FROM python:3.10

# Install setuptools properly first before any other packages
RUN pip uninstall -y setuptools && \
    pip install --no-cache-dir setuptools && \
    # Force reinstall to ensure correct setup
    pip install --no-cache-dir --force-reinstall setuptools

# Prevent distutils issues
ENV SETUPTOOLS_USE_DISTUTILS=stdlib

# Create sitecustomize.py to ensure setuptools is imported before distutils
RUN echo 'import setuptools' > /usr/local/lib/python3.10/site-packages/sitecustomize.py

# Create a working directory
WORKDIR /app

# Copy your code
COPY . /app

# Install dependencies
RUN pip install --no-cache-dir -r requirements.txt

# Create necessary directories with appropriate permissions
RUN mkdir -p /app/.phoenix && \
    chmod -R 777 /app/.phoenix

# Ensure Guardrails hub directory is properly initialized
RUN pip install guardrails-ai && \
    mkdir -p /usr/local/lib/python3.10/site-packages/guardrails_grhub_detect_jailbreak && \
    touch /usr/local/lib/python3.10/site-packages/guardrails_grhub_detect_jailbreak/__init__.py && \
    chmod -R 777 /usr/local/lib/python3.10/site-packages/guardrails_grhub_detect_jailbreak

# Fix permissions for Guardrails directories
RUN mkdir -p /usr/local/lib/python3.10/site-packages/guardrails/hub && \
    mkdir -p /usr/local/lib/python3.10/site-packages/guardrails/.locks && \
    chmod -R 777 /usr/local/lib/python3.10/site-packages/guardrails/hub && \
    chmod -R 777 /usr/local/lib/python3.10/site-packages/guardrails/.locks

# Create a fallback implementation for detect_jailbreak and toxic_language
RUN mkdir -p /app/guardrails_fallback
RUN echo 'class DetectJailbreak:\n    def __init__(self, *args, **kwargs):\n        print("Using fallback DetectJailbreak implementation")\n        pass\n\nclass ToxicLanguage:\n    def __init__(self, *args, **kwargs):\n        print("Using fallback ToxicLanguage implementation")\n        pass' > /app/guardrails_fallback/__init__.py

# Create a non-root user to run the app
RUN useradd -m -u 1000 appuser

# Create a startup script
RUN echo '#!/bin/bash\n\
# Create Python module directories if they don\'t exist\n\
mkdir -p /app/src/llamaindex_app\n\
touch /app/src/__init__.py\n\
touch /app/src/llamaindex_app/__init__.py\n\
\n\
# Add guardrails fallback to Python path\n\
export PYTHONPATH="/app:$PYTHONPATH"\n\
\n\
# Fix permissions for Guardrails directories\n\
if [ -d "/usr/local/lib/python3.10/site-packages/guardrails/hub" ]; then\n\
  chown -R $(id -un):$(id -gn) /usr/local/lib/python3.10/site-packages/guardrails/hub\n\
fi\n\
\n\
if [ -d "/usr/local/lib/python3.10/site-packages/guardrails/.locks" ]; then\n\
  chown -R $(id -un):$(id -gn) /usr/local/lib/python3.10/site-packages/guardrails/.locks\n\
fi\n\
\n\
# Try to get Guardrails token from environment\n\
if [ ! -z "$GUARDRAILS_TOKEN" ]; then\n\
  echo "Configuring Guardrails with provided token..."\n\
  guardrails configure --enable-metrics --enable-remote-inferencing --token "$GUARDRAILS_TOKEN"\n\
  \n\
  # Install specific validators\n\
  echo "Installing Guardrails validators..."\n\
  guardrails hub install hub://guardrails/detect_jailbreak\n\
  guardrails hub install hub://guardrails/toxic_language\n\
else\n\
  echo "No GUARDRAILS_TOKEN found, skipping configuration"\n\
fi\n\
\n\
# Patch any import issues\n\
find /app -name "*.py" -type f -exec grep -l "from guardrails.hub import DetectJailbreak\|from guardrails.hub import ToxicLanguage" {} \\; | while read file; do\n\
  echo "Adding fallback for guardrails imports in $file..."\n\
  sed -i "s/from guardrails.hub import DetectJailbreak/try:\\n    from guardrails.hub import DetectJailbreak\\nexcept ImportError:\\n    print(\\"WARNING: Using fallback DetectJailbreak implementation\\")\\n    from guardrails_fallback import DetectJailbreak/g" "$file"\n\
  sed -i "s/from guardrails.hub import ToxicLanguage/try:\\n    from guardrails.hub import ToxicLanguage\\nexcept ImportError:\\n    print(\\"WARNING: Using fallback ToxicLanguage implementation\\")\\n    from guardrails_fallback import ToxicLanguage/g" "$file"\n\
done\n\
\n\
echo "Starting Streamlit app..."\n\
exec streamlit run /app/app_launcher.py --server.port 7860 --server.address 0.0.0.0\n\
' > /app/startup.sh

# Make the startup script executable
RUN chmod +x /app/startup.sh

# Change ownership of all files to the non-root user
RUN chown -R appuser:appuser /app
RUN chmod -R 755 /app

# Pre-create the guardrails config directory with proper permissions
RUN mkdir -p /home/appuser/.guardrails && \
    chown -R appuser:appuser /home/appuser/.guardrails

# Expose the port for Streamlit
EXPOSE 7860

# Switch to the non-root user
USER appuser

# Launch the startup script
CMD ["/app/startup.sh"]