fix(services): switch from Alpine to Debian slim for Prisma OpenSSL

Alpine 3.22 removed openssl1.1-compat package which Prisma needs.
Switched production stage from node:20-alpine to node:20-slim (Debian)
which has proper OpenSSL support.

Changes:
- Use node:20-slim for production stage (keep Alpine for build)
- Install openssl and wget via apt-get
- Update user creation from Alpine (addgroup/adduser) to Debian (groupadd/useradd)

Validated identity-service build and startup in WSL2:
- Build passes successfully
- NestJS starts and loads all routes
- Prisma client connects without OpenSSL errors

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

backend/services/authorization-service/Dockerfile

@@ -19,13 +19,15 @@ COPY . .
 # Build application
 RUN npm run build
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine AS production
+FROM node:20-slim AS production
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    && rm -rf /var/lib/apt/lists/*
 
 # Copy package files
 COPY package*.json ./

backend/services/backup-service/Dockerfile

@@ -19,17 +19,20 @@ RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate
 # Build the application
 RUN npm run build
 
-# Stage 2: Production
+# Stage 2: Production - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine AS production
+FROM node:20-slim AS production
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL and wget for health checks
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
 
 # Create non-root user for security
-RUN addgroup -g 1001 -S nodejs && \
+RUN groupadd -g 1001 nodejs && \
-    adduser -S nestjs -u 1001
+    useradd -u 1001 -g nodejs nestjs
 
 # Copy package files
 COPY package*.json ./

backend/services/identity-service/Dockerfile

@@ -2,7 +2,7 @@
 # Identity Service Dockerfile
 # =============================================================================
 
-# Build stage
+# Build stage - use Alpine for smaller build context
 FROM node:20-alpine AS builder
 
 WORKDIR /app
@@ -30,13 +30,16 @@ RUN npm run build
 # Verify build output exists
 RUN ls -la dist/src/ && test -f dist/src/main.js
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine
+FROM node:20-slim
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL and wget for health checks
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
 
 # Install production dependencies only
 COPY package*.json ./
@@ -50,8 +53,8 @@ RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate
 COPY --from=builder /app/dist ./dist
 
 # Create non-root user
-RUN addgroup -g 1001 -S nodejs && \
+RUN groupadd -g 1001 nodejs && \
-    adduser -S nestjs -u 1001
+    useradd -u 1001 -g nodejs nestjs
 
 # Switch to non-root user
 USER nestjs

backend/services/leaderboard-service/Dockerfile

@@ -22,13 +22,16 @@ COPY . .
 # Build the application
 RUN npm run build
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine AS production
+FROM node:20-slim AS production
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL and wget for health checks
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
 
 # Copy package files and install production dependencies
 COPY package*.json ./

backend/services/mpc-service/Dockerfile

@@ -25,13 +25,15 @@ COPY src ./src
 # Build TypeScript
 RUN npm run build
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine
+FROM node:20-slim
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    && rm -rf /var/lib/apt/lists/*
 
 # Install production dependencies only
 COPY package*.json ./
@@ -45,8 +47,8 @@ RUN DATABASE_URL="mysql://user:pass@localhost:3306/db" npx prisma generate
 COPY --from=builder /app/dist ./dist
 
 # Create non-root user
-RUN addgroup -g 1001 -S nodejs && \
+RUN groupadd -g 1001 nodejs && \
-    adduser -S nestjs -u 1001
+    useradd -u 1001 -g nodejs nestjs
 
 # Create temp directory for TSS
 RUN mkdir -p /tmp/tss && chown -R nestjs:nodejs /tmp/tss

backend/services/planting-service/Dockerfile

@@ -19,13 +19,16 @@ COPY . .
 # Build
 RUN npm run build
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine AS production
+FROM node:20-slim AS production
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL and wget for health checks
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
 
 # Copy package files
 COPY package*.json ./

backend/services/referral-service/Dockerfile

@@ -27,13 +27,16 @@ COPY src ./src
 # Build TypeScript
 RUN npm run build
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine
+FROM node:20-slim
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL and wget for health checks
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
 
 # Install production dependencies only
 COPY package*.json ./
@@ -47,8 +50,8 @@ RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate
 COPY --from=builder /app/dist ./dist
 
 # Create non-root user
-RUN addgroup -g 1001 -S nodejs && \
+RUN groupadd -g 1001 nodejs && \
-    adduser -S nestjs -u 1001
+    useradd -u 1001 -g nodejs nestjs
 
 # Switch to non-root user
 USER nestjs

backend/services/reporting-service/Dockerfile

@@ -27,13 +27,16 @@ COPY src ./src
 # Build TypeScript
 RUN npm run build
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine
+FROM node:20-slim
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL and wget for health checks
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
 
 # Install production dependencies only
 COPY package*.json ./
@@ -47,8 +50,8 @@ RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate
 COPY --from=builder /app/dist ./dist
 
 # Create non-root user
-RUN addgroup -g 1001 -S nodejs && \
+RUN groupadd -g 1001 nodejs && \
-    adduser -S nestjs -u 1001
+    useradd -u 1001 -g nodejs nestjs
 
 # Switch to non-root user
 USER nestjs

backend/services/reward-service/Dockerfile

@@ -19,13 +19,16 @@ RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate
 # Build the application
 RUN npm run build
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine AS production
+FROM node:20-slim AS production
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL and wget for health checks
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
 
 # Copy package files and install production dependencies
 COPY package*.json ./

backend/services/wallet-service/Dockerfile

@@ -27,13 +27,16 @@ COPY src ./src
 # Build TypeScript
 RUN npm run build
 
-# Production stage
+# Production stage - use Debian slim for OpenSSL compatibility
-FROM node:20-alpine
+FROM node:20-slim
 
 WORKDIR /app
 
-# Install OpenSSL 1.1 compatibility for Prisma
+# Install OpenSSL and wget for health checks
-RUN apk add --no-cache openssl1.1-compat
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssl \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
 
 # Install production dependencies only
 COPY package*.json ./
@@ -47,8 +50,8 @@ RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate
 COPY --from=builder /app/dist ./dist
 
 # Create non-root user
-RUN addgroup -g 1001 -S nodejs && \
+RUN groupadd -g 1001 nodejs && \
-    adduser -S nestjs -u 1001
+    useradd -u 1001 -g nodejs nestjs
 
 # Switch to non-root user
 USER nestjs