feat(docker): add Docker support for frontend and backend with development and production configurations

[md-asharaf]

Related Issue

Closes: #76

Description

This PR introduces Docker support for both the frontend and backend, with separate configurations for development and production environments.
It also adds Docker Compose profiles, allowing developers to easily switch between modes:

Development Mode

Supports live reloading for both frontend and backend.

docker compose --profile dev up --build

Production Mode

Builds and runs optimized containers.

docker compose --profile prod up --build

Alternatively, two convenience scripts have been added:

• docker:dev – Starts the app in development mode
• docker:prod – Builds and runs the app in production mode

How Has This Been Tested?

• ✅ Ran docker compose --profile dev up --build to verify live updates.
• ✅ Built and executed docker compose --profile prod up --build for production readiness.
• ✅ Ensured network communication between services is functioning properly.
• ✅ Verified correct environment variable loading in both modes.

Type of Change

• New feature

Summary by CodeRabbit

• New Features

  • Added Docker and Docker Compose support for both development and production environments, including configuration files for frontend and backend services.
  • Introduced npm scripts to streamline running the app with Docker in different environments.

• Chores

  • Updated ignore files to prevent unnecessary files from being included in Docker builds and version control.
  • Adjusted package dependencies and scripts for improved development and production workflows.

[netlify]

✅ Deploy Preview for github-spy ready!

Name	Link
🔨 Latest commit	eb2535c
🔍 Latest deploy log	https://app.netlify.com/sites/github-spy/deploys/67ba1f6fb73890000868d77f
😎 Deploy Preview	https://deploy-preview-91--github-spy.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[mehul-m-prajapati]

Change it to 'npm run dev'

[md-asharaf]

done

[mehul-m-prajapati]

Change it to 'npm start'

[md-asharaf]

done

[mehul-m-prajapati]

Can we have one docker compose for dev and prod?

[md-asharaf]

yes

[md-asharaf]

okay i have changed the docker files like you said,check out

[md-asharaf]

@mehul-m-prajapati why are you not merging this PR??

[mehul-m-prajapati]

@md-asharaf : I need some time to test the same.

[md-asharaf]

when i created this pull request,there were no conflicts

[coderabbitai]

Walkthrough

Multiple Docker-related configuration files have been introduced for both frontend and backend, supporting development and production environments. Supporting files such as .dockerignore, .gitignore, and docker-compose.yml were added or updated. Package scripts and dependencies were adjusted to facilitate Docker-based workflows and environment-specific commands.

Changes

Cohort / File(s)	Change Summary
Frontend Dockerization .dockerignore, Dockerfile.dev, Dockerfile.prod	Added Docker ignore rules and Dockerfiles for frontend development and production builds.
Backend Dockerization backend/.dockerignore, backend/Dockerfile.dev, backend/Dockerfile.prod	Added Docker ignore rules and Dockerfiles for backend development and production builds.
Docker Compose Orchestration docker-compose.yml	Introduced a compose file defining frontend/backend services for both dev and prod, with networks and environment separation.
Frontend Package Management package.json	Updated scripts for Docker workflows, adjusted dependencies between dev and prod, added new scripts for Docker Compose.
Backend Package Management backend/package.json	Separated dev and prod start scripts for backend server.
Git Ignore Updates .gitignore	Updated to ignore yarn.lock files globally and in subdirectories.

Sequence Diagram(s)

sequenceDiagram
    participant Dev as Developer
    participant Compose as docker-compose
    participant FE as Frontend Container
    participant BE as Backend Container

    Dev->>Compose: Run docker compose --profile dev up --build
    Compose->>FE: Build & start frontend (Dockerfile.dev)
    Compose->>BE: Build & start backend (Dockerfile.dev)
    FE->>Dev: Expose port 5173 (dev server)
    BE->>Dev: Expose port 5000 (API)

Loading

sequenceDiagram
    participant Dev as Developer
    participant Compose as docker-compose
    participant FEProd as Frontend Prod Container
    participant BEProd as Backend Prod Container

    Dev->>Compose: Run docker compose --profile prod up -d --build
    Compose->>FEProd: Build frontend (Dockerfile.prod), serve with Nginx on port 3000
    Compose->>BEProd: Build backend (Dockerfile.prod), run on port 5000

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Add Docker file(s) for the app (#76)	✅

Poem

In Dockerland, we build and run,
Compose brings all the code as one.
Front and back, both set to go,
With .dockerignore to keep it slow—
Just kidding, it's lightning fast!
Now containers are here at last.
🐇🚀

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[netlify]

✅ Deploy Preview for github-spy ready!

