# Multi-stage build for production
# Stage 1: Build the application
FROM rust:1.90-bookworm AS builder

# Install build dependencies
RUN apt-get update && apt-get install -y \
    pkg-config \
    libssl-dev \
    protobuf-compiler \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /build

# Copy manifests
COPY Cargo.toml Cargo.lock ./

# Create dummy main to cache dependencies
RUN mkdir src && \
    echo "fn main() {}" > src/main.rs && \
    cargo build --release && \
    rm -rf src

# Copy actual source code
COPY src ./src

# Build the actual application
RUN cargo build --release --bin herodb

# Stage 2: Create minimal runtime image
FROM debian:bookworm-slim

# Install runtime dependencies (minimal)
RUN apt-get update && apt-get install -y \
    ca-certificates \
    && rm -rf /var/lib/apt/lists/*

# Create non-root user
RUN useradd -m -u 1000 herodb && \
    mkdir -p /data && \
    chown -R herodb:herodb /data

WORKDIR /app

# Copy binary from builder
COPY --from=builder /build/target/release/herodb /usr/local/bin/herodb

# Switch to non-root user
USER herodb

# Create volume mount point
VOLUME ["/data"]

# Expose ports
EXPOSE 6379 8080

# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
    CMD timeout 2 bash -c '</dev/tcp/localhost/6379' || exit 1

# Default command
ENTRYPOINT ["herodb"]
CMD ["--dir", "/data", "--port", "6379", "--enable-rpc", "--rpc-port", "8080"]