# Minimal Dockerfile avoiding RUN commands that trigger overlayfs issues
FROM docker.io/library/golang:1.23-alpine

LABEL maintainer="ardenone"
LABEL description="Z.AI API proxy with token injection and Prometheus metrics"

WORKDIR /app

# Copy go modules and source
COPY go.mod go.sum* ./
COPY *.go ./
COPY VERSION ./

# Build the binary (this RUN might work better than apk)
RUN go mod download && \
    VERSION=$(cat VERSION 2>/dev/null || echo "unknown") && \
    COMMIT=${GIT_COMMIT:-$(git rev-parse HEAD 2>/dev/null || echo "unknown")} && \
    BUILD_TIME=$(date -u +%Y-%m-%dT%H:%M:%SZ) && \
    CGO_ENABLED=0 GOOS=linux go build -mod=mod \
        -ldflags="-s -w -X main.version=$VERSION -X main.commit=$COMMIT -X main.buildTime=$BUILD_TIME" \
        -o zai-proxy .

# The golang:1.23-alpine image already has ca-certificates and apk
RUN apk add --no-cache ca-certificates && \
    adduser -D -u 1000 proxyuser && \
    chmod +x zai-proxy && \
    chown proxyuser:proxyuser zai-proxy

USER proxyuser

EXPOSE 8080

HEALTHCHECK --interval=30s --timeout=5s --start-period=5s --retries=3 \
    CMD wget -q --spider http://localhost:8080/health || exit 1

ENTRYPOINT ["/zai-proxy"]