# -----------------------
# 1. BUILD STAGE
# -----------------------
FROM gcc:13-alpine AS builder

WORKDIR /app

COPY deployment.c .

RUN gcc -O2 -o deployment deployment.c


# -----------------------
# 2. RUNTIME STAGE
# -----------------------
FROM alpine:latest

# Sicherheitsuser anlegen
RUN addgroup -S appgroup && adduser -S appuser -G appgroup

WORKDIR /app

# nur Binary übernehmen
COPY --from=builder /app/deployment /app/deployment

# Output-Verzeichnis
RUN mkdir /output && chown -R appuser:appgroup /output /app

# Non-root User
USER appuser

# Volume für Ausgabe
VOLUME ["/output"]

# Healthcheck (angepasst an dein Programm)
# Falls es nur einmal läuft: alternative prüfen (siehe Hinweis unten)
HEALTHCHECK --interval=30s --timeout=3s \
  CMD test -f /output/output.txt || exit 1

# Start
CMD ["/app/deployment", "10"]