# --- Build stage (if you transpile; otherwise this is basically a no-op)
FROM node:20-alpine AS build
WORKDIR /app
COPY package*.json ./
RUN npm ci --omit=dev
COPY . .
# If you transpile (TS/webpack/etc.), do it here:
# RUN npm run build

# --- Runtime stage
FROM node:20-alpine
ENV NODE_ENV=production
# Avoid running as root
RUN addgroup -S nodegrp && adduser -S nodeusr -G nodegrp
WORKDIR /app

# Copy only what's needed at runtime
COPY --from=build /app/package*.json ./
COPY --from=build /app/node_modules ./node_modules
COPY --from=build /app/. ./

# If your compiled output lives in /app/dist:
# WORKDIR /app/dist

# Healthcheck (customize the path/port if needed)
HEALTHCHECK --interval=30s --timeout=3s --retries=3 \
  CMD wget -qO- http://127.0.0.1:80/health || exit 1

USER nodeusr
EXPOSE 80
EXPOSE 443
# Ensure your server listens on 0.0.0.0:80 inside the container
CMD ["npm", "start"]