# syntax=docker/dockerfile:1.4

FROM golang:1.24-alpine AS builder

# Install build dependencies
RUN apk add --no-cache git ca-certificates tzdata

# Set working directory
WORKDIR /app

# Provide CHORUS module for local replace directive
COPY --from=chorus / /CHORUS/

# Copy BACKBEAT dependency first
COPY BACKBEAT-prototype ./BACKBEAT-prototype/

# Copy go mod files first for better caching
COPY go.mod go.sum ./

# Copy source code
COPY . .

# Create modified group file with docker group for container access
# Use GID 998 to match rosewood's docker group
RUN cp /etc/group /tmp/group && \
    echo "docker:x:998:65534" >> /tmp/group

# Build with optimizations and version info
ARG VERSION=v0.1.7
ARG COMMIT_HASH
ARG BUILD_DATE
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
    -mod=mod \
    -ldflags="-w -s -X main.version=${VERSION} -X main.commitHash=${COMMIT_HASH} -X main.buildDate=${BUILD_DATE}" \
    -a -installsuffix cgo \
    -o whoosh ./cmd/whoosh

# Final stage - Ubuntu base for better volume mount support
FROM ubuntu:22.04

# Install runtime dependencies
RUN apt-get update && apt-get install -y \
    ca-certificates \
    tzdata \
    curl \
    && rm -rf /var/lib/apt/lists/*

# Create non-root user with docker group access
RUN groupadd -g 998 docker && \
    groupadd -g 1000 chorus && \
    useradd -u 1000 -g chorus -G docker -s /bin/bash -d /home/chorus -m chorus

# Create app directory structure
RUN mkdir -p /app/data && \
    chown -R chorus:chorus /app

# Copy application binary and migrations
COPY --from=builder --chown=chorus:chorus /app/whoosh /app/whoosh
COPY --from=builder --chown=chorus:chorus /app/migrations /app/migrations

# Switch to non-root user
USER chorus
WORKDIR /app

# Expose port
EXPOSE 8080

# Health check using the binary itself
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
    CMD ["/app/whoosh", "--health-check"]

# Set metadata
LABEL maintainer="CHORUS Ecosystem" \
      description="WHOOSH - Autonomous AI Development Teams" \
      org.opencontainers.image.title="WHOOSH" \
      org.opencontainers.image.description="Orchestration platform for autonomous AI development teams" \
      org.opencontainers.image.vendor="CHORUS Services"

# Run the application
ENTRYPOINT ["/app/whoosh"]
CMD []