Added solution for Day 17: Docker Projects for DevOps Engineers - Django Notes App and Node.js To-Do App

[Amitabh-DevOps]

This PR contains solutions and tasks completed for Day 17 of the #90DaysOfDevOps challenge. The focus was on working with Docker to containerize and deploy two applications:

1. Django Notes Application:

   • Cloned the repository and created a Dockerfile to build and deploy the app.
   • Built the Docker image, ran the container, and accessed the app on http://localhost:8000.

2. Node.js To-Do Application:

   • Cloned the repository and created a Dockerfile for the app.
   • Built the Docker image, ran the container, and accessed the app on http://localhost:8000.

Additionally:

• Logged in to Docker Hub, tagged the images, and successfully pushed them to my Docker Hub repository for both projects.

Highlights

• Demonstrated proficiency in Docker by creating Dockerfiles, building and running containers, and managing Docker images.
• Pushed the images to Docker Hub for wider accessibility.
• Followed best practices to avoid port conflicts when running multiple containers.

Links to reference content, images, and commands are included for a comprehensive understanding.

Summary by CodeRabbit

• Chores
  • Removed the command history file related to the Flask application setup.
  • Updated the instructional content to focus on practical tasks and solutions for a Python (Django Notes App) and a Node.js (To-Do App), enhancing clarity with new images and detailed steps.

[coderabbitai]

Walkthrough

The pull request involves the removal of two files, code.txt and solution.md, from the 2024/day17/ directory. The code.txt file, which contained a history of terminal commands related to setting up and managing a Flask application using Docker, has been completely deleted. The solution.md file has been replaced with new content that focuses on two specific applications: a Python (Django Notes App) and a Node.js (To-Do App), detailing tasks and solutions for these applications.

Changes

File	Change Summary
2024/day17/code.txt	Completely removed; contained terminal command history for Flask and Docker setup
2024/day17/solution.md	Entirely replaced; new content includes tasks and solutions for Django and Node.js applications, along with enhanced instructional materials

Poem

🐰 Farewell, Docker files so neat,
Vanished like a rabbit's fleet retreat.
Command history now wiped clean,
No traces left upon the scene.
A digital hop into the unknown! 🚀

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

2024/day17/solution.md (1)

76-76: Consider using Docker Compose for managing multiple containers

Instead of manually managing port conflicts, consider using Docker Compose to define and run both applications with different ports.

Create a docker-compose.yml:

version: '3.8'
services:
  django-app:
    build: ./django-notes-app
    ports:
      - "8000:8000"
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/health/"]
      interval: 30s
      timeout: 3s

  node-app:
    build: ./node-todo-cicd
    ports:
      - "8001:8000"
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8000/health"]
      interval: 30s
      timeout: 3s

Then use:

docker-compose up -d

🧰 Tools

🪛 LanguageTool

[formatting] ~76-~76: If the ‘because’ clause is essential to the meaning, do not use a comma before the clause.
Context: ...container to avoid error regarding ports, because we are using same port, you can use dif...

(COMMA_BEFORE_BECAUSE)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 35beb58 and bedc82a.

📒 Files selected for processing (1)

• 2024/day17/solution.md (1 hunks)

🧰 Additional context used

🪛 LanguageTool

2024/day17/solution.md

[style] ~3-~3: Consider using a more formal and expressive alternative to ‘amazing’.
Context: ...ngineers ### You people are doing just amazing in #90daysofdevops. Today's challen...

(AWESOME)

---

[formatting] ~76-~76: If the ‘because’ clause is essential to the meaning, do not use a comma before the clause.
Context: ...container to avoid error regarding ports, because we are using same port, you can use dif...

