add docker & api route

[wvl94]

💡 PR Summary generated by FirstMate

Overview: Added Docker support and a new API route for fetching examples by ID.

Changes:
Dockerfile:

• Created a Dockerfile using Node.js 19-alpine for containerization.
• Set working directory, added user/group, and installed Git.
• Configured the container to run the application with npm start.

API Route Update:

• Added a new GET route /get/:id in exampleRouter.js for fetching example data.
• Retained existing route for fetching by ID with permission middleware.

Configuration Change:

• Updated default server port in appConfig.js from 8080 to 80.

TLDR: Introduced Docker support and a new API route for fetching examples by ID; updated server port configuration. Focus on the Dockerfile and new route in exampleRouter.js.

_{^{Generated by FirstMate and automatically updated on every commit.}}

[firstmate]

PR Review

⚠️ It seems that you can still improve the quality of your PR:

    ❌ Documentation drift: Update documentation for new default server port (80).
    ❌ Docker best practices: Implement multi-stage builds in Dockerfile for efficiency and security.
    ❌ Security issues: Add permission checks to '/get/:id' route using middleware.

_{^{Generated by Firstmate to make sure you can focus on coding new features.}}

[firstmate]

You changed the default server port from 8080 to 80. This change seems important, so it might be smart to change the documentation accordingly.

For example, update the documentation to reflect the new default port:

## Running the Application

To start the application, use:

```bash
npm start

The application will now run on port 80 by default.

[firstmate]

Your Dockerfile should utilize multi-stage builds to enhance build efficiency and security by separating the build environment from the runtime environment. This will reduce the final image size and potential attack surface. Here's how you can modify your Dockerfile:

# Stage 1: Build
FROM node:19-alpine AS build
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build

# Stage 2: Production
FROM node:19-alpine
WORKDIR /usr/src/app
COPY --from=build /usr/src/app .
CMD ["npm", "start", "--no-update-notifier"]

(Based on guideline 'Dockerfiles should use multi-stage builds')

[firstmate]

The route '/get/:id' lacks permission checks, which are essential for security. You should modify it to include the grantAccessByPermissionMiddleware as follows:

router.route("/get/:id")
    .get(grantAccessByPermissionMiddleware([API_PERMISSIONS.PUBLIC_ENDPOINT]), exampleController.getById)

This ensures that only authorized users can access the endpoint.

(Based on guideline 'Routes should check permissions')

[firstmate]

I analysed the failed pipeline job Validate docker:

Failure Analysis

The pipeline crashed during the Docker build step, specifically when trying to install git using the command apk add --no-cache git. The logs indicate a permission issue:

ERROR: Unable to lock database: Permission denied
ERROR: Failed to open apk database: Permission denied

This suggests that the Dockerfile is attempting to run this command as a non-root user (appuser), which does not have the necessary permissions to modify the package database.

Suggested Fix

To resolve this issue, you can modify the Dockerfile to switch to the root user before running the apk add command and then switch back to the appuser. Here’s how you can do it:

- USER appuser
+ USER root
 RUN apk add --no-cache git
+ USER appuser

This change allows the installation of git with the required permissions, and then the Dockerfile can revert to using the non-root user for subsequent commands.