diff --git a/Dockerfile b/Dockerfile
index 42bd3ee2..ca64d173 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,22 +4,19 @@
 #           |==> HERE
 FROM phusion/passenger-ruby24:0.9.26
 
-EXPOSE 80
-ENV APP_HOME=/home/app/pact_broker
-CMD ["/sbin/my_init"]
-RUN rm -f /etc/service/nginx/down
-RUN rm /etc/nginx/sites-enabled/default
-ADD container /
-
-ADD pact_broker/config.ru $APP_HOME/
-ADD pact_broker/Gemfile $APP_HOME/
-ADD pact_broker/Gemfile.lock $APP_HOME/
-RUN chown -R app:app $APP_HOME
+ENV APP_HOME=/home/app/pact_broker/
+RUN rm -f /etc/service/nginx/down /etc/nginx/sites-enabled/default
+COPY container /
+RUN gem update --system
+USER app
 
+COPY --chown=app:app pact_broker/config.ru pact_broker/Gemfile pact_broker/Gemfile.lock $APP_HOME 
 # Update system gems for:
 # https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
-RUN gem update --system
-RUN gem install bundler
-RUN su app -c "cd $APP_HOME && bundle install --deployment --without='development test'"
-ADD pact_broker/ $APP_HOME/
-RUN chown -R app:app $APP_HOME
+RUN gem install bundler && \
+    cd $APP_HOME && bundle install --deployment --without='development test'
+COPY --chown=app:app pact_broker/ $APP_HOME/
+
+USER root
+EXPOSE 80
+CMD ["/sbin/my_init"]
\ No newline at end of file
diff --git a/Gemfile.lock b/Gemfile.lock
index ce4bae12..6bf0c081 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -2,7 +2,7 @@ GEM
   remote: https://rubygems.org/
   specs:
     conventional-changelog (1.3.0)
-    rake (12.1.0)
+    rake (12.3.0)
 
 PLATFORMS
   ruby
@@ -12,4 +12,4 @@ DEPENDENCIES
   rake (~> 12.0)
 
 BUNDLED WITH
-   1.15.3
+   1.16.0