FROM python:3.11
WORKDIR /app

# Install dependencies
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# Copy application code
COPY . .

# --- FIX FOR crewai/CHROMA_DB_PATH PERMISSION ERROR ---
# 1. Set the CHROMA_DB_PATH environment variable to a writable path
#    This explicitly tells crewai's dependency where to store temporary data, 
#    bypassing the problematic default path resolution (/root/.local/share/app or /.local/share/app).
ENV CHROMA_DB_PATH="/app/.chroma_data"

# 2. Add a non-root user for security best practice
RUN useradd -m appuser
RUN chown -R appuser:appuser /app

# Switch to the non-root user
USER appuser

# Execute the application
# We use the port 7860 as specified in your original CMD
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"]