# syntax=docker/dockerfile:1

# ---------- Build stage ----------
FROM node:20-alpine AS builder

WORKDIR /app

# Install dependencies (cache layer)
COPY package.json .
COPY yarn.lock .
RUN yarn install --frozen-lockfile --production=false

# Copy source code
COPY . .

# Prune dev dependencies for production image
RUN yarn install --frozen-lockfile --production && \
    rm -rf **/*.test.js

# ---------- Runtime stage ----------
FROM node:20-alpine AS runtime

RUN addgroup -S appgroup && adduser -S appuser -G appgroup

WORKDIR /app

COPY --from=builder /app/package.json .
COPY --from=builder /app/node_modules ./node_modules
COPY --from=builder /app/src ./src

ENV NODE_ENV=production

USER appuser

EXPOSE 3000

HEALTHCHECK --interval=30s --timeout=5s --start-period=5s \
  CMD node -e "require('http').get('http://localhost:3000/health', () => process.exit(0)).on('error', () => process.exit(1))"

CMD ["node", "src/index.js"]
