# ── Stage 1: Build ───────────────────────────────────────────────────────────
FROM gcc:14-bookworm AS builder

WORKDIR /build
COPY deployment.c .

RUN gcc -O2 -static -o deployment deployment.c

# ── Stage 2: Runtime ─────────────────────────────────────────────────────────
FROM alpine:3.21

# Alle Pakete auf neuesten Stand bringen → patcht libcrypto3/libssl3 auf 3.3.7-r0
RUN apk update && apk upgrade --no-cache

# Nicht-root-User anlegen
RUN addgroup -S appgroup && adduser -S appuser -G appgroup

# Output-Verzeichnis mit korrekten Rechten anlegen
RUN mkdir /output && chown appuser:appgroup /output

COPY --from=builder /build/deployment /app/deployment

VOLUME ["/output"]
USER appuser
WORKDIR /app

HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
    CMD test -f /output/output.txt && test -s /output/output.txt || exit 1

ENTRYPOINT ["/bin/sh", "-c"]
CMD ["./deployment 10 > /output/output.txt && tail -f /output/output.txt"]