spicebook/backend/Dockerfile

FROM ghcr.io/astral-sh/uv:python3.12-bookworm-slim AS base

# System dependencies -- ngspice is required for simulation
RUN apt-get update && \
    apt-get install -y --no-install-recommends ngspice && \
    rm -rf /var/lib/apt/lists/*

WORKDIR /app

# Copy dependency metadata first for layer caching
COPY pyproject.toml ./

# ---------------------------------------------------------------------------
# Development target
# ---------------------------------------------------------------------------
FROM base AS dev

# Install in editable mode (source mounted via docker-compose volume)
RUN --mount=type=cache,target=/root/.cache/uv \
    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
    uv pip install --system -e ".[dev]"

# Copy source for initial build (overridden by volume mount in dev)
COPY src/ ./src/

EXPOSE 8000

CMD ["uv", "run", "uvicorn", "spicebook.main:app", "--host", "0.0.0.0", "--port", "8000", "--reload"]

# ---------------------------------------------------------------------------
# Production target
# ---------------------------------------------------------------------------
FROM base AS prod

ENV UV_COMPILE_BYTECODE=1

# Install dependencies first (no source yet -- better caching)
RUN --mount=type=cache,target=/root/.cache/uv \
    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
    uv pip install --system .

COPY src/ ./src/

# Re-install with source to get the package registered
RUN --mount=type=cache,target=/root/.cache/uv \
    uv pip install --system .

# Run as non-root
RUN useradd --create-home --shell /bin/bash spicebook && \
    mkdir -p /app/notebooks/user /app/notebooks/examples && \
    chown -R spicebook:spicebook /app/notebooks
USER spicebook

EXPOSE 8000

CMD ["python", "-m", "uvicorn", "spicebook.main:app", "--host", "0.0.0.0", "--port", "8000"]