# NIST CSF GUI Backend - Optimized for local development and production
FROM node:18-alpine AS builder
# Install build dependencies
RUN apk add --no-cache python3 make g++
WORKDIR /app
# Copy package files for dependency installation
COPY package*.json ./
COPY tsconfig.json ./
# Install dependencies
RUN npm ci
# Copy source code
COPY src/ ./src/
# Build TypeScript
RUN npm run build
# Production stage
FROM node:18-alpine AS production
# Create non-root user for security
RUN addgroup -g 1001 -S nodejs && adduser -S backend -u 1001
WORKDIR /app
# Copy built application and dependencies
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
COPY --from=builder /app/package.json ./
# Create logs directory with proper permissions
RUN mkdir -p logs && chown -R backend:nodejs logs
# Switch to non-root user
USER backend
# Expose port
EXPOSE 3001
# Health check - fixed multiline escaping
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD node -e "const http = require('http'); const options = { hostname: 'localhost', port: 3001, path: '/health', timeout: 2000 }; const req = http.request(options, (res) => { if (res.statusCode === 200) process.exit(0); else process.exit(1); }); req.on('error', () => process.exit(1)); req.end();"
# Start server
CMD ["node", "dist/server.js"]
