# syntax=docker/dockerfile:1.7

###########
# BUILD STAGE
###########
FROM cgr.dev/chainguard/node:latest-dev AS build
WORKDIR /app

# Copy dependency manifests
COPY package*.json ./

# Install all deps (inkl. dev)
RUN --mount=type=cache,target=/root/.npm npm ci

# Copy app source and build
COPY . .
RUN npm run build

###########
# RUNTIME STAGE
###########
FROM cgr.dev/chainguard/node:latest
ENV NODE_ENV=production
WORKDIR /app

# Copy only what’s needed to run
COPY --from=build /app/package*.json ./
COPY --from=build /app/node_modules ./node_modules
COPY --from=build /app/dist ./dist
COPY --from=build /app/server.mjs ./server.mjs

# Chainguard runs as nonroot by default (user `nonroot`)
USER node
#EXPOSE 3000

CMD ["node", "./server.mjs"]