Docker file changes

[wvl94]

---

💡 Summary generated by FirstMate:

• Dockerfile updated to use Node.js version 14-alpine instead of 19-alpine
• Environment variable PORT set to 8080
• WORKDIR set to /usr/src/app

[firstmatebot]

PR Review

⚠️ It seems that you can still improve the quality of your PR. Have a look into this:

   

❌ Docker & containerization: Optimize Dockerfiles with multi-stage builds and implement a non-root user for enhanced security.

These are the improvements you should make:

• Use multi-stage builds in Dockerfile for optimized image size and security.
• Avoid running as root in Dockerfile; add a non-root user for enhanced security.

Use multi-stage builds in Dockerfile for optimized image size and security.

You are currently using a single-stage build, which can lead to larger image sizes and potential security vulnerabilities. Implementing a multi-stage build allows you to separate the build environment from the runtime environment, reducing the final image size and minimizing the attack surface. Here's how you can modify your Dockerfile:

# Stage 1: Build
FROM node:14-alpine AS build
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm install
COPY . .

# Stage 2: Run
FROM node:14-alpine
WORKDIR /usr/src/app
COPY --from=build /usr/src/app ./
ENV PORT 8080
EXPOSE 8080
CMD ["npm", "start", "--no-update-notifier"]

Avoid running as root in Dockerfile; add a non-root user for enhanced security.

Running your application as the root user can expose your container to security risks. Adding a non-root user enhances security by limiting permissions. You can create a user and switch to it in your Dockerfile as follows:

# Add this line in the Run stage
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser

To improve your PR. Please make changes to these files:

• Dockerfile

_{^{Generated by Firstmate to make sure you can focus on coding new features.}}