diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..397b0ec
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,43 @@
+# Build artifacts
+build/
+.gradle/
+target/
+
+# IDE files
+.idea/
+.vscode/
+*.iml
+*.ipr
+*.iws
+
+# OS files
+.DS_Store
+Thumbs.db
+
+# Git
+.git/
+.gitignore
+
+# Documentation
+README.md
+*.md
+
+# Docker files
+Dockerfile*
+docker-compose*.yml
+
+# CI/CD
+.gitlab-ci.yml
+.github/
+
+# Logs
+*.log
+
+# Test results
+test-results/
+reports/
+
+# Kubernetes manifests (don't include in Docker build)
+*.yaml
+*.yml
+!gradle/libs.versions.toml
diff --git a/Dockerfile b/Dockerfile
index 2ad6fd6..5fbee06 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,40 +3,55 @@ FROM gradle:8.7.0-jdk21 AS build
 
 WORKDIR /app
 
-# Copy gradle configuration files
-COPY build.gradle.kts gradle.properties ./
+# Copy gradle wrapper and properties first for better caching
 COPY gradle ./gradle
-COPY detekt.yml ./
+COPY gradlew gradlew.bat gradle.properties ./
+COPY build.gradle.kts ./
 
 # Download dependencies (this layer will be cached)
-RUN gradle dependencies --no-daemon
+RUN ./gradlew dependencies --no-daemon
 
 # Copy source code
 COPY src ./src
 
-# Build the fat JAR
-RUN gradle buildFatJar --no-daemon
+# Build the fat JAR without detekt and tests for faster Docker builds
+RUN gradle buildFatJar --no-daemon -x test -x detekt
 
 # Runtime stage
 FROM eclipse-temurin:21-jre-alpine
 
+# Install wget for healthcheck and create non-root user
+RUN apk add --no-cache wget && \
+    addgroup -g 1001 appgroup && \
+    adduser -u 1001 -G appgroup -s /bin/sh -D appuser
+
 # Set working directory
 WORKDIR /app
 
 # Add metadata labels
-LABEL maintainer="Person API Team"
-LABEL description="Person API Ktor Application"
-LABEL version="1.0"
+LABEL maintainer="Person API Team" \
+    description="Person API Ktor Application" \
+    version="1.0" \
+    org.opencontainers.image.source="https://gitlab.com/atafaya971/packsol/person"
 
 # Copy the fat JAR from the build stage
 COPY --from=build /app/build/libs/app.jar /app/app.jar
 
+# Change ownership to non-root user
+RUN chown -R appuser:appgroup /app
+
+# Switch to non-root user
+USER appuser
+
 # Expose the port the app runs on
 EXPOSE 8080
 
 # Add healthcheck
-HEALTHCHECK --interval=30s --timeout=3s --start-period=15s --retries=3 \
+HEALTHCHECK --interval=30s --timeout=3s --start-period=30s --retries=5 \
   CMD wget -q --spider http://0.0.0.0:8080/api/persons || exit 1
 
+# Set JVM options for containerized environment
+ENV JAVA_OPTS="-XX:+UseContainerSupport -XX:MaxRAMPercentage=75.0 -XX:+ExitOnOutOfMemoryError"
+
 # Set the entrypoint
-ENTRYPOINT ["java", "-jar", "/app/app.jar"]
+ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -jar /app/app.jar"]