FROM python:3.12-slim-bookworm AS builder
RUN set -x; \
  apt-get update \
  && apt-get install --yes --no-install-recommends \
    build-essential \
    curl \
    git \
    libldap2-dev \
    libpq-dev \
    libsasl2-dev \
  && pip install wheel \
  && pip wheel --wheel-dir=/svc/wheels --requirement https://raw.githubusercontent.com/oca/OCB/17.0/requirements.txt \
  # astor required by base_view_inheritance_extension
  # openupgradelib required for OCA module migration from one version to another
  # phonenumbers required by phone_validation
  # python-stdnum>=1.18 required by l10n_fr_siret and l10n_fr_siret_lookup
  # zxcvbn required by password_security
  pip wheel --wheel-dir=/svc/wheels \
    'astor' \
    'git+https://github.com/OCA/openupgradelib.git@master' \
    'git+https://github.com/odoo/upgrade-util@master' \
    'odfpy' \
    'openpyxl' \
    'phonenumbers==8.13.40' \
    'zxcvbn==4.4.28'


FROM python:3.12-slim-bookworm AS final
ENV LANG=C.UTF-8 \
    LC_ALL=C.UTF-8 \
    PGDATABASE=odoo

RUN set -x; \
  apt-get update \
  && apt-get install --yes --no-install-recommends \
    curl \
    git \
    gnupg \
    openssh-client \
    wkhtmltopdf \
    xmlsec1 \
  && echo 'deb http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main' >> /etc/apt/sources.list.d/postgresql.list \
  && curl -SL https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
  && curl -o wkhtmltox.deb -SL https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6.1-3/wkhtmltox_0.12.6.1-3.bookworm_amd64.deb \
  && echo 'e9f95436298c77cc9406bd4bbd242f4771d0a4b2 wkhtmltox.deb' | sha1sum -c - \
  && apt-get update \
  && apt-get install --yes --no-install-recommends ./wkhtmltox.deb \
  && apt-get install --yes --no-install-recommends postgresql-client \
  && apt-get -y autoremove \
  && rm -rf /var/lib/apt/lists/* wkhtmltox.deb

COPY --from=builder /svc /svc
RUN pip3 install --no-index --find-links=/svc/wheels --requirement https://raw.githubusercontent.com/oca/OCB/17.0/requirements.txt \
  && pip3 install --no-index --upgrade --find-links=/svc/wheels \
    'astor' \
    'openupgradelib' \
    'odoo_upgrade' \
    'odfpy' \
    'openpyxl' \
    'phonenumbers' \
    'zxcvbn'

ARG SAVE_COMMITS_DIR='/opt/odoo_commits/'
ENV SAVE_COMMITS_DIR=$SAVE_COMMITS_DIR

# Add Git Known Hosts
COPY ./ssh_known_git_hosts /root/.ssh/known_hosts

# Install Odoo and remove not French translations and .git directory to limit amount of data used by container
ARG SAVE_COMMITS_FILENAME='ocb'
RUN set -x; \
  repo='https://github.com/OCA/OCB' \
  branch='17.0' \
  && useradd --create-home --home-dir /opt/odoo --no-log-init odoo \
  && /bin/bash -c "mkdir -p /opt/odoo/{etc,odoo,additional_addons,private_addons,data,private}" \
  && mkdir /opt/odoo_commits \
  && git clone --single-branch --branch "${branch}" --depth 1 "${repo}" /tmp/repo \
    && commit="$(git -C /tmp/repo rev-parse HEAD)" \
    && mv /tmp/repo/* /opt/odoo/odoo/ \
    && echo "repo;ref;commit" > $SAVE_COMMITS_DIR/$SAVE_COMMITS_FILENAME \
    && echo "${repo};${branch};${commit}" >> $SAVE_COMMITS_DIR/$SAVE_COMMITS_FILENAME \
  && rm -r /tmp/repo \
  # Only keep French translations.
  && find /opt/odoo/odoo/addons/*/i18n/ /opt/odoo/odoo/odoo/addons/base/i18n/ -type f -not -name 'fr.po' -delete \
  && echo "info: OCB commit:" \
  && cat $SAVE_COMMITS_DIR/$SAVE_COMMITS_FILENAME

