FROM python:3.12-slim

WORKDIR /app

# Install system deps for underthesea / numpy + dumb-init
RUN apt-get update && \
    apt-get install -y --no-install-recommends gcc g++ dumb-init && \
    rm -rf /var/lib/apt/lists/*

COPY pyproject.toml .
# Install core deps first, then underthesea separately (may need build tools)
# underthesea 6.8.0 needs maturin/Rust — try pre-built wheel, fallback to 6.8.4 or skip NLP
RUN pip install --no-cache-dir \
    "fastapi==0.115.0" \
    "uvicorn[standard]==0.32.0" \
    "xgboost==2.1.0" \
    "numpy==1.26.4" \
    "pydantic==2.9.0" \
    "pydantic-settings==2.5.0" \
    "httpx==0.27.0" \
    "slowapi==0.1.9" && \
    (pip install --no-cache-dir "underthesea==6.8.0" 2>/dev/null || \
     pip install --no-cache-dir "underthesea" 2>/dev/null || \
     echo "WARNING: underthesea install failed, NLP features disabled")

COPY app/ ./app/

# Pre-download underthesea models at build time
RUN python -c "from underthesea import word_tokenize; word_tokenize('test')" 2>/dev/null || true

RUN useradd --create-home --shell /bin/bash appuser && chown -R appuser:appuser /app

EXPOSE 8000

HEALTHCHECK --interval=30s --timeout=5s --start-period=15s --retries=3 \
    CMD python -c "import httpx; httpx.get('http://localhost:8000/health').raise_for_status()"

USER appuser

ENTRYPOINT ["dumb-init", "--"]
CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--timeout-graceful-shutdown", "30"]