FROM node:20-alpine AS base
RUN corepack enable && corepack prepare pnpm@10.28.2 --activate \
    && apk add --no-cache python3 make g++
WORKDIR /app

FROM base AS deps
COPY pnpm-lock.yaml pnpm-workspace.yaml package.json ./
COPY apps/api/package.json apps/api/
RUN pnpm install --frozen-lockfile --prod=false

FROM base AS build
COPY --from=deps /app/node_modules ./node_modules
COPY --from=deps /app/apps/api/node_modules ./apps/api/node_modules
COPY . .
RUN cd apps/api && pnpm build

FROM base AS prod-deps
COPY pnpm-lock.yaml pnpm-workspace.yaml package.json ./
COPY apps/api/package.json apps/api/
RUN pnpm install --frozen-lockfile --prod

FROM node:20-alpine AS runtime
RUN apk add --no-cache tini wget \
    && addgroup -S app -g 1001 \
    && adduser -S app -G app -u 1001

WORKDIR /app/apps/api

COPY --from=prod-deps --chown=app:app /app/node_modules /app/node_modules
COPY --from=prod-deps --chown=app:app /app/apps/api/node_modules ./node_modules
COPY --from=build     --chown=app:app /app/apps/api/dist        ./dist
COPY --from=build     --chown=app:app /app/apps/api/swagger.json ./swagger.json
COPY --from=build     --chown=app:app /app/apps/api/package.json ./package.json

RUN mkdir -p /app/logs && chown -R app:app /app/logs

USER app
EXPOSE 3001

HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
    CMD wget -qO- http://localhost:3001/api/health || exit 1

ENTRYPOINT ["/sbin/tini", "--"]
CMD ["node", "dist/index.js"]
