FROM python:3.12-slim

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    MODEL_DIR=/app/models \
    MODEL_VERSION=v1 \
    MODEL_TRACK=blue

WORKDIR /app

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

COPY app ./app
COPY models ./models

RUN groupadd --system --gid 10001 mlops \
    && useradd --system --uid 10001 --gid mlops --home /app --shell /usr/sbin/nologin mlops \
    && chown -R mlops:mlops /app

USER 10001:10001

EXPOSE 8080

CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8080"]
