data-primals-engine 1.3.0 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/CHANGELOG.md +440 -0
  2. package/Dockerfile +19 -9
  3. package/DockerfileTest +19 -9
  4. package/README.md +58 -24
  5. package/client/package-lock.json +172 -1
  6. package/client/package.json +1 -0
  7. package/client/src/App.scss +4 -0
  8. package/client/src/CalendarConfigModal.jsx +60 -21
  9. package/client/src/CalendarView.jsx +107 -0
  10. package/client/src/CalendarView.scss +9 -0
  11. package/client/src/DataLayout.jsx +54 -27
  12. package/client/src/DataTable.jsx +19 -2
  13. package/client/src/Dialog.scss +4 -3
  14. package/client/src/Field.jsx +3 -2
  15. package/client/src/HistoryDialog.jsx +253 -0
  16. package/client/src/HistoryDialog.scss +320 -0
  17. package/client/src/ModelCreator.jsx +36 -15
  18. package/client/src/ModelCreatorField.jsx +5 -6
  19. package/client/src/ViewSwitcher.jsx +6 -6
  20. package/client/src/hooks/useTutorials.jsx +1 -1
  21. package/client/src/translations.js +298 -1
  22. package/package.json +2 -2
  23. package/src/email.js +1 -1
  24. package/src/engine.js +6 -6
  25. package/src/events.js +15 -5
  26. package/src/gameObject.js +0 -29
  27. package/src/modules/data/data.history.js +490 -0
  28. package/src/modules/data/data.js +139 -108
  29. package/src/modules/data/data.routes.js +4 -4
  30. package/src/modules/mongodb.js +17 -1
  31. package/src/modules/user.js +9 -3
  32. package/src/packs.js +2 -1
  33. package/src/services/stripe.js +67 -13
  34. package/src/workers/crypto-worker.js +3 -3
  35. package/test/data.backup.integration.test.js +5 -0
  36. package/test/data.history.integration.test.js +193 -0
  37. package/test/data.integration.test.js +79 -39
  38. package/test/events.test.js +27 -27
  39. package/test/globalTeardown.js +1 -0
  40. package/test/model.integration.test.js +5 -0
  41. package/test/workflow.actions.integration.test.js +2 -0
  42. package/test/workflow.integration.test.js +2 -0
  43. package/test/workflow.robustness.test.js +2 -0
package/CHANGELOG.md ADDED
@@ -0,0 +1,440 @@
1
+ # # Release 1.3.0
2
+
3
+ Here is a breakdown of the key developments and improvements made to the project recently.
4
+
5
+ ## 1. Major Features & Integrations
6
+
7
+ ### Stripe Pack Integration
8
+
9
+ A significant new feature is the integration of the Stripe payment gateway. This allows the application to handle payments, subscriptions, and refunds.
10
+ - New Stripe Service: A dedicated service module (src/services/stripe.js) has been created to handle all interactions with the Stripe API, to securely verify incoming webhooks
11
+ - Workflow Integration: The Stripe service is now callable from the workflow engine via the new generic ExecuteServiceFunction action, enabling automation of payment-related tasks.
12
+ - Secure Configuration: Stripe API keys are now configured securely through user-specific environment variables (STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET)
13
+ - New Dependency: The stripe npm package has been added to package.json.
14
+
15
+ ### AI Provider Generalization & Anthropic Support
16
+ The AI Assistant's architecture has been refactored to be more modular and extensible.
17
+ - Anthropic (Claude) Support: The assistant now supports Anthropic's models (e.g., Claude) in addition to OpenAI, Google, and DeepSeek.
18
+ - Refactored Provider Management: The logic for initializing an AI provider has been centralized.
19
+ - New Dependency: The @langchain/anthropic package was added to support this new provider.
20
+
21
+ ### Pack Installation System
22
+ - Pack Gallery & Installation: A new UI feature, the "Pack Gallery," was developed, allowing users to browse and install packs from JSON definitions. (see installPack(...) in README.md)
23
+ - Markdown Support: To improve the user experience in the gallery, pack descriptions now support Markdown rendering, powered by the react-markdown dependency.
24
+
25
+ ### Workflow Engine Enhancements
26
+ The workflow engine has received powerful new capabilities.
27
+ - HTTP Request Action: the CallWebhook have been renamed HttpRequest for a workflow action allowing workflows to make external API calls. It supports variable substitution in the URL, headers, and body.
