#!/bin/bash

# Function to get latest SHA256 digest
get_latest_digest() {
    image_name=$(echo $1 | cut -d'@' -f1)
    docker pull $image_name > /dev/null
    digest=$(docker inspect --format='{{index .RepoDigests 0}}' $image_name | cut -d'@' -f2)
    echo $digest
}

# Update Dockerfile
update_dockerfile() {
    old_line=$1
    new_digest=$2
    new_line=$(echo $old_line | sed "s|@sha256:[a-f0-9]*|@$new_digest|")
    sed -i "s|$old_line|$new_line|" Dockerfile
    echo "Updated: $new_line"
}

# Process Dockerfile
while IFS= read -r line
do
    if [[ $line == FROM* && $line == *@sha256:* ]]; then
        image=$(echo $line | awk '{print $2}')
        new_digest=$(get_latest_digest $image)
        update_dockerfile "$line" "$new_digest"
    fi
done < Dockerfile

echo "Dockerfile updated with latest SHA256 digests."