# Build stage
FROM node:23.7.0-alpine AS builder
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

# Production stage
FROM node:23.7.0-alpine

# Install dependencies with versions
RUN apk add --no-cache \
    redis \
    mysql \
    mysql-client \
    tmux

# Create non-root user
RUN addgroup -S appgroup && adduser -S appuser -G appgroup

# Setup MySQL
RUN mkdir -p /run/mysqld && \
    chown -R mysql:mysql /run/mysqld && \
    mysql_install_db --user=mysql --datadir=/var/lib/mysql

WORKDIR /usr/src/app
COPY --from=builder /usr/src/app/dist ./dist
COPY --from=builder /usr/src/app/package*.json ./
COPY docker-start.sh ./dist/start.sh

RUN npm ci --only=production && \
    chmod +x ./dist/start.sh && \
    chown -R appuser:appgroup .

USER appuser

EXPOSE 80 6379 3306

HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
    CMD mysqladmin ping -h localhost || exit 1

CMD ["./dist/start.sh"]