# Build stage
FROM --platform=$BUILDPLATFORM golang:1.25-alpine AS builder

# Install build dependencies
RUN apk add --no-cache git gcc musl-dev

WORKDIR /build

# Copy go mod files
COPY go.mod go.sum ./
RUN --mount=type=cache,target=/go/pkg/mod go mod download

# Copy source code
COPY . .

# Build arguments for cross-compilation
ARG TARGETOS
ARG TARGETARCH

# Build the binary
RUN --mount=type=cache,target=/go/pkg/mod \
    --mount=type=cache,target=/root/.cache/go-build \
    CGO_ENABLED=1 GOOS=${TARGETOS} GOARCH=${TARGETARCH} \
    go build -ldflags="-w -s" -o brooke-spin ./cmd/brooke-spin

# Runtime stage
FROM alpine:latest

# Install runtime dependencies
RUN apk add --no-cache ca-certificates tzdata

# Create non-root user
RUN addgroup -g 1000 brooke && \
    adduser -D -u 1000 -G brooke brooke

WORKDIR /app

# Copy binary and entrypoint from builder
COPY --from=builder /build/brooke-spin /app/brooke-spin
COPY entrypoint.sh /app/entrypoint.sh

# Set ownership and make entrypoint executable
RUN chown -R brooke:brooke /app && \
    chmod +x /app/entrypoint.sh

# Switch to non-root user
USER brooke

# Use entrypoint to ensure data directory exists
ENTRYPOINT ["/app/entrypoint.sh"]

# Default command
CMD ["/app/brooke-spin", "-config", "/app/config.yaml"]