28
+ - Service Execution Action: The new ExecuteServiceFunction action acts as a secure bridge, allowing workflows to run functions from internal modules, such as the new Stripe service.
29
+
30
+ ### API endpoints generation
31
+ - Public endpoints are now available (as an option). When activated, authentication will not be activated, and the main user will be used to execute endpoint isolated code.
32
+
33
+ ### Frontend & UI/UX Improvements
34
+ Several enhancements were made to the client-side application for a better user experience.
35
+ - Improved Rich Text Editor: The translatable rich text editor (RTETrans.jsx) has been improved, likely fixing bugs related to adding/removing languages and managing content for each translation.
36
+ - Modernized Checkbox: The CheckboxField in Field.jsx was updated to use a more modern Switch component and its internal state management was fixed.
37
+ - You can order Kanban view by enum fields, better cards rendering
38
+
39
+ # # Release 1.2.6
40
+ ## Fixed major issues :
41
+ - Relation filter constraint is now working
42
+ - Fixed an internal import issue with workers on core data module that prevented some processing
43
+ - Fixed workflow datafilter for simple conditions-
44
+ - db.create(modelName, data) is now working in your engine executed JS scripts
45
+
46
+ ## UI enhancements
47
+ - Usage of react-switch for our checkbox field
48
+ - Help always displayed as 100% blocks for now , will be rewrittten by atomic field validation issue
49
+
50
+ ## And also
51
+ - Workflow actions unit tests (crud, ai content generation, script execution, wait...)
52
+ - Test : Trigger dataFilter: should launch the workflow only if matches.
53
+ - Test for failure step in workflow
54
+
55
+ # Release 1.2.5 (unstable)
56
+
57
+ We're excited to announce several powerful new features and improvements in our latest release, focusing on data integrity and import capabilities.
58
+
59
+ ## What's Changed
60
+
61
+ * Add composite unique constraints by @anonympins in https://github.com/anonympins/data-primals-engine/pull/105
62
+ * split data modules in two parts by @anonympins in https://github.com/anonympins/data-primals-engine/pull/107
63
+ * css model creator fields by @anonympins in https://github.com/anonympins/data-primals-engine/pull/110
64
+ * Resolved importer view + read excel files by @anonympins in https://github.com/anonympins/data-primals-engine/pull/112
65
+ * added previsualisation for excel data (and translations) by @anonympins in https://github.com/anonympins/data-primals-engine/pull/113
66
+
67
+
68
+ ## Issues
69
+
70
+ - We've resolved the regression in our Server-Sent Events implementation that powers real-time import progress tracking.
71
+ - Fixed missing imports on engine routes
72
+
73
+ ## Unique constraints
74
+
75
+ You can now use unique constraints as is :
76
+ ```javascript
77
+ {
78
+ "name": "modelName",
79
+ "fields": [
80
+ { "name": "fieldName1", .... },
81
+ { "name": "fieldName2", .... }
82
+ ],
83
+ "constraints": [
84
+ // composite unique constraint with two fields
85
+ { "name": "uniqueConstraint", type: "unique", keys: ["fieldName1", "fieldName2"] }
86
+ ]
87
+ }
88
+ ```
89
+ Key benefits:
90
+
91
+ - Prevent duplicate entries at database level
92
+ - Support for multi-field uniqueness constraints
93
+ - Seamless integration with existing validation systems
94
+ - Constraint violations return clear error messages
95
+ ## Import Excel Data sheets
96
+
97
+ You can now import excel data sheets (.xlsx) from the UI, using same tool as for CSV and JSON files.
98
+ A mapper is available to extract data from your file and this makes it easy to import data to your models, with our previsualisation tool.
99
+
100
+ These enhancements continue our commitment to making data management more powerful and accessible. The new unique constraints provide essential data integrity protection, while our expanded import capabilities make it easier than ever to bring your existing data into the system.
101
+
102
+ For implementation details or migration guidance, please consult our updated documentation or contact our support team.
103
+
104
+ # Release 1.2.4 (unstable)
105
+
106
+ ## Enhancements
107
+
108
+ - #65 mTLS support (MongoDB)
109
+
110
+ - #89 Add DeepSeek support for AI assistance
111
+
112
+ - #62 Handling dates in Condition Builder
113
+
114
+ Use the MongoDB aggregation operators $dateAdd / $dateSubtract / $dateDiff / $dateToString to deal with advanced dates, like any other operator in the interface. You can specify a field name instead of a date value to enable dynamic calculation.
