# syntax=docker/dockerfile:1
ARG PYTHON_VERSION=3.12

FROM python:${PYTHON_VERSION}-slim AS python-base
ARG TEST_ENV

# Set environment variables
ENV PYTHONUNBUFFERED=1 \
    PYTHONDONTWRITEBYTECODE=1 \
    PORT=${PORT:-9090} \
    PIP_CACHE_DIR=/.cache \
    WORKERS=1 \
    THREADS=8 \
    PATH="/home/user/.local/bin:$PATH" \
    HF_CHECKPOINT_DIR=/data/checkpoints

# Update the base OS (must run as root)
RUN --mount=type=cache,target="/var/cache/apt",sharing=locked \
    --mount=type=cache,target="/var/lib/apt/lists",sharing=locked \
    set -eux; \
    apt-get update; \
    apt-get upgrade -y; \
    apt install --no-install-recommends -y \
        git; \
    apt-get autoremove -y

# Create user and set up directories
RUN useradd -m -u 1000 user && \
    mkdir -p /data/checkpoints /data/cache && \
    chown -R user:user /data

# Switch to non-root user
USER user
WORKDIR /home/user/app

# Copy and install requirements
COPY --chown=user requirements-base.txt .
RUN --mount=type=cache,target=${PIP_CACHE_DIR},sharing=locked \
    pip install -r requirements-base.txt

COPY --chown=user requirements.txt .
RUN --mount=type=cache,target=${PIP_CACHE_DIR},sharing=locked \
    pip install -r requirements.txt

# Copy remaining application files
COPY --chown=user . .

# Expose the service port
EXPOSE 9090

# Command to run the application
CMD PYTHONPATH=/home/user/app \
    gunicorn \
    --preload \
    --bind :$PORT \
    --workers $WORKERS \
    --threads $THREADS \
    --timeout 120 \
    --worker-connections 100 \
    --worker-class gthread \
    --log-level warning \
    --access-logfile - \
    --error-logfile - \
    _wsgi:app