FROM python:3.9-slim

# 1. Install sudo and basic system tools
# We do this as actual root during the build process
RUN apt-get update && apt-get install -y \
    sudo \
    curl \
    wget \
    git \
    procps \
    && rm -rf /var/lib/apt/lists/*

# 2. Setup the Hugging Face user (ID 1000)
RUN useradd -m -u 1000 user

# 3. THE MAGIC SAUCE: Grant Real Root permissions
# This line adds 'user' to sudoers and disables the password requirement
RUN echo "user ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

# 4. Set up environment
USER user
ENV HOME=/home/user \
    PATH=/home/user/.local/bin:$PATH

WORKDIR /home/user/app

# 5. Install Python Dependencies
COPY --chown=user requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# 6. Copy App
COPY --chown=user . .

# 7. Run FastAPI
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"]