# Stage 1: Build the application
# Use a specific version of the golang alpine image for reproducibility
FROM golang:1.22-alpine AS builder

# Set the Current Working Directory inside the container
WORKDIR /app

# Copy go.mod and go.sum files to leverage Docker cache
COPY go.mod ./
# The go.sum file is not present, but it's a good practice to copy it if it were.
# COPY go.sum ./ 

# Download all dependencies. Dependencies will be cached if the go.mod file is not changed
RUN go mod download

# Copy the source code into the container
COPY . .

# Build the Go application as a static binary
# -ldflags="-w -s" strips debug information, reducing the binary size
# CGO_ENABLED=0 is crucial for creating a static binary that can run in a minimal container like alpine
RUN CGO_ENABLED=0 GOOS=linux go build -a -ldflags="-w -s" -o /gemini-proxy .

# Stage 2: Create the final, small image
FROM alpine:latest

# Create a non-root user and group for security
RUN addgroup -S appgroup && adduser -S appuser -G appgroup

# Copy the pre-built binary from the builder stage
COPY --from=builder /gemini-proxy /gemini-proxy

# Expose port 8080, which the application listens on
EXPOSE 8080

# Switch to the non-root user
USER appuser

# The command to run when the container starts
CMD ["/gemini-proxy"]