Name	Link
🔨 Latest commit	b0be39e
🔍 Latest deploy log	https://app.netlify.com/projects/github-spy/deploys/6887b9adc501610008be5181
😎 Deploy Preview	https://deploy-preview-91--github-spy.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[md-asharaf]

now review and merge @mehul-m-prajapati

[coderabbitai]

Actionable comments posted: 5

🧹 Nitpick comments (4)

package.json (1)

11-12: CLI consistency

docker:prod runs detached (-d) but docker:dev does not. If the team expects symmetrical behaviour (both foreground or both detached), consider aligning flags.

backend/Dockerfile.dev (1)

19-20: Update stale comments to avoid confusion

The Dockerfile uses npm but the comments still reference Yarn.
Please adjust the wording to reflect the actual tooling.

Dockerfile.prod (1)

27-38: Replace here-doc echo with a plain file – readability & layer caching

Embedding the Nginx config via echo makes diffs noisy and breaks layer caching.
Commit a dedicated nginx.conf and copy it:

-RUN echo $'\
-...
-}' > /etc/nginx/conf.d/default.conf
+COPY nginx.conf /etc/nginx/conf.d/default.conf

docker-compose.yml (1)

12-15: Use a named volume for node_modules instead of an anonymous path

- /app/node_modules creates an anonymous volume each time the stack is rebuilt, cluttering docker volume ls. Define it explicitly:

volumes:
  - .:/app
  - frontend_node_modules:/app/node_modules

and add at the end of the file:

volumes:
  frontend_node_modules:

(This applies similarly to the backend service.)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 61dc8a2 and b0be39e.

📒 Files selected for processing (10)

• .dockerignore (1 hunks)
• .gitignore (1 hunks)
• Dockerfile.dev (1 hunks)
• Dockerfile.prod (1 hunks)
• backend/.dockerignore (1 hunks)
• backend/Dockerfile.dev (1 hunks)
• backend/Dockerfile.prod (1 hunks)
• backend/package.json (1 hunks)
• docker-compose.yml (1 hunks)
• package.json (2 hunks)

🔇 Additional comments (6)

.gitignore (1)

4-5: Re-evaluate excluding yarn.lock

Committing a lock-file is the usual way to guarantee deterministic installs in CI / Docker builds. By ignoring both the root and nested yarn.lock, container builds may get nondeterministic dependency trees that drift over time.
Confirm that this project never relies on Yarn in any environment; otherwise consider keeping the lock-file in version control and merely omitting it from the Docker build context via .dockerignore.

backend/package.json (1)

6-7: Separate dev / prod scripts look good

Splitting "dev": "nodemon …" from "start": "node …" cleanly distinguishes hot-reload in dev from a lean prod entrypoint; nodemon is already in devDependencies.

.dockerignore (1)

1-9: Potentially over-aggressive exclusions

1. backend – Excluding the entire backend directory is fine for a frontend image, but double-check that no Dockerfile at the project root tries to build a full-stack image that would then lose the backend source.
2. yarn.lock – Same reproducibility concern as in .gitignore; keeping the lockfile inside the image (but not necessarily in the git repo) usually shortens install time and freezes dependency versions.

If either case is unintentional, adjust the patterns:

-backend
+# backend  # uncomment only if root image really doesn’t need it

package.json (1)

7-8: vite --host switch is appropriate

Enabling --host lets the dev server bind to 0.0.0.0, which is required inside Docker containers. Good catch.

backend/.dockerignore (1)

1-5: Looks good

Standard exclusions keep images slim and leak-free; no issues spotted.

docker-compose.yml (1)

45-61: Port clash risk between dev and prod profiles

Both backend and backend-prod publish 5000:5000; if someone accidentally enables both profiles concurrently the compose up will fail. Consider publishing the prod port on a different host port (e.g., 5001:5000) or documenting the mutual exclusivity.

[coderabbitai]

🛠️ Refactor suggestion

Copy the lock-file and switch to npm ci for deterministic, cache-friendly installs

package-lock.json is not copied into the image, and npm install is used.
Without the lock-file Docker-layer caching breaks whenever only lock data changes, and builds are no longer reproducible.

-# Copy package.json and yarn.lock files for dependency installation
-COPY package.json ./
-
-# Install all dependencies using Yarn
-RUN npm install
+# Copy manifest + lock-file for proper layer caching
+COPY package*.json ./
+
+# Faster, deterministic install
+RUN npm ci

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Copy package.json and yarn.lock files for dependency installation
	COPY package.json ./
	# Install all dependencies using Yarn
	RUN npm install
	# Copy manifest + lock-file for proper layer caching
	COPY package*.json ./
	# Faster, deterministic install
	RUN npm ci

🤖 Prompt for AI Agents

In backend/Dockerfile.dev around lines 7 to 12, the Dockerfile copies only
package.json but not the package-lock.json, and uses npm install which is less
deterministic. To fix this, copy both package.json and package-lock.json into
the image, then replace npm install with npm ci to ensure deterministic,
cache-friendly installs and better Docker layer caching.

