# ModPilot Investigation Engine — HuggingFace Spaces Docker image.
# HF Spaces requires: listen on port 7860, run as uid 1000.

FROM python:3.11-slim

RUN useradd -m -u 1000 user
ENV PATH="/home/user/.local/bin:/app/.venv/bin:$PATH" \
    PYTHONUNBUFFERED=1 \
    PYTHONDONTWRITEBYTECODE=1 \
    PIP_NO_CACHE_DIR=1 \
    PIP_DISABLE_PIP_VERSION_CHECK=1 \
    UV_PROJECT_ENVIRONMENT=/app/.venv \
    UV_LINK_MODE=copy

RUN mkdir -p /app && chown user:user /app
WORKDIR /app

USER user

# Install uv in the user-local bin dir so the venv it creates is user-owned.
RUN pip install --user --no-cache-dir uv==0.5.11

# Layer-cache: deps first, source second.
COPY --chown=user:user pyproject.toml uv.lock ./
RUN uv sync --frozen --no-dev --no-install-project

COPY --chown=user:user . /app

EXPOSE 7860

# Apply any pending Alembic revisions on boot, then serve. Failures fail
# the container so HF surfaces the error in its build logs.
CMD ["sh", "-c", "alembic upgrade head && uvicorn api.main:app --host 0.0.0.0 --port 7860"]