# =============================================================================
# GoHorse Backoffice - Ultra-Optimized Dockerfile with pnpm
# Target: < 150MB final image, minimal disk usage during build
# =============================================================================
# syntax=docker/dockerfile:1

# -----------------------------------------------------------------------------
# Stage 1: Base with pnpm
# -----------------------------------------------------------------------------
FROM mirror.gcr.io/library/node:20-alpine AS base

# Enable corepack and activate pnpm
RUN corepack enable && corepack prepare pnpm@latest --activate

# libc6-compat for native module compatibility
RUN apk add --no-cache libc6-compat

# Set pnpm store for caching
ENV PNPM_HOME="/pnpm"
ENV PATH="$PNPM_HOME:$PATH"

# -----------------------------------------------------------------------------
# Stage 2: Dependencies
# -----------------------------------------------------------------------------
FROM base AS deps
WORKDIR /app

# Copy package files
COPY package.json pnpm-lock.yaml ./

# Install with cache mount - reutiliza entre builds
RUN --mount=type=cache,id=pnpm-backoffice,target=/pnpm/store \
    pnpm install --frozen-lockfile --prefer-offline

# -----------------------------------------------------------------------------
# Stage 3: Builder (memory-optimized)
# -----------------------------------------------------------------------------
FROM base AS builder

# Reduce memory for build
ENV NODE_OPTIONS="--max-old-space-size=2048"

WORKDIR /app

# Copy deps
COPY --from=deps /app/node_modules ./node_modules

# Copy source (selective, not COPY . .)
COPY package.json pnpm-lock.yaml ./
COPY tsconfig*.json nest-cli.json ./
COPY src ./src

# Build and cleanup in same layer
RUN pnpm build && \
    rm -rf node_modules/.cache

# Prune dev deps with cache
RUN --mount=type=cache,id=pnpm-backoffice,target=/pnpm/store \
    pnpm prune --prod && \
    pnpm store prune

# -----------------------------------------------------------------------------
# Stage 4: Production (minimal)
# -----------------------------------------------------------------------------
FROM mirror.gcr.io/library/node:20-alpine AS runner

# Security: non-root user
RUN addgroup -g 1001 -S nodejs && \
    adduser -S nestjs -u 1001 -G nodejs

WORKDIR /app

# Copy only production artifacts
COPY --from=builder --chown=nestjs:nodejs /app/dist ./dist
COPY --from=builder --chown=nestjs:nodejs /app/node_modules ./node_modules
COPY --from=builder --chown=nestjs:nodejs /app/package.json ./

ENV NODE_ENV=production \
    BACKOFFICE_PORT=3001 \
    BACKOFFICE_HOST=0.0.0.0

USER nestjs

EXPOSE 3001

CMD ["node", "dist/main.js"]