From 826723eb5b92b1ba5b163b3a6c64e9c8729d4f6a Mon Sep 17 00:00:00 2001
From: Cameron Redmore <cameron@redmore.me>
Date: Fri, 8 Aug 2025 17:09:31 +0100
Subject: [PATCH] Refactor Dockerfile to use Google's distroless image for
 minimal production stage and remove unnecessary Alpine setup

---
 Dockerfile | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index d2c7577..dedb61e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,24 +15,18 @@ COPY . .
 # Build the frontend with Vite and compile the server to executable
 RUN bun run build
 
-# Minimal production stage using Alpine
-FROM alpine:latest
-
-# Install CA certificates for HTTPS requests and glibc compatibility
-RUN apk --no-cache add ca-certificates tzdata gcompat
+# Minimal production stage using Google's distroless image (glibc-based)
+FROM gcr.io/distroless/cc-debian12
 
 WORKDIR /app
 
-# Copy the compiled executable from the build stage (Linux build will not have .exe extension)
+# Copy the compiled executable from the build stage
 COPY --from=builder /app/dist/server /app/server
 
 # Copy the built frontend assets (but ensure we don't overwrite the server executable)
 COPY --from=builder /app/dist/*.html /app/dist/
 COPY --from=builder /app/dist/assets /app/dist/assets
 
-# Make the server executable
-RUN chmod +x /app/server
-
 # Expose the port
 EXPOSE 3000
 
@@ -40,4 +34,4 @@ EXPOSE 3000
 ENV NODE_ENV=production
 
 # Start the application using the compiled executable
-CMD ["/app/server"]
\ No newline at end of file
+CMD ["/app/server"]