[coderabbitai]

🛠️ Refactor suggestion

Production image installs without lockfile and misses NODE_ENV

1. Lock-file is not copied – image layers break whenever dependencies drift.
2. npm install --production is fine, but set NODE_ENV=production to ensure downstream libs behave correctly.
3. Comment still says Yarn.

-# Copy package.json and yarn.lock files for dependency installation
-COPY package.json ./
-# Install production dependencies using Yarn
-RUN npm install --production
+# Copy manifest + lock-file
+COPY package*.json ./
+
+# Install only prod deps in a reproducible way
+ENV NODE_ENV=production
+RUN npm ci --only=production

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Copy package.json and yarn.lock files for dependency installation
	COPY package.json ./
	# Install production dependencies using Yarn
	RUN npm install --production
	# Copy manifest + lock-file
	COPY package*.json ./
	# Install only prod deps in a reproducible way
	ENV NODE_ENV=production
	RUN npm ci --only=production

🤖 Prompt for AI Agents

In backend/Dockerfile.prod around lines 7 to 12, fix the Dockerfile by copying
the lockfile (e.g., yarn.lock or package-lock.json) alongside package.json to
ensure consistent dependency versions. Update the comment to reflect the correct
package manager used (npm, not Yarn). Also, set the environment variable
NODE_ENV=production before running npm install --production to ensure proper
production behavior of dependencies.

[coderabbitai]

🛠️ Refactor suggestion

Lock-file omitted – builds will be slow and non-reproducible

Identical to the backend dev image, copy the lock-file and prefer npm ci:

-COPY package.json .
-RUN npm install
+COPY package*.json ./
+RUN npm ci

🤖 Prompt for AI Agents

In Dockerfile.dev around lines 6 to 9, the lock-file (package-lock.json or
yarn.lock) is missing, causing slow and non-reproducible builds. Copy the
lock-file into the image alongside package.json and replace `npm install` with
`npm ci` to ensure faster, consistent, and reproducible installs.

[coderabbitai]

⚠️ Potential issue

Build will fail – --production strips devDependencies needed for vite build

The build stage installs only production deps, but the vite CLI lives in devDependencies; npm run build will therefore exit with ENOENT.

-# Install production dependencies using Yarn
-RUN npm install --production
+# Install all deps required for the build
+COPY package*.json ./
+RUN npm ci

If you want a slim final image, keep npm ci here and afterwards do a separate, lighter stage (or npm prune --production) after the build completes.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Install production dependencies using Yarn
	RUN npm install --production
	# Copy the rest of the application files
	COPY . .
	# Build the frontend using Yarn
	RUN npm run build
	# Install all deps required for the build
	COPY package*.json ./
	RUN npm ci
	# Copy the rest of the application files
	COPY . .
	# Build the frontend using Yarn
	RUN npm run build

🤖 Prompt for AI Agents

In Dockerfile.prod around lines 10 to 17, the build fails because `npm install
--production` removes devDependencies, including the `vite` CLI needed for the
build. To fix this, install all dependencies (including devDependencies) before
running `npm run build`, then create a separate lighter stage or run `npm prune
--production` after the build to remove devDependencies for the final image.

[coderabbitai]

⚠️ Potential issue

Duplicate autoprefixer entry

autoprefixer now appears in both dependencies and devDependencies, causing npm/yarn warnings and a larger prod image.

@@
-    "postcss": "^8.4.47",
-    "autoprefixer": "^10.4.20",
-    "tailwindcss": "^3.4.14"
+    "postcss": "^8.4.47",
+    "tailwindcss": "^3.4.14"
@@
-    "autoprefixer": "^10.4.20",

Move it to one block (usually devDependencies for build-time CSS processing).

Also applies to: 41-41

🤖 Prompt for AI Agents

In package.json around lines 28 to 30 and line 41, the package "autoprefixer" is
listed in both dependencies and devDependencies, causing duplication warnings
and increasing production image size. Remove the "autoprefixer" entry from the
dependencies section and keep it only in devDependencies, as it is typically
used for build-time CSS processing.

[mehul-m-prajapati]

@md-asharaf bhai jinda ho abhi bhi?

[github-actions]

🎉🎉 Thank you for your contribution! Your PR #91 has been merged! 🎉🎉