# Base image with PNPM:
ARG NODE_VERSION=24.4.1
FROM node:${NODE_VERSION}-slim AS base
WORKDIR /app
RUN npm install -g pnpm

# Build stage:
FROM base AS builder
WORKDIR /repo
ENV CI=true

COPY . .

# Create .npmrc with build-time token for private packages:
ARG NPM_TOKEN
RUN echo "@percepta:registry=https://registry.npmjs.org/" > .npmrc && \
    echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> .npmrc

# Add BASE_PATH as a build argument
ARG BASE_PATH
ENV BASE_PATH=${BASE_PATH}

RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --frozen-lockfile

RUN NODE_ENV=production NODE_OPTIONS="--max-old-space-size=4096" pnpm --filter ./packages/__APP_NAME__ build

# Remove .npmrc for security (contains auth token):
RUN rm -f .npmrc

# Production stage - create the final image:
FROM base AS production

# Install PostgreSQL client:
USER root
RUN apt-get update \
    && apt-get install -y --no-install-recommends \
        postgresql-client \
    && rm -rf /var/lib/apt/lists/*

# Set production environment:
ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1

# Copy BASE_PATH from the builder stage
ENV BASE_PATH=${BASE_PATH}

# Copy built app from builder stage
COPY --from=builder /repo/packages/__APP_NAME__/.next/standalone ./
COPY --from=builder /repo/packages/__APP_NAME__/.next/static ./packages/__APP_NAME__/.next/static

# Copy scripts and source files needed for start.sh and runtime
COPY --from=builder /repo/package.json ./package.json
COPY --from=builder /repo/pnpm-lock.yaml ./pnpm-lock.yaml
COPY --from=builder /repo/pnpm-workspace.yaml ./pnpm-workspace.yaml
COPY --from=builder /repo/node_modules ./node_modules
COPY --from=builder /repo/packages/__APP_NAME__/package.json ./packages/__APP_NAME__/package.json
COPY --from=builder /repo/packages/__APP_NAME__/tsconfig.json ./packages/__APP_NAME__/tsconfig.json
COPY --from=builder /repo/packages/__APP_NAME__/node_modules ./packages/__APP_NAME__/node_modules
COPY --from=builder /repo/packages/__APP_NAME__/scripts ./packages/__APP_NAME__/scripts
COPY --from=builder /repo/packages/__APP_NAME__/src ./packages/__APP_NAME__/src


# Expose the port:
EXPOSE 3000

# Set correct permissions and user:
RUN chown -R 1000:1000 /app && chmod +x /app/packages/__APP_NAME__/scripts/start.sh
USER 1000
WORKDIR /app/packages/__APP_NAME__

# Start the application:
CMD ["./scripts/start.sh"]
