Skip to content

eat: add Docker support and implement API-driven collaboration request handling #301

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
shivansh023023 wants to merge 5 commits into
base: main
Choose a base branch
from
Open

eat: add Docker support and implement API-driven collaboration request handling #301

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
b52b528
feat: add Dockerfile for backend environment
shivansh023023 Feb 17, 2026
52b9261
feat: implement API and frontend logic for collaboration requests
shivansh023023 Feb 18, 2026
23564dd
refactor: address CodeRabbit review (security, type-safety, and env v…
shivansh023023 Feb 18, 2026
10453f0
refactor: optimize architecture and UX based on peer review
shivansh023023 Feb 18, 2026
2abdfbd
refactor: optimize frontend logic and UX (DRY handlers, multi-loading…
shivansh023023 Feb 18, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# Use a stable Python base image
FROM python:3.10-slim
Comment on lines +1 to +2

@coderabbitai coderabbitai Bot Feb 17, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Container runs as root — add a non-root USER.

Running the application as root inside the container is a security risk. If the process is compromised, the attacker has full root privileges within the container. This was also flagged by Trivy (DS-0002).

Proposed fix — add a non-root user at the end 
+# Create a non-root user
+RUN useradd --create-home appuser
+USER appuser
+
 # Change to the Backend directory to run the application
 WORKDIR /app/Backend
🧰 Tools
🪛 Trivy (0.69.1)

[error] 1-1: Image user should not be 'root'

Specify at least 1 USER command in Dockerfile with non-root user as argument

Rule: DS-0002

Learn more

(IaC/Dockerfile)

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@Dockerfile` around lines 1 - 2, The container currently runs as root; add a
non-root user and switch to it at the end of the Dockerfile: create a user and
group (e.g., appuser/appgroup) with non-root UID/GID, ensure application
files/directories are owned by that user (chown relevant paths), set appropriate
permissions, and add a USER appuser (or UID:GID) instruction as the final step
so the process runs unprivileged; reference the Dockerfile and the USER
directive when making the changes.


# Set the working directory
WORKDIR /app

# Install system-level dependencies for building Python packages
RUN apt-get update && apt-get install -y \
build-essential \
&& rm -rf /var/lib/apt/lists/*
Comment on lines +8 to +10

@coderabbitai coderabbitai Bot Feb 17, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Add --no-install-recommends to reduce image bloat.

Without this flag, apt-get install pulls in recommended (but unnecessary) packages, increasing image size. Also flagged by Trivy (DS-0029).

Proposed fix 
-RUN apt-get update && apt-get install -y \
+RUN apt-get update && apt-get install -y --no-install-recommends \
     build-essential \
     && rm -rf /var/lib/apt/lists/*
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
RUN apt-get update && apt-get install -y \
build-essential \
&& rm -rf /var/lib/apt/lists/*
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
&& rm -rf /var/lib/apt/lists/*
🧰 Tools
🪛 Trivy (0.69.1)

[error] 8-10: 'apt-get' missing '--no-install-recommends'

'--no-install-recommends' flag is missed: 'apt-get update && apt-get install -y build-essential && rm -rf /var/lib/apt/lists/*'

Rule: DS-0029

Learn more

(IaC/Dockerfile)

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@Dockerfile` around lines 8 - 10, The apt-get install invocation in the
Dockerfile (the RUN line that performs "apt-get update && apt-get install -y
build-essential && rm -rf /var/lib/apt/lists/*") should include
--no-install-recommends to avoid installing unnecessary recommended packages;
update that RUN command to use "apt-get install -y --no-install-recommends
build-essential" (keeping the existing apt-get update and the rm -rf
/var/lib/apt/lists/* cleanup) so the image size is reduced and Trivy DS-0029 is
addressed.


# Copy requirements from the Backend folder and install
COPY Backend/requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# Copy the entire project into the container
COPY . .

# Set environment variables (standard for AI platforms)
ENV PYTHONUNBUFFERED=1

# Change to the Backend directory to run the application
WORKDIR /app/Backend
Comment on lines +1 to +23

@coderabbitai coderabbitai Bot Feb 17, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

No CMD or ENTRYPOINT — the container has no default run command.

The Dockerfile sets up the environment but never declares what to run. Without a CMD or ENTRYPOINT, docker run on this image will drop into a shell (inherited from the base image) rather than starting the backend service. This makes the image unusable out of the box.

Add an appropriate entrypoint, e.g.:

Proposed fix 
 # Change to the Backend directory to run the application
 WORKDIR /app/Backend
+
+# Run the application
+CMD ["python", "main.py"]

Adjust main.py to whatever the actual entry point script is.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# Use a stable Python base image
FROM python:3.10-slim
# Set the working directory
WORKDIR /app
# Install system-level dependencies for building Python packages
RUN apt-get update && apt-get install -y \
build-essential \
&& rm -rf /var/lib/apt/lists/*
# Copy requirements from the Backend folder and install
COPY Backend/requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# Copy the entire project into the container
COPY . .
# Set environment variables (standard for AI platforms)
ENV PYTHONUNBUFFERED=1
# Change to the Backend directory to run the application
WORKDIR /app/Backend
# Use a stable Python base image
FROM python:3.10-slim
# Set the working directory
WORKDIR /app
# Install system-level dependencies for building Python packages
RUN apt-get update && apt-get install -y \
build-essential \
&& rm -rf /var/lib/apt/lists/*
# Copy requirements from the Backend folder and install
COPY Backend/requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# Copy the entire project into the container
COPY . .
# Set environment variables (standard for AI platforms)
ENV PYTHONUNBUFFERED=1
# Change to the Backend directory to run the application
WORKDIR /app/Backend
# Run the application
CMD ["python", "main.py"]
🧰 Tools
🪛 Trivy (0.69.1)

[error] 1-1: Image user should not be 'root'

Specify at least 1 USER command in Dockerfile with non-root user as argument

Rule: DS-0002

Learn more

(IaC/Dockerfile)

[error] 8-10: 'apt-get' missing '--no-install-recommends'

'--no-install-recommends' flag is missed: 'apt-get update && apt-get install -y build-essential && rm -rf /var/lib/apt/lists/*'

Rule: DS-0029

Learn more

(IaC/Dockerfile)

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@Dockerfile` around lines 1 - 23, The Dockerfile currently misses a default
runtime command; add an ENTRYPOINT or CMD in the Dockerfile to start the backend
service (e.g., invoke Python on your app entrypoint or start Uvicorn for an ASGI
app). Update the Dockerfile to include a final line that runs the correct
entrypoint (reference the project's actual startup target such as main.py or the
ASGI app module) and ensure the referenced script/module (e.g., main.py or
app:app) is present in Backend and executable; adjust the entrypoint string to
match that symbol.