# base environment
FROM node:22.4.1-alpine3.20 AS base-stage
RUN mkdir /app && chown -R node:node /app
WORKDIR /app
ENV PNPM_HOME="/pnpm"
ENV PATH="$PNPM_HOME:$PATH"
RUN corepack enable

# dependency environment
FROM base-stage AS dependency-stage
USER node
COPY --link --chown=1000:1000 package*.json pnpm-lock.yaml ./
RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --frozen-lockfile

# test stage to stop at for testing
FROM dependency-stage AS all-source-stage
COPY --link --chown=1000:1000 . .

# lint
FROM all-source-stage AS lint
RUN npm run lint -- --no-fix

# test-e2e
FROM all-source-stage AS test-e2e
USER root
RUN mkdir /keys
USER node
RUN --mount=type=secret,id=cookies,target=/keys/cookies.json,uid=1000,gid=1000,required=true \
  --mount=type=secret,id=jwks,target=/keys/jwks.json,uid=1000,gid=1000,required=true \
  npm run test:e2e:cov -- --ci --json --testLocationInResults --outputFile=/tmp/report.json

# Just the e2e report file
FROM scratch AS test-stage
COPY --link --from=test-e2e /tmp/report.json /

# build environment
FROM dependency-stage AS build-stage
COPY --link --chown=1000:1000 . .
RUN npm run build

# prod dependency environment
FROM build-stage AS production-dependency-stage
RUN npm prune --production

# production environment
FROM base-stage AS production-stage
RUN apk add --no-cache tini
USER node

COPY --link --chown=1000:1000 --from=production-dependency-stage /app /app

ENV NODE_ENV=production

ENTRYPOINT ["/sbin/tini", "--"]
CMD ["node", "/app/.dist/src/main.js"]

ARG VERSION
ENV VERSION=${VERSION}