# Backend image for FastAPI + LiveKit Agent runtime
# Supports dev (uvicorn reload) and production (gunicorn) via APP_ENV.

# Builder: install deps with uv into an isolated venv
FROM python:3.12-slim AS builder

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    UV_PROJECT_ENV=/opt/venv

# System packages needed for common Python builds + uv installer
RUN apt-get update && \
    apt-get install -y --no-install-recommends build-essential curl && \
    rm -rf /var/lib/apt/lists/*

# Install uv (fast Python package manager) as the dependency tool
RUN curl -LsSf https://astral.sh/uv/install.sh | sh
ENV PATH="/root/.local/bin:${PATH}"

# Create virtualenv and prepare workspace
RUN python -m venv ${UV_PROJECT_ENV}
ENV PATH="${UV_PROJECT_ENV}/bin:${PATH}"
WORKDIR /app

# Copy the full source; dependency install is guarded to avoid failures while the app is scaffolded
COPY . /app
RUN if [ -f uv.lock ] && [ -f pyproject.toml ]; then \
        uv sync --frozen --no-dev; \
    elif ls requirements*.txt >/dev/null 2>&1; then \
        for req in requirements*.txt; do \
            uv pip install --no-cache -r "$req"; \
        done; \
    elif [ -f pyproject.toml ]; then \
        uv pip install --no-cache .; \
    else \
        echo "No dependency manifest found; skipping install"; \
    fi && \
    if [ -f pyproject.toml ]; then \
        uv pip install --no-cache -e .; \
    fi

# Runtime: slim image with non-root user and prebuilt venv
FROM python:3.12-slim AS runtime

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    PATH="/opt/venv/bin:${PATH}"

# Create unprivileged user
RUN addgroup --system app && adduser --system --ingroup app app

WORKDIR /app

# Copy runtime artifacts from builder
COPY --from=builder /opt/venv /opt/venv
COPY --from=builder /app /app
RUN chown -R app:app /app /opt/venv

USER app
EXPOSE 8000

# Default command switches between uvicorn (dev) and gunicorn (prod) based on APP_ENV
CMD ["sh", "-c", "if [ \"$APP_ENV\" = \"production\" ]; then exec gunicorn app.main:app -k uvicorn.workers.UvicornWorker --bind 0.0.0.0:8000 --workers 4 --timeout 120; else exec uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload; fi"]