# Hugging Face Spaces — Docker SDK
# Docs: https://huggingface.co/docs/hub/spaces-sdks-docker

FROM python:3.12-slim

# ── HF Spaces: non-root user with uid 1000 ────────────────────────────────────
RUN useradd -m -u 1000 appuser

# ── Install uv ────────────────────────────────────────────────────────────────
COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /usr/local/bin/

# ── Working directory ─────────────────────────────────────────────────────────
WORKDIR /app

# ── Copy dependency manifests first (layer-cache friendly) ───────────────────
COPY pyproject.toml uv.lock ./

# ── Install dependencies ──────────────────────────────────────────────────────
RUN uv sync --frozen --no-install-project --no-dev

# ── Copy source ───────────────────────────────────────────────────────────────
COPY app/ ./app/
COPY main.py development.yml ./

# ── Fix ownership then drop privileges ────────────────────────────────────────
RUN chown -R appuser:appuser /app
USER appuser

ENV HOME=/home/appuser \
    PATH=/home/appuser/.local/bin:$PATH \
    PYTHONUNBUFFERED=1 \
    PYTHONDONTWRITEBYTECODE=1 \
    HOST=0.0.0.0 \
    PORT=7860

# ── HF Spaces requires port 7860 ──────────────────────────────────────────────
EXPOSE 7860

CMD ["uv", "run", "main.py"]