# Multi-stage production Dockerfile for Rook-generated projects.
#
# Build:  docker build -t myapp .
# Run:    docker run -p 8000:8000 --env-file .env myapp
#
# Stage 1: Install dependencies (cached layer)
# Stage 2: Production image (minimal, no build tools)

# --- Stage 1: Builder ---
FROM python:3.13-slim AS builder

WORKDIR /build

# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
    gcc libpq-dev \
    && rm -rf /var/lib/apt/lists/*

# Install Python dependencies (cached unless requirements change)
COPY pyproject.toml ./
RUN pip install --no-cache-dir --upgrade pip \
    && pip install --no-cache-dir --prefix=/install .

# --- Stage 2: Production ---
FROM python:3.13-slim AS production

# Runtime dependencies only
RUN apt-get update && apt-get install -y --no-install-recommends \
    libpq5 curl \
    && rm -rf /var/lib/apt/lists/* \
    && useradd --create-home --shell /bin/bash app

# Copy installed packages from builder
COPY --from=builder /install /usr/local

WORKDIR /app

# Copy application code
COPY . .

# Don't run as root
USER app

# Health check — hit the liveness endpoint
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
    CMD curl -f http://localhost:8000/health || exit 1

# Entrypoint handles: migrate → health check → start
ENTRYPOINT ["./entrypoint.sh"]

# Default command: production uvicorn
CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "4", "--log-level", "warning"]

EXPOSE 8000
