FROM python:3.12-slim-bookworm

# Install uv
COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/

# Create non-root user (Hugging Face requirement)
RUN useradd -m -u 1000 user

# Set working directory to the user's home folder
WORKDIR /home/user/app
RUN chown user:user /home/user/app

# Switch to the user BEFORE installing dependencies!
# This ensures the .venv is owned by 'user', not 'root'.
USER user

# ---- Dependency layer (cached) ----
COPY --chown=user:user pyproject.toml uv.lock ./
RUN uv sync --frozen --no-cache

# ---- Application code ----
COPY --chown=user:user . .

# Hugging Face explicitly requires exposing 7860, that's why exposing here
EXPOSE 7860

# Run Uvicorn directly on port 7860
CMD ["uv", "run", "uvicorn", "src.api.main:app", "--host", "0.0.0.0", "--port", "7860"]