# Multi-stage build for Oclawma
# Stage 1: Builder
FROM python:3.11-slim AS builder

# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
    gcc \
    libffi-dev \
    && rm -rf /var/lib/apt/lists/*

# Create virtual environment
RUN python -m venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"

# Install build tools
RUN pip install --no-cache-dir --upgrade pip setuptools wheel hatchling

# Copy project files
WORKDIR /build
COPY pyproject.toml .
COPY README.md .
COPY LICENSE .
COPY MANIFEST.in .
COPY src/ ./src/

# Build the package
RUN pip install --no-cache-dir /build

# Stage 2: Runtime
FROM python:3.11-slim AS runtime

# Create non-root user
RUN groupadd -r oclawma && useradd -r -g oclawma -d /app -s /bin/bash oclawma

# Install runtime dependencies only
RUN apt-get update && apt-get install -y --no-install-recommends \
    curl \
    && rm -rf /var/lib/apt/lists/*

# Copy virtual environment from builder
COPY --from=builder /opt/venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"

# Set working directory
WORKDIR /app

# Create data directory for persistence
RUN mkdir -p /app/data && chown -R oclawma:oclawma /app

# Copy docker scripts
COPY docker/entrypoint.sh /usr/local/bin/entrypoint.sh
COPY docker/healthcheck.sh /usr/local/bin/healthcheck.sh
RUN chmod +x /usr/local/bin/entrypoint.sh /usr/local/bin/healthcheck.sh

# Switch to non-root user
USER oclawma

# Environment variables
ENV OCLAWMA_DATA_DIR=/app/data
ENV OCLAWMA_CONFIG_DIR=/app/data/config
ENV PYTHONUNBUFFERED=1
ENV PYTHONDONTWRITEBYTECODE=1

# Expose port (if needed for future API mode)
EXPOSE 8080

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
    CMD /usr/local/bin/healthcheck.sh

# Entrypoint
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
CMD ["oclawma", "--help"]
