Improve documentation to ease adaption for assignment

* add code block to demonstrate build process in a more readable way (other than the Makefile) * emphasise the sensitivity of the JWT token

Improve documentation to ease adaption for assignment
d887546a · Lucendio · 7b1794f2 · d887546a · d887546a · d887546a
Commit d887546a authored 2 years ago by Lucendio
--- a/Makefile
+++ b/Makefile
@@ -45,17 +45,20 @@ build: APP_BUILD_PATH ?= $(TEMP_DIR)
 build: $(TEMP_DIR)/
 	rm -rf "$(APP_BUILD_PATH)"

-	cp -r "$(MKFILE_DIR)/app/server/src" "$(APP_BUILD_PATH)"
+	cp -r "$(MKFILE_DIR)"/app/server/src "$(APP_BUILD_PATH)"
 	cp "$(MKFILE_DIR)"/app/server/package* "$(APP_BUILD_PATH)/"
 	cd "$(APP_BUILD_PATH)" \
 	&& \
 		npm install --prod --no-audit --no-fund \
 		&& rm -rf ./package*
+
 	cd "$(MKFILE_DIR)/app/client" \
 	&& \
+		npm install --production=false --no-audit --no-fund \
+		&& \
 		PUBLIC_URL=$(SERVER_PUBLIC_URL) \
 		BUILD_PATH="$(APP_BUILD_PATH)/public" \
-		node ./scripts/build.js
+			node ./scripts/build.js


 .PHONY: test

--- a/README.md
+++ b/README.md
@@ -6,10 +6,9 @@ Lecture: DevOps - Application
 > unforeseen side effects like DATA LOSS !__


-This repository contains the [application](./app/README.md) that is supposed be used as *deployable workload* in the
+This repository contains the [application](./app/README.md) that can be used as *deployable workload* for the
 [project assignment](https://github.com/lucendio/lecture-devops-material/blob/master/assignments/project-work.md)
 implementation.
-Normally, the only changes that are required to be made here in order 

 In order to adapt the application and integrate it into your automation and deployment processes, it's usually not
 required to change any existing code. Instead, you probably just want to add some *pipeline* code or even a container
@@ -21,20 +20,21 @@ file (e.g. `Dockerfile`).
 For more information regarding the app, please take a look into its [README](./app/README.md).

 The `Makefile` in this directory can be seen as the main entry point for this repository. It's meant to locally run the
-application and mess around with the source code in order to better understand how it works and to be able to tear it
-apart if necessary.
-Additionally, it documents various invocations that may help you adapting this application as *workload* for the exercise. 
+application and allow to mess around with the source code in order to better understand how it works and to be able to
+tear it apart if necessary.
+Additionally, it documents various invocations that may help you adapting this application as *workload* for the
+assignment. 

-**_Please note, that the `Makefile` is only meant to showcase steps that are usually needed to be taken in order to
-automate the deployment lifecycle of such an application and code base.
+**_Please note, that the `Makefile` is only meant to showcase steps that are usually taken to automate the deployment
+lifecycle of such an application and code base.
 It is NOT recommended to invoke `make` targets from the CI/CD, but rather to utilize platform-specific interfaces 
-(e.g. `.gitlab-ci.yml`, `Jenkinsfile`, etc.), which may then invoke commands shown in the `make` target or in the `scripts`
- section of one of the `package.json` files._**
+(e.g. `.gitlab-ci.yml`, `Jenkinsfile`, etc.), which may then invoke commands shown in the `make` target or in the
+`scripts` section of one of the `package.json` files._**


 ### Prerequisites

-The following software must be installed and available in your `${PATH}`:
+The following software must be installed and available in `${PATH}`:

 * `node` ([NodeJS](https://nodejs.org/en/download)): latest v16
 * `npm` ([npm](https://www.npmjs.com/get-npm)): latest v8
@@ -53,22 +53,25 @@ The following commands are available from the root directory:

 #### `make install`

-* installs all dependencies via `npm` for *server* and *client*
+* installs all *server* and *client* dependencies via package manager `npm` 


 #### `make build`

-1. copies server source into some empty location
-2. copies dependency manifest (`package*`) into the same location right next to the server source
-3. installs server dependencies
-4. builds client code (requires client dependencies to be installed already) and puts it next to the server source into   
+1. copy server source into some empty location
+2. copy dependency manifest (`package*`) into the same location right next to the server source
+3. install server dependencies there
+4. install all client dependencies next to its source
+5. build client code and put it next to the server source (step 1)   


 #### `make test`

-*NOTE: requires a MongoDB service already ro be running (see `MONGODB_URL` in target on where it's assumed to be running)*
+*NOTE: requires/assumes a MongoDB service (see `MONGODB_URL`) to be reachable from the context where tests are being
+executed*

-* runs client & server tests in [CI mode](https://jestjs.io/docs/en/cli.html#--ci) (exits regardless of the test outcome; closed tty)
+* runs client & server tests in [CI mode](https://jestjs.io/docs/en/cli.html#--ci) (exits regardless of the test outcome;
+  closed tty)


 #### `make dev-test-client`

--- a/app/README.md
+++ b/app/README.md
@@ -14,6 +14,21 @@ During the build process, the client code is moved into the `./public` directory
 Aside from providing an HTTP API, the backend also functions as a static file server for the client. As a result,
 backend and frontend are both bundled into a single artifact (see `make build` as an example).

+If you want to build each part separately:
+
+```bash
+cd ./client
+npm install
+npm run build
+
+cd ./../server
+npm install --prod
+
+cd ./../
+cp ./client/public ./server/public
+cp ./server ${TARGET_RUNTIME_LOCATION}
+```
+
 The following technologies have been utilized (aka. MERN-stack):

 * React (rendering engine of the web-based graphical user interface)

--- a/app/client/src/components/AddTodo/AddTodo.test.js
+++ b/app/client/src/components/AddTodo/AddTodo.test.js
@@ -44,7 +44,7 @@ test('api interaction', async () => {
    // mock api
    let apiMock = jest.spyOn(api, 'addTodo')
    apiMock.mockRejectedValueOnce({data: {message: "mocked api error"}});
-    
+
    // try adding the todo but the api will fail
    fireEvent.click(getByText(/add/i));
    expect(apiMock).toHaveBeenCalledWith("foo", "bar");

--- a/app/server/dev.env
+++ b/app/server/dev.env
 PORT=3000
 MONGODB_URL=mongodb://localhost:27017/todo-app
-JWT_SECRET=myjwtsecret
+JWT_SECRET=highly-sensitive-jwtsecret