FROM python:3.12-slim

# Update system packages for security and install build dependencies for psutil
RUN apt-get update && apt-get upgrade -y && apt-get install -y \
    gcc \
    python3-dev \
    && rm -rf /var/lib/apt/lists/*

# Install Python dependencies
RUN pip install --no-cache-dir \
    psutil==5.9.5 \
    qdrant-client>=1.7.0 \
    openai>=1.0.0 \
    backoff>=2.2.0 \
    requests>=2.31.0 \
    tqdm>=4.66.0 \
    voyageai>=0.2.0 \
    fastembed>=0.4.0

# Create non-root user
RUN useradd -m -u 1000 watcher

# Pre-download FastEmbed model to avoid runtime downloads
RUN mkdir -p /home/watcher/.cache && \
    FASTEMBED_CACHE_PATH=/home/watcher/.cache/fastembed python -c "from fastembed import TextEmbedding; import os; os.environ['FASTEMBED_CACHE_PATH']='/home/watcher/.cache/fastembed'; TextEmbedding('sentence-transformers/all-MiniLM-L6-v2')" && \
    chown -R watcher:watcher /home/watcher/.cache

# Create scripts directory and copy required files
RUN mkdir -p /scripts

# Copy all necessary scripts
COPY scripts/import-conversations-unified.py /scripts/
COPY scripts/import-watcher.py /scripts/
COPY scripts/utils.py /scripts/
COPY scripts/trigger-import.py /scripts/

RUN chmod +x /scripts/*.py

# Set working directory
WORKDIR /app

# Switch to non-root user
USER watcher

# Default command
CMD ["python", "/scripts/import-watcher.py"]