# syntax=docker/dockerfile:1.7
# Build de la coque webapp. Les @wp-reactor/* sont tirés depuis GitHub Packages
# (cf .npmrc) — passer NODE_AUTH_TOKEN (read:packages) au build.
#
# NB : ce Dockerfile est un artefact de TEMPLATE (porté dans le repo client par
# le scaffolder, qui substitue __PROJECT_NAME__). Le contexte de build = racine
# du repo client.
FROM node:22-alpine AS base
WORKDIR /app
ENV CI=true DO_NOT_TRACK=1
RUN corepack enable && corepack prepare pnpm@11.3.0 --activate

FROM base AS build
ARG NODE_AUTH_TOKEN
ARG VITE_WORDPRESS_URL
ARG VITE_GRAPHQL_PATH
ARG VITE_FEATURE_EDITORIAL
ARG VITE_FEATURE_ECOMMERCE
ARG VITE_FEATURE_AUTH
ARG SESSION_SECRET
ENV VITE_WORDPRESS_URL=${VITE_WORDPRESS_URL} \
	VITE_GRAPHQL_PATH=${VITE_GRAPHQL_PATH} \
	VITE_FEATURE_EDITORIAL=${VITE_FEATURE_EDITORIAL} \
	VITE_FEATURE_ECOMMERCE=${VITE_FEATURE_ECOMMERCE} \
	VITE_FEATURE_AUTH=${VITE_FEATURE_AUTH} \
	SESSION_SECRET=${SESSION_SECRET}
COPY . .
RUN printf '//npm.pkg.github.com/:_authToken=%s\n' "${NODE_AUTH_TOKEN}" >> .npmrc \
	&& pnpm install --frozen-lockfile \
	&& pnpm --filter @__PROJECT_NAME__/webapp build \
	&& rm -f .npmrc

FROM node:22-alpine AS runner
RUN apk add --no-cache curl
WORKDIR /app/apps/webapp
COPY --from=build /app/apps/webapp/.output ./.output
# Scripts ops (ex. purge Cloudflare en post-deployment Coolify).
COPY --from=build /app/apps/webapp/scripts ./scripts
EXPOSE 3000
CMD ["node", ".output/server/index.mjs"]
