def nodeLabel = "${UUID.randomUUID().toString()}"
def repository = "registry.c.test-chamber-13.lan"
def kanikoImage = "${repository}/library/kaniko:latest"
def repositoryCreds = "harbor-repository-creds"

podTemplate(
	name: "pipelineContainer",
	label: nodeLabel,
	yaml: """---
apiVersion: v1
kind: Pod
metadata:
  name: kaniko
spec:
  containers:
  - name: kaniko
    image: ${kanikoImage}
    imagePullPolicy: Always
    tty: true
    command:
    - /busybox/cat
""") {
	node (nodeLabel) {
		stage ("Prepare Kaniko") {
			container ("kaniko") {
				withCredentials([usernameColonPassword(
					credentialsId: repositoryCreds,
					variable: "dCreds",
				)]) {
					def dockerJSON = """{
						"auths": {
							"${repository}": {
								"auth": "${dcreds.bytes.encodeBase64().toString()}"
							}
						}
					}"""
					sh """
						set +x
						echo '${dockerJSON}' > /kaniko/.docker/config.json
					"""
				}
			}
		}

		stage('Build Container') {
			container('kaniko') {

				def dockerfile = """FROM ${repository}/dockerhub/library/golang:alpine AS BUILDER
RUN apk --no-cache add git upx && \\
    go install github.com/m13253/dns-over-https/doh-server@latest && \\
	upx --brute /go/bin/doh-server
FROM ${repository}/library/alpine:latest
RUN addgroup -S -g 1000 app && \\
	adduser -S app -G app -h /app -u 1000
USER app
WORKDIR /app
COPY --from=BUILDER /go/bin/doh-server /app/dohserver
ENTRYPOINT ./dohserver
"""

				writeFile file: workspace + '/Dockerfile', text: dockerfile
				sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/library/dohserver:latest\""
			}
		}
	}
}