# ── Build stage ───────────────────────────────────────────────────────────────
FROM python:3.12-slim AS builder

WORKDIR /app

RUN apt-get update && apt-get install -y --no-install-recommends \
    gcc \
    git \
 && rm -rf /var/lib/apt/lists/*

RUN git clone https://github.com/ArcNil/transactions_webapp.git .

RUN pip install --no-cache-dir --prefix=/install gunicorn -r src/requirements.txt


# ── Runtime stage ─────────────────────────────────────────────────────────────
FROM python:3.12-slim

WORKDIR /app

COPY --from=builder /install /usr/local
COPY --from=builder /app/src .
COPY entrypoint.sh .

RUN useradd -m appuser && chown -R appuser /app
USER appuser

ENV FLASK_APP=main.py \
    FLASK_ENV=production \
    WEB_APP_TITLE="Transactions WebApp" \
    PORT=5000

EXPOSE 5000

ENTRYPOINT ["sh", "entrypoint.sh"]