# backend/Dockerfile
#FROM python:3.11-slim

# Evitar .pyc y buffering
#ENV PYTHONDONTWRITEBYTECODE3=1
#ENV PYTHONUNBUFFERED=1

#WORKDIR /app

# Dependencias del sistema mínimas
#RUN apt-get update && apt-get install -y --no-install-recommends \
#    build-essential \
#    && rm -rf /var/lib/apt/lists/*

# Copiamos pyproject y lock si lo hubiera
#COPY pyproject.toml ./

# Instalamos dependencias
#RUN pip install --upgrade pip && \
#    pip install .

# Copiamos el resto del código (respetando .dockerignore)
#COPY . .

# Variables de autenticación básica
#ENV BASIC_AUTH_USERNAME=admin
#ENV BASIC_AUTH_PASSWORD=admin

#EXPOSE 8000

#CMD ["python", "-m", "uvicorn", "beyond_api.main:app", "--host", "0.0.0.0", "--port", "8000"]
# ---------------------------
#  Builder stage
# ---------------------------
FROM python:3.11-slim AS builder

ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1

WORKDIR /app

# Solo para compilar dependencias
RUN apt-get update && apt-get install -y --no-install-recommends \
    build-essential \
    && rm -rf /var/lib/apt/lists/*

# Copiamos archivos de dependencias primero (mejor cache)
COPY pyproject.toml ./

# Creamos wheels (más limpio para producción)
RUN pip install --upgrade pip && \
    pip wheel --no-cache-dir --no-deps --wheel-dir /wheels .


# ---------------------------
# Runtime stage
# ---------------------------
FROM python:3.11-slim

ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1

WORKDIR /app

# Crear usuario no-root (mejor seguridad)
RUN useradd --create-home appuser

# Copiar wheels generados
COPY --from=builder /wheels /wheels

# Instalar dependencias sin herramientas de compilación
RUN pip install --upgrade pip && \
    pip install --no-cache-dir /wheels/* && \
    rm -rf /wheels

# Copiar código
COPY . .

# Cambiar propietario
RUN chown -R appuser:appuser /app

USER appuser

ENV BASIC_AUTH_USERNAME=admin
ENV BASIC_AUTH_PASSWORD=admin

EXPOSE 8000

CMD ["uvicorn", "beyond_api.main:app", "--host", "0.0.0.0", "--port", "8000"]