# Multi-stage build using openenv-base
# Works for both in-repo and standalone environments.
# The build script (openenv build) handles context detection.

ARG BASE_IMAGE=ghcr.io/meta-pytorch/openenv-base:latest
FROM ${BASE_IMAGE} AS builder

WORKDIR /app

# Ensure git is available (required for VCS dependencies)
RUN apt-get update && \
    apt-get install -y --no-install-recommends git && \
    rm -rf /var/lib/apt/lists/*

ARG BUILD_MODE=in-repo
ARG ENV_NAME=sql_env
# Set to https://download.pytorch.org/whl/cpu for CPU-only (default, smaller image)
# Set to "" for full CUDA support (GPU deployment)
ARG TORCH_INDEX=https://download.pytorch.org/whl/cpu

# Copy environment code
COPY . /app/env

WORKDIR /app/env

# Ensure uv is available
RUN if ! command -v uv >/dev/null 2>&1; then \
        curl -LsSf https://astral.sh/uv/install.sh | sh && \
        mv /root/.local/bin/uv /usr/local/bin/uv && \
        mv /root/.local/bin/uvx /usr/local/bin/uvx; \
    fi

# Install dependencies (TORCH_INDEX controls CPU vs CUDA PyTorch)
RUN --mount=type=cache,target=/root/.cache/uv \
    export UV_PROJECT_ENVIRONMENT=/app/.venv && \
    if [ -n "${TORCH_INDEX}" ]; then export UV_EXTRA_INDEX_URL="${TORCH_INDEX}"; fi && \
    if [ -f uv.lock ]; then \
        uv sync --frozen --no-install-project --no-editable; \
    else \
        uv sync --no-install-project --no-editable; \
    fi

RUN --mount=type=cache,target=/root/.cache/uv \
    export UV_PROJECT_ENVIRONMENT=/app/.venv && \
    if [ -n "${TORCH_INDEX}" ]; then export UV_EXTRA_INDEX_URL="${TORCH_INDEX}"; fi && \
    if [ -f uv.lock ]; then \
        uv sync --frozen --no-editable; \
    else \
        uv sync --no-editable; \
    fi

# Final runtime stage
FROM ${BASE_IMAGE}

WORKDIR /app

# Default port (HF Spaces overrides with PORT=7860)
ENV PORT=8000

# Copy the virtual environment from builder
COPY --from=builder /app/.venv /app/.venv

# Copy the environment code
COPY --from=builder /app/env /app/env

# Explicitly copy bundled Spider databases for deployment checks
COPY --from=builder /app/env/data/databases /app/env/data/databases

# Set PATH to use the virtual environment
ENV PATH="/app/.venv/bin:$PATH"

# Set PYTHONPATH so imports work correctly
ENV PYTHONPATH="/app/env:$PYTHONPATH"

# Run as non-root for HF Spaces security best practice
RUN useradd --create-home --uid 10001 appuser
USER appuser

# Health check verifies bundled DBs and API health
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
    CMD sh -c 'find /app/env/data/databases -name "*.sqlite" -print -quit | grep -q . && curl -f "http://localhost:${PORT:-8000}/health"' || exit 1

# Run the FastAPI server
ENV ENABLE_WEB_INTERFACE=true
CMD ["sh", "-c", "cd /app/env && uvicorn server.app:app --host 0.0.0.0 --port ${PORT:-8000}"]