Dockerfile

# Hugging Face Spaces — docker SDK runtime for the health-marketing-compliance-rag
# FastAPI + React SPA application.
#
# Multi-stage build:
#   1. Node stage: builds the React frontend (frontend/dist/)
#   2. Python stage: installs Python deps via uv, copies frontend assets, runs uvicorn
#
# HF Spaces convention: app runs as user "user" (UID 1000) on port 7860.

# ---------------------------------------------------------------------------
# Stage 1: Build frontend static assets
# ---------------------------------------------------------------------------
FROM node:20-slim AS frontend-builder

WORKDIR /build/frontend

COPY frontend/package.json frontend/package-lock.json* ./
RUN npm ci

COPY frontend/ ./
RUN npm run build

# ---------------------------------------------------------------------------
# Stage 2: Python runtime
# ---------------------------------------------------------------------------
FROM python:3.13-slim

# Non-root user expected by HF Spaces
RUN useradd -m -u 1000 user
WORKDIR /home/user/app

# System deps required by pymupdf (mupdf) and general native wheels
RUN apt-get update && apt-get install -y --no-install-recommends \
        build-essential \
    && rm -rf /var/lib/apt/lists/*

# Install uv for fast Python dependency management
COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv

# Copy project metadata and install Python dependencies
COPY pyproject.toml uv.lock* .python-version ./
RUN uv sync --no-dev --no-install-project

# Copy application source
COPY --chown=user . .

# Copy built frontend assets from the builder stage
COPY --from=frontend-builder --chown=user /build/frontend/dist ./frontend/dist

# Fix ownership of the venv created by root so the non-root user can run it
RUN chown -R user:user /home/user/app

USER user
ENV PORT=7860

EXPOSE 7860

CMD ["uv", "run", "uvicorn", "server:app", "--host", "0.0.0.0", "--port", "7860"]