# Pala OS MCP server — local-first FastMCP runtime
FROM python:3.14-slim AS builder

WORKDIR /build
COPY pyproject.toml ./
COPY src/ ./src/
RUN pip install --no-cache-dir --upgrade pip build && \
    pip wheel --no-cache-dir --no-deps --wheel-dir /wheels .

FROM python:3.14-slim

LABEL org.opencontainers.image.title="Pala OS MCP Server"
LABEL org.opencontainers.image.source="https://github.com/trugurpala/pala-os"
LABEL org.opencontainers.image.licenses="MIT"

WORKDIR /app

# Non-root user for safety
RUN useradd --create-home --shell /bin/bash pala
USER pala

COPY --from=builder /wheels /wheels
RUN pip install --no-cache-dir --user /wheels/*.whl && rm -rf /wheels

ENV PATH="/home/pala/.local/bin:${PATH}"
ENV PALA_SKILLS_DIR=/app/skills
ENV PALA_REGISTRY=/app/skills-registry.yaml
ENV PALA_TELEMETRY=off

EXPOSE 8765

ENTRYPOINT ["pala-mcp"]
CMD ["--stdio"]