115
+
116
+ - Better loading of modules : you can use out of the box modules filepaths to enhance your engine instance, it works with a module directory also (you must define an `index.js` or `[moduleName].js`). See CONTRIBUTING.md
117
+
118
+ ## Issues
119
+
120
+ - Fixed an issue with AI model names not being interpreted
121
+ - Cleaned unwanted engine logs
122
+ - Fixed imports and unwanted self dependency
123
+
124
+
125
+ # Release 1.2.3 (stable)
126
+
127
+ We're excited to announce the release of version 1.2.3 of Data Primal Engine! This update introduces a powerful new Marketing & Campaigning pack, alongside several key improvements and bug fixes to enhance stability, usability, and provide a more robust out-of-the-box experience.
128
+
129
+ ---
130
+
131
+ ## 🚀 New Feature: Marketing & Campaigning Pack
132
+
133
+ Take your communication to the next level! This new starter pack is designed to help you launch powerful, personalized, and scalable email campaigns directly from the engine.
134
+
135
+ **Key Highlights:**
136
+
137
+ * **Scalable Email Blasts:** The pack includes a pre-configured workflow that intelligently sends emails in chunks. This prevents server overloads and ensures high-performance delivery, even for large audiences.
138
+ * **Dynamic Audiences:** Define dynamic contact segments using powerful filters. Target the right users with the right message, every time.
139
+ * **Fully Customizable:** While the pack provides a ready-to-use solution, the entire workflow—from audience selection to email content—can be easily customized to fit your specific needs.
140
+ * **Context-Aware Personalization:** Leverage the full power of workflow variables to personalize email subjects and content for each recipient.
141
+
142
+ This pack depends on the 'Customer Relationship Management (CRM)' pack and is perfect for product announcements, newsletters, and targeted marketing initiatives.
143
+
144
+ ---
145
+
146
+ ## ✨ Improvements & Bug Fixes
147
+
148
+ * **Default Pack Installation:** To provide a richer out-of-the-box experience, all starter packs are now installed by default upon initial setup. This gives you immediate access to a wide range of functionalities, including the new Marketing pack, E-commerce kit, and CRM.
149
+
150
+ * 🔧 **Client-Side Filter Fix:** Resolved an issue where condition filters in the client-side UI were not being applied correctly, ensuring more accurate data visualization and management.
151
+
152
+ * **Enhanced SMTP Configuration:** Improved the handling of SMTP environment variables. The system now more reliably uses user-specific SMTP settings and gracefully falls back to the default configuration, ensuring consistent email delivery.
153
+
154
+ * 🔧 **Robust Variable Substitution:** Fixed a critical bug in the workflow engine to allow all recursive content to be substituted by variables. This allows deep content replacing (needed for emails)
155
+
156
+ * 🔧 **Fixed Isolation Issue** – Previously, some calls were not recognized due to the migration to isolated-vm. This has been resolved, ensuring full compatibility and stability.
157
+
158
+
159
+ # Release 1.2.2
160
+
161
+ This release includes two main improvements :
162
+
163
+ ## File storage on Amazon S3 buckets
164
+ - addFile / removeFile now uses S3 user configuration
165
+ - S3 configuration and AWS_* keys are stored in env model by default, so by user for flexibility.
166
+
167
+ ## Engine extensibility
168
+
169
+ - This feature covers basics for easy core extensibility
170
+
171
+ Just use
172
+
173
+ ```javascript
174
+ Event.Listen("OnDataAdded", (data) => {
175
+ my_callback()
176
+ }, "event", "user");
177
+ ```
178
+
179
+ or the system version
180
+ ```javascript
181
+ Event.Listen("OnDataAdded", (engine, data) => {
182
+ my_callback()
183
+ }, "event", "system");
184
+ ```
185
+
186
+ Events available for 'system' :
187
+ - OnServerStart
188
+ - OnServerStop
189
+ - OnModelsLoaded
190
+ - OnModelsDeleted
191
+ - OnUserDataDumped
192
+ - OnDataRestored
193
+ - OnPackInstalled
194
+ - OnModelEdited / OnDataAdded / OnDataDeleted / OnDataSearched / OnDataExported also available for users.
