# ============================================
# Base stage for shared configuration
# ============================================
FROM python:3.10-slim-bookworm AS base

# Force package update and installation at build time
ARG CACHEBUST=1
ARG DEBIAN_FRONTEND=noninteractive

# Create directory for Node.js setup
RUN mkdir -p /etc/apt/keyrings

# Install Node.js and npm with all dependencies
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        curl \
        gnupg \
        ca-certificates \
    && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
    && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list \
    && apt-get update \
    && apt-get install -y --no-install-recommends \
        nodejs \
        build-essential \
        python3-dev \
    && npm install -g npm@latest \
    && npm install -g yarn \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

# Install system dependencies
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        build-essential \
        gcc \
        g++ \
        libc6-dev \
        libffi-dev \
        libgmp-dev \
        libmpfr-dev \
        libmpc-dev \
        libssl-dev \
        postgresql-client \
        redis-tools \
        make \
        pkg-config \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

# Install Python packages in smaller groups to better handle dependencies
RUN pip install --no-cache-dir \
    gunicorn \
    gevent \
    grpcio \
    pydantic-settings \
    protobuf \
    grpcio-tools

RUN pip install --no-cache-dir \
    flask \
    flask-cors \
    Flask-SQLAlchemy==3.1.1 \
    Flask-Migrate==4.0.7 \
    flask-login \
    flask-restful \
    flask-limiter \
    flask-caching \
    flask-jwt-extended \
    flask-socketio

RUN pip install --no-cache-dir \
    PyYAML \
    celery \
    redis \
    psycopg2-binary \
    sqlalchemy \
    alembic \
    pyjwt \
    requests

# Install ML and AI packages separately
RUN pip install --no-cache-dir \
    numpy \
    pandas \
    python-dotenv \
    pycryptodome \
    cryptography \
    bcrypt \
    python-jose[cryptography] \
    passlib \
    python-multipart \
    gmpy2

RUN pip install --no-cache-dir \
    transformers \
    torch \
    tensorflow \
    sentencepiece \
    tokenizers \
    nltk

# Install remaining packages
RUN pip install --no-cache-dir \
    openai==1.14.0 \
    anthropic==0.23.1 \
    Pillow \
    opencv-python-headless \
    scikit-learn \
    scipy \
    google-cloud-aiplatform \
    google-generativeai \
    vertexai \
    google-cloud-core \
    google-api-core \
    yarl \
    aiohttp \
    "tritonclient[all]" \
    cohere==4.43 \
    replicate \
    aleph-alpha-client \
    stability-sdk \
    huggingface_hub \
    langchain \
    langchain-community \
    langchain-core \
    langchain-openai

# Install NLTK data
RUN python -c "import nltk; nltk.download('punkt'); nltk.download('averaged_perceptron_tagger')"

# Verify installations
RUN node --version && npm --version && yarn --version

# ============================================
# Web builder stage - optimized
# ============================================
FROM base AS web-builder

WORKDIR /app

# Copy web directory first
COPY web/ web/

WORKDIR /app/web

# Install dependencies and build
RUN yarn install --frozen-lockfile && \
    yarn add --dev autoprefixer postcss tailwindcss code-inspector-plugin && \
    NEXT_TELEMETRY_DISABLED=1 yarn build && \
    mkdir -p .next/standalone && \
    cp -r .next/static .next/standalone/.next/ && \
    cp -r public .next/standalone/ && \
    yarn cache clean

# ============================================
# Python builder stage - optimized
# ============================================
FROM base AS python-builder

WORKDIR /app

# Copy api directory
COPY api/ api/

WORKDIR /app/api

# Install core dependencies first
RUN pip install --no-cache-dir poetry==1.8.3 && \
    poetry config virtualenvs.create false && \
    poetry install --no-dev --no-interaction --no-ansi

# ============================================
# Final stage - minimal runtime
# ============================================
FROM base

