# vim: filetype=dockerfile
FROM chewingbever/fej-builder:latest AS backend-builder

COPY --chown=builder:builder Cargo.toml Cargo.lock ./
COPY --chown=builder:builder src/ ./src/
COPY --chown=builder:builder migrations/ ./migrations/

# And then finally, build the project
# Thank the lords that this article exists
# https://users.rust-lang.org/t/sigsegv-with-program-linked-against-openssl-in-an-alpine-container/52172
# TODO add what these flags do & why they work
# NOTE: cargo install auto-appends bin to the path

# RUN --mount=type=cache,mode=0777,target=/app/target \
#     --mount=type=cache,mode=0777,target=/app/.cargo/registry \

# Buildkit cache mounts really don't like it when you're not root,
# so I guess we're building release without a cache for now
RUN cargo install \
    --path . \
    --root /app/output \
    --target x86_64-unknown-linux-musl \
    --features frontend


FROM node:17-alpine3.13 AS frontend-builder

COPY ./web /app
WORKDIR /app

# Build the frontend
RUN yarn install && \
    yarn run build


# Now, we create the actual image
FROM alpine:3.13.5
COPY ./docker/crontab /var/spool/cron/crontabs/fej

# Install some dynamic libraries needed for everything to work
# Create -non-root user
# Change permissions for crontab file
RUN apk update && \
    apk add --no-cache \
        curl \
        libgcc \
        libpq \
        openssl && \
    addgroup -S fej && \
    adduser -S fej -G fej -h /app

# Switch to non-root user
USER fej:fej

# Copy binary & frontend over to final image
COPY --from=backend-builder --chown=fej:fej /app/output/bin /app/bin
COPY --from=frontend-builder --chown=fej:fej /app/dist /app/dist

# Embed config file inside container
# The workdir is changed so that the config file is read properly
WORKDIR /app
COPY --chown=fej:fej Rocket.toml /app/Rocket.toml

HEALTHCHECK \
    --interval=10s \
    --timeout=5s \
    --start-period=1s \
    --retries=3 \
    CMD curl -q localhost:8000

ENTRYPOINT ["/app/bin/server"]