FROM docker.io/golang:1.25.2-trixie AS builder

RUN apt-get update && \
    apt-get install -y --no-install-recommends sqlite3 libsqlite3-dev && \
    rm -rf /var/lib/apt/lists/*

WORKDIR /build

COPY go.mod go.sum ./
RUN go mod download

COPY . .

RUN go generate ./...
RUN CGO_ENABLED=1 go build \
    -ldflags="-s -w -linkmode external -extldflags '-static'" \
    -tags sqlite_omit_load_extension \
    -trimpath \
    -o atcr-appview ./cmd/appview

# ==========================================
# Stage 2: Minimal FROM scratch runtime
# ==========================================
FROM scratch
# Copy CA certificates for HTTPS (PDS, Jetstream, relay connections)
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
# Copy timezone data for timestamp formatting
COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
# Copy optimized binary (SQLite embedded)
COPY --from=builder /build/atcr-appview /atcr-appview

# Expose ports
EXPOSE 5000

# OCI image annotations
LABEL org.opencontainers.image.title="ATCR AppView" \
      org.opencontainers.image.description="ATProto Container Registry - OCI-compliant registry using AT Protocol for manifest storage" \
      org.opencontainers.image.authors="ATCR Contributors" \
      org.opencontainers.image.source="https://tangled.org/@evan.jarrett.net/at-container-registry" \
      org.opencontainers.image.documentation="https://tangled.org/@evan.jarrett.net/at-container-registry" \
      org.opencontainers.image.licenses="MIT" \
      org.opencontainers.image.version="0.1.0" \
      io.atcr.icon="https://imgs.blue/evan.jarrett.net/1TpTNrRelfloN2emuWZDrWmPT0o93bAjEnozjD6UPgoVV9m4" \
      io.atcr.readme="https://tangled.org/@evan.jarrett.net/at-container-registry/raw/main/docs/appview.md"

ENTRYPOINT ["/atcr-appview"]
CMD ["serve"]