#!/bin/bash
set -euo pipefail
IFS=$'\n\t'

IMAGE=$(grep -oP 'FROM \K.*alpine[^ ]+' Dockerfile)
PACKAGES=$(grep -oP '#.+depName=alpine.+/\K[^ ]+' Dockerfile)
# shellcheck disable=SC2086
PACKAGES_NO_BR=$(echo ${PACKAGES} | tr -d '\n')
PACKAGES_VERSIONS=$(docker run --rm -t --entrypoint /bin/sh "$IMAGE" -c "apk --update --no-cache list $PACKAGES_NO_BR | cut -d ' ' -f 1 | grep -v '^fetch$'")
DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' "$IMAGE" | cut -d '@' -f2)

echo "Checking $(echo "$PACKAGES" | wc -l)/$(echo "$PACKAGES_VERSIONS" | wc -l) latest package versions on $IMAGE"
echo "Image digest found: $DIGEST"
echo "---"
echo "$PACKAGES_VERSIONS"