# syntax=docker/dockerfile:1
FROM node:22-alpine AS ui-builder

WORKDIR /src/web
COPY web/package*.json ./
RUN npm ci
COPY web/ ./
RUN npm run build

FROM --platform=$BUILDPLATFORM golang:1.25.0 AS builder

WORKDIR /src
COPY go.mod go.sum ./
RUN go mod download

COPY . .
COPY --from=ui-builder /src/web/dist ./internal/server/ui-dist

ARG TARGETOS
ARG TARGETARCH
RUN CGO_ENABLED=0 \
	GOOS=${TARGETOS:-linux} \
	GOARCH=${TARGETARCH:-$(go env GOARCH)} \
	go build -trimpath -ldflags="-s -w" -o /out/soteria ./cmd/soteria

FROM gcr.io/distroless/static-debian12:nonroot
COPY --from=builder /out/soteria /soteria
USER 65532:65532
EXPOSE 8080
ENTRYPOINT ["/soteria"]