FROM python:3.11-slim

# Cập nhật package list và cài đặt các dependencies cần thiết
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        # Basic system tools
        gcc \
        g++ \
        make \
        git \
        wget \
        curl \
        # Libraries for various functionalities
        libglib2.0-0 \
        libsm6 \
        libxext6 \
        libxrender-dev \
        # Java runtime and compiler (headless version for containers)
        openjdk-17-jdk-headless \
    && rm -rf /var/lib/apt/lists/*

# Set JAVA_HOME environment variable
ENV JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
ENV PATH="$JAVA_HOME/bin:$PATH"

# Minimal JVM settings for extremely limited containers
ENV JAVA_OPTS="-Xms2m -Xmx16m -Djava.awt.headless=true"
# Remove _JAVA_OPTIONS that might cause conflicts

# Verify installations
RUN python3 --version && \
    gcc --version && \
    g++ --version && \
    java -version && \
    javac -version

# Create non-root user
RUN useradd -m -u 1000 user
USER user
ENV PATH="/home/user/.local/bin:$PATH"
WORKDIR /app

# Copy requirements and install Python dependencies
COPY --chown=user ./requirements.txt requirements.txt
RUN pip install --no-cache-dir --upgrade pip && \
    pip install --no-cache-dir --upgrade -r requirements.txt

# Copy application code
COPY --chown=user . /app

# Create temporary directory for code execution (with proper permissions)
RUN mkdir -p /tmp/code_workspace && chmod 755 /tmp/code_workspace

# Expose port
EXPOSE 7860

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
    CMD curl -f http://localhost:7860/health || exit 1

# Start command
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"]