From 0f8a03d79f4a662fcbe41ca40f3dfa6c832de376 Mon Sep 17 00:00:00 2001
From: Inkvi <alex@polymerlabs.org>
Date: Thu, 14 Nov 2024 13:10:01 -0800
Subject: [PATCH] Refactor Dockerfile to build TypeScript project

Remove global ts-node installation and add build step for TypeScript. Copy tsconfig.json and update CMD to run compiled JavaScript. Adjust package.json scripts to include build and start commands.
---
 .github/workflows/docker-publish.yml |   2 +-
 .github/workflows/vuln-scan.yml      |   2 +-
 .gitignore                           | 135 +++++++++++++++++++++++++++
 Dockerfile                           |  12 ++-
 package.json                         |   2 +
 5 files changed, 146 insertions(+), 7 deletions(-)
 create mode 100644 .gitignore

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 388f538..9a30223 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -58,7 +58,7 @@ jobs:
           cache-to: type=registry,ref=${{ env.IMAGE_NAME }}:buildcache,mode=max
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.21.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: ${{ env.IMAGE_NAME }}:latest
           format: 'table'
diff --git a/.github/workflows/vuln-scan.yml b/.github/workflows/vuln-scan.yml
index 8fa8202..4a5e9e9 100644
--- a/.github/workflows/vuln-scan.yml
+++ b/.github/workflows/vuln-scan.yml
@@ -15,7 +15,7 @@ jobs:
           docker build -t signer  .
 
       - name: Peptide vulnerability scan
-        uses: aquasecurity/trivy-action@0.21.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: 'signer'
           format: 'table'
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..64f44c7
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,135 @@
+### Node template
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+.pnpm-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Snowpack dependency directory (https://snowpack.dev/)
+web_modules/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional stylelint cache
+.stylelintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variable files
+.env
+.env.development.local
+.env.test.local
+.env.production.local
+.env.local
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+.parcel-cache
+
+# Next.js build output
+.next
+out
+
+# Nuxt.js build / generate output
+.nuxt
+dist
+
+# Gatsby files
+.cache/
+# Comment in the public line in if your project uses Gatsby and not Next.js
+# https://nextjs.org/blog/next-9-1#public-directory-support
+# public
+
+# vuepress build output
+.vuepress/dist
+
+# vuepress v2.x temp and cache directory
+.temp
+.cache
+
+# Docusaurus cache and generated files
+.docusaurus
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# TernJS port file
+.tern-port
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test
+
+# yarn v2
+.yarn/cache
+.yarn/unplugged
+.yarn/build-state.yml
+.yarn/install-state.gz
+.pnp.*
+
+
+### Rest
+.idea/
diff --git a/Dockerfile b/Dockerfile
index 7fcf97b..35d9792 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,8 +2,6 @@ FROM node:18-alpine
 
 WORKDIR /app
 
-RUN npm install -g ts-node
-
 COPY package*.json ./
 
 RUN addgroup -g 333 polymer && adduser -D -u 333 -G polymer polymer
@@ -12,9 +10,13 @@ USER polymer
 
 RUN npm install
 
-COPY  src src
+COPY tsconfig.json ./
+COPY src src
 
-EXPOSE 8000
+# Build TypeScript files
+RUN npm run build
 
-CMD ["ts-node", "src/server.ts"]
+EXPOSE 8000
 
+# Run compiled JavaScript instead of TypeScript
+CMD ["node", "dist/server.js"]
diff --git a/package.json b/package.json
index deaa5d8..c8aa5a7 100644
--- a/package.json
+++ b/package.json
@@ -5,6 +5,8 @@
   "description": "",
   "main": "index.js",
   "scripts": {
+    "build": "tsc",
+    "start": "node dist/server.js",
     "test": "echo \"Error: no test specified\" && exit 1"
   },
   "keywords": [],