# Use an official Python runtime as a parent image
FROM python:3.11-slim

# Create a non-root user 'appuser' with home directory /home/appuser
RUN useradd -m appuser

# Set a working directory for copying requirements initially as root
WORKDIR /app

# Copy only the requirements file, to cache the pip install step
COPY ./ /app/

# Install Python dependencies
RUN pip install --no-cache-dir -r /app/requirements.txt

# Switch to the non-root user
USER appuser

# Set environment variables for the non-root user
ENV HOME /home/appuser

# Set the working directory to the non-root user's home directory
WORKDIR $HOME

# Create an 'app' directory under the non-root user's home directory and change workdir to it
RUN mkdir app
WORKDIR $HOME/app

# Copy the application files from host to container, ensuring correct ownership
COPY --chown=appuser:appuser ./ $HOME/app/

# Expose the port the app runs on
EXPOSE 8501

# Define the command to run the app
CMD ["streamlit", "run", "app.py", "--server.address=0.0.0.0"]