FROM python:3.11-slim

WORKDIR /app

# Create a non-root user
RUN groupadd -g 10001 app && \
    useradd -u 10001 -g app -s /bin/sh -m app

# Install system dependencies
RUN apt-get update && rm -rf /var/lib/apt/lists/*

# Install python dependencies
RUN pip install --no-cache-dir \
    asyncpg \
    celery \
    clewso-core \
    fastapi \
    httpx \
    neo4j \
    openai \
    pydantic \
    pydantic-settings \
    "qdrant-client>=1.7.0" \
    redis \
    uvicorn[standard]

# Copy source code
COPY --chown=app:app ./src /app/src

# Set python path
ENV PYTHONPATH=/app

# Switch to non-root user
USER app

# Expose port
EXPOSE 8000

# Run commands
CMD ["uvicorn", "src.main:app", "--host", "0.0.0.0", "--port", "8000"]
