FROM node:20-alpine AS builder

WORKDIR /app

COPY package.json pnpm-lock.yaml turbo.json pnpm-workspace.yaml ./
COPY packages/api/package.json ./packages/api/
COPY packages/db/package.json ./packages/db/
COPY packages/types/package.json ./packages/types/
COPY packages/core/package.json ./packages/core/ 2>/dev/null || true
COPY packages/jobs/package.json ./packages/jobs/
COPY packages/shared-notifications/package.json ./packages/shared-notifications/
COPY services/darkwatch/package.json ./services/darkwatch/
COPY services/spamshield/package.json ./services/spamshield/
COPY services/voiceprint/package.json ./services/voiceprint/

RUN npm i -g pnpm@9 && pnpm install --frozen-lockfile

COPY tsconfig.json ./
COPY packages/types/tsconfig.json ./packages/types/
COPY packages/db/tsconfig.json ./packages/db/
COPY services/darkwatch/tsconfig.json ./services/darkwatch/
COPY services/darkwatch/ ./services/darkwatch/
COPY packages/types/ ./packages/types/
COPY packages/db/ ./packages/db/

RUN pnpm build --filter=@shieldai/types --filter=@shieldai/db --filter=@shieldai/darkwatch

FROM node:20-alpine AS runner

WORKDIR /app

RUN addgroup --system --gid 1001 nodejs && \
    adduser --system --uid 1001 shieldai

COPY --from=builder --chown=shieldai:nodejs /app/services/darkwatch/dist ./dist
COPY --from=builder --chown=shieldai:nodejs /app/node_modules ./node_modules
COPY --from=builder --chown=shieldai:nodejs /app/services/darkwatch/package.json ./package.json
COPY --from=builder --chown=shieldai:nodejs /app/packages/db ./packages/db

USER shieldai

EXPOSE 3001

CMD ["node", "dist/index.js"]
