ARG $MAMBA_USER=mambauser

# ---- build stage: resolve and install the pixi environment ----
# Pin the pixi version for reproducibility; update as needed.
FROM ghcr.io/prefix-dev/pixi:latest AS build

WORKDIR /app

COPY pixi.toml pixi.lock pyproject.toml ./
COPY src ./src

# Install only the default (runtime) environment from the lockfile
RUN pixi install --locked -e default

# ---- runtime stage ----
FROM debian:trixie-slim AS runtime

ARG USER_UID=1000
ARG USERNAME=pythonuser
ARG USER_GID=2000
ARG SOURCE_COMMIT

LABEL maintainer="Urban Data Analytics" name="analytics/aio-sensorthings" source_commit=$SOURCE_COMMIT

RUN groupadd --gid $USER_GID $USERNAME && \
    useradd --create-home --no-log-init --gid $USER_GID --uid $USER_UID --shell /bin/bash $USERNAME && \
    chown -R $USERNAME:$USERNAME /home/$USERNAME

WORKDIR /home/$USERNAME

ENV PATH="/home/$USERNAME/.venv/bin:$PATH"

# Copy the resolved conda environment from the build stage
COPY --from=build \
    --chmod=0755 \
    --chown=$USERNAME:$USERNAME \
    /app/.pixi/envs/default ./.venv

USER $USERNAME

ENV PYTHONUNBUFFERED 1
