FROM node:12

ENV NODE_ENV=production

RUN useradd nodeuser -m -d /usr/src/app
USER nodeuser

# Create app directory
WORKDIR /usr/src/app

# Install app dependencies
# A wildcard is used to ensure both package.json AND package-lock.json are copied
# where available (npm@5+)
COPY package*.json ./

RUN npm install
# If you are building your code for production
# RUN npm ci --only=production

# Check vulnerabilities
RUN npm install npm-audit-html
RUN npm audit --json | npm-audit-html --output report.html

# Bundle app source
COPY . .

# 3000 can be found from source code app.js line 82.
EXPOSE 3000
# app.js is on folder root and it must be run for Conduit to start.
CMD [ "node", "app.js" ]