Add error throw

[wvl94]

No description provided.

[firstmate-test-bot]

PR review

‼️ It seems that you can still improve the quality of your PR. Have a look into this:

❌ Dockerfiles use multi-stage builds and non-root user

Implementing multi-stage builds and ensuring the container runs as a non-root user in Dockerfiles are important for several reasons:

• Security: Running as a non-root user minimizes the risk of privilege escalation attacks.
• Efficiency: Multi-stage builds reduce the final image size by only including necessary artifacts, which leads to faster deployments and reduced attack surface.

Here's how you can modify the demo-microservice/Dockerfile to use multi-stage builds and run as a non-root user:

# Stage 1: Build
FROM node:14 AS builder
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build

# Stage 2: Run
FROM node:14-alpine
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/package*.json ./
RUN npm install --only=production

# Create a non-root user and switch to it
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser

EXPOSE 3000
CMD ["node", "dist/main.js"]

In this example:

• The build stage (builder) compiles the application.
• The run stage (node:14-alpine) copies the necessary files from the build stage and installs production dependencies.
• A non-root user (appuser) is created and the container switches to this user before running the application.

❌ Throw custom ApplicationErrors

Throwing custom ApplicationError instead of a generic Error is important because it provides more context and makes error handling more precise and meaningful. This practice helps in debugging and maintaining the code, as it clearly indicates the type of error that occurred.

Here's how you can make the change:

File: demo-microservice/Dockerfile

// Before
throw new Error('Something went wrong');

// After
class ApplicationError extends Error {
    constructor(message) {
        super(message);
        this.name = 'ApplicationError';
    }
}

throw new ApplicationError('Something went wrong');

This change ensures that the error thrown is specific and adheres to the guidelines, making the code more robust and easier to maintain.

sidenote:

✅ Deployment & testing pipelines
❌ Docker file structure:
   Your Dockerfile is missing from the repository. Ensure it is placed at the root level of the project. Additionally, follow the provided example closely, including using multiple build stages, not running as root, and maintaining the order of commands.
✅ File structure based on example repo
✅ Usage of proper tests [Unit tests, Postman etc.]
❌ General coding guidelines:

   - Updated Readme File:
      The README.md file is incomplete. It should contain setup instructions and how to run the application.
   - Use Retries for External APIs:
      No evidence of retries in API calls. Implement retry logic for external API calls.

⚠️ This repo is currently not following company guidelines.

You might want to look into this so I prepared some PR's to bring it up to date.

_{^{Generated by Firstmate to make sure you can focus on coding new features.}}