# Build stage
FROM node:20-alpine AS builder

WORKDIR /app

# 复制依赖文件
COPY package*.json ./
RUN npm ci

# 复制 Prisma schema 并生成客户端
COPY prisma ./prisma/
RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate

# 复制源代码并构建
COPY src ./src/
COPY tsconfig.json nest-cli.json ./
RUN npm run build

# 验证构建产物
RUN ls -la dist/ && test -f dist/main.js

# Production stage
FROM node:20-slim

WORKDIR /app

# 安装必要的系统依赖 (OpenSSL for Prisma, curl for healthcheck)
RUN apt-get update && apt-get install -y --no-install-recommends \
    openssl \
    curl \
    && rm -rf /var/lib/apt/lists/*

# 复制依赖文件并安装生产依赖
COPY package*.json ./
RUN npm ci --only=production

# 复制 Prisma schema 并生成客户端
COPY prisma ./prisma/
RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate

# 复制构建产物
COPY --from=builder /app/dist ./dist/

# 创建非 root 用户
RUN groupadd -g 1001 nodejs && \
    useradd -u 1001 -g nodejs nestjs

USER nestjs

EXPOSE 3001

# 健康检查
HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \
  CMD curl -f http://localhost:3001/api/v1/health || exit 1

CMD ["node", "dist/main.js"]