# Build context: repo root (docker compose sets context: .)
# Multi-stage: Node.js build + Python sidecar + supervisord runtime

# ── Stage 1: Node.js build ───────────────────────────────────────
FROM node:22-slim AS ts-builder
RUN npm config set strict-ssl false \
  && npm install -g pnpm@10
WORKDIR /app

# Copy workspace config + lockfile for dependency resolution
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml tsconfig.base.json ./

# Copy all workspace package.json files (pnpm --frozen-lockfile needs every member)
COPY packages/accessibility/package.json packages/accessibility/
COPY packages/api-client/package.json packages/api-client/
COPY packages/auth/package.json packages/auth/
COPY packages/auth-client/package.json packages/auth-client/
COPY packages/auth-ui/package.json packages/auth-ui/
COPY packages/backend-config/package.json packages/backend-config/
COPY packages/backend-flags/package.json packages/backend-flags/
COPY packages/backend-telemetry/package.json packages/backend-telemetry/
COPY packages/blob/package.json packages/blob/
COPY packages/blob-client/package.json packages/blob-client/
COPY packages/broadcast-client/package.json packages/broadcast-client/
COPY packages/celebrations/package.json packages/celebrations/
COPY packages/client-encrypt/package.json packages/client-encrypt/
COPY packages/config/package.json packages/config/
COPY packages/cosmos/package.json packages/cosmos/
COPY packages/create-app/package.json packages/create-app/
COPY packages/dashboard-components/package.json packages/dashboard-components/
COPY packages/dashboard-shell/package.json packages/dashboard-shell/
COPY packages/datastore/package.json packages/datastore/
COPY packages/design-tokens/package.json packages/design-tokens/
COPY packages/diagnostics-client/package.json packages/diagnostics-client/
COPY packages/errors/package.json packages/errors/
COPY packages/event-store/package.json packages/event-store/
COPY packages/events/package.json packages/events/
COPY packages/extraction/package.json packages/extraction/
COPY packages/fastify-auth/package.json packages/fastify-auth/
COPY packages/fastify-core/package.json packages/fastify-core/
COPY packages/fastify-sse/package.json packages/fastify-sse/
COPY packages/feature-flag-client/package.json packages/feature-flag-client/
COPY packages/feedback-client/package.json packages/feedback-client/
COPY packages/field-encrypt/package.json packages/field-encrypt/
COPY packages/gentle-notifications/package.json packages/gentle-notifications/
COPY packages/kill-switch-client/package.json packages/kill-switch-client/
COPY packages/llm/package.json packages/llm/
COPY packages/llm-router/package.json packages/llm-router/
COPY packages/logger/package.json packages/logger/
COPY packages/marketplace-client/package.json packages/marketplace-client/
COPY packages/monitoring/package.json packages/monitoring/
COPY packages/offline-queue/package.json packages/offline-queue/
COPY packages/org-client/package.json packages/org-client/
COPY packages/platform-client/package.json packages/platform-client/
COPY packages/push/package.json packages/push/
COPY packages/queue/package.json packages/queue/
COPY packages/quick-actions/package.json packages/quick-actions/
COPY packages/react-auth/package.json packages/react-auth/
COPY packages/react-native-platform-sdk/package.json packages/react-native-platform-sdk/
COPY packages/referral-client/package.json packages/referral-client/
COPY packages/secure-storage-web/package.json packages/secure-storage-web/
COPY packages/speech/package.json packages/speech/
COPY packages/storage/package.json packages/storage/
COPY packages/subscription-client/package.json packages/subscription-client/
COPY packages/survey-client/package.json packages/survey-client/
COPY packages/sync/package.json packages/sync/
COPY packages/telemetry-client/package.json packages/telemetry-client/
COPY packages/testing/package.json packages/testing/
COPY packages/time-references/package.json packages/time-references/
COPY packages/webhook-dispatch/package.json packages/webhook-dispatch/
COPY services/extraction-service/package.json services/extraction-service/
COPY services/platform-service/package.json services/platform-service/
COPY services/mcp-server/package.json services/mcp-server/
COPY services/monitoring/package.json services/monitoring/
COPY dashboards/admin-web/package.json dashboards/admin-web/
COPY dashboards/tracker-web/package.json dashboards/tracker-web/
COPY scripts/package.json scripts/

# Install all workspace deps without running prepare hooks before sources exist.
RUN pnpm install --frozen-lockfile --ignore-scripts

# Copy source
COPY packages/ packages/
COPY services/extraction-service/tsconfig.json services/extraction-service/
COPY services/extraction-service/src/ services/extraction-service/src/

# Build packages first, then service
RUN pnpm -r --filter @lysnrai/extraction-service... build

# Deploy to isolated directory (production deps only)
RUN pnpm --filter @lysnrai/extraction-service deploy --legacy /app/deploy

# ── Stage 2: Production runtime (Node.js + Python sidecar) ───────
FROM node:22-slim

RUN apt-get update \
  && apt-get install -y --no-install-recommends python3 python3-venv supervisor wget \
  && rm -rf /var/lib/apt/lists/*

# Create an isolated venv for sidecar deps (avoids Debian PEP 668 restrictions).
RUN python3 -m venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"

WORKDIR /app

# Copy Node.js service
COPY --from=ts-builder /app/deploy ./

# Python sidecar (installed in the same OS/Python runtime to avoid ABI issues)
WORKDIR /app/python
COPY services/extraction-service/python/requirements.txt ./requirements.txt
RUN pip install --no-cache-dir \
  --trusted-host pypi.org \
  --trusted-host files.pythonhosted.org \
  -r requirements.txt
COPY services/extraction-service/python/src ./src

# Copy supervisord config
COPY services/extraction-service/supervisord.conf /etc/supervisor/conf.d/extraction.conf

ENV NODE_ENV=production
ENV PYTHON_SIDECAR_URL=http://localhost:4006

EXPOSE 4005
EXPOSE 4006

CMD ["supervisord", "-c", "/etc/supervisor/conf.d/extraction.conf"]
