# Multi-stage Production Dockerfile for MEV Bot
# Optimized for security, performance, and minimal attack surface

# Build stage
FROM golang:1.21-alpine AS builder

# Install build dependencies
RUN apk add --no-cache \
    git \
    ca-certificates \
    tzdata \
    gcc \
    musl-dev

# Set working directory
WORKDIR /build

# Copy go mod files first for better caching
COPY go.mod go.sum ./

# Download dependencies
RUN go mod download && go mod verify

# Copy source code
COPY . .

# Build the application with optimizations
RUN CGO_ENABLED=1 GOOS=linux GOARCH=amd64 \
    go build \
    -a \
    -installsuffix cgo \
    -ldflags='-w -s -extldflags "-static"' \
    -o mev-bot \
    ./cmd/mev-bot

# Generate contract bindings if not already present
RUN if [ ! -d "bindings" ] || [ -z "$(ls -A bindings)" ]; then \
        echo "Generating contract bindings..." && \
        make generate-bindings || echo "Warning: Could not generate bindings"; \
    fi

# Test stage (optional, can be skipped in production builds)
FROM builder AS tester
RUN go test -v ./... -short

# Production stage
FROM alpine:3.18 AS production

# Install runtime dependencies
RUN apk add --no-cache \
    ca-certificates \
    tzdata \
    curl \
    && update-ca-certificates

# Create non-root user for security
RUN addgroup -g 1001 -S mevbot && \
    adduser -u 1001 -S mevbot -G mevbot

# Set working directory
WORKDIR /app

# Copy binary from builder
COPY --from=builder /build/mev-bot /app/mev-bot

# Copy configuration files
COPY --from=builder /build/config /app/config
COPY --from=builder /build/bindings /app/bindings

# Create necessary directories
RUN mkdir -p /app/data /app/logs /app/keys && \
    chown -R mevbot:mevbot /app

# Create health check script
RUN echo '#!/bin/sh' > /app/healthcheck.sh && \
    echo 'curl -f http://localhost:8080/health || exit 1' >> /app/healthcheck.sh && \
    chmod +x /app/healthcheck.sh

# Switch to non-root user
USER mevbot

# Expose ports
EXPOSE 8080 9090

# Set environment variables
ENV GO_ENV=production \
    LOG_LEVEL=info \
    LOG_FORMAT=json \
    METRICS_ENABLED=true \
    METRICS_PORT=9090

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
    CMD ["/app/healthcheck.sh"]

# Default command
CMD ["/app/mev-bot", "start"]

# Development stage (for local development)
FROM golang:1.21-alpine AS development

# Install development tools
RUN apk add --no-cache \
    git \
    ca-certificates \
    gcc \
    musl-dev \
    make \
    bash \
    curl \
    jq

# Install Go tools
RUN go install github.com/air-verse/air@latest && \
    go install github.com/ethereum/go-ethereum/cmd/abigen@latest

# Set working directory
WORKDIR /app

# Copy go mod files
COPY go.mod go.sum ./

# Download dependencies
RUN go mod download

# Copy source code
COPY . .

# Create necessary directories
RUN mkdir -p /app/data /app/logs /app/keys

# Expose ports for development
EXPOSE 8080 9090 2345

# Set development environment
ENV GO_ENV=development \
    LOG_LEVEL=debug \
    DEBUG=true

# Default command for development (with hot reload)
CMD ["air", "-c", ".air.toml"]