# PIR Service — Multi-Stage Docker Build
#
# Stage 1 (builder): Swift 6.2-noble — kompiliert PIRProcessDatabase + PIRService
# Stage 2 (runtime): swift:6.2-noble-slim — minimales Runtime-Image mit Swift-Libs
#
# Build-Kontext: /srv/pir-build/   (enthält pir-service-example/ + swift-homomorphic-encryption/)
# Anmerkung: swift:6.2-noble-slim enthält alle Swift-Runtime-Libs (~300 MB),
#            ist aber OHNE Swift-Toolchain (kein swiftc, kein spm).

# ── Stage 1: Builder ────────────────────────────────────────────────────────
FROM swift:6.2-noble AS builder

WORKDIR /build

# swift-homomorphic-encryption → PIRProcessDatabase bauen
COPY swift-homomorphic-encryption/ ./swift-homomorphic-encryption/
RUN cd swift-homomorphic-encryption && \
    swift build -c release --product PIRProcessDatabase 2>&1 && \
    cp .build/release/PIRProcessDatabase /usr/local/bin/PIRProcessDatabase

# pir-service-example → PIRService + ConstructDatabase bauen
COPY pir-service-example/ ./pir-service-example/
RUN cd pir-service-example && \
    swift build -c release --product PIRService 2>&1 && \
    swift build -c release --product ConstructDatabase 2>&1 && \
    cp .build/release/PIRService /usr/local/bin/PIRService && \
    cp .build/release/ConstructDatabase /usr/local/bin/ConstructDatabase

# ── Stage 2: Runtime ─────────────────────────────────────────────────────────
# swift:6.2-noble enthält alle Swift-Runtime-Libs — kein manueller Lib-Transfer nötig
FROM swift:6.2-noble AS runtime

# Nur die Binaries aus dem Builder-Stage kopieren
COPY --from=builder /usr/local/bin/PIRService /usr/local/bin/PIRService
COPY --from=builder /usr/local/bin/PIRProcessDatabase /usr/local/bin/PIRProcessDatabase
COPY --from=builder /usr/local/bin/ConstructDatabase /usr/local/bin/ConstructDatabase

# Verzeichnisse: /data = DB-Artifacts, /config = service-config.json
RUN mkdir -p /data /config

WORKDIR /data

EXPOSE 8090

# service-config.json wird via Volume gemountet (/config/service-config.json)
# Daten-Artifacts werden via Volume gemountet (/data/)
CMD ["PIRService", "--hostname", "0.0.0.0", "--port", "8090", "/config/service-config.json"]
