variable "registry" {
  default = "repo.nstart.local"
}

variable "base_repo" {
  default = "repo.nstart.local/library/"
}

function "oci_labels" {
  params = [name, version]
  result = {
    "org.opencontainers.image.version"     = version,
    "org.opencontainers.image.vendor"      = "New Start",
    "org.opencontainers.image.authors"     = "Sychev Nikita <Sychev.NA@nstart.space>",
    "org.opencontainers.image.base.name"   = "${base_repo}${name}:${version}",
    "org.opencontainers.image.title"       = "Base image for ${name} with custom CA and local repos",
    "org.opencontainers.image.description" = "Slim base image for ${name} with internal CA and local package mirrors",
  }
}

function "image_ref" {
  params = [name]
  result = registry != "" ? "${registry}/nstart/${name}" : "nstart/${name}"
}

target "image" {
  name = "${combo.image}-${combo.distro}-${replace(combo.version, ".", "-")}"

  matrix = {
    combo = [
      { image = "node", distro= "debian", version = "25-trixie-slim", dockerfile="Dockerfile.node-deb" },
      { image = "node", distro= "debian", version = "24-trixie-slim", dockerfile="Dockerfile.node-deb" },
      { image = "python", distro= "debian", version = "3.14-slim-trixie", dockerfile="Dockerfile.python-deb" }
    ]
  }

  platforms = ["linux/amd64"]
  output = ["type=image"]
  attest = [
    "type=sbom",
    "type=provenance,mode=max"
  ]

  context    = "."
  dockerfile = combo.dockerfile

  args = {
    BASE_REPO = base_repo
    BASE_TAG   = combo.version
  }

  tags = [
    "${image_ref(combo.image)}:${combo.version}",
    "${image_ref(combo.image)}:latest",
  ]

  labels = oci_labels(combo.image, combo.version)
}

group "all" {
  targets = ["image"]
}