# BFF Backend Dockerfile for Production
FROM node:22-alpine AS deps

# Install pnpm
RUN corepack enable && corepack prepare pnpm@10.15.0 --activate

# Create app directory
WORKDIR /app

# Copy workspace configuration
COPY pnpm-workspace.yaml package.json pnpm-lock.yaml ./

# Copy package.json files for all workspaces
COPY shared/package.json ./shared/
COPY bff/package.json ./bff/

# Install dependencies only
RUN pnpm install --frozen-lockfile

# Build stage
FROM node:22-alpine AS builder
WORKDIR /app

# Install pnpm
RUN corepack enable && corepack prepare pnpm@10.15.0 --activate

# Copy workspace files
COPY pnpm-workspace.yaml package.json pnpm-lock.yaml ./

# Copy all source code
COPY shared/ ./shared/
COPY bff/ ./bff/

# Copy node_modules from deps stage
COPY --from=deps /app/node_modules ./node_modules
COPY --from=deps /app/shared/node_modules ./shared/node_modules
COPY --from=deps /app/bff/node_modules ./bff/node_modules

# Build shared package first
WORKDIR /app/shared
RUN pnpm build

# Build bff
WORKDIR /app/bff
RUN pnpm run build

# Generate Prisma client
RUN pnpm prisma generate

# Production stage
FROM node:22-alpine AS runner
WORKDIR /app

# Install pnpm for production dependencies
RUN corepack enable && corepack prepare pnpm@10.15.0 --activate

# Copy workspace configuration for production install
COPY pnpm-workspace.yaml package.json pnpm-lock.yaml ./
COPY shared/package.json ./shared/
COPY bff/package.json ./bff/

# Install only production dependencies
RUN pnpm install --frozen-lockfile --prod

# Copy built applications
COPY --from=builder /app/shared/dist ./shared/dist
COPY --from=builder /app/bff/dist ./bff/dist
COPY --from=builder /app/bff/prisma ./bff/prisma

# Copy generated Prisma client
COPY --from=builder /app/bff/node_modules/.prisma ./bff/node_modules/.prisma
COPY --from=builder /app/bff/node_modules/@prisma ./bff/node_modules/@prisma

# Create non-root user
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nestjs

# Create necessary directories
RUN mkdir -p /app/secrets /app/logs && chown -R nestjs:nodejs /app/secrets /app/logs

# Set correct permissions
RUN chown -R nestjs:nodejs /app

USER nestjs

EXPOSE 4000

ENV PORT=4000
ENV NODE_ENV=production

WORKDIR /app/bff

# Start the application
CMD ["node", "dist/main"]