FROM python:3.11-slim-bullseye AS base

ENV AURA_UID=2872
ENV POETRY_CACHE_DIR=/app/.cache
ENV POETRY_HOME=/opt/poetry
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1
ENV PATH="${POETRY_HOME}/bin:${PATH}"

WORKDIR /app

COPY poetry.lock pyproject.toml /app/

RUN apt-get update && \
    apt-get install --yes --no-install-recommends curl gcc graphviz ldap-utils libldap2-dev \
    libmagic1 libsasl2-dev && \
    python -m venv ${POETRY_HOME} && \
    pip install --no-cache-dir poetry==1.8.2 && \
    poetry install && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

EXPOSE 8000

FROM base AS dev

COPY . .

VOLUME ["/app"]

# run with Django’s development server
CMD ["run.dev"]

FROM base AS prod

COPY . .

RUN adduser --home /app --no-create-home --system --uid ${AURA_UID} --group app && \
    # static and site_media are named volumes which we use across multiple
    # containers. We therefore create them here and set the permissions right away
    # since named volumes otherwise create these directories themself as the root
    # user.
    mkdir -p /app/site_media /app/static /app/logs && \
    chmod +x /app/entrypoint.sh && \
    chown -R app:app /app

USER app

# run with gunicorn
CMD ["run.prod"]

ENTRYPOINT ["/app/entrypoint.sh"]