FROM node:18-alpine AS sass-builder

RUN NODE_OPTIONS=--dns-result-order=ipv4first npm install -g sass@latest --omit=dev --no-fund --no-audit
WORKDIR /build
COPY ./blueprints ./blueprints

RUN sass ./blueprints:./blueprints \
    --no-source-map \
    --style=compressed \
    --quiet

FROM python:3.11-slim

RUN apt-get update && \
    apt-get install --no-install-recommends -y \
    libmagic1 \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /app

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

COPY . .

COPY --from=sass-builder /build/blueprints/ ./blueprints/

RUN useradd -m -u 1001 appuser && \
    chown -R appuser:appuser /app

USER appuser

ENV FLASK_ENV=production \
    PYTHONUNBUFFERED=1 \
    PYTHONDONTWRITEBYTECODE=1 \
    PIP_NO_CACHE_DIR=1 \
    PIP_DISABLE_PIP_VERSION_CHECK=1

CMD ["gunicorn", "app:app", \
    "-b", "0.0.0.0:80", \
    "--workers", "4", \
    "--worker-class", "sync", \
    "--worker-tmp-dir", "/dev/shm", \
    "--access-logfile", "-", \
    "--error-logfile", "-", \
    "--log-level", "info"]