FROM node:24.0.1-alpine

WORKDIR /usr/src/app

# Install system dependencies
RUN apk add --no-cache \
    git \
    bash \
    curl \
    sudo

# Give sudo permissions to the developer user
RUN echo '%developer ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers.d/developer && \
    chmod 0440 /etc/sudoers.d/developer

# Configure user permissions
ARG USER_ID=1000
ARG GROUP_ID=1000

# Create a user with matching UID/GID
RUN if ! getent group $GROUP_ID > /dev/null 2>&1; then \
        addgroup -g $GROUP_ID developer; \
    else \
        addgroup developer; \
    fi && \
    if ! getent passwd $USER_ID > /dev/null 2>&1; then \
        adduser -D -u $USER_ID -G developer -s /bin/sh developer; \
    else \
        adduser -D -G developer -s /bin/sh developer; \
    fi

RUN chown -R $USER_ID:$GROUP_ID /usr/src/app

USER $USER_ID:$GROUP_ID

# Expose port 3000 for NestJS
EXPOSE 3000

CMD ["npm", "run", "start:dev"]