# Use an official Node.js runtime as a base image
FROM node:20.10-alpine

# Set working directory
WORKDIR /app

# Copy "package.json" and "package-lock.json" before other files
# Utilise Docker cache to save re-installing dependencies if unchanged
COPY ./package*.json .

# Install dependencies
RUN npm install

# Change ownership to the non-root user
RUN chown -R node:node /app

# Copy all files
COPY . .

# Expose the listening port
EXPOSE 3000

# Run container as non-root (unprivileged) user
# The "node" user is provided in the Node.js Alpine base image
USER node

# Launch app with PM2
CMD [ "npm", "run", "dev" ]