# Security Test Runner Dockerfile
FROM node:22-bookworm-slim

RUN corepack enable

WORKDIR /app

# Install dependencies first for better caching
COPY package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./
COPY ui/package.json ./ui/package.json
COPY patches ./patches
COPY scripts ./scripts
COPY git-hooks ./git-hooks

RUN pnpm install --frozen-lockfile

# Copy source and test files
COPY . .

# Build the project (tests may need compiled code)
RUN CLAWDBOT_A2UI_SKIP_MISSING=1 pnpm build

# Create results directory
RUN mkdir -p /app/test-results

# Default command runs security tests
CMD ["sh", "-c", "pnpm vitest run --config vitest.security.config.ts ${TEST_PATTERN:+--grep \"$TEST_PATTERN\"} --reporter=verbose --reporter=json --outputFile=/app/test-results/security-results.json"]