# e2e-runner image — drives the SUT through public boundaries only.
#
# CRITICAL: this image MUST NOT install the SUT package and MUST NOT have
# `src/gps_denied_onboard/` on its PYTHONPATH. The pytest tree it runs lives
# at `/test-suite` (bind-mounted) and imports only from `e2e.runner.*` paths
# baked into this image — never from the SUT.
#
# Image size target: ≤ 2 GB (AZ-406 Risk 1 mitigation). The heavy ML stack
# (tensorrt, gtsam, faiss, cuda) lives in the SUT image, not here.

FROM python:3.12-slim-bookworm AS base

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    PIP_NO_CACHE_DIR=1 \
    PIP_DISABLE_PIP_VERSION_CHECK=1

# --- system deps for OpenCV runtime + libffi (msp_gps_toy linkage) + libssl + tini ---
# OpenCV needs libgl1 + libglib2.0-0 for the JPEG/PNG codecs; tini is a small
# init that reaps zombie children when pytest forks (`--forked`).
RUN apt-get update && apt-get install -y --no-install-recommends \
        libgl1 \
        libglib2.0-0 \
        libffi8 \
        libssl3 \
        tini \
        ca-certificates \
        curl \
        netcat-openbsd \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /opt/e2e-runner

COPY requirements.txt /opt/e2e-runner/requirements.txt
RUN pip install --no-cache-dir -r /opt/e2e-runner/requirements.txt

# Runner package — conftest, helpers, reporting plugins. Copied AFTER pip
# install so source-only changes don't bust the heavy layer cache.
COPY __init__.py /opt/e2e-runner/runner/__init__.py
COPY conftest.py /opt/e2e-runner/runner/conftest.py
COPY pytest.ini /opt/e2e-runner/pytest.ini
COPY reporting /opt/e2e-runner/runner/reporting
COPY helpers /opt/e2e-runner/runner/helpers

ENV PYTHONPATH=/opt/e2e-runner:/opt/e2e-runner/runner

# `/test-suite` is bind-mounted by docker-compose (../tests). The runner
# default cwd is its own root; the docker-compose `command:` overrides the
# entrypoint with the explicit `pytest /test-suite ...` invocation.
WORKDIR /opt/e2e-runner

ENTRYPOINT ["/usr/bin/tini", "--"]
CMD ["pytest", "/test-suite"]