# Create non-root user and storage directory
RUN apt-get update && \
    useradd -m -u 1000 user && \
    mkdir -p /storage/files /storage/cache /storage/logs && \
    chown -R user:user /storage && \
    mkdir -p /app/api && \
    chown -R user:user /app

# Install runtime dependencies with proper repository update
RUN pip install --no-cache-dir \
        gunicorn \
        gevent \
        grpcio \
        pydantic-settings \
        protobuf \
        grpcio-tools \
        flask \
        flask-cors \
        Flask-SQLAlchemy==3.1.1 \
        Flask-Migrate==4.0.7 \
        flask-login \
        flask-restful \
        flask-limiter \
        flask-caching \
        flask-jwt-extended \
        flask-socketio \
        PyYAML \
        celery \
        redis \
        psycopg2-binary \
        sqlalchemy \
        alembic \
        pyjwt \
        requests \
        numpy \
        pandas \
        python-dotenv \
        pycryptodome \
        cryptography \
        bcrypt \
        python-jose[cryptography] \
        passlib \
        python-multipart \
        gmpy2 \
        transformers \
        torch \
        tensorflow \
        sentencepiece \
        tokenizers \
        nltk \
        openai==1.14.0 \
        anthropic==0.23.1 \
        flask-migrate==4.0.5 \
        Pillow \
        opencv-python-headless \
        scikit-learn \
        scipy \
        google-cloud-aiplatform \
        google-generativeai \
        vertexai \
        google-cloud-core \
        google-api-core \
        yarl \
        aiohttp \
        tritonclient[all] \
        cohere==4.43 \
        anthropic \
        replicate \
        aleph-alpha-client \
        stability-sdk \
        huggingface_hub \
        langchain \
        langchain-community \
        langchain-core \
        langchain-openai \
        openai==1.14.0 \
        Flask-Migrate==4.0.7 \
        Flask-SQLAlchemy==3.1.1 && \
    python -m nltk.downloader punkt averaged_perceptron_tagger

# Set up directory structure
WORKDIR /app
RUN mkdir -p api web && chown -R user:user /app

# Copy Python environment and files
COPY --from=python-builder --chown=user /usr/local/lib/python3.10/site-packages /usr/local/lib/python3.10/site-packages
COPY --chown=user api/ /app/api/

# Copy Next.js files with explicit directory creation
RUN mkdir -p /app/web/.next/standalone /app/web/.next/static
COPY --from=web-builder --chown=user /app/web/.next/standalone /app/web/.next/standalone
COPY --from=web-builder --chown=user /app/web/.next/static /app/web/.next/static
COPY --from=web-builder --chown=user /app/web/public /app/web/public

# Set environment variables for HF Spaces compatibility
ENV FLASK_APP=app.py \
    EDITION=SELF_HOSTED \
    DEPLOY_ENV=PRODUCTION \
    PYTHONPATH=/app/api \
    PATH="/usr/local/bin:${PATH}" \
    STORAGE_DIR=/storage \
    # Database configuration - match docker-compose.yaml
    DB_USERNAME=postgres \
    DB_PASSWORD=difyai123456 \
    DB_HOST=db \
    DB_PORT=5432 \
    DB_DATABASE=dify \
    SQLALCHEMY_POOL_SIZE=30 \
    SQLALCHEMY_POOL_RECYCLE=3600 \
    # Redis configuration - match docker-compose.yaml
    REDIS_HOST=redis \
    REDIS_PORT=6379 \
    REDIS_PASSWORD=difyai123456 \
    REDIS_DB=0

# Copy entrypoint script
COPY docker/entrypoint.sh /app/entrypoint.sh
RUN chmod +x /app/entrypoint.sh

# Switch to non-root user
USER user

# HF Spaces uses port 7860
EXPOSE 7860 3000

# Set up storage volumes
VOLUME ["/storage/files", "/storage/cache", "/storage/logs"]

WORKDIR /app
CMD ["./entrypoint.sh"]