# --- STAGE 1: Build the application --- FROM node:20-alpine AS builder WORKDIR /app # Copy dependency configurations COPY package*.json ./ # Install all dependencies (including devDependencies needed for building) RUN npm ci # Copy the rest of the application source code COPY . . # Build the production application RUN npm run build # Prune node_modules down to only production requirements RUN npm prune --production # --- STAGE 2: Run the application --- FROM node:20-alpine AS runner WORKDIR /app # Set production configurations ENV NODE_ENV=production ENV PORT=3000 # Create a secure non-root system user for security hardening RUN addgroup -g 1001 -S nodejs && \ adduser -u 1001 -S svelteuser -G nodejs # Copy essential production files from the builder stage COPY --from=builder /app/package.json ./package.json COPY --from=builder /app/node_modules ./node_modules COPY --from=builder /app/build ./build # Switch execution contexts to the non-root user USER svelteuser # Expose target internal application port EXPOSE 3000 # Fire up the SvelteKit Node cluster server CMD ["node", "build/index.js"]