# Production Stage
FROM node:22-alpine

# Set environment variables
ENV NODE_ENV=production
ENV PORT=8080

WORKDIR /app

# Buat group dan user terlebih dahulu
RUN addgroup -g 1001 -S nodeapp && \
    adduser -S nodeapp -u 1001

# Salin file package.json dan package-lock.json
COPY --chown=nodeapp:nodeapp package*.json ./

# Install hanya dependensi produksi
RUN --mount=type=cache,target=/root/.npm \
    npm ci --omit=dev && \
    npm cache clean --force

# Buat folder tmp dengan permission untuk nodeapp
RUN mkdir -p /tmp/uploads && chown -R nodeapp:nodeapp /tmp/uploads

# Salin seluruh source code aplikasi
COPY --chown=nodeapp:nodeapp . .

# Health check (aktifkan jika ada endpoint /health)
# HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
#     CMD node -e "require('http').get('http://localhost:8080/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"

# Buka port (Cloud Run default 8080)
EXPOSE 8080

# Gunakan user non-root untuk keamanan
USER nodeapp

# Perintah untuk menjalankan aplikasi
CMD ["node", "app.js"]