# Stage 1: Build
FROM eclipse-temurin:17-jdk-alpine AS builder

WORKDIR /app

# 设置Maven镜像加速
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories

# 复制Maven相关文件
COPY pom.xml .
COPY common/pom.xml common/
COPY services/sku-match-service/pom.xml services/sku-match-service/

# 下载依赖（利用Docker缓存）
RUN mvn dependency:go-offline -B -f services/sku-match-service/pom.xml

# 复制源代码
COPY . .

# 构建项目
WORKDIR /app/services/sku-match-service
RUN mvn clean package -DskipTests -B

# Stage 2: Runtime
FROM eclipse-temurin:17-jre-alpine

# 安全：创建非root用户
RUN addgroup -g 1001 -S appgroup && \
    adduser -u 1001 -S appuser -G appgroup

WORKDIR /app

# 创建日志目录
RUN mkdir -p /app/logs && chown -R appuser:appgroup /app

# 从构建阶段复制JAR文件
COPY --from=builder /app/services/sku-match-service/target/*.jar app.jar

# 设置文件权限
RUN chown appuser:appgroup app.jar

# 环境变量配置
ENV JAVA_OPTS="-Xms512m -Xmx1024m -XX:+UseG1GC -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs/heapdump.hprof"
ENV SPRING_PROFILES_ACTIVE=prod

# 健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
    CMD wget -q --spider http://localhost:8084/actuator/health || exit 1

# 暴露端口
EXPOSE 8084

# 切换到非root用户
USER appuser

# 启动命令
ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -jar app.jar"]