# 多阶段构建：生产镜像仅含二进制与 ai_config.json，敏感配置通过运行时环境变量或 env_file 注入（勿将 .env.production 打入镜像）
FROM golang:1.24-alpine AS builder
WORKDIR /src
RUN apk add --no-cache git ca-certificates
ENV GOTOOLCHAIN=auto
COPY go.mod go.sum ./
RUN go mod download
COPY . .
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o /out/server ./cmd/server

FROM alpine:3.21
RUN apk --no-cache add ca-certificates tzdata
ENV TZ=Asia/Shanghai
WORKDIR /app
COPY --from=builder /out/server .
COPY ai_config.json ./
EXPOSE 5002
ENV APP_ENV=production
ENV APP_PORT=5002
CMD ["./server"]