# gitzone dockerfile_service
## STAGE 1 // BUILD frontend bundle
FROM --platform=linux/amd64 node:22-alpine AS build

# Install pnpm
RUN corepack enable && corepack prepare pnpm@latest --activate

WORKDIR /app
ENV DENO_DIR=/deno-dir

# Use verdaccio registry (hosts private packages and proxies public ones)
RUN npm config set registry https://verdaccio.lossless.digital/

# Install dependencies first (better caching)
COPY package.json pnpm-lock.yaml ./
RUN pnpm install

# Copy source and build
COPY .smartconfig.json ./
COPY html/ ./html/
COPY ts_web/ ./ts_web/
COPY ts_interfaces/ ./ts_interfaces/
COPY ts_bundled/ ./ts_bundled/
RUN pnpm run build

## STAGE 2 // production runtime with Deno
FROM denoland/deno:debian AS final
ENV DENO_DIR=/deno-dir

# Install Deno and minimal runtime dependencies
RUN apt-get update && \
    apt-get install -y --no-install-recommends ca-certificates tini && \
    rm -rf /var/lib/apt/lists/*

WORKDIR /app

# Copy only what Deno needs at runtime
COPY deno.json ./
COPY deno.lock ./
COPY mod.ts ./
COPY ts/ ./ts/
COPY ts_interfaces/ ./ts_interfaces/
COPY --from=build /app/ts_bundled/bundle.ts ./ts_bundled/bundle.ts

# Pre-cache Deno dependencies and prepare non-root runtime paths
RUN deno cache mod.ts && \
    groupadd --system objectstorage && \
    useradd --system --gid objectstorage --home-dir /app objectstorage && \
    mkdir -p /data /deno-dir && \
    chown -R objectstorage:objectstorage /app /data /deno-dir

EXPOSE 9000 3000 4433
VOLUME ["/data"]
USER objectstorage
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
  CMD deno eval "const response = await fetch('http://127.0.0.1:3000/readyz'); Deno.exit(response.ok ? 0 : 1);"
ENTRYPOINT ["/usr/bin/tini", "--"]
CMD ["deno", "run", "--allow-all", "mod.ts", "server"]