# =============================================================================
# LangChain Basic LLM Starter — Dockerfile (FastAPI service)
# DemIA Living Lab - Universidad de Salamanca (USAL) / BISITE
# =============================================================================

# ---- Build stage ------------------------------------------------------------
FROM python:3.11-slim AS builder

WORKDIR /build

# System dependencies (no build artefacts leak into the runtime image)
RUN apt-get update && apt-get install -y --no-install-recommends \
        build-essential \
    && rm -rf /var/lib/apt/lists/*

COPY requirements.txt .
RUN pip install --no-cache-dir --prefix=/install -r requirements.txt

# ---- Runtime stage ----------------------------------------------------------
FROM python:3.11-slim AS runtime

LABEL org.opencontainers.image.title="LangChain Basic LLM Starter" \
      org.opencontainers.image.description="Provider-agnostic LLM API — DemIA Living Lab / BISITE" \
      org.opencontainers.image.licenses="MIT"

# Non-root user for security
RUN addgroup --system appgroup && adduser --system --ingroup appgroup appuser

WORKDIR /app

# Copy installed packages from the build stage
COPY --from=builder /install /usr/local

# Copy application source
COPY config/ ./config/
COPY src/    ./src/
COPY api/    ./api/

# Environment defaults (overridden at runtime via docker run -e or docker-compose)
ENV LLM_PROVIDER=anthropic \
    MODEL_ID=claude-opus-4-8 \
    API_HOST=0.0.0.0 \
    API_PORT=8000 \
    PYTHONUNBUFFERED=1 \
    PYTHONDONTWRITEBYTECODE=1

# Ensure the app does not run as root
USER appuser

EXPOSE 8000

HEALTHCHECK --interval=30s --timeout=10s --start-period=15s --retries=3 \
    CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')"

CMD ["uvicorn", "api.main:app", "--host", "0.0.0.0", "--port", "8000"]
