| FROM node:lts-alpine | |
| # 设置工作目录 | |
| # The WORKDIR instruction creates the directory if it doesn't exist | |
| # and sets it as the current working directory. | |
| # By default, it's created by root. We will chown contents later. | |
| WORKDIR /app | |
| # 复制package.json和package-lock.json | |
| # The 'node' user and 'node' group are typically pre-defined in node alpine images with UID/GID 1000 | |
| COPY --chown=node:node package*.json ./ | |
| # 安装依赖 | |
| # Running npm install as root is common to ensure all global and local dependencies are installed correctly. | |
| # The node_modules directory will be owned by root. | |
| # If you need the node_modules to be owned by the node user, | |
| # you could run npm install after USER node, but ensure /app is writable by node. | |
| RUN npm install | |
| # 复制源代码 | |
| COPY --chown=node:node . . | |
| # 切换到 "node" 用户 | |
| USER node | |
| # 暴露端口 | |
| EXPOSE 3000 | |
| # 启动命令 | |
| CMD ["npm", "start"] |