# 多阶段构建 - 构建阶段
FROM maven:3.8.6-openjdk-17-slim AS builder

# 设置工作目录
WORKDIR /app

# 复制 pom.xml 和源代码
COPY pom.xml .
COPY ../pom.xml ../pom.xml
COPY src ./src

# 构建应用
RUN mvn clean package -DskipTests

# 运行阶段
FROM openjdk:17-jre-alpine

# 设置时区和安装必要工具
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
    echo 'Asia/Shanghai' >/etc/timezone && \
    apk add --no-cache curl && \
    addgroup -g 1000 appgroup && \
    adduser -D -s /bin/sh -u 1000 -G appgroup appuser

# 创建应用目录
RUN mkdir -p /app/logs && \
    chown -R appuser:appgroup /app

# 复制构建好的 jar 包
COPY --from=builder /app/target/crm-mcp-*.jar /app/crm-mcp.jar
COPY --chown=appuser:appgroup --from=builder /app/target/crm-mcp-*.jar /app/crm-mcp.jar

# 切换到非 root 用户
USER appuser

# 设置工作目录
WORKDIR /app

# 暴露端口
EXPOSE 8080

# 健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
    CMD curl -f http://localhost:8080/actuator/health || exit 1

# 设置 JVM 参数和启动命令
CMD ["java", \
     "-Xms512m", \
     "-Xmx1024m", \
     "-XX:+UseG1GC", \
     "-XX:+UseContainerSupport", \
     "-XX:MaxRAMPercentage=75.0", \
     "-Dspring.profiles.active=prod", \
     "-Dspring.ai.mcp.server.stdio=false", \
     "-Djava.security.egd=file:/dev/./urandom", \
     "-jar", \
     "crm-mcp.jar"]