From d1c6ab22cf2fb291a28904911ca592cef711b891 Mon Sep 17 00:00:00 2001
From: Michel NAUD <michel.naud26400@gmail.com>
Date: Thu, 12 Mar 2026 13:31:31 +0100
Subject: [PATCH 1/2] system - optimize docker image size

---
 CHANGELOG.md           |  1 +
 backend/.dockerignore  |  3 +++
 backend/Dockerfile     | 26 +++++++++++++++++---------
 frontend/.dockerignore |  1 +
 4 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 05a2800..164de36 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,3 +10,4 @@
 - ADDED login/logout notifications
 - FIXED system - customer deploy stack name
 - ADDED calandar - planning view (default for mobile)
+- CHANGED system - optimize docker image size
diff --git a/backend/.dockerignore b/backend/.dockerignore
index aa58f88..72fb7bc 100644
--- a/backend/.dockerignore
+++ b/backend/.dockerignore
@@ -15,3 +15,6 @@ uploads/
 .git
 .gitignore
 Dockerfile
+*.md
+doc/
+plans/
diff --git a/backend/Dockerfile b/backend/Dockerfile
index cff5a08..3f1f4fc 100644
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -1,4 +1,4 @@
-# ---- Base: shared setup ----
+# ---- Base: shared setup (used by dev + build) ----
 FROM python:3.12-slim AS base
 
 COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
@@ -19,22 +19,30 @@ EXPOSE 8000
 ENTRYPOINT ["/app/entrypoint.sh"]
 CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--reload"]
 
-# ---- Prod: deps + source ----
-FROM base AS prod
+# ---- Build: install deps + source (intermediate stage) ----
+FROM base AS build
+
+COPY pyproject.toml uv.lock* ./
+RUN uv sync --frozen --no-dev --no-install-project
+
+COPY . .
 
 ARG APP_VERSION=dev
+RUN echo "$APP_VERSION" > VERSION && uv sync --frozen --no-dev
+
+# ---- Prod: clean runtime image without uv ----
+FROM python:3.12-slim AS prod
 
 LABEL org.opencontainers.image.source="https://github.com/VEAF/website-2026"
 LABEL org.opencontainers.image.description="VEAF Website 2026 - Backend API"
 
-COPY pyproject.toml uv.lock* ./
-RUN uv sync --frozen --no-dev --no-install-project
+RUN groupadd --gid 1000 worker && useradd --uid 1000 --gid worker --create-home worker
 
-COPY . .
-RUN echo "$APP_VERSION" > VERSION
-RUN uv sync --frozen --no-dev
+WORKDIR /app
+ENV PATH="/app/.venv/bin:$PATH"
+
+COPY --from=build --chown=worker:worker /app /app
 
-RUN chown -R worker:worker /app
 USER worker
 EXPOSE 8000
 
diff --git a/frontend/.dockerignore b/frontend/.dockerignore
index eb27e9f..c391a8c 100644
--- a/frontend/.dockerignore
+++ b/frontend/.dockerignore
@@ -5,3 +5,4 @@ dist
 .git
 .gitignore
 Dockerfile
+*.md

From a9086077b01812a473161ee9feede9e22ec6600a Mon Sep 17 00:00:00 2001
From: Michel NAUD <michel.naud26400@gmail.com>
Date: Thu, 12 Mar 2026 13:39:38 +0100
Subject: [PATCH 2/2] Apply suggestion from @sourcery-ai[bot]

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 164de36..99a961b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,5 +9,5 @@
 - ADDED admin - track files sizes
 - ADDED login/logout notifications
 - FIXED system - customer deploy stack name
-- ADDED calandar - planning view (default for mobile)
+- ADDED calendar - planning view (default for mobile)
 - CHANGED system - optimize docker image size