# 使用官方Python 3.10 slim镜像
FROM python:3.10-slim

# --- 1. 设置环境变量 ---
ENV PYTHONUNBUFFERED=1 \
    PIP_NO_CACHE_DIR=off \
    PIP_DISABLE_PIP_VERSION_CHECK=on

RUN apt-get update && apt-get install -y --no-install-recommends \
    git \
    && rm -rf /var/lib/apt/lists/*

# --- 2. 创建应用用户和工作目录 ---
RUN useradd --create-home --shell /bin/bash appuser
WORKDIR /app

# 这个经过验证的克隆步骤保持不变
RUN --mount=type=secret,id=GH_USER \
    --mount=type=secret,id=GH_TOKEN \
    git clone https://$(cat /run/secrets/GH_USER):$(cat /run/secrets/GH_TOKEN)@github.com/leoncool23/tcm_expert_builder.git .

# --- 3. [核心步骤] 复制依赖文件并安装 ---
# 将本地的requirements.txt复制到镜像中
COPY requirements.txt .

# 使用这个文件进行安装。pip会自动处理 --extra-index-url
RUN pip install -r requirements.txt

# --- 4. 复制我们最简单的测试应用 ---
#COPY test_app.py .

# --- 5. 设置权限 ---
RUN chown -R appuser:appuser /app

# --- 6. 切换到非root用户 ---
USER appuser

# --- 7. 暴露端口 ---
EXPOSE 7860

# --- 8. 启动应用 ---
CMD ["gunicorn", "--workers", "1", "--bind", "0.0.0.0:7860", "app:app"]