add docker & api route

[wvl94]

💡 PR Summary generated by FirstMate

Overview: Added Docker support and a new API route for fetching examples by ID.

Changes:
Dockerfile:

• Created a Dockerfile using Node.js 19-alpine for containerization.
• Set working directory, added user/group, and installed git.

API Route Update:

• Added a new GET route /get/:id in exampleRouter.js for fetching example data.

Configuration Change:

• Updated default server port in appConfig.js from 8080 to 80 for consistency.

TLDR: Introduced Docker support and a new API route for fetching examples; updated server port configuration. Focus on the Dockerfile and new route in exampleRouter.js.

_{^{Generated by FirstMate and automatically updated on every commit.}}

[firstmate]

PR Review

⚠️ It seems that you can still improve the quality of your PR:

    ❌ Documentation drift: Update documentation for default server port change from 8080 to 80.
    ❌ Dockerfile optimization: Implement multi-stage build in Dockerfile for optimized image size and security.
    ❌ Security issues: Add grantAccessByPermissionMiddleware to /get/:id route for access control.

_{^{Generated by Firstmate to make sure you can focus on coding new features.}}

[firstmate]

You changed the default server port from 8080 to 80. This change seems important, so it might be smart to change the documentation accordingly.

For example, update the documentation to reflect the new default port:

## Running the Application

To start the application, use the following command:

```bash
npm start

The application will now run on port 80 by default.

[firstmate]

Your Dockerfile should implement a multi-stage build to optimize image size and enhance security. Consider adding a build stage and a final stage like this:

# Build stage
FROM node:19-alpine AS build
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm install
COPY . .

# Final stage
FROM node:19-alpine
WORKDIR /usr/src/app
COPY --from=build /usr/src/app .
CMD ["npm", "start", "--no-update-notifier"]

(Based on guideline 'Dockerfiles should use multi-stage builds')

[firstmate]

The new route /get/:id lacks the grantAccessByPermissionMiddleware, which is essential for proper permission checks. Update the route as follows to include the middleware:

router.route("/get/:id")
    .get(grantAccessByPermissionMiddleware([API_PERMISSIONS.PUBLIC_ENDPOINT]), exampleController.getById);

This ensures that the necessary access control is enforced.

(Based on guideline 'Routes must check permissions')

[firstmate]

I analysed the failed pipeline job Validate docker:

Failure Analysis

The pipeline crashed during the Docker build step, specifically when attempting to install the git package using the command apk add --no-cache git. The error message indicates a permission issue:

ERROR: Unable to lock database: Permission denied
ERROR: Failed to open apk database: Permission denied

This suggests that the Dockerfile is trying to run this command as a non-root user (appuser), which does not have the necessary permissions to install packages. The relevant section of the Dockerfile is:

USER appuser
RUN apk add --no-cache git

Suggested Fix

To resolve the permission issue, you can switch back to the root user before running the apk add command and then switch back to appuser afterward. Modify the Dockerfile as follows:

- USER appuser
+ USER root
RUN apk add --no-cache git
+ USER appuser

This change ensures that the package installation has the necessary permissions while maintaining the intended user context for subsequent commands.