# Client/frontend build in an isolated stage
# We use node:latest as the base image.
# Essentially we build the frontend SPA with vite and 
# make it available in the public directory.
FROM docker.io/node:latest as client
WORKDIR /build
ADD client-solid /build
RUN npm install
RUN npm run build

# Builds the server in an isolated stage
# We use musl to get a truly static binary
# that runs cleanly without depending on glibc.
FROM docker.io/rust:latest as builder
RUN apt update
RUN apt install musl musl-dev musl-tools -y
RUN rustup target add x86_64-unknown-linux-musl

# Some hacks to make podman cache build deps, see: 
# https://whitfin.io/blog/speeding-up-rust-docker-builds/
RUN cargo new build-container
WORKDIR /build-container
COPY server/Cargo.toml server/Cargo.lock ./
RUN cargo build --target x86_64-unknown-linux-musl --release
RUN rm src/*.rs
ADD server /build-container

RUN cargo build --target x86_64-unknown-linux-musl --release

# Final stage, copy the server binary and the frontend build
# This stage is the actual container, and is based on alpine
# a minimal linux distribution resulting in a small image.
FROM docker.io/alpine:latest as runner

# Add a non-root user for running the server
RUN addgroup -S user && adduser -S user -G user

WORKDIR /runner
# Copy the server binary and the public directory
COPY --from=builder /build-container/target/x86_64-unknown-linux-musl/release/server /runner/server
# Copy the frontend SPA build into public
COPY --from=client /build/dist /runner/public

# Make sure the user can access the files
RUN chown -R user:user /runner
USER user

# Run the server
EXPOSE 8080
CMD ["./server"]