FROM python:3.12-slim AS builder

WORKDIR /build

RUN pip install --no-cache-dir poetry==1.8.5

COPY pyproject.toml ./
RUN poetry config virtualenvs.in-project true && \
    poetry install --only main --no-interaction --no-ansi

COPY src/ src/

FROM python:3.12-slim AS runtime

RUN groupadd -g 1001 appuser && \
    useradd -u 1001 -g appuser -s /bin/false -m appuser

WORKDIR /app

COPY --from=builder /build/.venv .venv
COPY --from=builder /build/src src

ENV PATH="/app/.venv/bin:$PATH"

USER appuser

EXPOSE 8000

HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
    CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/api/v1/health')"

CMD ["pulse", "run", "--host", "0.0.0.0", "--port", "8000"]