195
+
196
+
197
+ # Release 1.2.1
198
+
199
+ This release introduces a major evolution of our user permission management system. The goal is to move beyond a simple role-based model to allow for fine-grained, individual, and temporary adjustments to access rights.
200
+ This new approach offers significantly increased flexibility for advanced use cases, such as granting temporary access to a feature, overriding a specific right without changing the user's roles, or managing exceptions for particular users.
201
+
202
+ ## Key Changes
203
+
204
+ ### New userPermission Model
205
+ A new userPermission data model has been added (src/defaultModels.js). It links a user (user), a permission (permission), and a grant status (isGranted).
206
+ This model includes an optional expiresAt field, making these exceptions temporary and allowing rights to be granted or revoked for a limited duration.
207
+ ### New Permission Calculation Logic (getUserActivePermissions)
208
+ The new getUserActivePermissions function (src/modules/user.js) is the core of this system.
209
+ It operates in two steps:
210
+ It first collects all base permissions derived from the user's roles.
211
+ It then applies all active (non-expired) exceptions (grants or revocations) defined in the userPermission documents.
212
+ This logic is implemented using efficient MongoDB aggregation pipelines for effective calculation directly within the database.
213
+ ### Update to hasPermission Function
214
+ - The public hasPermission function has been refactored to use the new getUserActivePermissions logic for all local users, ensuring that rights checks account for this new system.
215
+ - Backward compatibility is maintained for non-local users (e.g., system users).
216
+ ### Comprehensive Integration Tests
217
+ - A new test file, test/user.test.js, has been created to exhaustively validate the new permission system.
218
+ - The tests cover multiple scenarios, including:
219
+ - Correct inheritance of permissions from roles.
220
+ - Granting of permanent and temporary permissions.
221
+ - Ignoring expired permissions.
222
+ - Revoking a permission inherited from a role.
223
+ - Restoring a permission after its revocation has expired.
224
+ ### How to Test
225
+ The new functionality is fully covered by integration tests. To verify the changes, you can run the test suite, paying special attention to user.test.js:
226
+
227
+ ## Other improvements :
228
+
229
+ - Datepickers are now available when using date related MongoDB operators like $hour, $minute...
230
+ - Model creation is more visually attractive
231
+ - README updates
232
+
233
+ # Release 1.2.0
234
+
235
+ ## Issues
236
+ Fixed imports + Upload directory creation
237
+
238
+ ## Enhancements
239
+
240
+ Assistant has been rewritten ( using AI too ) to help users accordingly to their needs :
241
+
242
+ - It can now search in your models (by keyword) to help find good models (almost for free).
243
+ - "Give AI tools and they will grow accordingly"
244
+ - Then it executes other reflective steps to find the data in the model (using a MongoDB constructed filter)
245
+ - It then displays a message to the user
246
+
247
+ Maximum number of steps can be defined in src/constants.js : `maxAIReflectiveSteps`
248
+
249
+ No more restriction when not needed.
250
+ Simple commands should just work like "Find the last requests in the last two days that request for data model"
251
+ It just do what it has to do.
252
+
253
+ For insertion, update and deletion, you have to confirm the filter and the request to make it happen
254
+
255
+ - better README
256
+
257
+ ## Breaking changes in 1.2.0
258
+
259
+ In order to have a form of uniformization between our different data operation methods
260
+ we try to follow the syntax method(...args, user) and have filter in one simplified block passed
261
+
262
+ deleteData can now handle ids and filter in the same parameter "filter"
263
+
264
+ # Release 1.1.8
265
+ ## Enhancements
266
+
267
+ - Added data integrity check when using relationFilter property for relation fields (+ unit tests)
268
+ - README cool badges 👍
269
+ - Endpoint generation explanations in README
270
+ - New TLS options, that accept default TLS connection mode. mTLS will follow.
271
+
272
+ ## Issues
273
+ - Fixed an issue with unicode usernames when dumping and restoring data
274
+ - The mongodb dump/restore methods are now well protected against command injection. Our security tab should evolve with this functionality.
275
+
276
+ # Release 1.1.7
277
+
278
+ ## Tutorial system
279
+ - Tutorials are now available in the client interface. You can follow the trame created in client/src/tutorials.js or just modify it to your convenience. It uses completion conditions to run, and stages to order the user journey.
280
+
281
+ ## Other enhancements
282
+ - You can choose your preferred language in the topbar. It will only load these resources, and unload previous ones.
