FROM python:3.11-slim

# Set working directory
WORKDIR /app
COPY accounts.db ./
# Install system dependencies
RUN apt-get update && apt-get install -y \
    gcc \
    curl \
    && rm -rf /var/lib/apt/lists/*

# Install uv globally
RUN pip install --no-cache-dir uv

# Create non-root user early
RUN useradd --create-home --shell /bin/bash app

# Copy lock + project config files first (to use Docker cache)
COPY pyproject.toml uv.lock ./
# Change ownership before creating venv
RUN chown -R app:app /app

# Switch to app user before creating virtual environment
USER app

# Create virtual environment and sync dependencies as app user
RUN uv venv .venv && \
    uv sync --frozen

# Verify the virtual environment was created properly
RUN ls -la .venv/bin/ && \
    .venv/bin/python --version

# Copy application code
COPY --chown=app:app . .
RUN chmod +x run.sh
# Expose FastAPI port
EXPOSE 8000

# Health check
# HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
#     CMD curl -f http://localhost:8000/health || exit 1

# Start the app with uv's virtualenv runner
CMD ["/app/run.sh"]