# Add script to download Odoo addons.
COPY --chown=root:root --chmod=755 ./get_addons /usr/local/bin

# Install Odoo OCA default dependencies - Commented modules do not exist yet
ARG SAVE_COMMITS_FILENAME='default_addons'
RUN set -x; \
  get_addons 'https://github.com/OCA/account-financial-tools' '17.0' 'additional_addons' \
    account_lock_date_update \
    account_move_name_sequence \
    account_usability \
  # https://github.com/OCA/account-invoicing/pull/1713
  # && get_addons 'https://github.com/OCA/account-invoicing' '17.0' 'additional_addons' \
  #   sale_timesheet_invoice_description \
  && get_addons 'https://github.com/OCA/account-reconcile' '17.0' 'additional_addons' \
    account_statement_base \
    account_reconcile_model_oca \
    account_reconcile_oca \
  && get_addons 'https://github.com/OCA/bank-statement-import' '17.0' 'additional_addons' \
    account_statement_import_base \
    account_statement_import_file \
    account_statement_import_file_reconcile_oca \
    account_statement_import_ofx \
  && get_addons 'https://github.com/OCA/crm' '17.0' 'additional_addons' \
    crm_stage_probability \
  && get_addons 'https://github.com/OCA/l10n-france' '17.0' 'additional_addons' \
    l10n_fr_siret \
    # l10n_fr_siret_lookup \
  && get_addons 'https://github.com/David-Luis-Mora/l10n-france' '17.0-mig-l10n_fr_siret_lookup' 'additional_addons' \
    l10n_fr_siret_lookup \
  && get_addons 'https://github.com/OCA/partner-contact' '17.0' 'additional_addons' \
    partner_disable_gravatar \
    partner_firstname \
  && get_addons 'https://github.com/OCA/project' '17.0' 'additional_addons' \
    project_task_default_stage \
  && get_addons 'https://github.com/OCA/server-brand' '17.0' 'additional_addons' \
    disable_odoo_online \
    portal_odoo_debranding \
    remove_odoo_enterprise \
  && get_addons 'https://github.com/OCA/server-tools' '17.0' 'additional_addons' \
    base_view_inheritance_extension \
    module_change_auto_install \
  && get_addons 'https://github.com/OCA/server-ux' '17.0' 'additional_addons' \
    server_action_mass_edit \
  && get_addons 'https://github.com/OCA/social' '17.0' 'additional_addons' \
    mail_debrand \
    mail_tracking \
  && get_addons 'https://github.com/OCA/web' '17.0' 'additional_addons' \
    web_environment_ribbon \
    web_refresher \
    web_responsive \
    web_no_bubble \
    web_theme_classic \
  && find /opt/odoo/additional_addons/*/i18n/ -type f -not -name 'fr.po' -delete \
  # Install Le Filament default addons.
  && get_addons 'https://sources.le-filament.com/lefilament/remove_login_links.git' '17.0' 'private_addons/remove_login_links' \
  && get_addons 'https://sources.le-filament.com/lefilament/lefilament_release_agent.git' '17.0' 'private_addons/lefilament_release_agent' \
  && echo "info: default addon commits:" \
  && cat $SAVE_COMMITS_DIR/$SAVE_COMMITS_FILENAME

# Copy entrypoint script and Odoo configuration file
COPY ./entrypoint.sh /
COPY ./odoo.conf /opt/odoo/etc/odoo.conf
RUN chown --recursive odoo:odoo /opt/odoo

# Mount /opt/odoo/data to allow restoring filestore
VOLUME ["/opt/odoo/data/"]

# Expose Odoo services
EXPOSE 8069

# Set default user when running the container
USER odoo

# Start
ENTRYPOINT ["/entrypoint.sh"]
CMD ["odoo"]

# Metadata
LABEL org.label-schema.schema-version="17.0" \
      org.label-schema.vendor=LeFilament \
      org.label-schema.license=Apache-2.0 \
      org.label-schema.vcs-url="https://sources.le-filament.com/lefilament/odoo_docker"