diff --git a/Dockerfile b/Dockerfile
index ab771ec5..5d32392c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,66 +1,73 @@
-FROM node:22.12-bookworm-slim as builder
+FROM node:22.12-bookworm-slim AS base
 
 ARG BUILD_NUMBER
 ARG GIT_REF
+ARG GIT_BRANCH
+
+LABEL maintainer="HMPPS Digital Studio <info@digital.justice.gov.uk>"
+
+ENV TZ=Europe/London
+RUN ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime && echo "$TZ" > /etc/timezone
+
+RUN addgroup --gid 2000 --system appgroup && \
+        adduser --uid 2000 --system appuser --gid 2000
+
+WORKDIR /app
+
+# Cache breaking and ensure required build / git args defined
+RUN test -n "$BUILD_NUMBER" || (echo "BUILD_NUMBER not set" && false)
+RUN test -n "$GIT_REF" || (echo "GIT_REF not set" && false)
+RUN test -n "$GIT_BRANCH" || (echo "GIT_BRANCH not set" && false)
+
+# Define env variables for runtime health / info
+ENV BUILD_NUMBER=${BUILD_NUMBER}
+ENV GIT_REF=${GIT_REF}
+ENV GIT_BRANCH=${GIT_BRANCH}
+
+RUN apt-get update && \
+        apt-get upgrade -y && \
+        apt-get autoremove -y && \
+        rm -rf /var/lib/apt/lists/*
 
 RUN apt-get update && \
         apt-get upgrade -y
 RUN apt-get -y install g++ make python3 curl && rm -rf /var/lib/apt/lists/*
 
-WORKDIR /app
 
 RUN curl https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem \
         > /app/root.cert
 
-COPY . .
-
-RUN CYPRESS_INSTALL_BINARY=0 npm ci --no-audit && \
-        npm run build && \
-        export BUILD_NUMBER=${BUILD_NUMBER:-1_0_0} && \
-        export GIT_REF=${GIT_REF:-dummy} && \
-        npm run record-build-info
-
-RUN npm prune --production
+# Stage: build assets
+FROM base AS build
 
-FROM node:22.12-bookworm-slim
-LABEL maintainer="HMPPS Digital Studio <info@digital.justice.gov.uk>"
+ARG BUILD_NUMBER
+ARG GIT_REF
+ARG GIT_BRANCH
 
-# Cache breaking
-ENV BUILD_NUMBER ${BUILD_NUMBER:-1_0_0}
+COPY package*.json ./
+RUN CYPRESS_INSTALL_BINARY=0 npm ci --no-audit
+ENV NODE_ENV='production'
 
-RUN apt-get update && \
-        apt-get upgrade -y && \
-        apt-get autoremove -y && \
-        rm -rf /var/lib/apt/lists/*
+COPY . .
 
-RUN addgroup --gid 2000 --system appgroup && \
-        adduser --uid 2000 --system appuser --gid 2000
+RUN npm run build
+RUN npm prune --no-audit --omit=dev
 
-ENV TZ=Europe/London
-RUN ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime && echo "$TZ" > /etc/timezone
 
-# Create app directory
-RUN mkdir /app && chown appuser:appgroup /app
-USER 2000
-WORKDIR /app
+# Stage: copy production assets and dependencies
+FROM base
 
-COPY --from=builder --chown=appuser:appgroup \
+COPY --from=build --chown=appuser:appgroup \
         /app/package.json \
         /app/package-lock.json \
-        /app/dist \
-        /app/root.cert \
-        /app/build-info.json \
         ./
 
-COPY --from=builder --chown=appuser:appgroup \
-        /app/assets ./assets
+COPY --from=build --chown=appuser:appgroup \
+        /app/dist ./dist
 
-COPY --from=builder --chown=appuser:appgroup \
+COPY --from=build --chown=appuser:appgroup \
         /app/node_modules ./node_modules
 
-COPY --from=builder --chown=appuser:appgroup \
-        /app/server/views ./server/views
-
 ENV PORT=3000
 
 EXPOSE 3000
diff --git a/server/config.js b/server/config.js
index 8d2249ef..2e625e82 100755
--- a/server/config.js
+++ b/server/config.js
@@ -13,6 +13,8 @@ function get(name, fallback, options = {}) {
 const requiredInProduction = { requireInProduction: true }
 
 module.exports = {
+  buildNumber: get('BUILD_NUMBER', '1_0_0', requiredInProduction),
+
   db: {
     username: get('DB_USER', 'use-of-force'),
     password: get('DB_PASS', 'use-of-force'),