(COMMA_BEFORE_BECAUSE)

🪛 Markdownlint (0.37.0)

2024/day17/solution.md

3-3: Expected: h2; Actual: h3
Heading levels should only increment by one level at a time

(MD001, heading-increment)

---

147-147: Expected: 0; Actual: 3
Unordered list indentation

(MD007, ul-indent)

---

14-14: Punctuation: '.'
Trailing punctuation in heading

(MD026, no-trailing-punctuation)

---

19-19: Punctuation: ':'
Trailing punctuation in heading

(MD026, no-trailing-punctuation)

---

84-84: Punctuation: ':'
Trailing punctuation in heading

(MD026, no-trailing-punctuation)

[coderabbitai]

🛠️ Refactor suggestion

Improve Docker Hub authentication and tagging strategy

A few recommendations for the Docker Hub instructions:

1. Use access tokens instead of password for better security
2. Avoid using the latest tag in production as it's mutable
3. Implement a proper versioning strategy

Here's an improved version:

-docker login
+# Create a Personal Access Token in Docker Hub and use it instead of password
+docker login -u <username>

-docker tag django-notes-app yourusername/django-notes-app:latest
+# Use semantic versioning and git commit hash for immutable tags
+VERSION=$(git describe --tags --always)
+docker tag django-notes-app yourusername/django-notes-app:${VERSION}
+docker tag django-notes-app yourusername/django-notes-app:1.0.0

-docker tag node-todo-app yourusername/node-todo-app:latest
+docker tag node-todo-app yourusername/node-todo-app:${VERSION}
+docker tag node-todo-app yourusername/node-todo-app:1.0.0

# Push all tags
-docker push <your-dockerhub-username>/<repository-name>:<tag>
+docker push yourusername/django-notes-app:${VERSION}
+docker push yourusername/django-notes-app:1.0.0
+docker push yourusername/node-todo-app:${VERSION}
+docker push yourusername/node-todo-app:1.0.0

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools

🪛 Markdownlint (0.37.0)

147-147: Expected: 0; Actual: 3
Unordered list indentation

(MD007, ul-indent)

[coderabbitai]

⚠️ Potential issue

Security and production readiness concerns in Django Dockerfile

The current Dockerfile has several issues that should be addressed for production use:

1. Using Django's development server (runserver) in production is not recommended for security and performance reasons
2. Running as root user (no USER instruction) poses security risks
3. Missing health checks for container orchestration
4. Missing environment variables for Django settings (SECRET_KEY, DEBUG, etc.)

Here's an improved version:

 FROM python:3.9-slim

 WORKDIR /app

+# Create a non-root user
+RUN useradd -m -r appuser
+
 COPY requirements.txt .
 
-RUN pip install --no-cache-dir -r requirements.txt
+RUN pip install --no-cache-dir -r requirements.txt gunicorn
 
 COPY . .
 
+# Set environment variables
+ENV DJANGO_SETTINGS_MODULE=notes.settings \
+    DJANGO_SECRET_KEY=changeme \
+    DJANGO_DEBUG=0
+
+# Switch to non-root user
+USER appuser
+
 EXPOSE 8000
 
-CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"]
+# Add health check
+HEALTHCHECK --interval=30s --timeout=3s \
+  CMD curl -f http://localhost:8000/health/ || exit 1
+
+# Use gunicorn for production
+CMD ["gunicorn", "--bind", "0.0.0.0:8000", "notes.wsgi:application"]

Also, create a .dockerignore file to exclude unnecessary files:

.git
.gitignore
Dockerfile
*.pyc
__pycache__
*.md

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

⚠️ Potential issue

Security and optimization concerns in Node.js Dockerfile

The current Dockerfile has several issues:

1. Node.js 12.2.0 is outdated and has known security vulnerabilities
2. Inefficient layer caching (copying all files before npm install)
3. Running as root user poses security risks
4. Missing health checks

Here's an improved version:

-FROM node:12.2.0-alpine
+FROM node:20-alpine
 
 WORKDIR /app
 
-COPY . /app
+# Copy package files first for better layer caching
+COPY package*.json ./
 
 RUN npm install
 
+# Create a non-root user
+RUN addgroup -S appgroup && adduser -S appuser -G appgroup
+
+# Copy application code
+COPY . .
+
+# Switch to non-root user
+USER appuser
+
 EXPOSE 8000
 
+# Add health check
+HEALTHCHECK --interval=30s --timeout=3s \
+  CMD wget --no-verbose --tries=1 --spider http://localhost:8000/health || exit 1
+
 CMD ["node","app.js"]

Also, create a .dockerignore file:

node_modules
npm-debug.log
Dockerfile
.git
.gitignore
*.md

Committable suggestion skipped: line range outside the PR's diff.