# syntax=docker/dockerfile:1.4
FROM node:19-alpine AS builder
WORKDIR /app

# Outils nécessaires pour cloner le dépôt
RUN apk add --no-cache git

# Clone le SDK à côté de /app afin que ../sdk-signer-client soit disponible
RUN git clone -b int-dev \
    https://git.4nkweb.com/4nk/sdk-signer-client.git /sdk-signer-client

# Build de la dépendance SDK
WORKDIR /sdk-signer-client
RUN npm ci && npm run build

# Installation des dépendances de l'app
WORKDIR /app
COPY package*.json ./
RUN npm install

# Copie et build des sources de l'app
COPY tsconfig.json ./
COPY src ./src
RUN npm run build

# Réduction aux deps de production
RUN npm prune --omit=dev && npm cache clean --force

FROM debian:bookworm-slim
WORKDIR /app

# Installation des dépendances minimales nécessaires
RUN apt-get update && apt-get upgrade -y && \
    apt-get install -y --fix-missing \
    ca-certificates curl jq git \
    net-tools iputils-ping dnsutils \
    netcat-openbsd telnet procps && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Installation de Node.js
RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
    apt-get install -y nodejs && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Création d'un utilisateur non-root
RUN useradd -m -u 1000 appuser && \
    mkdir -p /app && chown -R appuser:appuser /app

# Retour à l'utilisateur appuser
USER appuser

# Copie des artefacts de build et des deps prod
COPY --from=builder --chown=appuser:appuser /app/package*.json ./
COPY --from=builder --chown=appuser:appuser /app/node_modules ./node_modules
COPY --from=builder --chown=appuser:appuser /app/dist ./dist
COPY --from=builder /sdk-signer-client /sdk-signer-client

EXPOSE 8080
CMD ["npm", "start"]