283
+ - Website translations are now working for the open-source client
284
+ - Better TLS support (more consts)
285
+ - Crypto fallback for the getRandom() method
286
+
287
+ # Release 1.1.6
288
+ ## Security enhancements
289
+ - MongoDB TLS options for full secured connection to database
290
+ - Added a protection against prototype injection helper and fixed a related security breach
291
+ - Permissions on GitHub workflow to run
292
+ - Added secured browser randomness like reported in GitHub code analysis
293
+
294
+ ## Bugfixes
295
+ - Fixed an issue with preventing PUT /api/model requests to work
296
+ - Fixed failure code on uncaught exception
297
+
298
+ ## Other
299
+ - Migration subdirectory in project base dir
300
+
301
+ # Release 1.1.5
302
+ ## Enhancements
303
+ - Express application is now transmittable to the engine
304
+ - README update
305
+ - Support for AI server access if no user environment variable is configured
306
+
307
+ ## UI improvements
308
+ - Duplicate data easily by using the data editor
309
+ - Configure advanced filters in the interface, by using the condition builder
310
+ - Stores the filters in local storage, for user next session access. (saving other filters will be in a next release)
311
+
312
+ ## Bugfixes
313
+
314
+ - Website all in one pack installation fixed (for roles mainly)
315
+ - Tourpoint is now responsive to latency
316
+ - Fix search request when using relations with corrupted data (that should not occurs, but...)
317
+
318
+ # Hotfix 1.1.4
319
+ ## Fixes
320
+
321
+ This is a hotfix for previous hotfix library import resolution :
322
+
323
+ - No more external dep to data-primals-engine in client
324
+ - Peer dependencies are now limited to strict minimum for client integration in other systems
325
+ - Missing consts in previous package
326
+
327
+ # Hotfix 1.1.3
328
+ VM2 has a big security issue , see https://gist.github.com/leesh3288/f693061e6523c97274ad5298eb2c74e9
329
+ The server crushed down when using this injection so we had to find a solution. We changed the piepeline to Node 20 and used isolated-vm for best security support.
330
+
331
+ Fixed an import issue too.
332
+
333
+ # Release 1.1.2 (unstable)
334
+
335
+ ## Enhancements
336
+
337
+ ### Endpoint generation
338
+ Users can now add custom endpoints by using the 'endpoint' model.
339
+ When activated, it will trigger the route on top of the /api, for your user only.
340
+ Your Javascript code is then executed to deliver the response.
341
+
342
+ ### CTA generation
343
+ Endpoints does not come without CTA. And we needed a technical implementation of the customization of the button.
344
+ Flex Builder can now add these CTA buttons into your dashboard and for example execute a delete request on your item
345
+
346
+ More script actions will be provided in the future but you can already do CRUD operations , do logs and get your env variables.
347
+
348
+ ### Release 1.1.1
349
+ ## Issues:
350
+
351
+ - Fix real issue with translating website frontend
352
+
353
+ ## Enhancements :
354
+
355
+ - package.json cleaned
356
+ - Updated README.md with data types and configurable environment keys (for AI generation, emails and backups)
357
+ - Added safe javascript execution using ExecuteScript workflowTrigger for now (you can execute your own JS methods)
358
+ More features will be provided in relation to code execution in the future, including custom endpoint generation, and code helpers
359
+ # Release 1.1.0
360
+ ## Better overall quality of the package
361
+
362
+ - more exportable modules
363
+ - eslint configuration
364
+
365
+ ## Features :
366
+
367
+ - changed order product relation to the cartItem model (for simplicity)
368
+ - getCollectionForUser is now async
369
+ - User providers have now access to :
370
+ - user plans and features (one accepted : 'indexes' that creates indexes automatically)
371
+ - backup frequency by user
372
+ - storage limit by user
373
+
374
+ You can also define user (express) middlewares like limiters, authentication layers...
