# ── Stage 1: Build Vue SPA ────────────────────────────────────────────────────
FROM node:22-alpine AS web-builder
WORKDIR /web
COPY web/package.json web/package-lock.json ./
RUN npm ci
COPY web/ ./
RUN npm run build

# ── Stage 2: Python runtime ───────────────────────────────────────────────────
FROM python:3.12-slim
WORKDIR /app

RUN apt-get update && apt-get install -y --no-install-recommends \
    curl \
    && rm -rf /var/lib/apt/lists/*

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# sqlite-vec: optional vector search extension for context embedding (Paid tier)
RUN set -eux; \
    SVEC_VER=0.1.6; \
    ARCH=$(uname -m); \
    case "$ARCH" in \
      x86_64)  SVEC_ARCH="x86_64-linux-gnu" ;; \
      aarch64) SVEC_ARCH="aarch64-linux-gnu" ;; \
      *)        echo "sqlite-vec: unsupported arch $ARCH — skipping" && exit 0 ;; \
    esac; \
    wget -q -O /tmp/sqlite_vec.tar.gz \
      "https://github.com/asg017/sqlite-vec/releases/download/v${SVEC_VER}/sqlite-vec-${SVEC_VER}-loadable-linux-${SVEC_ARCH}.tar.gz"; \
    tar -xz -C /usr/lib/python3/ -f /tmp/sqlite_vec.tar.gz --wildcards '*.so' || true; \
    rm /tmp/sqlite_vec.tar.gz

COPY app/ ./app/
COPY patterns/ ./patterns/
COPY scripts/ ./scripts/
COPY --from=web-builder /web/dist ./web/dist

# Volume mount points — override at runtime:
#   /data/     → TURNSTONE_DB=/data/turnstone.db  (read-write)
#   /patterns/ → custom pattern YAML files        (read-write)
#   /logs/     → host log directories             (read-only)
ENV TURNSTONE_DB=/data/turnstone.db

EXPOSE 8534

HEALTHCHECK --interval=30s --timeout=10s --start-period=20s --retries=3 \
    CMD curl -f http://localhost:8534/turnstone/health || exit 1

CMD ["uvicorn", "app.rest:app", "--host", "0.0.0.0", "--port", "8534"]