python-3.9.13.tar.xz在构建上下文）
ADD Python-3.9.13.tar.xz /tmp/

# 第三步：编译和安装Python
RUN set -eux; \
    \
    # 进入解压后的Python目录
    cd /tmp/Python-3.9.13 && \
    \
    # 配置编译选项
    ./configure \
        --prefix=${PYTHON_HOME} \
        --enable-optimizations \
        --enable-shared \
        --with-system-ffi \
        --with-ensurepip=install \
        --enable-loadable-sqlite-extensions \
        && \
    \
    # 编译和安装
    make -j$(nproc) && \
    make install && \
    \
    # 创建软链接
    ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/local/bin/python3 && \
    ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/local/bin/python && \
    ln -sf ${PYTHON_HOME}/bin/pip3 /usr/local/bin/pip && \
    \
    # 配置动态链接库路径
    echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \
    ldconfig && \
    \
    # 清理编译文件和源码
    cd /tmp && \
    rm -rf /tmp/Python-3.9.13;

# 设置全局PATH环境变量
ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

# 第四步：验证Python安装
RUN set -eux; \
    \
    # 检查Python版本
    echo "=== Python版本 ==="; \
    python3 --version; \
    python --version; \
    \
    # 检查pip版本
    echo "=== Pip版本 ==="; \
    pip --version;

# 第五步：升级pip和安装常用工具
RUN set -eux; \
    \
    # 升级pip
    pip install --upgrade pip setuptools wheel && \
    \
    # 安装常用Python工具
    pip install virtualenv;

# 设置工作目录（Python项目目录）
WORKDIR /opt/apps

# 创建非root用户用于运行Python应用
RUN set -eux; \
    \
    # 创建用户和组
    groupadd -r esxi && \
    useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
    \
    # 安装bash（Debian slim可能不包含）
    apt-get update && \
    apt-get install -y --no-install-recommends bash && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*; \
    \
    # 设置目录权限
    chown -R esxi:esxi /opt/apps && \
    chown -R esxi:esxi ${PYTHON_HOME};

# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
  CMD python3 --version > /dev/null 2>&1 || exit 1

# 设置默认启动命令
CMD ["python3", "--version"]