# hadolint ignore=DL3006,DL3007
FROM cgr.dev/chainguard/wolfi-base:latest AS base

SHELL ["/bin/ash", "-ex", "-c"]

ARG USERID=10000
ARG GROUPID=10000

ENV USERNAME="huesoporro"
ENV APP_HOME="/home/$USERNAME"
ENV APP_PATH="$APP_HOME/src"

ENV POETRY_VERSION=1.8.3
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONPATH="$APP_PATH"
ENV PATH="$APP_HOME/.local/bin:$PATH"

# hadolint ignore=DL3001,DL3008,DL3018
RUN apk add --no-cache make python3~=3.12 \
    && adduser -S -u "$USERID" -h "$APP_HOME" "$USERNAME"

COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv

USER "$USERNAME"

RUN mkdir -p "$APP_PATH" "$APP_HOME/.ssh" \
    && uv venv "$APP_PATH/.venv"

WORKDIR "$APP_PATH"

COPY pyproject.toml uv.lock Makefile README.md ./

RUN uv sync

COPY --chown=uid=$USERID,gid=$GROUPID src/ ./

FROM base AS serve

CMD ["make", "serve"]
