FROM ghcr.io/astral-sh/uv:0.11.16 AS uv

FROM python:3.14-slim-bookworm AS builder

ENV APP_HOME=/opt/spire-proxy-manager \
    VIRTUAL_ENV=/opt/spire-proxy-manager/.virtualenv \
    PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    UV_COMPILE_BYTECODE=1 \
    UV_LINK_MODE=copy \
    UV_PROJECT_ENVIRONMENT=/opt/spire-proxy-manager/.virtualenv

WORKDIR ${APP_HOME}

RUN apt-get update \
    && apt-get install --yes --no-install-recommends build-essential \
    && rm -rf /var/lib/apt/lists/*

COPY --from=uv /uv /uvx /usr/local/bin/

RUN uv venv "${VIRTUAL_ENV}"
ENV PATH="${VIRTUAL_ENV}/bin:${PATH}"

COPY pyproject.toml uv.lock ./

RUN uv sync --frozen --no-dev --no-install-project

FROM python:3.14-slim-bookworm AS runtime

ENV APP_HOME=/opt/spire-proxy-manager \
    VIRTUAL_ENV=/opt/spire-proxy-manager/.virtualenv \
    PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    PATH=/opt/spire-proxy-manager/.virtualenv/bin:${PATH}

WORKDIR ${APP_HOME}

RUN mkdir -p "${APP_HOME}/templates" "${APP_HOME}/vhost.d" "${APP_HOME}/config"

COPY --from=builder ${VIRTUAL_ENV} ${VIRTUAL_ENV}
COPY templates ./templates
COPY app ./app
COPY *.py ./

EXPOSE 9107/tcp 9108/tcp

CMD ["sh", "-c", "uvicorn main:app --host 0.0.0.0 --port 9107 & exec uvicorn main:app --host 0.0.0.0 --port ${SPM_COCKPIT_API_PORT:-9108}"]
