# Build stage
FROM node:18-alpine AS builder
# Set working directory
WORKDIR /app
# Copy package files
COPY package*.json ./
COPY tsconfig*.json ./
# Install dependencies
RUN npm ci
# Copy source code
COPY . .
# Build application
RUN npm run build
# Production stage
FROM node:18-alpine
# Create non-root user
RUN addgroup -S mcp && adduser -S mcp -G mcp
# Set working directory
WORKDIR /app
# Copy built assets from builder
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/bin ./bin
COPY --from=builder /app/public ./public
COPY --from=builder /app/package*.json ./
COPY --from=builder /app/.env.example ./.env.example
# Install production dependencies only
RUN npm ci --only=production
# Set ownership to non-root user
RUN chown -R mcp:mcp /app
# Switch to non-root user
USER mcp
# Expose port
EXPOSE 3000
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:3000/api/health || exit 1
# Start application
CMD ["npm", "start"]