FROM argoproj/argocd:v1.8.3 as base

USER root  
RUN apt-get update  --allow-insecure-repositories --allow-unauthenticated && \
    apt-get install -y \
    curl \
    gpg && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 
    
FROM mozilla/sops:v3.6.1 as sops
# better to grab from the docker image, even though it seems crazy, it's so renovate can give us PRs!

FROM base as addwrapper
COPY helm-wrapper.sh /usr/local/bin/
COPY --from=sops /go/bin/sops /usr/local/bin/
USER root
RUN cd /usr/local/bin && \
    mv helm helm.bin && \
    mv helm2 helm2.bin && \
    mv helm-wrapper.sh helm && \
    ln helm helm2 && \
    chmod +x helm helm2 sops

FROM addwrapper
ARG HELM_SECRETS_VERSION="3.4.1" 
# helm secrets plugin should be installed as user argocd or it won't be found
USER argocd
RUN /usr/local/bin/helm.bin plugin install https://github.com/jkroepke/helm-secrets --version ${HELM_SECRETS_VERSION}
ENV HELM_PLUGINS="/home/argocd/.local/share/helm/plugins/"