# syntax=docker/dockerfile:1.6
#
# services/backend/Dockerfile.embedded
# ------------------------------------------------------------------
# Same as Dockerfile.fetch BUT model weights are baked in.
# Final image ~1.5 GB. Use only when S3 fetch is not acceptable
# (air-gapped deploys, regulated environments, faster cold-start).
#
# Assumes the snapshot directory exists at build context:
#   services/ml/runs/bundles/full_20260515_044630/_SNAPSHOT_FOR_BUILD/
# The build MUST be run from the repo root with
#   docker build -f services/backend/Dockerfile.embedded -t hasarui-api:embedded .
# so the COPY path below resolves.
# ------------------------------------------------------------------

# ---------- Stage 1: builder ----------
FROM python:3.11-slim-bookworm AS builder

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    PIP_NO_CACHE_DIR=1 \
    PIP_DISABLE_PIP_VERSION_CHECK=1

RUN apt-get update && apt-get install -y --no-install-recommends \
        build-essential gcc libpq-dev curl ca-certificates && \
    rm -rf /var/lib/apt/lists/*

WORKDIR /build

COPY services/backend/requirements.txt ./requirements.txt
RUN pip install --upgrade pip wheel && \
    pip wheel --wheel-dir=/build/wheels \
        --extra-index-url https://download.pytorch.org/whl/cpu \
        torch==2.3.1+cpu torchvision==0.18.1+cpu && \
    pip wheel --wheel-dir=/build/wheels -r requirements.txt

# ---------- Stage 2: runtime ----------
FROM python:3.11-slim-bookworm AS runtime

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    PIP_NO_CACHE_DIR=1 \
    PORT=8000 \
    MODEL_DIR=/app/models \
    ML_DEVICE=cpu \
    SKIP_MODEL_FETCH=1

RUN apt-get update && apt-get install -y --no-install-recommends \
        libgl1 libglib2.0-0 libsm6 libxext6 libxrender1 \
        libpq5 curl ca-certificates && \
    rm -rf /var/lib/apt/lists/* && \
    groupadd --gid 1000 app && \
    useradd  --uid 1000 --gid app --create-home --shell /bin/bash app

WORKDIR /app

COPY --from=builder /build/wheels /tmp/wheels
COPY services/backend/requirements.txt ./requirements.txt
RUN pip install --upgrade pip && \
    pip install --no-index --find-links=/tmp/wheels \
        torch==2.3.1+cpu torchvision==0.18.1+cpu && \
    pip install --no-index --find-links=/tmp/wheels -r requirements.txt && \
    rm -rf /tmp/wheels

# App source
COPY --chown=app:app services/backend/*.py            ./
COPY --chown=app:app services/backend/cost_table.yaml ./
COPY --chown=app:app services/backend/alembic.ini     ./
COPY --chown=app:app services/backend/migrations      ./migrations
COPY --chown=app:app services/backend/scripts         ./scripts

# Bake model weights into image
COPY --chown=app:app services/ml/runs/bundles/full_20260515_044630/_SNAPSHOT_FOR_BUILD/ ${MODEL_DIR}/

COPY --chown=app:app services/backend/scripts/entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh

USER app

EXPOSE 8000

HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
    CMD curl --fail http://localhost:${PORT}/health || exit 1

ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
CMD ["sh", "-c", "uvicorn main:app --host 0.0.0.0 --port ${PORT} --workers 2"]