FROM public.ecr.aws/gravitational/tbot-distroless:17 AS tbot-bin

FROM public.ecr.aws/docker/library/python:3.12-slim

COPY --from=tbot-bin /usr/local/bin/tbot /usr/local/bin/tbot

RUN apt-get update && apt-get install -y --no-install-recommends curl \
    && curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \
    && chmod +x kubectl && mv kubectl /usr/local/bin/ \
    && curl -fsSL -o /tmp/teleport.tar.gz "https://cdn.teleport.dev/teleport-v18.6.6-linux-amd64-bin.tar.gz" \
    && tar xzf /tmp/teleport.tar.gz -C /tmp \
    && mv /tmp/teleport/tsh /usr/local/bin/tsh \
    && rm -rf /tmp/teleport /tmp/teleport.tar.gz \
    && apt-get remove -y curl && apt-get autoremove -y && rm -rf /var/lib/apt/lists/*

RUN pip install --no-cache-dir boto3

COPY entrypoint.py /entrypoint.py
RUN mkdir -p /tbot-data
ENTRYPOINT ["python", "/entrypoint.py"]
