FROM python:3.11.3

# Set up a new user named "user" with user ID 1000
RUN useradd -m -u 1000 user

# Switch to the "user" user
USER user

# Set home to the user's home directory
ENV HOME=/home/user \
    PATH=/home/user/.local/bin:$PATH

# Set the working directory to the user's home directory
WORKDIR $HOME

# Get secret OPENAI_API_KEY and clone it as repo at buildtime / changed required to true
RUN --mount=type=secret,id=OPENAI_API_KEY,mode=0444,required=true
# Langsmith tracing integration
RUN --mount=type=secret,id=LANGCHAIN_API_KEY,mode=0444,required=true
# HF private spaces token access
RUN --mount=type=secret,id=HUGGINGFACEHUB_API_TOKEN,mode=0444,required=true \
    cat /run/secrets/HUGGINGFACEHUB_API_TOKEN > /home/user/cli_token
# Azure BING Search AI API
RUN --mount=type=secret,id=BING_SUBSCRIPTION_KEY,mode=0444,required=true

RUN pip install -U "huggingface_hub[cli]" 
RUN git init & git config --global credential.helper store
RUN huggingface-cli login --token $(cat /home/user/cli_token) --add-to-git-credential

# Copy the current directory contents into the container at $HOME/app setting the owner to the user
COPY --chown=user . $HOME

# Clone and run ea4all-agentic-system
RUN git clone https://avfranco:$(cat cli_token)@huggingface.co/spaces/avfranco/ea4all_agentic_live
WORKDIR /home/user/ea4all_agentic_live
RUN pip install --no-cache-dir --upgrade -r requirements.txt
# Install graphviz dependency
USER root
RUN apt-get update \
    && xargs -a packages.txt apt-get install -y \
    && apt-get clean
USER user

CMD ["python","app.py"]