# Dockerfile per OpenRouter API Key Monitor
# Stage 1: Build
FROM python:3.11-slim as builder

# Installa dipendenze di build
RUN apt-get update && apt-get install -y --no-install-recommends \
    build-essential \
    libpq-dev \
    && rm -rf /var/lib/apt/lists/*

# Crea directory di lavoro
WORKDIR /app

# Copia requirements
COPY requirements.txt .

# Installa dipendenze in un virtual environment
RUN python -m venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
RUN pip install --no-cache-dir --upgrade pip && \
    pip install --no-cache-dir -r requirements.txt

# Stage 2: Runtime
FROM python:3.11-slim

# Crea utente non-root per sicurezza
RUN useradd --create-home --shell /bin/bash app

# Installa solo le dipendenze runtime necessarie
RUN apt-get update && apt-get install -y --no-install-recommends \
    libpq5 \
    curl \
    && rm -rf /var/lib/apt/lists/*

# Copia virtual environment dallo stage builder
COPY --from=builder /opt/venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"

# Impala directory di lavoro
WORKDIR /app

# Copia codice sorgente
COPY src/ ./src/
COPY alembic/ ./alembic/
COPY alembic.ini .
COPY .env.example .

# Crea directory per dati persistenti
RUN mkdir -p /app/data && chown -R app:app /app

# Passa a utente non-root
USER app

# Espone porta
EXPOSE 8000

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
    CMD curl -f http://localhost:8000/health || exit 1

# Comando di avvio
CMD ["uvicorn", "src.openrouter_monitor.main:app", "--host", "0.0.0.0", "--port", "8000"]