375
+
376
+ New client subpackage for launching the data editor on localhost. See npm scripts in package.json
377
+
378
+ # Release 1.0.11
379
+ Translations of the API for remaining data.primals.net supported languages :
380
+
381
+ - Greek (el)
382
+ - Russian (ru)
383
+ - Italian (it)
384
+ - Czech (cs)
385
+ - Swedish (sv)
386
+
387
+ # Release 1.0.10
388
+
389
+ ### Features :
390
+ - Deutch / Spanish translations of the API
391
+ - More exported utility methods for the API (see README.md for details)
392
+
393
+ ### Other enhancements :
394
+ - Model edition unit tests
395
+
396
+ ###
397
+ Thanks to Deepseek for his hard work on translations
398
+
399
+ # Release 1.0.9
400
+ **Integration tests :**
401
+
402
+ - Data integrity checks
403
+ - Data import export integrity check
404
+ - Shared resources and User/model isolation in tests
405
+ - CI/CD Pipeline configuration by Github Actions, and using a mongodb service container to simulate real env.
406
+ - Dockerfile
407
+
408
+ # Release 1.0.8
409
+
410
+ **Issues resolved**
411
+ - Fix issue with validating boolean not required fields
412
+ - Fix imports to make the lib works
413
+
414
+ **Features**
415
+ - getDataAsString can now get date and datetime localized human strings
416
+ - Better support for worklow variable substition (models are now connected relation by relation to retrieve the data)
417
+
418
+ **Breaking changes**
419
+ - Loading modules is now in engine creation (await Engine.Create())
420
+
421
+ # Release 1.0.7
422
+ - Full models translations in French / English / Arabic / Persan languages.
423
+ - Cookies secret is now configurable
424
+ - Cleaned some consts
425
+
426
+ # Release 1.0.6
427
+ - better assistant filter comprehension of MongoDB expression
428
+
429
+ # Release 1.0.5
430
+ - Better assistant (filters are handled by complete MongoDB examples)
431
+ - Cleaned repository from data.primals.net connections (tutorials)
432
+ - Readme update
433
+ - Fixed an issue with handling complex string transliteration from objects
434
+
435
+ ## What's Changed
436
+ * Release 1.0.5 by @anonympins in https://github.com/anonympins/data-primals-engine/pull/7
437
+ **Full Changelog**: https://github.com/anonympins/data-primals-engine/compare/data-primals-engine...data-primals-engine-1.0.5
438
+
439
+
440
+ ### Release < 1.0.5 are not stable enough
package/Dockerfile CHANGED
@@ -1,15 +1,25 @@
1
- # Base image
2
- FROM node:18.18.2
1
+ FROM node:20-alpine AS builder
2
+ WORKDIR /usr/src/app
3
3
 
4
- # Set working directory
5
- WORKDIR /
6
-
7
- # Copy package files and install dependencies
8
- COPY package.json ./
4
+ COPY package*.json ./
9
5
  RUN npm install
10
6
 
11
- # Copy application code
12
7
  COPY . .
13
8
 
14
- # Expose the application port
9
+ FROM node:20-alpine
10
+ WORKDIR /usr/src/app
11
+
12
+ RUN addgroup -S appgroup && adduser -S appuser -G appgroup
13
+
14
+ COPY --from=builder /usr/src/app/node_modules ./node_modules
15
+ COPY --from=builder /usr/src/app ./
16
+
17
+ RUN chown -R appuser:appgroup .
18
+
19
+ USER appuser
20
+
21
+ # Exposition du port de l'application
15
22
  EXPOSE 7633
23
+
24
+ # Commande pour lancer l'application en mode production
25
+ CMD [ "npm", "run", "server" ]
package/DockerfileTest CHANGED
@@ -1,15 +1,25 @@
1
- # Base image
2
- FROM node:18.18.2
1
+ FROM node:20-alpine AS builder
2
+ WORKDIR /usr/src/app
3
3
 
4
- # Set working directory
5
- WORKDIR /
6
-
7
- # Copy package files and install dependencies
8
- COPY package.json ./
4
+ COPY package*.json ./
9
5
  RUN npm install
10
6
 
11
- # Copy application code
12
7
  COPY . .
13
8
 
14
- # Expose the application port
9
+ FROM node:20-alpine
10
+ WORKDIR /usr/src/app
11
+
12
+ RUN addgroup -S appgroup && adduser -S appuser -G appgroup
13
+
14
+ COPY --from=builder /usr/src/app/node_modules ./node_modules
15
+ COPY --from=builder /usr/src/app ./
16
+
17
+ RUN chown -R appuser:appgroup .
18
+
19
+ USER appuser
20
+
21
+ # Exposition du port de l'application
15
22
  EXPOSE 7635
23
+
24
+ # Commande pour lancer l'application en mode production
25
+ CMD [ "npm", "run", "test" ]