FROM python:3.12-slim AS builder

ENV POETRY_VERSION=1.8.4 \
    POETRY_VIRTUALENVS_IN_PROJECT=true \
    PIP_NO_CACHE_DIR=1

RUN pip install --no-cache-dir "poetry==${POETRY_VERSION}"

WORKDIR /app
COPY pyproject.toml poetry.lock* README.md ./
RUN poetry install --only main --no-root

COPY fire_planner ./fire_planner
COPY alembic ./alembic
COPY alembic.ini ./alembic.ini
RUN poetry install --only main


FROM python:3.12-slim

WORKDIR /app

RUN useradd --system --uid 10003 --home /app --shell /usr/sbin/nologin firep

COPY --from=builder --chown=firep:firep /app /app

ENV PATH="/app/.venv/bin:${PATH}" \
    PYTHONUNBUFFERED=1

EXPOSE 8080
USER firep
ENTRYPOINT ["python", "-m", "fire_planner"]
CMD ["serve"]