# === BUILD STAGE ===
FROM golang:1.22-alpine AS builder

WORKDIR /app

# Instalar dependencias de compilación si necesario
# RUN apk add --no-cache gcc musl-dev

# Dependencias primero (mejor cache)
COPY go.mod go.sum ./
RUN go mod download && go mod verify

# Código fuente
COPY . .

# Build binario estático
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
    go build -ldflags="-w -s -extldflags '-static'" \
    -o /app/server ./cmd/server

# === RUNTIME STAGE ===
FROM alpine:3.19

# Certificados SSL y timezone
RUN apk --no-cache add ca-certificates tzdata

WORKDIR /app

# Copiar binario
COPY --from=builder /app/server .

# Copiar archivos estáticos/config si necesario
# COPY --from=builder /app/configs ./configs
# COPY --from=builder /app/migrations ./migrations

# Usuario no-root por seguridad
RUN addgroup -g 1001 -S appgroup && \
    adduser -u 1001 -S appuser -G appgroup
USER appuser

# Puerto de la aplicación
EXPOSE 8080

# Healthcheck
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
    CMD wget --no-verbose --tries=1 --spider http://localhost:8080/health || exit 1

# Punto de entrada
ENTRYPOINT ["./server"]