# .dockerignore - Controls what files are sent to Docker build context
# This is different from .gitignore - we want to INCLUDE gcs-credentials.json for Docker builds

# Python
__pycache__/
*.py[cod]
*$py.class
*.so
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST

# Virtual environments
venv/
.venv/
ENV/
env/

# Testing
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
*.py,cover
.hypothesis/
.pytest_cache/
htmlcov/

# Nexus data directories (exclude from Docker build)
nexus-data/
nexus-workspace/
nexus-test-*/
.nexus-server-data/
test-nexus-data/
test-server-data/
demo-data*/
*-demo-data/
test-fix-data/
*-examples-data/
*-examples-workspace/

# data/ is COPYed into the image (Dockerfile bakes default skills) but
# its runtime artifacts (raft state, redb, CAS spool, dcache spill,
# cross-zone metastore) MUST NOT ship — they pollute every fresh
# container with stale state from a developer's local `nexus serve` run
# and silently break federation bootstrap (root zone applied_index
# stays pinned to a long-dead term, no leader ever elects). Allow only
# `data/skills/` through; deny everything else.
data/*
!data/skills
!data/skills/**
*-server-data/
my-data/

# Database files (should not be in Docker images)
*.db
*.db-shm
*.db-wal
*.sqlite
*.sqlite3
nexus-*.db

# Logs (should not be in images)
logs/
*.log
*.log.*

# Git (not needed in container)
.git/
.gitignore
.gitattributes

# IDE
.idea/
.vscode/
*.code-workspace

# Documentation (can be excluded from production images)
docs/
*.md
# But keep README for package metadata
!README.md
!GCS_SERVICE_ACCOUNT_SETUP.md

# OS specific
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db
desktop.ini

# Temporary files
*.tmp
*.temp
*.bak
*.swp
*~

# Docker
docker-compose*.yml
Dockerfile*
.dockerignore

# Environment files (secrets should not be in images, use env vars instead)
.env
.env.*
# IMPORTANT: Don't ignore gcs-credentials.json - we need it for builds
# It will be mounted as a volume, not baked into the image

# Frontend (not needed in backend image)
nexus-frontend/

# Examples (not needed in production, except langgraph)
examples/*
!examples/langgraph

# Scripts (dev-only - exclude shell scripts and most Python scripts)
scripts/*.sh
scripts/*.py
# But keep init_database.py for database initialization in Docker
!scripts/init_database.py
# Keep provisioning script for docker-start --init
!scripts/provision_namespace.py
# Keep Docker entrypoint helper scripts (used by docker-entrypoint.sh)
!scripts/check_api_key.py
!scripts/create_admin_key.py
!scripts/check_semantic_search_config.py
!scripts/init_semantic_search.py
!scripts/parse_db_url.py
!scripts/load_saved_mounts.py
*.sh
# But keep docker-entrypoint.sh for container startup
!docker-entrypoint.sh

# Tests (not needed in production)
tests/
test_*.py
*_test.py

# Build artifacts (** matches nested dirs like rust/nexus_fast/target/)
**/target/
# Cargo.lock - needed for reproducible builds
.ruff_cache/
.mypy_cache/
gcs-credentials.json
# Docker FUSE e2e harness runs from the repo build context.
!tests/
tests/*
!tests/__init__.py
!tests/e2e/
tests/e2e/*
!tests/e2e/__init__.py
!tests/e2e/self_contained/
tests/e2e/self_contained/*
!tests/e2e/self_contained/__init__.py
!tests/e2e/self_contained/Dockerfile.fuse-test
!tests/e2e/self_contained/test_fuse_docker_e2e.py
!tests/helpers/
tests/helpers/*
!tests/helpers/__init__.py
!tests/helpers/dict_metastore.py
!tests/testkit/
tests/testkit/*
!tests/testkit/metadata.py
