FROM docker.io/golang:1.25.7-trixie AS builder

# Build argument to enable Stripe billing integration
# Usage: docker build --build-arg BILLING_ENABLED=true -f Dockerfile.hold .
ARG BILLING_ENABLED=false

ENV DEBIAN_FRONTEND=noninteractive

RUN apt-get update && \
    apt-get install -y --no-install-recommends sqlite3 libsqlite3-dev nodejs npm && \
    rm -rf /var/lib/apt/lists/*

WORKDIR /build

COPY go.mod go.sum ./
RUN go mod download

COPY . .

# Build frontend assets (Tailwind CSS, JS bundle, SVG icons)
RUN npm ci
RUN go generate ./...

# Conditionally add billing tag based on build arg
RUN if [ "$BILLING_ENABLED" = "true" ]; then \
      echo "Building with Stripe billing support"; \
      CGO_ENABLED=1 go build \
        -ldflags="-s -w -linkmode external -extldflags '-static'" \
        -tags "sqlite_omit_load_extension,billing" \
        -trimpath \
        -o atcr-hold ./cmd/hold; \
    else \
      echo "Building without billing support"; \
      CGO_ENABLED=1 go build \
        -ldflags="-s -w -linkmode external -extldflags '-static'" \
        -tags sqlite_omit_load_extension \
        -trimpath \
        -o atcr-hold ./cmd/hold; \
    fi

RUN CGO_ENABLED=0 go build \
    -ldflags="-s -w" \
    -trimpath \
    -o healthcheck ./cmd/healthcheck

# ==========================================
# Stage 2: Minimal FROM scratch runtime
# ==========================================
FROM scratch

# Copy CA certificates for HTTPS (PDS connections)
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
# Copy timezone data for timestamp formatting
COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
# Copy optimized binary (SQLite embedded)
COPY --from=builder /build/atcr-hold /atcr-hold
COPY --from=builder /build/healthcheck /healthcheck

# Expose default port
EXPOSE 8080

# OCI image annotations
LABEL org.opencontainers.image.title="ATCR Hold Service" \
      org.opencontainers.image.description="ATCR Hold Service - Bring Your Own Storage component for ATCR" \
      org.opencontainers.image.authors="ATCR Contributors" \
      org.opencontainers.image.source="https://tangled.org/evan.jarrett.net/at-container-registry" \
      org.opencontainers.image.documentation="https://tangled.org/evan.jarrett.net/at-container-registry" \
      org.opencontainers.image.licenses="MIT" \
      org.opencontainers.image.version="0.1.0" \
      io.atcr.icon="https://imgs.blue/evan.jarrett.net/1TpTOdtS60GdJWBYEqtK22y688jajbQ9a5kbYRFtwuqrkBAE" \
      io.atcr.readme="https://tangled.org/evan.jarrett.net/at-container-registry/raw/main/docs/hold.md"

ENTRYPOINT ["/atcr-hold"]
CMD ["serve"]