# =============================================================================
# NetBox MCP Server
#
# Image Docker pour le serveur MCP NetBox (Model Context Protocol)
# Permet l'interaction read-only avec NetBox via LLMs
# Source: https://github.com/netboxlabs/netbox-mcp-server
# =============================================================================

ARG NETBOX_MCP_VERSION=1.0.0

# -----------------------------------------------------------------------------
# Stage 1: Builder
# -----------------------------------------------------------------------------
FROM python:3.13-alpine3.21 AS builder

ARG NETBOX_MCP_VERSION

RUN apk add --no-cache git \
    && pip install --root-user-action=ignore --no-cache-dir --upgrade pip \
    && pip install --root-user-action=ignore --no-cache-dir uv

ENV UV_LINK_MODE=copy
ENV UV_PYTHON_PREFERENCE=only-system

WORKDIR /app

# Clone le repo à la version spécifiée
RUN git clone --depth 1 --branch v${NETBOX_MCP_VERSION} \
    https://github.com/netboxlabs/netbox-mcp-server.git .

# Sync des dépendances avec cache uv
RUN --mount=type=cache,target=/root/.cache/uv \
    uv sync --locked --no-dev

# -----------------------------------------------------------------------------
# Stage 2: Runtime
# -----------------------------------------------------------------------------
FROM python:3.13-alpine3.21

LABEL maintainer="Damien Arnodo"
LABEL org.opencontainers.image.title="NetBox MCP Server"
LABEL org.opencontainers.image.description="A read-only MCP server for NetBox"
LABEL org.opencontainers.image.url="https://github.com/netboxlabs/netbox-mcp-server"
LABEL org.opencontainers.image.source="https://github.com/netboxlabs/netbox-mcp-server"
LABEL org.opencontainers.image.licenses="Apache-2.0"

ENV PYTHONUNBUFFERED=1

RUN apk add --no-cache ca-certificates \
    && addgroup -g 1000 appuser \
    && adduser -D -u 1000 -G appuser appuser

COPY --from=builder --chown=appuser:appuser /app /app

WORKDIR /app
USER appuser

ENV PATH="/app/.venv/bin:$PATH"

EXPOSE 8000

CMD ["netbox-mcp-server"]
